Malware Analysis Report

2024-11-16 15:45

Sample ID 240227-tafxlsdd3s
Target https://google.com
Tags
discovery persistence spyware stealer
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file https://google.com was found to be: Likely malicious.

Malicious Activity Summary

discovery persistence spyware stealer

Downloads MZ/PE file

Loads dropped DLL

Reads local data of messenger clients

Executes dropped EXE

Adds Run key to start application

Checks installed software on the system

Legitimate hosting services abused for malware hosting/C2

Drops file in System32 directory

Suspicious use of SetThreadContext

Drops file in Windows directory

Drops file in Program Files directory

Enumerates physical storage devices

NTFS ADS

Checks processor information in registry

Modifies data under HKEY_USERS

Modifies registry class

Modifies registry key

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of SendNotifyMessage

Suspicious behavior: EnumeratesProcesses

Suspicious use of WriteProcessMemory

Suspicious use of FindShellTrayWindow

Suspicious use of AdjustPrivilegeToken

Suspicious use of SetWindowsHookEx

Enumerates system info in registry

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-27 15:51

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-27 15:51

Reported

2024-02-27 16:07

Platform

win11-20240221-en

Max time kernel

845s

Max time network

952s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://google.com

Signatures

Downloads MZ/PE file

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\DiscordSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\Update.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\gldriverquery64.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\gldriverquery.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\vulkandriverquery64.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steamerrorreporter64.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\x64launcher.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
N/A N/A C:\Program Files (x86)\Steam\GameOverlayUI.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steamerrorreporter64.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\x64launcher.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A

Reads local data of messenger clients

spyware stealer

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000\Software\Microsoft\Windows\CurrentVersion\Run\Discord = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\Update.exe\" --processStart Discord.exe" C:\Windows\SysWOW64\reg.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000\Software\Microsoft\Windows\CurrentVersion\Run\Steam = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -silent" C:\Users\Admin\Downloads\SteamSetup.exe N/A

Checks installed software on the system

discovery

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\dll\mono-2.0-bdwgc.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2.exe N/A
File opened for modification C:\Windows\system32\advapi32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\iphlpapi.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\rsaenh.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\kernelbase.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\d3d10warp.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\cryptbase.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\msvcp_win.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\shell32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\bcrypt.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\audioses.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\imagehlp.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\GameOverlayRenderer64.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\DLL\dhcpcsvc6.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\winrnr.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\wbemprox.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\MMDevAPI.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\steamclient64.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\gdi32full.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\imm32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\vcruntime140.amd64.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\CLBCatQ.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\lib_burst_generated.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\shell32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\msvcp140.amd64.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\TextInputFramework.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\cfgmgr32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\shcore.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\vcruntime140_1.amd64.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\wldap32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\DLL\sspicli.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dhcpcsvc.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\UMPDC.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\winhttp.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\glu32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\bcryptprimitives.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\profapi.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\NapiNSP.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\msctf.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\rsaenh.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\version.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\bcrypt.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\DXCore.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\iphlpapi.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\vcruntime140_1.amd64.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\dnsapi.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\steam_api64.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\advapi32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\dwmapi.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\cfgmgr32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\profapi.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\wshbth.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\Windows.UI.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\winmm.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\gdi32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\sechost.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\dwmapi.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\normaliz.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\NapiNSP.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\ntdll.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\gdi32full.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\rpcrt4.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\oleaut32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\uxtheme.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_010_wpn_0419.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps_outlined_button_x_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\templates\controller_ps4_wasd.vdf_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\appcache\httpcache\ec\ec19da2034f56e5088a3cf4dbcb3aa587468eed1_da39a3ee5e6b4b0d3255bfef95601890afd80709 C:\Program Files (x86)\Steam\steam.exe N/A
File opened for modification C:\Program Files (x86)\Steam\logs\cef_log.txt C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sd_button_aux_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\appcache\librarycache\1782210_library_600x900.jpg C:\Program Files (x86)\Steam\steam.exe N/A
File opened for modification C:\Program Files (x86)\Steam\steamapps\downloading\2140510\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\audio_music_covenvictory_assets_all_8daa602a80285c85b30eae5ecae47b24.bundle C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\chkunseldis_sm.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\icon_officerStar.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\switchpro_rstick_left_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps5_l2_soft_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps_color_button_x_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\loop_7.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps5_trackpad_right.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sc_rt_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sd_ltrackpad_down_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_100_target_0050.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_045_move_0215.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steam\cached\game_details_header_red.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_mouse_l_click_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\appcache\librarycache\438100_header.jpg C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps5_trackpad_l_right_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sc_rb_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File opened for modification C:\Program Files (x86)\Steam\steamapps\downloading\2140510\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\audio_music_homemusicholiday_assets_all_b17094a79bb9be374224f268592f37da.bundle C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_040_act_0100.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps5_trackpad_r_up_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\resource\filter_banned_tchinese.txt.gz_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\appcache\httpcache\cc\cca5eca5672c787a2a8e9504481f1b1b0949b087_da39a3ee5e6b4b0d3255bfef95601890afd80709 C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_060_vehicle_0010.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\friends\icon_notChatting.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps5_l1_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\switchpro_button_home_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\icon_toast_newturns.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_060_vehicle_0100.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_090_media_0090.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\bin\cef\cef.win7x64\api-ms-win-core-handle-l1-1-0.dll_ C:\Program Files (x86)\Steam\steam.exe N/A
File opened for modification C:\Program Files (x86)\Steam\steamapps\downloading\2140510\TownOfSalem2_Data\Managed\com.playeveryware.eos-Editor.steam.utility.dll C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\resource\workshop_minibanner.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steam\cached\gameproperties_general.res_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\appcache\librarycache\8230_header.jpg C:\Program Files (x86)\Steam\steam.exe N/A
File opened for modification C:\Program Files (x86)\Steam\GameOverlayRenderer.log C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\chkseldown_sm.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\switchpro_lstick_right_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sc_dpad_up.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_mouse_scroll_up_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File opened for modification C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\symbols\dll\shell32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_040_act_0331.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\xbox_lt_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steamui\sounds\deck_ui_side_menu_fly_out.wav_ C:\Program Files (x86)\Steam\steam.exe N/A
File opened for modification C:\Program Files (x86)\Steam\steamapps\downloading\2140510\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\cinematic_rankedwrapup_assets_all_dbcb9e09f5e7f0d2f4683eef206144e2.bundle C:\Program Files (x86)\Steam\steam.exe N/A
File opened for modification C:\Program Files (x86)\Steam\steamapps\downloading\2140510\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_pathway_7_assets_all_a2674291d30aa6bb7cba8fe742dce548.bundle C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\cloud_localfiles.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\resource\vgui_romanian.txt_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\xbox_button_select_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\appcache\librarycache\18030_header.jpg C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\osx_max_down_new.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\resource\icon_folderup.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File opened for modification C:\Program Files (x86)\Steam\steamapps\downloading\2140510\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\silhouettes_24_assets_all_3c5073a1098781b15ff0dbadf5ed378f.bundle C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_010_wpn_0423.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_030_inv_0317.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\switchpro_rstick_left_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\combase.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\shcore.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\msvcp140.amd64.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\normaliz.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\gpapi.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\imagehlp.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\crypt32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\uxtheme.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\DLL\kernel32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2.exe N/A
File opened for modification C:\Windows\dll\ntdll.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2.exe N/A
File opened for modification C:\Windows\symbols\dll\UnityPlayer_Win64_player_mono_x64.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\advapi32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\shell32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\imm32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\normaliz.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\nsi.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\directxdatabasehelper.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\lib_burst_generated.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\DLL\dhcpcsvc.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\devobj.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\lib_burst_generated.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\DLL\kernel32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\ucrtbase.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\shcore.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\steamclient64.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\ntdll.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\vcruntime140.amd64.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\wintrust.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\audioses.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\tier0_s64.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\DLL\hid.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\msasn1.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\dxgi.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\Windows.UI.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\WinTypes.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\wldap32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\TextInputFramework.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\msvcrt.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\glu32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\cryptbase.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\gpapi.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\tier0_s64.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\msvcrt.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\Kernel.Appcore.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\profapi.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\DLL\dhcpcsvc6.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\nsi.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\CLBCatQ.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\kernelbase.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\shlwapi.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\imm32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\glu32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\cfgmgr32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\profapi.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\wbemsvc.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\powrprof.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\steamclient64.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\crypt32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\DXCore.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\mono-2.0-bdwgc.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2.exe N/A
File opened for modification C:\Windows\DLL\kernel32.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2.exe N/A
File opened for modification C:\Windows\symbols\dll\mono-2.0-bdwgc.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\win32u.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\combase.pdb C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\steam.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\steam.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Key opened \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\steam.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Steam\steam.exe N/A
Key opened \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\GameOverlayUI.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\GameOverlayUI.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Steam\GameOverlayUI.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Steam\steam.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2 C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Steam\GameOverlayUI.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\ C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Key created \REGISTRY\USER\ C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\steamlink\Shell\Open\Command C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steamlink\ = "URL:steamlink protocol" C:\Program Files (x86)\Steam\steam.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\ = "URL:steamlink protocol" C:\Program Files (x86)\Steam\steam.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-160263616-143223877-1356318919-1000\{BEC9B822-BEA4-4718-9C85-C3A23A7B40E0} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\Discord\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9034\\Discord.exe\" --url -- \"%1\"" C:\Windows\SysWOW64\reg.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\URL Protocol C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steamlink\Shell\Open C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steamlink\DefaultIcon C:\Program Files (x86)\Steam\steam.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steamlink\Shell\Open\Command C:\Program Files (x86)\Steam\steam.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\Discord C:\Windows\SysWOW64\reg.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\Discord\DefaultIcon\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9034\\Discord.exe\",-1" C:\Windows\SysWOW64\reg.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\ = "URL:steamlink protocol" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steam\Shell\Open C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\URL Protocol C:\Program Files (x86)\Steam\steam.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\DefaultIcon\ = "steam.exe" C:\Program Files (x86)\Steam\steam.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\ C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\Discord\shell\open\command C:\Windows\SysWOW64\reg.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\Discord\shell\open C:\Windows\SysWOW64\reg.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steam\ = "URL:steam protocol" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steamlink\ = "URL:steamlink protocol" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steam\URL Protocol C:\Program Files (x86)\Steam\steam.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steamlink C:\Program Files (x86)\Steam\steam.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steamlink\DefaultIcon C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" C:\Program Files (x86)\Steam\steam.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\Discord C:\Windows\SysWOW64\reg.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\steam C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steamlink C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steam\Shell\Open\Command C:\Program Files (x86)\Steam\steam.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\ C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\Discord C:\Windows\SysWOW64\reg.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steam\DefaultIcon C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steam\Shell\Open\Command C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steam\Shell\Open\Command C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steamlink\Shell\Open\Command C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steam C:\Program Files (x86)\Steam\steam.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steam\URL Protocol C:\Program Files (x86)\Steam\steam.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\Discord\DefaultIcon C:\Windows\SysWOW64\reg.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steamlink\URL Protocol C:\Program Files (x86)\Steam\steam.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steam C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steamlink\URL Protocol C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steamlink\DefaultIcon\ = "steam.exe" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steamlink\Shell C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steamlink C:\Program Files (x86)\Steam\steam.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steamlink\DefaultIcon\ = "steam.exe" C:\Program Files (x86)\Steam\steam.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steam\URL Protocol C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steam C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steam\Shell C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steamlink C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steam\DefaultIcon C:\Program Files (x86)\Steam\steam.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\Discord\ = "URL:Discord Protocol" C:\Windows\SysWOW64\reg.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\Discord\URL Protocol C:\Windows\SysWOW64\reg.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steam\ = "URL:steam protocol" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steam\URL Protocol C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\steam\DefaultIcon C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steam\ = "URL:steam protocol" C:\Program Files (x86)\Steam\steam.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steam\DefaultIcon\ = "steam.exe" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\DefaultIcon\ = "steam.exe" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A

Modifies registry key

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\reg.exe N/A
N/A N/A C:\Windows\SysWOW64\reg.exe N/A
N/A N/A C:\Windows\SysWOW64\reg.exe N/A
N/A N/A C:\Windows\SysWOW64\reg.exe N/A
N/A N/A C:\Windows\SysWOW64\reg.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\DiscordSetup.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\Downloads\SteamSetup.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Steam\steam.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1584 wrote to memory of 2512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 2512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 1368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 5068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1584 wrote to memory of 5068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 788 wrote to memory of 2216 N/A C:\Users\Admin\Downloads\DiscordSetup.exe C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
PID 788 wrote to memory of 2216 N/A C:\Users\Admin\Downloads\DiscordSetup.exe C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
PID 788 wrote to memory of 2216 N/A C:\Users\Admin\Downloads\DiscordSetup.exe C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
PID 2216 wrote to memory of 2320 N/A C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
PID 2216 wrote to memory of 2320 N/A C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
PID 2216 wrote to memory of 2320 N/A C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
PID 2320 wrote to memory of 4768 N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
PID 2320 wrote to memory of 4768 N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
PID 2320 wrote to memory of 4768 N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
PID 2320 wrote to memory of 1404 N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe C:\Users\Admin\AppData\Local\Discord\Update.exe
PID 2320 wrote to memory of 1404 N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe C:\Users\Admin\AppData\Local\Discord\Update.exe
PID 2320 wrote to memory of 1404 N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe C:\Users\Admin\AppData\Local\Discord\Update.exe
PID 2320 wrote to memory of 1252 N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
PID 2320 wrote to memory of 1252 N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
PID 2320 wrote to memory of 1252 N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
PID 2320 wrote to memory of 1252 N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
PID 2320 wrote to memory of 1252 N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
PID 2320 wrote to memory of 1252 N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
PID 2320 wrote to memory of 1252 N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
PID 2320 wrote to memory of 1252 N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
PID 2320 wrote to memory of 1252 N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
PID 2320 wrote to memory of 1252 N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffaf8fe9758,0x7ffaf8fe9768,0x7ffaf8fe9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffaf8fe9758,0x7ffaf8fe9768,0x7ffaf8fe9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1724 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --mojo-platform-channel-handle=3208 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1988 --field-trial-handle=1724,i,13314970069806963038,7805011047336303959,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=7 --mojo-platform-channel-handle=3540 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1628 --field-trial-handle=1724,i,13314970069806963038,7805011047336303959,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --mojo-platform-channel-handle=3176 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2180 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --mojo-platform-channel-handle=4272 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=9 --mojo-platform-channel-handle=4996 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5780 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5100 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --mojo-platform-channel-handle=5176 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=13 --mojo-platform-channel-handle=4992 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2732 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4908 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5908 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3244 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5208 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6060 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5376 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6252 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:8

C:\Users\Admin\Downloads\DiscordSetup.exe

"C:\Users\Admin\Downloads\DiscordSetup.exe"

C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe

"C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe" --install .

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=1068 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6660 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:2

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

"C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe" --squirrel-install 1.0.9034

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9034 --annotation=plat=Win32 --annotation=prod=Electron --annotation=ver=22.3.26 --initial-client-data=0x568,0x56c,0x570,0x560,0x574,0x84d5d78,0x84d5d88,0x84d5d94

C:\Users\Admin\AppData\Local\Discord\Update.exe

C:\Users\Admin\AppData\Local\Discord\Update.exe --createShortcut Discord.exe --setupIcon C:\Users\Admin\AppData\Local\Discord\app.ico

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

"C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1748 --field-trial-handle=1984,i,8352434347413046769,14404512215789347091,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

"C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --standard-schemes --secure-schemes=sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=sentry-ipc --service-worker-schemes --streaming-schemes --mojo-platform-channel-handle=2064 --field-trial-handle=1984,i,8352434347413046769,14404512215789347091,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8

C:\Windows\SysWOW64\reg.exe

C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\shell\open\command /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe\" --url -- \"%1\"" /f

C:\Windows\SysWOW64\reg.exe

C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\DefaultIcon /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe\",-1" /f

C:\Windows\SysWOW64\reg.exe

C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /v "URL Protocol" /f

C:\Windows\SysWOW64\reg.exe

C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /ve /d "URL:Discord Protocol" /f

C:\Windows\SysWOW64\reg.exe

C:\Windows\System32\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord /d "\"C:\Users\Admin\AppData\Local\Discord\Update.exe\" --processStart Discord.exe" /f

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --mojo-platform-channel-handle=4276 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --mojo-platform-channel-handle=2436 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --mojo-platform-channel-handle=4924 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --mojo-platform-channel-handle=5464 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5780 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6800 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6984 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6584 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3228 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:8

C:\Users\Admin\Downloads\SteamSetup.exe

"C:\Users\Admin\Downloads\SteamSetup.exe"

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe

"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca

C:\Program Files (x86)\Steam\bin\steamservice.exe

"C:\Program Files (x86)\Steam\bin\steamservice.exe" /Install

C:\Program Files (x86)\Steam\steam.exe

"C:\Program Files (x86)\Steam\steam.exe"

C:\Program Files (x86)\Steam\steam.exe

"C:\Program Files (x86)\Steam\steam.exe"

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Admin\AppData\Local\Steam\htmlcache" "-steampid=9000" "-buildid=1705108172" "-steamid=0" "-logdir=C:\Program Files (x86)\Steam\logs" "-uimode=7" "-startcount=0" "-steamuniverse=Public" "-realm=Global" "-clientui=C:\Program Files (x86)\Steam\clientui" "-steampath=C:\Program Files (x86)\Steam\steam.exe" "-launcher=0" --enable-media-stream --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-quick-menu "--disable-features=SameSiteByDefaultCookies" "--enable-blink-features=ResizeObserver,Worklet,AudioWorklet" "--disable-blink-features=Badging"

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\Admin\AppData\Local\CEF\User Data" --url=https://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1705108172 --initial-client-data=0x350,0x354,0x358,0x31c,0x35c,0x7ffaf307f070,0x7ffaf307f080,0x7ffaf307f090

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=1644,13174571811861613262,9818304637831762622,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=en-US --buildid=1705108172 --steamid=0 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=1652 /prefetch:2

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1644,13174571811861613262,9818304637831762622,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --lang=en-US --service-sandbox-type=network --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=en-US --buildid=1705108172 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=1840 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004D8 0x00000000000004AC

C:\Program Files (x86)\Steam\bin\gldriverquery64.exe

.\bin\gldriverquery64.exe

C:\Program Files (x86)\Steam\bin\gldriverquery.exe

.\bin\gldriverquery.exe

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1644,13174571811861613262,9818304637831762622,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2392 /prefetch:1

C:\Program Files (x86)\Steam\bin\vulkandriverquery64.exe

.\bin\vulkandriverquery64.exe

C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe

.\bin\vulkandriverquery.exe

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=1644,13174571811861613262,9818304637831762622,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=en-US --buildid=1705108172 --steamid=0 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=1848 /prefetch:2

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1644,13174571811861613262,9818304637831762622,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=1828 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=1644,13174571811861613262,9818304637831762622,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=en-US --buildid=1705108172 --steamid=0 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=3556 /prefetch:2

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1644,13174571811861613262,9818304637831762622,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3348 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=1644,13174571811861613262,9818304637831762622,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=en-US --buildid=1705108172 --steamid=0 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --use-gl=swiftshader-webgl --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=3556 /prefetch:2

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=33 --mojo-platform-channel-handle=2384 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=34 --mojo-platform-channel-handle=4928 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Admin\AppData\Local\Steam\htmlcache" "-steampid=9000" "-buildid=1705108172" "-steamid=76561198974682356" "-logdir=C:\Program Files (x86)\Steam\logs" "-uimode=7" "-startcount=1" "-steamuniverse=Public" "-realm=Global" "-clientui=C:\Program Files (x86)\Steam\clientui" "-steampath=C:\Program Files (x86)\Steam\steam.exe" "-launcher=0" --enable-media-stream --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-quick-menu "--disable-features=SameSiteByDefaultCookies" "--enable-blink-features=ResizeObserver,Worklet,AudioWorklet" "--disable-blink-features=Badging"

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\Admin\AppData\Local\CEF\User Data" --url=https://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1705108172 --initial-client-data=0x35c,0x360,0x364,0x338,0x368,0x7ffaf307f070,0x7ffaf307f080,0x7ffaf307f090

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5196 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2328 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:8

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=en-US --buildid=1705108172 --steamid=76561198974682356 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=1612 /prefetch:2

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Steam\steamerrorreporter64.exe

C:\Program Files (x86)\Steam\steamerrorreporter64.exe -pid=7056

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --lang=en-US --service-sandbox-type=network --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=en-US --buildid=1705108172 --steamid=76561198974682356 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=2228 /prefetch:8

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=76561198974682356 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2412 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=76561198974682356 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2436 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=76561198974682356 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2456 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=76561198974682356 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2464 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=76561198974682356 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2536 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=76561198974682356 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=2624 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=76561198974682356 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=2636 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=76561198974682356 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=2644 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=76561198974682356 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2776 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=76561198974682356 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2784 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=76561198974682356 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2792 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=76561198974682356 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2928 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=76561198974682356 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=2944 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=76561198974682356 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3088 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=76561198974682356 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=3096 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=76561198974682356 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=3256 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=en-US --buildid=1705108172 --steamid=76561198974682356 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=1832 /prefetch:2

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=76561198974682356 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5896 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=en-US --buildid=1705108172 --steamid=76561198974682356 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=1832 /prefetch:2

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=76561198974682356 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5824 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=en-US --buildid=1705108172 --steamid=76561198974682356 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --use-gl=swiftshader-webgl --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=5616 /prefetch:2

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --disable-gpu-compositing --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=76561198974682356 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5964 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --disable-gpu-compositing --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=76561198974682356 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=2612 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=37 --mojo-platform-channel-handle=7152 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=en-US --buildid=1705108172 --steamid=76561198974682356 --gpu-preferences=MAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAIAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --use-gl=swiftshader-webgl --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=5184 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5028 --field-trial-handle=1764,i,2201789756278387177,16039584497653227416,131072 /prefetch:8

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --lang=en-US --service-sandbox-type=audio --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=en-US --buildid=1705108172 --steamid=76561198974682356 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=1504 /prefetch:8

C:\Program Files (x86)\Steam\bin\x64launcher.exe

"C:\Program Files (x86)\Steam\bin\x64launcher.exe" -hproc 131c -hthread 1300 -baseoverlayname C:\Program Files (x86)\Steam\gameoverlayrenderer64.dll

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2.exe

"C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2.exe"

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe

"C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe" --attach 9140 1790772252672

C:\Program Files (x86)\Steam\GameOverlayUI.exe

"C:\Program Files (x86)\Steam\GameOverlayUI.exe" -pid 9140 -steampid 9000 -manuallyclearframes 0 -gameid 2140510

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1604,5110329039809555873,13379251681924840642,131072 --enable-features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --disable-gpu-compositing --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-features=Badging --lang=en-US --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1705108172 --steamid=76561198974682356 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=5376 /prefetch:1

C:\Program Files (x86)\Steam\steamerrorreporter64.exe

C:\Program Files (x86)\Steam\steamerrorreporter64.exe -pid=9140

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe

"C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe" "9140" "1790772252672"

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2.exe

"C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2.exe"

C:\Program Files (x86)\Steam\bin\x64launcher.exe

"C:\Program Files (x86)\Steam\bin\x64launcher.exe" -hproc 134c -hthread 12d8 -baseoverlayname C:\Program Files (x86)\Steam\gameoverlayrenderer64.dll

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe

"C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe" --attach 14236 2744639819776

C:\Program Files (x86)\Steam\GameOverlayUI.exe

"C:\Program Files (x86)\Steam\GameOverlayUI.exe" -pid 14236 -steampid 9000 -manuallyclearframes 0 -gameid 2140510

Network

Country Destination Domain Proto
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
IE 74.125.193.99:443 www.google.com udp
IE 74.125.193.99:443 www.google.com tcp
IE 74.125.193.99:443 www.google.com tcp
IE 172.253.116.113:443 google.com tcp
IE 172.253.116.113:443 google.com tcp
IE 74.125.193.99:443 www.google.com tcp
IE 172.253.116.113:443 google.com tcp
US 8.8.8.8:53 94.116.253.172.in-addr.arpa udp
IE 74.125.193.99:443 www.google.com udp
IE 74.125.193.99:443 www.google.com udp
US 8.8.8.8:53 95.202.85.209.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 162.159.136.232:80 discord.com tcp
US 162.159.136.232:80 discord.com tcp
US 162.159.136.232:443 discord.com tcp
US 8.8.8.8:53 assets-global.website-files.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 global.localizecdn.com udp
US 162.159.136.232:443 discord.com udp
IE 172.253.116.95:443 ajax.googleapis.com tcp
IE 172.253.116.95:443 ajax.googleapis.com tcp
US 104.18.5.175:443 global.localizecdn.com tcp
DE 18.154.168.66:443 assets-global.website-files.com tcp
GB 96.17.179.184:80 apps.identrust.com tcp
US 8.8.8.8:53 95.116.253.172.in-addr.arpa udp
US 8.8.8.8:53 66.168.154.18.in-addr.arpa udp
US 8.8.8.8:53 36.92.85.52.in-addr.arpa udp
DE 54.230.55.101:443 d3e54v103j8qbb.cloudfront.net tcp
DE 18.155.145.92:443 assets.website-files.com tcp
DE 18.155.145.92:443 assets.website-files.com tcp
DE 18.155.145.92:443 assets.website-files.com tcp
DE 18.155.145.92:443 assets.website-files.com tcp
DE 18.155.145.92:443 assets.website-files.com tcp
DE 18.155.145.92:443 assets.website-files.com tcp
US 104.18.32.137:443 geolocation.onetrust.com tcp
US 104.18.32.137:443 geolocation.onetrust.com tcp
IE 209.85.202.93:443 www.youtube.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
IE 172.253.116.95:443 content-autofill.googleapis.com udp
US 104.18.5.175:443 global.localizecdn.com udp
DE 54.230.55.101:443 d3e54v103j8qbb.cloudfront.net tcp
DE 18.155.145.92:443 assets.website-files.com tcp
US 104.18.48.115:443 dl.discordapp.net tcp
IE 172.253.116.113:443 google.com udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
IE 74.125.193.147:443 www.google.com udp
IE 172.253.116.113:443 google.com udp
IE 74.125.193.147:443 www.google.com udp
IE 74.125.193.138:443 consent.google.com udp
IE 74.125.193.106:443 www.google.com udp
GB 2.17.5.46:443 store.steampowered.com tcp
US 104.18.42.105:443 cdn.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 cdn.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 cdn.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 cdn.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 cdn.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 cdn.cloudflare.steamstatic.com tcp
IE 74.125.193.113:443 consent.google.com tcp
IE 209.85.202.101:443 apis.google.com tcp
GB 2.17.5.46:443 store.steampowered.com tcp
US 104.18.42.105:443 cdn.cloudflare.steamstatic.com tcp
CO 172.217.30.195:443 beacons2.gvt2.com tcp
CO 172.217.30.195:443 beacons2.gvt2.com udp
GB 23.214.154.77:443 help.steampowered.com tcp
GB 23.214.154.77:443 help.steampowered.com tcp
GB 104.77.160.198:80 media.steampowered.com tcp
GB 104.77.160.198:80 media.steampowered.com tcp
GB 104.77.160.198:80 media.steampowered.com tcp
DE 172.217.16.195:443 beacons.gvt2.com tcp
DE 172.217.16.195:443 beacons.gvt2.com udp
US 8.8.8.8:53 api.steampowered.com udp
GB 104.77.160.204:80 test.steampowered.com tcp
GB 23.214.154.77:443 api.steampowered.com tcp
GB 162.254.196.83:27021 ext2-lhr1.steamserver.net tcp
GB 162.254.196.68:27034 ext3-lhr1.steamserver.net tcp
GB 162.254.196.84:443 ext4-lhr1.steamserver.net tcp
FR 185.25.182.20:27038 ext1-par1.steamserver.net tcp
US 8.8.8.8:53 84.196.254.162.in-addr.arpa udp
US 8.8.8.8:53 20.182.25.185.in-addr.arpa udp
IE 209.85.202.102:443 redirector.gvt1.com tcp
DE 74.125.163.136:443 r3---sn-4g5lzney.gvt1.com tcp
N/A 127.0.0.1:62600 tcp
N/A 127.0.0.1:62599 tcp
N/A 10.127.255.255:27036 udp
GB 88.221.134.129:80 clientconfig.akamai.steamstatic.com tcp
GB 88.221.134.129:80 clientconfig.akamai.steamstatic.com tcp
GB 88.221.134.129:80 clientconfig.akamai.steamstatic.com tcp
GB 88.221.134.129:80 clientconfig.akamai.steamstatic.com tcp
GB 88.221.134.129:80 clientconfig.akamai.steamstatic.com tcp
GB 88.221.134.129:80 clientconfig.akamai.steamstatic.com tcp
GB 88.221.134.129:80 clientconfig.akamai.steamstatic.com tcp
GB 88.221.134.129:80 clientconfig.akamai.steamstatic.com tcp
GB 104.77.160.198:80 avatars.steamstatic.com tcp
GB 104.77.160.198:80 avatars.steamstatic.com tcp
GB 104.77.160.198:80 avatars.steamstatic.com tcp
US 8.8.8.8:53 cdn.steamstatic.com udp
US 8.8.8.8:53 steamstore-a.akamaihd.net udp
GB 104.77.160.218:443 cdn.steamstatic.com tcp
GB 104.77.160.200:443 steamstore-a.akamaihd.net tcp
GB 104.77.160.218:443 cdn.steamstatic.com tcp
GB 104.77.160.218:443 cdn.steamstatic.com tcp
GB 104.77.160.200:443 steamstore-a.akamaihd.net tcp
GB 104.77.160.200:443 steamstore-a.akamaihd.net tcp
US 8.8.8.8:53 200.160.77.104.in-addr.arpa udp
US 8.8.8.8:53 32.169.19.2.in-addr.arpa udp
US 8.8.8.8:53 201.179.17.96.in-addr.arpa udp
GB 23.214.154.77:443 steamcommunity.com tcp
GB 23.214.154.77:443 steamcommunity.com tcp
GB 2.17.5.46:443 store.steampowered.com tcp
GB 2.17.5.46:443 store.steampowered.com tcp
GB 23.214.154.77:443 steamcommunity.com tcp
GB 2.17.5.46:443 store.steampowered.com tcp
GB 23.214.154.77:443 steamcommunity.com tcp
GB 104.77.160.220:443 steamcommunity-a.akamaihd.net tcp
GB 104.77.160.198:443 avatars.steamstatic.com tcp
US 208.64.203.140:443 crash.steampowered.com tcp
US 162.159.128.233:443 discord.com udp
DE 172.217.16.131:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 131.16.217.172.in-addr.arpa udp
US 208.64.203.140:443 crash.steampowered.com tcp
US 8.8.8.8:53 remote-auth-gateway.discord.gg udp
US 162.159.130.234:443 remote-auth-gateway.discord.gg tcp
IE 74.125.193.95:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 95.193.125.74.in-addr.arpa udp
GB 104.77.160.208:443 clan.steamstatic.com tcp
GB 104.77.160.208:443 clan.steamstatic.com tcp
GB 104.77.160.208:443 clan.steamstatic.com tcp
GB 2.17.5.46:443 store.steampowered.com tcp
GB 23.214.154.77:443 steamcommunity.com tcp
US 208.64.203.140:443 crash.steampowered.com tcp
GB 104.77.160.220:443 steamstore-a.akamaihd.net tcp
GB 104.77.160.220:443 steamstore-a.akamaihd.net tcp
GB 104.77.160.220:443 steamstore-a.akamaihd.net tcp
GB 2.17.5.46:443 store.steampowered.com tcp
US 104.18.42.105:443 avatars.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 avatars.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 avatars.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 avatars.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 avatars.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 avatars.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 avatars.cloudflare.steamstatic.com tcp
GB 2.17.5.46:443 store.steampowered.com tcp
GB 2.17.5.46:443 store.steampowered.com tcp
GB 2.17.5.46:443 store.steampowered.com tcp
GB 104.77.160.208:443 clan.steamstatic.com tcp
GB 104.77.160.208:443 clan.steamstatic.com tcp
GB 104.77.160.208:443 clan.steamstatic.com tcp
GB 104.77.160.204:443 clan.steamstatic.com tcp
GB 104.77.160.204:443 clan.steamstatic.com tcp
GB 104.77.160.204:443 clan.steamstatic.com tcp
GB 104.77.160.206:443 avatars.steamstatic.com tcp
GB 104.77.160.208:443 clan.steamstatic.com tcp
GB 104.77.160.208:443 clan.steamstatic.com tcp
GB 104.77.160.208:443 clan.steamstatic.com tcp
US 8.8.8.8:53 206.160.77.104.in-addr.arpa udp
N/A 127.0.0.1:62600 tcp
N/A 127.0.0.1:62599 tcp
IE 172.253.116.207:443 steamcloud-london.storage.googleapis.com tcp
N/A 127.0.0.1:62600 tcp
N/A 127.0.0.1:62599 tcp
US 8.8.8.8:53 207.116.253.172.in-addr.arpa udp
GB 104.77.160.200:443 steamstore-a.akamaihd.net tcp
GB 104.77.160.200:443 steamstore-a.akamaihd.net tcp
GB 104.77.160.200:443 steamstore-a.akamaihd.net tcp
US 104.19.218.90:443 imgs3.hcaptcha.com tcp
N/A 127.0.0.1:27060 tcp
US 104.19.219.90:443 imgs3.hcaptcha.com udp
IE 74.125.193.95:443 content-autofill.googleapis.com udp
GB 104.77.160.218:443 cdn.steamstatic.com tcp
US 104.19.218.90:443 imgs3.hcaptcha.com tcp
US 104.19.219.90:443 imgs3.hcaptcha.com udp
US 162.159.128.233:443 discord.com udp
US 162.159.134.234:443 gateway.discord.gg tcp
US 8.8.8.8:53 234.134.159.162.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 35.186.224.25:443 api.spotify.com tcp
US 162.159.135.232:443 status.discord.com tcp
US 35.186.224.25:443 api.spotify.com udp
US 8.8.8.8:53 232.135.159.162.in-addr.arpa udp
US 162.159.129.233:443 cdn.discordapp.com tcp
US 162.159.129.233:443 cdn.discordapp.com tcp
US 162.159.129.233:443 cdn.discordapp.com tcp
US 162.159.129.233:443 cdn.discordapp.com tcp
US 162.159.129.233:443 cdn.discordapp.com tcp
US 162.159.129.233:443 cdn.discordapp.com tcp
US 162.159.129.233:443 cdn.discordapp.com udp
GB 96.17.179.142:443 i.scdn.co tcp
GB 96.17.179.142:443 i.scdn.co tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
IE 74.125.193.95:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 dealer.spotify.com udp
US 35.186.224.39:443 dealer.spotify.com tcp
US 8.8.8.8:53 media.discordapp.net udp
US 162.159.129.232:443 media.discordapp.net tcp
US 162.159.129.232:443 media.discordapp.net tcp
US 8.8.8.8:53 39.224.186.35.in-addr.arpa udp
US 8.8.8.8:53 232.129.159.162.in-addr.arpa udp
US 162.159.129.233:443 cdn.discordapp.com udp
GB 104.77.160.218:443 cdn.steamstatic.com tcp
GB 162.254.196.5:443 cache5-lhr1.steamcontent.com tcp
GB 162.254.196.23:443 cache13-lhr1.steamcontent.com tcp
GB 162.254.196.24:443 cache14-lhr1.steamcontent.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
DE 52.219.171.81:443 steamcloud-frf.s3.dualstack.eu-central-1.amazonaws.com tcp
GB 162.254.196.14:443 cache12-lhr1.steamcontent.com tcp
DE 54.230.207.189:80 ocsp.r2m01.amazontrust.com tcp
US 162.159.129.233:443 cdn.discordapp.com udp
GB 162.254.196.35:443 cache2-lhr1.steamcontent.com tcp
US 8.8.8.8:53 cache7-lhr1.steamcontent.com udp
GB 162.254.196.6:443 cache7-lhr1.steamcontent.com tcp
US 8.8.8.8:53 lancache.steamcontent.com udp
US 162.159.129.233:443 cdn.discordapp.com udp
US 162.159.129.232:443 media.discordapp.net tcp
US 162.159.129.233:443 cdn.discordapp.com udp
US 8.8.8.8:53 images-ext-2.discordapp.net udp
US 162.159.128.232:443 images-ext-2.discordapp.net tcp
US 8.8.8.8:53 store.steampowered.com udp
GB 104.77.160.208:443 cdn.steamstatic.com tcp
GB 104.77.160.208:443 cdn.steamstatic.com tcp
GB 23.37.1.117:443 store.steampowered.com tcp
US 8.8.8.8:53 117.1.37.23.in-addr.arpa udp
GB 23.214.154.77:443 steamcommunity.com tcp
GB 23.214.154.77:443 steamcommunity.com tcp
GB 104.77.160.208:443 cdn.steamstatic.com tcp
GB 104.77.160.208:443 cdn.steamstatic.com tcp
GB 104.77.160.208:443 cdn.steamstatic.com tcp
US 8.8.8.8:53 avatars.steamstatic.com udp
GB 104.77.160.206:443 avatars.steamstatic.com tcp
US 34.111.113.40:443 config.uca.cloud.unity3d.com tcp
US 8.8.8.8:53 userreporting.cloud.unity3d.com udp
US 34.107.181.14:443 userreporting.cloud.unity3d.com tcp
US 34.107.172.168:443 cdp.cloud.unity3d.com tcp
GB 104.77.160.208:443 cdn.steamstatic.com tcp
N/A 127.0.0.1:52514 tcp
GB 104.77.160.206:443 avatars.steamstatic.com tcp
GB 104.77.160.206:443 avatars.steamstatic.com tcp
GB 104.77.160.206:443 avatars.steamstatic.com tcp
N/A 127.0.0.1:52517 tcp
N/A 127.0.0.1:52524 tcp
GB 2.17.5.46:443 store.steampowered.com tcp
GB 2.17.5.46:443 store.steampowered.com tcp
GB 104.77.160.208:443 cdn.steamstatic.com tcp
GB 104.77.160.206:80 avatars.steamstatic.com tcp
GB 104.77.160.206:80 avatars.steamstatic.com tcp
GB 104.77.160.206:80 avatars.steamstatic.com tcp
US 35.190.78.8:443 perf-events.cloud.unity3d.com tcp
US 208.64.203.140:443 crash.steampowered.com tcp
US 162.159.138.232:443 discord.com udp

Files

\??\pipe\crashpad_1396_EXNFCLIGTJKKMUVO

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\63003f8b-f578-437a-b0bb-c8505ca3db4d.tmp

MD5 214a62b7826554e59fc15629990ac693
SHA1 17773ac58b76fd539f7c8c0eb9abd1da8a1f9560
SHA256 abe5d95855d1624eb4678db9cf0a65b696b276ceae53d1bb5e4c8acd557fe6a8
SHA512 007e9e2351ea71904145e0a8cd223922772592a9c67f9d0d3632bc059898621ed6b6ec62b61fbcffd4c97c40daf4fde4ff7c9ff1236d01962f03a3ee5bcb1746

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

MD5 873734b55d4c7d35a177c8318b0caec7
SHA1 469b913b09ea5b55e60098c95120cc9b935ddb28
SHA256 4ee3aa3dc43cb3ef3f6bfb91ed8214659e9c2600a45bee9728ebbcb6f33b088d
SHA512 24f05ed981e994475879ca2221b6948418c4412063b9c07f46b8de581047ddd5d73401562fa9ee54d4ce5f97a6288c54eac5de0ca29b1bb5797bdac5a1b30308

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5a087eb1530a03ee655c8c4d8e11a5e7
SHA1 d4b979621dad6083afadbba031f5907991649fe7
SHA256 df40e4abecdcb74600cbdb5f11dfdf7d13b9e79159ac7d78a6db90e3b7fb1039
SHA512 31f609484ed21ebc607114ae896c0e219196da9b5cb21a3213a2c912076df430f5ff78af7893f286bc6e0f578b7487909f8dac87dfb6eca3a0ba7fb9ab9e12b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 aa85b683fbf774a8f6bf1557558b8ef4
SHA1 7b13ca1791ed4218acfebbf74f04061a045c3edc
SHA256 e23a5a7895ad2e72277dbd420748c65b6789a12b7db0e6435feeab5f2736ad0e
SHA512 b7866508e123dfcbece9a97be78430ea6b02cb2f4dc45db45f634152e42cd8fc6329ca34bbf70b98512cd56dde800e409efc14476d75ea255415e1a62b3dc529

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 97838f15402e88ccb59499942494f32e
SHA1 d7111f779a34cc329261b915286942120bec3493
SHA256 21c05d45fb60c95b2e4728641571d04ddaa8e5762f7b69483fd7e023ac9adec7
SHA512 252f0ca778d8c8b1f54e66cf4bdbc1f492fd4038c5561d04e4d7cfc2849c847657236ac0a23278cb39ded8d1d85f3165a9f659b639a2f7d7ba4f27da1dbfe76c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7074d29e0422359ffd75a81847705d4d
SHA1 c9cda2b2387e73ee65f848ce416bdf6821061e19
SHA256 415dcd00d6d2843e7d9d1ad2de665b47a747883a57794140ad350bd4837b24c8
SHA512 8de517563862b22a809b6cad1daed7d7ad75124db0f63f1788a605654c8faca16b17b55a6e0c5425b76ac4bfd958af249b171a80e093f362fe4bd69541338b7e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 00427aa9390b95c47cf0dca80adf3605
SHA1 75d19564accb6d5f7c07208fba41eded06580b10
SHA256 c942b00e81544b056a012f13e382b9f07dc9dcf4338e1855c42c78c63323f698
SHA512 bf9bbe03de9890ca0d05bbc62452d28835bec1f49367b8884db441f673fe199aacac430dbfccb8b8a9621357cef1a5db34f43ddcedf9477c1019b3ba783b9a4a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 b012b20ba0a13216e1900da0975103d9
SHA1 f998bfdbcf6bba9be05e797149984f61648aa51e
SHA256 8af7645675ef4ddbc8b5569add0c74ab419f930656bf6fd19390da762b4a1a9f
SHA512 5b8d4429d3d29fe4acf1b24430156d489fbdc260f8553d27f84b0315f1e59f69047ffd976a8eeb8cf4755e7f962a1c15c9c44b178432ac1d26f5ce30933cc790

C:\Users\Admin\Downloads\DiscordSetup.exe

MD5 0d0dd0a204f12a1f043d63431f362bf2
SHA1 39e52cc4e15cc448b7f955ff262801f56effe03a
SHA256 9e14307956c18ef93478d3dce5e59b14009edf277513034a43aa7b1376738aed
SHA512 86410550129a438fcea13e4ec4e7755ad6fdbf0f1b11c44362c43a8f47047c109e940edcce321d054b2f9e6cdb72e99324b31d3a09d34fda014db2f3206a53c9

C:\Users\Admin\Downloads\DiscordSetup.exe

MD5 632d1ceea84b419987ffd58f3776014d
SHA1 74dc2f1428cff2fb86375f97bacd0c48b35715f1
SHA256 83d77b506dafb6a229783e39a63c43ba6f8b4e4479c1befa435235078c5c367f
SHA512 cbc0c40588c6da61371066c024df83bc93b2cc7d366750b43fcf3b9ef2509073094e368d81eed108d0d7d386da30d5ec42ed46f3e8098509cb7ce46dffaeb96a

C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe

MD5 b761d7400d5136ee0b1a40b5a3228152
SHA1 ad859361b2494f2de31a85904a076c7bd3214f5a
SHA256 4e06db09b8c3769968c3d0b51d7cf7470fdba1aaf32decf49dbd923708f86ae7
SHA512 a7f6919dc30ab2b3bfd2af6e544fcfcbf7bc52aa40c96136b6a3c9707d14d1116a3f7e72bc334d465bc7dab7df8fe824e7fe74937830b3540e4fa38896c5bc10

memory/2216-163-0x00000000006A0000-0x0000000000816000-memory.dmp

memory/2216-164-0x0000000073890000-0x0000000074041000-memory.dmp

memory/2216-165-0x00000000052A0000-0x00000000052B0000-memory.dmp

C:\Users\Admin\AppData\Local\SquirrelTemp\RELEASES

MD5 e9918809775d58624595598e49b57dbd
SHA1 d4e170c0fb629d2835e17bfefaefca66628184ca
SHA256 04e4b3bd71dac9838240c0ddcc37c69024d06d9780f6180b9617c6272647ebc1
SHA512 6ab392981d0806d41d1b991ea97be5b4a218997ef3646ee4528969660baa5bc70365d392640c6bcb9492c0fe5456b062e334c42e6884bf6ab37df372f7f79048

C:\Users\Admin\AppData\Local\SquirrelTemp\Discord-1.0.9034-full.nupkg

MD5 7658d082daf603e8fb079b318069c08b
SHA1 37fb2320a571d2952a426aef9dcf4dcd3caf4ae3
SHA256 98e63921f1bf0fb60d4aeb726551a4adff9fc527514c6c9d9bdf90b503dbf779
SHA512 275d6534d4bbc48b6a2f0ba68713d683e942d240627baef8704944a6cf1b9f3d1cc9aa8caa288a6399961d1a194bdaba677e0e9bc5c3f25fc7d291d7dda84bb8

memory/2216-178-0x00000000077D0000-0x00000000077D8000-memory.dmp

memory/2216-179-0x0000000007850000-0x0000000007888000-memory.dmp

memory/2216-180-0x0000000007820000-0x000000000782E000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

MD5 b82ca47ee5d42100e589bdd94e57936e
SHA1 0dad0cd7d0472248b9b409b02122d13bab513b4c
SHA256 d3c59060e591b3839ec59cad150c0a38a2a2a6ba4cc4dc5530f68be54f14ef1d
SHA512 58840a773a3a6cb0913e6a542934daecaef9c0eeab626446a29a70cd6d063fdb012229ff2ccfa283e3c05bc2a91a7cac331293965264715bdb9020f162dc7383

memory/2216-359-0x0000000073890000-0x0000000074041000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 83f7e7dc9c3555115fc8a1eb640dc942
SHA1 ee8e85a856883c31a071cbb7a4d5863b45c986ba
SHA256 cea39ed29e5b90667d9207d81d7357481d5ef7a5bd21ac66e2d083d6c7d092fc
SHA512 6999b62f95db47cf5ce9420ae69ec2749e83cb70ca5846284b055556053997639617e935379470dd42fd05e78476a7876c35f22279e7d44fb9c5acc0ee35be5f

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

MD5 e977dbb453255a0ced1917c2b47ff703
SHA1 789e226d83330696a5046302b927b4c14b27b5b7
SHA256 88ec5b128ede5bd5671103b369f11fe398755324d5cddfb9f559a6ab7fa2112a
SHA512 52e461ec5902cb420de4497a9de5e07e1025b74241fd7e60892b129db9e07c55ebe99744e204498c02ad4feb6023aca7f157836f59eb8721e74d9b3ec6f2a46a

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

MD5 64735fc38104e333611c9a44cdeaeb8b
SHA1 4e332085847fa8e9b11e2ac5c07347b77ecfdca6
SHA256 273f04658e8c3f20f92ce65c3dc309135350d72975e77a039d6cf6fe6448a622
SHA512 83cceb589787b705b7ffcaf1f9a91e88b2a49343c0c6467d8f877ed41a30f30df19ffd0ffe7f446d8ba8293435b20b2deede878e96fba6aaa70075d5500bb3cc

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\ffmpeg.dll

MD5 b6caf2692ad9bb4d79785238f7dba484
SHA1 7915a5bd4e9ba31bf7caaca17fadcf303c74566d
SHA256 9c37f1a940b61a578d13263481fd2e883072ea9d19bdd31f1e752a41eab1c5e6
SHA512 2a212f09ed449c49a88d7f64b201bd4646bd43ce08f306d1a93c2afe674858c9447ef4534d5487875a3892928b31d81643b2b7335f8c7d1c6499ab9d3a82cc72

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\ffmpeg.dll

MD5 3aa53e910577a792500dea36bccb0ba2
SHA1 5a9935fea392c54542d2202c1623eef1bbaa63f3
SHA256 757d09449b25e97cb77730eeafc39689b359226844fbfab0b5619811c4b36b83
SHA512 65084a100edacd5555faa52ad4140768fdd5399b290a56cc5836c154c6455c1ea24cb1f44fdc8312c4c4c23fe7afe330cd0632bac31229f2970adc15d679ca37

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

MD5 92ce7329bcdfdac2c58571d94a96cf91
SHA1 779606d0021c5e1a7fda801b4485635fc4e4e69e
SHA256 30319f078a0f814d9f5c3a7f001dd32dfc1e0b8636e214dc5fe916facf03f0ba
SHA512 7900359b153d1e9d7e91983b4c09e55f120db69a9355db5ec0661b782bfc9c2ef6909d171324acc52b793bce0596e5abaaff9e88abab19b236776c4154d653e4

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\v8_context_snapshot.bin

MD5 3f6f227dc46c0d5262cd6ca9bb7703e5
SHA1 c8bc76f93cc6305e70f2041a52acfa6c44e9889b
SHA256 869f5e88fb5e04840f035fc1c3f688e94499c8514bd053c9979413ebb8de4611
SHA512 566394fef910b8edeb04c7f5c172ce9b361478275463f7eee4b5611536241431fa7638e47e5ac4b9df7467c98b120869b4e4f87e46628b40dae5685897cd256c

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\icudtl.dat

MD5 bab1b9539162f1c16f3c4921a9e22f17
SHA1 831f8d7441372c6ac5648dd2736603635f31cd46
SHA256 9296d427ef3e61ea4af99cf8877f86eaa253a95bb719d1dff182efe95ce300ff
SHA512 86db591291ba5c417767e956f498cef06e15526d5177db86a00b65c2a7e9b74cd5480cc72d2282f509e9e400ed39bf1ef75d80f6ef5b7ca6b489d63702c017d9

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\resources\app.asar

MD5 641dd4bd0bcf9afba744a2b0f460a46f
SHA1 7fd42c6f0eabc91102c6a30bccd760c7b71d32a2
SHA256 8213e0eba4a0cb0abfb17a09a7d5b5390b85109aac00ed6d075f3460a0610dcd
SHA512 855a39177e09926eea3fa110d335f3cb0d5f01e0c86a2e6ff8df04ad5f43de793550a211872ee63b59e2e2f3600e26192ab4601b537cf76c31a30de72995a549

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\resources\build_info.json

MD5 bda0e192ecd5b268af1dbbf93c13a154
SHA1 d6b7b2d7027065ece9ad48c9d3719b0114fa4745
SHA256 317380e636c13649b2a612755b465680670f8b72afd54a31f02165247b2dba3b
SHA512 3afee33b1503a2306d47b65b6d8f130cc14b7ec93129dda54696f42b20ecef57b68685ce4d2ced5928ad84b08a149d1c7ade0a7e55b538ab1efa218c62c3851e

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

MD5 d744230017d27c7d93aedd3075c9551d
SHA1 1f700560d2e98a4e8810947ed3544e48a8476157
SHA256 34f74d7ac87cc8e2d2cd11a9fdc5c1f9800f716bdd9f60f3a48ad50b7eb7ae07
SHA512 6aefeb7b8f3581b922b522778b717a92517fcd084b524b1749f4759dd1cde445ba1dc0300d22313642cac12a33096df29409021d0d2d3e8a2bbbd3e49ebce234

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\ffmpeg.dll

MD5 4bebb64be716ff23fae800fcc54b3417
SHA1 cf6f7e6bc54f3ac655f60951fd6666e1310cd89b
SHA256 e12f8637fa5e3b9d337f836615fe1c9b2079ac5120d56fe441447628dd0d617a
SHA512 14bc38a5212195f7df071be330fc4d9b3dd873eec1b93d17c93716e550dc531c477f92bc0098d60245823ba5e05cc2654a21c31658b444402059a7ebf742014a

C:\Users\Admin\AppData\Local\Discord\Update.exe

MD5 d814b6b07e1b7796685393231e883ad7
SHA1 2fb2647f7a4ccedde39143dd8c4e855b1282e26b
SHA256 859f7e812a0feceb349c575e9dc340c68f808cbf4ff3de7f8877f26e0d32e33f
SHA512 50e4dff75f2c1ac99fa3835d2bcd80cea0956011e2cef56742ff6b8e7c9dfdac89c802f25097311b3e4330d3fd95f69ac525ed00ea12cd2da29e5c04a130ba63

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\app.ico

MD5 084f9bc0136f779f82bea88b5c38a358
SHA1 64f210b7888e5474c3aabcb602d895d58929b451
SHA256 dfcea1bea8a924252d507d0316d8cf38efc61cf1314e47dca3eb723f47d5fe43
SHA512 65bccb3e1d4849b61c68716831578300b20dcaf1cbc155512edbc6d73dccbaf6e5495d4f95d089ee496f8e080057b7097a628cc104fa8eaad8da866891d9e3eb

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\resources.pak

MD5 cb6d08587de03baeb88c68863fd7b047
SHA1 7b2a59db6129ea93d1a912786bb423afab8f2890
SHA256 645652b4bde2818d2945e07ffd59c92033ce1b3b23c01ab459b4b005a43d9e36
SHA512 47a01e535660da6a568cb6861664558e7a34647bd92f00549314658b940ceacdfd35b977e7ee93a1660e3cbc1abeeca562a0e7dfb3c7baee8b845f66ec0ff96f

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\locales\en-US.pak

MD5 3f6f4b2c2f24e3893882cdaa1ccfe1a3
SHA1 b021cca30e774e0b91ee21b5beb030fea646098f
SHA256 bb165eaa51456b52fcbdf7639ee727280e335a1f6b4cfb91afc45222895b564f
SHA512 bd80ddaa87f41cde20527ff34817d98605f11b30a291e129478712ebebe47956dbd49a317d3eeb223adf736c34750b59b68ad9d646c661474ad69866d5a53c5c

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\chrome_200_percent.pak

MD5 5604b67e3f03ab2741f910a250c91137
SHA1 a4bb15ac7914c22575f1051a29c448f215fe027f
SHA256 1408387e87cb5308530def6ce57bdc4e0abbbaa9e70f687fd6c3a02a56a0536c
SHA512 5e6f875068792e862b1fc8bb7b340ac0f1f4c51e53e50be81a5af8575ca3591f4e7eb9239890178b17c5a8ff4ebb23719190d7db0bd8a9aa6dcb4308ffa9a34d

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

MD5 54788bb78c238fd0f4459c16de22f0ab
SHA1 1cf394d3a73b5f2d810463bb9302dd8b72a4ca12
SHA256 418496e961f8b330da79a073b805952ec231094dec8cab162feedc52e966661a
SHA512 ace9f35422c79065e99fd3ec8a1b0145fc8a70ac0df6496e940db2dcfa296d6f2290d7729447e3177c189e667ab1f80bd53f7e48c62ebd75640d5170a8fc20c0

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

MD5 2f12d40c51b9e3b1171e6a1f35457901
SHA1 3cb2ca6546c30cbfbf205b57d81a655ea7d8e30a
SHA256 192ec83dbac8ef61549c445694af778b5a0b1f2254ea79dcdf5c6f302754356d
SHA512 be0f009efc77a3b6c7020693ec4fde47f764d70fb8021bb6167b1c6a9248316a6fa1fafda69b3b427b39e365741e6acbfe987812ed9b1e653316ff5d511f769a

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\ffmpeg.dll

MD5 b55894763892b1a8e960a29277756d67
SHA1 20ec9c8ffea58b4dda27186a6777f522ae59aa3c
SHA256 846b9e31a1b4edaf6242f47dcc708333045121b3af95f05c96db4be9a74d748f
SHA512 568772c82a341d3e14a32c29794e57429126d8dece0100dbb210a6df8ffcaed0773e2d362d45201cb6ec732e5a562f0c9893a7cac7506a020f21e26322bf8ed2

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\ffmpeg.dll

MD5 981ed50f879e7477f0f141d75dbba564
SHA1 f3299321dcb2af160a4ce73f0662f13f4b5c6847
SHA256 ed0dc985f7aa5ad82139d0b871be744998158fd1bfeed56c30f41d22ce37a789
SHA512 063fc7babe9d70dd8d9b9807c198257a4ab30fd4cb54129ddd010c898184abe34341e571188739833c8f90c72bd8d96e949485d9715cd5458b552248d1197df8

memory/1404-432-0x0000000073890000-0x0000000074041000-memory.dmp

C:\Users\Admin\AppData\Local\Discord\packages\Discord-1.0.9034-full.nupkg

MD5 7108cb1ab200655ef8aad499833a74eb
SHA1 bcc2000b002d9dc0a0a30a4e7566f08bdb07c96d
SHA256 1dc5dc62baf743ebc1bbd0cded2cc5e508dd491b7c399413e842169a61f7e588
SHA512 9fc2d5ba0a7b4c8aecc2f5118facb8b115cbc3b5c5ad367b6c29dca6996f2f6fcb89a0a292f42ab28aeda5ab8620ca1808c4eaf803d82d13ba4c647c95218de2

memory/1404-446-0x0000000004EF0000-0x0000000004F00000-memory.dmp

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\libEGL.dll

MD5 8d9d0997d5b5be2e30159c4f337c573b
SHA1 9875657eb8ff62775a967f62f0ccb860d74c64ce
SHA256 998fd933050ccbab69ab2aea778bec4bc86e8e26e919b5d37ab175c18a1ebac7
SHA512 dff3bb6e16d63c74f0f763698866d4d14da6ae2f2686af56c46b6182fb2e9586a7904fefd6c00076c6a89bcdbc3f51dba1ccba1a009bc3494280973795bfe542

memory/1404-455-0x00000000029C0000-0x00000000029E0000-memory.dmp

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\vk_swiftshader.dll

MD5 56ecacf0d6f598c8596005642b40c67a
SHA1 5acdf6cce0fefdeac1229bf1c3c4a531ce0695da
SHA256 bc96d8a089e7108a324a62782daa6fdab5dcc1dc11911a0b5f40ef554dec7f1c
SHA512 cff9fbcc51aab506b179551126d06ea1a01195507e9f186ed19368d708e7509f62faf720e2682486576c167ca49cec1b08c3d727ee113fb6990259e7fc95d895

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\libegl.dll

MD5 f55234f2e0be3d2c04fa3a67acf39aef
SHA1 916a45202211b7ad5f50f086fdb79df20a9bd474
SHA256 d2d19bc14d075cdb52232d44c7ec13a8d34a20a76a1f9b7e325562876f7d35de
SHA512 0e951e7d13b9176a9fc7a7c83f1b306621bfab16509aefc83977e16e7e978999a7b58548a58581ee28b4128cf3b1a7e9ee60683d8fbfc0391c52bd6bcc1e36c4

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\libGLESv2.dll

MD5 97ed4486f6acc05b7ddaa995c4b62389
SHA1 83a3e7ee7dba924971a5edb26d178b48c449ed83
SHA256 bcc3c63d71d783e49da1f1cbe3d717135df1f5ca3e915e56ecc9e473731c8fa8
SHA512 898b93ed0d8d97d65cc0c4f6f8cdb5752e95d7768c0e1302395ea149afb037512fdea2746c3d249367274d85774a369847f64ea7b6c9e66e0e8a8c1ee0ec377e

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\libglesv2.dll

MD5 55a06a2b1bf64e431b9ce883f87b5c65
SHA1 42904157a157e09d28e1f0c1906af0acbfe9deff
SHA256 9d1bdaab84e78157d255c0f5361c1b80add92b0fe1c39c910ab10218e0a2c06b
SHA512 4d38565aa349197f1def32da53ea52c5db23b1126fd956d7f66a1164c433b24557135e15d0e521461455da5771025c0b69233782cd915509c54bdfa38fa6f325

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\d3dcompiler_47.dll

MD5 f9c68a73d2ee201771133e5429d0b216
SHA1 f0b0b6c1e1fff62e591435ad7bcd18dfcf7ca55d
SHA256 3103be31b5e740ccd03324d46ca029aeeb98978e94bede6a66173679f7bf8838
SHA512 2512a85c50842cc06e395e26804d11e2b6ae74004c7d636215ecf393fe7867095ff4999eb263c55c6123bbba9b9acbb1ed8885e0ff1eddec0e9ed06101ffd003

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\D3DCompiler_47.dll

MD5 22bbb25d13f57531796ce0d59c0aaedf
SHA1 8b62639c3d155557c6ae4e10d5fc39af7934db65
SHA256 d84a7344e3ef6ba37fbe2ceae32416d85cca6f0aeffbbe1a28a43b93af472e31
SHA512 507f367a7eeaad61bfae109caa850b861d68a1304da41d644a7273cbc5b39c2565fa5217adf0f11660357a066e370b6ac1d416c2c53c80dda1927591475e7281

memory/1404-464-0x0000000073890000-0x0000000074041000-memory.dmp

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\vk_swiftshader.dll

MD5 19e92efcba5cb312ac84fbc339b63866
SHA1 73f92fcde8617b1594a02ee3cff1ba464222f4f0
SHA256 9412f38df759b5844c03ec6c58fbacb5b649101a322d5411461ff239453b38ee
SHA512 575559f9260a8c3d88378a5dfcc07831bef1ad57087ff20e7065758069ed39b32334885fc40e9762d763ffb3c8d4926daed198e1522d2999b4aeab96aa3d87f8

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\chrome_100_percent.pak

MD5 d31f3439e2a3f7bee4ddd26f46a2b83f
SHA1 c5a26f86eb119ae364c5bf707bebed7e871fc214
SHA256 9f79f46ca911543ead096a5ee28a34bf1fbe56ec9ba956032a6a2892b254857e
SHA512 aa27c97bf5581eb3f5e88f112df8bfb6a5283ce44eb13fbc41855008f84fb5b111dfe0616c310c3642b7f8ac99623d7c217aecc353f54f4d8f7042840099abc5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 c4f873d2fb917cfe5f2469d1527fd5bb
SHA1 2dac5570766795dc7c87e46be6704dd65110a937
SHA256 495847ee5a25fdd9ce49ddf41b222f5fdccc2938319fe81244323ce1b2cae66e
SHA512 63197623bb0ece05fc365c9a155ff696c9fbba5b6e104f9cfc1775e154509722d0af11f4fbcac353b1d7d4c7ecd4750636b2825c620d8bbcc7e05bc886046dbb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 44c381b172d6ecde497af4cd05cce470
SHA1 f4332e54371a22962c769ef341c845cd7961534f
SHA256 c9f2c89df69d99f817c485699d6f26f1db4e80c3cea2c33b6d05e39bc41ad2a7
SHA512 5a969c5e4841cdae2304485445f7d151891c944e50f4d242ece2586f22ee9086c691a44802873202c38e9edf374d604ac1e974f9a836340efbb04bfa26caff81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2572e77a471ce1435513a135d13bffc0
SHA1 39174324ab0eb49bfa3dbdafc58f983b3707ec43
SHA256 930992a41fb9f4858a9721e972233f52afb29aa8a03d368e484b4ad1aa83272c
SHA512 67f38bac34fa77ce7d6dabb3725fa2cba6ad85581b82b9cc73408cb907c12a840024c7ad40bd642782d990eb6fc1dbbad01c0f51bbef5af1e9007495d2516e61

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6205526d4b9870cf6e1d1a6db4fca85c
SHA1 118885a4f6b720b4f5c88ce0974291ad66876af1
SHA256 13e345303ee0f27d8f5d65b442d7eaac8a454191a9d036fbbacde9db991b5d0b
SHA512 d0b7c9af041659b3d411e5c045e5cf6284c357a8ca1ee16e98956cc27e8d845a51d55f8de4f23e398b38f7526c60a340f9349a34ed71555085500a64d6f4da45

C:\Users\Admin\AppData\Local\Temp\nsn2B4F.tmp\nsDialogs.dll

MD5 0d45588070cf728359055f776af16ec4
SHA1 c4375ceb2883dee74632e81addbfa4e8b0c6d84a
SHA256 067c77d51df034b4a614f83803140fbf4cd2f8684b88ea8c8acdf163edad085a
SHA512 751ebf4c43f100b41f799d0fbf8db118ea8751df029c1f4c4b0daeb0fef200ddf2e41c1c9c55c2dc94f2c841cf6acb7df355e98a2e5877a7797f0f1d41a7e415

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 cce096f963bd0be69de520e021e34311
SHA1 c176ead268580b489f690bd33ed88195c7ce0a55
SHA256 e83eb4e2f9494c457162252006567908567b2048ba2275686983a66fe77b1ce6
SHA512 790dacaca505974d57a24a64393960e41041e45add50f87ce6a8e9d837ac019dee891308c64da7189c8f2431b4024e3709c4b8db7639353deb7b23af1c4925d7

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

MD5 ab5409f1b666f099d3a80de76f5e7cda
SHA1 7e80586e760e67c0f5b49f5e15ee3a8d244de8e9
SHA256 e50221fb4cd9b7f809f863c95e81dad367dc9708679654f8e38df437460c0dc5
SHA512 78ca70628be1d3b9a305a756c1a1714952720258b9516c5b995090facb5909d27a99bdc1eca1569cfce5ce3b347f6d78a1deddb4dc74b29193e093bc90e1b1b0

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

MD5 c8e4de2a5e254e283c8016f858df016e
SHA1 5a7988de768d64346cdc0fefae9cfa96be708624
SHA256 3ac8dffb8ca3c1194b08da37d69a119df55f5b87da2a8d52e98120ec373ae79e
SHA512 b81aca6af1050049c8e70618b0f7a066214f1369eb4ac8f0e5dd42a74c1888102114f066c6995b15a7db5ddd67a30a44615f8cf7594306a878302dbcf53f08f1

C:\Users\Admin\AppData\Local\Temp\nsn2B4F.tmp\nsProcess.dll

MD5 f0438a894f3a7e01a4aae8d1b5dd0289
SHA1 b058e3fcfb7b550041da16bf10d8837024c38bf6
SHA256 30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11
SHA512 f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7

C:\Program Files (x86)\Steam\Steam.exe

MD5 b4411620a3551834e4f699cc5a9b27e6
SHA1 5093960cc86613e310d13770b5adef00fe93f3eb
SHA256 3caf4a246169b2d30c6bf18fa0b7a4a01bbe933cfb781f3da4c6b3cb67b59d04
SHA512 47dde07212c2d5eea548d7794fc6bb9d86ced9a0848aaeab81fa8844fc5cab7eac58e386e96a81c663b914c85c0a7116033e2b2cfd18559d40aa6c83f9a6c024

C:\Users\Admin\AppData\Local\Temp\nsn2B4F.tmp\nsExec.dll

MD5 c5b9fe538654a5a259cf64c2455c5426
SHA1 db45505fa041af025de53a0580758f3694b9444a
SHA256 7b51372117960e84d6f5eb3a26810cc044ff02283b3d656a0a456b0ab5cb8ea7
SHA512 f0f8a5570c01b16e54f47502e867ffbaf162b44a847c0ffc8062d20e9492114229de5d9d2a836da256fd3f9fb493536bdbf148d5308695b16c0e98d20d8926aa

C:\Users\Admin\AppData\Local\Temp\nsn2B4F.tmp\modern-wizard.bmp

MD5 3614a4be6b610f1daf6c801574f161fe
SHA1 6edee98c0084a94caa1fe0124b4c19f42b4e7de6
SHA256 16e0edc9f47e6e95a9bcad15adbdc46be774fbcd045dd526fc16fc38fdc8d49b
SHA512 06e0eff28dfd9a428b31147b242f989ce3e92474a3f391ba62ac8d0d05f1a48f4cf82fd27171658acbd667eaffb94cb4e1baf17040dc3b6e8b27f39b843ca281

C:\Users\Admin\AppData\Local\Temp\nsn2B4F.tmp\System.dll

MD5 a4dd044bcd94e9b3370ccf095b31f896
SHA1 17c78201323ab2095bc53184aa8267c9187d5173
SHA256 2e226715419a5882e2e14278940ee8ef0aa648a3ef7af5b3dc252674111962bc
SHA512 87335a43b9ca13e1300c7c23e702e87c669e2bcf4f6065f0c684fc53165e9c1f091cc4d79a3eca3910f0518d3b647120ac0be1a68eaade2e75eaa64adfc92c5a

C:\Users\Admin\AppData\Local\Temp\nsn2B4F.tmp\StdUtils.dll

MD5 98a4efba4e4b566dc3d93d2d9bfcab58
SHA1 8c54ae9fcec30b2beea8b6af4ead0a76d634a536
SHA256 e2ad7736209d62909a356248fce8e554093339b18ef3e6a989a3c278f177ad48
SHA512 2dbc9a71e666ebf782607d3ca108fd47aa6bce1d0ac2a19183cc5187dd342307b64cb88906369784518922a54ac20f408d5a58f77c0ed410e2ccf98e4e9e39a0

C:\Program Files (x86)\Steam\package\tmp\graphics\icon_button_news_mousedown.tga_

MD5 00bf35778a90f9dfa68ce0d1a032d9b5
SHA1 de6a3d102de9a186e1585be14b49390dcb9605d6
SHA256 cab3a68b64d8bf22c44080f12d7eab5b281102a8761f804224074ab1f6130fe2
SHA512 342c9732ef4185dee691c9c8657a56f577f9c90fc43a4330bdc173536750cee1c40af4adac4f47ac5aca6b80ab347ebe2d31d38ea540245b38ab72ee8718a041

C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_

MD5 577b7286c7b05cecde9bea0a0d39740e
SHA1 144d97afe83738177a2dbe43994f14ec11e44b53
SHA256 983aa3928f15f5154266be7063a75e1fce87238bbe81a910219dea01d5376824
SHA512 8cd55264a6e973bb6683c6f376672b74a263b48b087240df8296735fd7ae6274ee688fdb16d7febad14288a866ea47e78b114c357a9b03471b1e72df053ebcb0

C:\Program Files (x86)\Steam\package\tmp\resource\filter_clean_bulgarian.txt.gz_

MD5 836dd6b25a8902af48cd52738b675e4b
SHA1 449347c06a872bedf311046bca8d316bfba3830b
SHA256 6feb83ca306745d634903cf09274b7baf0ac38e43c6b3fab1a608be344c3ef64
SHA512 6ab1e4a7fa9da6d33cee104344ba2ccb3e85cd2d013ba3e4c6790fd7fd482c85f5f76e9ae38c5190cdbbe246a48dae775501f7414bec4f6682a05685994e6b80

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 b393e17329c35b8913d832dfce56e4ed
SHA1 7fb8540bce12844e8a50430291180756778c353d
SHA256 2f14d0cbdc7d4b3564b29f6b01b8c18a280cdaf2a63232d4bbfca0abfe8922a6
SHA512 654153264cf312d57e1b1bfaad8ea6b77f364d7cc99eea47289473d42e43d44f054d8ef6558311cabfebe1ab46c7eefecc5b728d09281043cf2d66b6412d3854

memory/4832-12763-0x0000000000180000-0x00000000005F6000-memory.dmp

memory/9256-12769-0x00007FFB05E10000-0x00007FFB05E11000-memory.dmp

memory/9816-12788-0x00007FFB06C10000-0x00007FFB06C11000-memory.dmp

memory/9816-12787-0x00007FFB06B50000-0x00007FFB06B51000-memory.dmp

C:\Users\Admin\AppData\Local\Steam\htmlcache\Local Storage\leveldb\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Steam\htmlcache\Local Storage\leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

memory/9000-12822-0x0000000067CB0000-0x0000000068FA7000-memory.dmp

memory/9088-12823-0x000002E195820000-0x000002E1958CF000-memory.dmp

memory/9256-12844-0x0000024794900000-0x00000247949AE000-memory.dmp

memory/9256-12845-0x0000024799F70000-0x000002479A01F000-memory.dmp

memory/9816-12846-0x000001925A750000-0x000001925A7FE000-memory.dmp

memory/9816-12847-0x000001925AF50000-0x000001925AFFF000-memory.dmp

memory/9000-12852-0x0000000067CB0000-0x0000000068FA7000-memory.dmp

C:\Users\Admin\AppData\Local\Steam\htmlcache\UserPrefs.json

MD5 a317a86f6d6ad979c790d0b65768d3aa
SHA1 76794aca369b2feb92465f6f655280b2e85d8ced
SHA256 0cb5f662bd4959907180db1c0f6da7df7a4892838842e773765a763c05bff160
SHA512 2518e7cc461587b969e92fac658458fe7f9015a2dc384b580b54d8a1887f952c856553663e79cb2f68e9ae90ef8ef446886540da2f0a2b4a2dbde71ab1c73032

C:\Users\Admin\AppData\Local\Steam\htmlcache\UserPrefs.json~RFe5de012.TMP

MD5 4d0688f6a0711abf4a9a3060aae93be9
SHA1 9c7effda8baefc9694f3b64a5a7d95cf08176781
SHA256 b96dcf1ce0340e2c933de2e528365c30cbde88df9df76205cd3f8a5bae4fd742
SHA512 fa5ed88d7c9657435abc878da167f8edb95c524726d42a35a107d1e81f0db110c8c00dde37065686d9b3009ff2fa0990407b278936e6819ae518d3655fabe8c0

C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index

MD5 6ac98b4b7e51e515187b46f2b18e4c54
SHA1 3c798d3f425f3cff29e84879ac1cc6194c403d9f
SHA256 72157f903e27f6cb40c6bcaa9a19962d0d8db9bac64b38ebcbf119630a60ef17
SHA512 af3816b6658cf9651464f573aa65a44d60fd68032c5c7af1cbc9a5e3ed7f1f9ff103ab666227b5997b0fbd74e571d142113aa8fd8244de6783f7131bf30abef4

C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index~RFe5de2d1.TMP

MD5 128270b8417f07601138346e098bfb61
SHA1 ff94e2b4c15692273cbb5b50fcee34c0aa2ed859
SHA256 52c04da0ac63a87905a5d58192c8dada1c4bb87c3a37443fda9fedabbeaf74ba
SHA512 55570f2c9844b098e1395b37a4b2e327a047508ed89300b1a9073ce6168168fb811cf1572384597c0183630648243cc78515841697cadd36a18de9fa681a08db

memory/9000-12876-0x0000000067CB0000-0x0000000068FA7000-memory.dmp

memory/9000-12882-0x0000000067CB0000-0x0000000068FA7000-memory.dmp

memory/9000-12888-0x0000000067CB0000-0x0000000068FA7000-memory.dmp

C:\Program Files (x86)\Steam\config\config.vdf

MD5 162c91ecd61599f2c09b3d5128b7d838
SHA1 368a9277950fca4aa7e012a610eee0724475d47a
SHA256 d285628314e1a70b9be97e6fd9665f814421a21a9c75164a49cdaac8c55fe05a
SHA512 a9a3709ccf61f4aecb367e5816fa7a129195158df9ee921bab772a8b8f4074e9efce346360d2bbfd6d046cbafd25577454c2ed42454f5f6e4f906bbb65e93a98

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 c24ab0f9bf0735aae2435d2382d9e7cb
SHA1 9081ea586bcc4d4b33585fc33849da25d8948145
SHA256 92d7d3d1624d190858504226086a6bdbb473cbdd612fffd3a765927dfef6a6da
SHA512 54af28d06796c50c7bc1158ec9ef9f6246e5528349b8e7e04ecade1a66d4e9ac0d4eb27e99c115aa29c9c981928691a4b6abc8d151094915745f1a2d371cb980

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 a864a40b3d4108c43f244945a1e90ca7
SHA1 c06f7384a2be75f98aac274f1f50458ccd494931
SHA256 20eeb960199505d606ea51faefcf7b402fc10c02f5f207d3f6759612024e1d73
SHA512 f322ff493c8c3404fd0f68946d8038668d0813731a9e279924ea319aaeedf676fdfb851f84f67699001e21aac210f5b36ee4dee1f9dfdf684ce0285d27a16f53

memory/9000-12933-0x0000000067CB0000-0x0000000068FA7000-memory.dmp

C:\Program Files (x86)\Steam\userdata\1014416628\7\remote\sharedconfig.vdf

MD5 3ca42f54c31407602c3586e7528645c9
SHA1 cb1eb82d60d277e35423cd83fa5ff76a5702ca15
SHA256 c30023bfe2edb309356bfc3e3548ad5dbd53602750e2b032da2e2215b31f1258
SHA512 a1c6fbc3c3018c0d365dbbcef008f8e647fe53cb0b7b94998a9616e8167bcb3e2244a798eb1a337d14a401fa74395463ce47aa89368817313da667ad9ebe3e28

C:\Program Files (x86)\Steam\userdata\1014416628\config\localconfig.vdf.async9000.tmp

MD5 24bed0c8034b6d1138654d99b8982014
SHA1 b47571c35bda838de6e6ae50df8883ab1905194b
SHA256 065803e60e38cef2bc8e7556bb0e0abc92ae15764a786e96dfc2f04fe72c0b4b
SHA512 23cc862c7208e9b4b332e8ecd36871ef84f98bba4753e2108779b87bd58d941b3e9458b223b1ade75170dd2529324719ef4dcccaeed2eea12110faad88a68f69

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 2047d3f49ccc3a989536dff5a207dc36
SHA1 c050dbc519c37008f43814a837faa69206da6796
SHA256 6cd7bc52dbfc23ca09aea532599a8f200206c2f9cdf8c1e61107ac6d3938c57d
SHA512 d71fcd01cf9cddfdaca3e02de47030cadb233ca84fe4e52513735a5ece3e75858237ca4af5a8aeefdde6d7140d4968dc52ec8d8a5b6eb7e255d60cf563cfd494

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 1bfd1b16d4e206ecc5b334d5839732f1
SHA1 4a58ab800b2836b968f267d858f3ded506dd4e78
SHA256 46d4b14439b5053b67264fd7af51e9b39e5d00ce5cf6760faec316fb20b5763f
SHA512 1c01cf17684b64708fc89a7f6183ce23db8ebce6d37473fd9fb464f5af954ab34e14ff2a0c960e1925c409f2efc188fd9b92d1331151cb08abcd02afd01315a4

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 715f441191ff78fe1dc7a0ac3383e915
SHA1 bcd4be6176b7a8b8878a3b566d38d342d238bada
SHA256 a1d9aba7d1e220b06c84b214b9bc8cd10b4319c5f0b69e64ddb5efaf62707b7a
SHA512 1096dd04ff8738a4ec782020254f414b883f6b7f4f93c101cd73babf65407cd0dc8a100e19131372403c4264922f9b790f9bcea7c0c116b33e953ce58a595de0

memory/9000-13153-0x0000000067CB0000-0x0000000068FA7000-memory.dmp

C:\Program Files (x86)\Steam\userdata\1014416628\config\localconfig.vdf

MD5 c10787708e90b83c9c734c6e04aef4a8
SHA1 8413b38ff5c38874524236d5a48ee2058d011aec
SHA256 2d421eebc5e38a72c6a6c7000a7ddacde0b8cd5a6c06d48e13798738a4758c7d
SHA512 9f2df2706b072dceb9831cb0cf8dea9b02fe59b19b50de71291083472ac577efb34e320ec06c5ade40271e03af837d5adf0bff42fc4a4ee705b6ae4764ada878

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a65be56f6f1e0e6b86fd3f13a69fff25
SHA1 e918ca67b433621d43016f309f4955745339fc9e
SHA256 701ae9d605d5f06274c070545e4df3869c645055a50bcd4448bbd4a606051130
SHA512 3a41be57e8ba13c674bd2d88ccb976d37cdb34e4f3614a0ad3dde8685167cf0a261316446c9772164ec413c666646e33a1518523421483b49a64b18fb09718c3

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 f14c45afd7c0d0c6b1218243dee240de
SHA1 630735e8025e377957810756575082af60bef6cd
SHA256 f51148c1d41dc49f7824d0bfdb1825e7288137df76656173e7917789f8b66ccc
SHA512 e7e866c5d20af70fa5ab129f6156b06788c32763e52ea2ff32d10d5b1b896c4ab3b8b97c673a667a4af053dc425084f6dfcdedbe4543807b3c0742d5bca3b355

C:\Program Files (x86)\Steam\resource\filter_banned_english_cached_timestamp.txt

MD5 c7b882a71db5122d900874d23e700eb1
SHA1 389b7867039734ef1c50a55d38c89ba446fd182b
SHA256 2b32ae9cf6ce7938ccbf047d840abe9443b3e494cf37aefef0818aef3e0003b9
SHA512 122c4653d13d64ead140cc784c1a895602205fa6ec2da781d9998dd2be99f89a488453f387569cd6489155085bf938c5dcdc247f19fc41cf51f5a10cf960d534

C:\Program Files (x86)\Steam\resource\filter_banned_english_cached.txt

MD5 2ab877286ba3ea65e11960beca3238cf
SHA1 7d23d001976f2df5cc5fe738b8bc4c08753b3fdb
SHA256 666e4a7caeabbeab0279b3fc0c4177a844784ac45cebdef946544bebaafab908
SHA512 e443a27548ca5c04135feb31c2ece9b27d8dc09e2659dcc57d26599d332b30e7c6e5d11268a614611ee230faf3bb3303d99c4afadc904bd9e972613c56f13cdf

C:\Program Files (x86)\Steam\resource\filter_profanity_english_cached.txt

MD5 61d18907a85f6f263431e335d6ef5504
SHA1 24b135bf8a2e8fed724e0738f823051f87769f54
SHA256 a99f8dae7d1acac74fb32d07cfe0915f38f5bb3bae8b6d8161c3a515c6484070
SHA512 76e327b6cc6e70a8bc3b95e9bfb649eac89616592a8e9f473b574a0584853769f2ad99595de5e9fa85a324d03a5c0f00450a32efc84c5eca0fddff1f079b5ef2

C:\Program Files (x86)\Steam\resource\filter_profanity_english_cached_timestamp.txt

MD5 d2266189c7b718faf43308cfce8a707a
SHA1 842ee633355ad23456bba005413e1b697ff48be0
SHA256 c7a6fe82f683f930a61851ebdb41be8cc5bcafcac491f6e460ff26069b0a11ef
SHA512 c3ab019b2f662c0c90730ed35917b90337ad6a935e2b2c0c0d8c5dd817165eac7c2ffcbf7b912b5ce672e836a0d6adb4b1aca900f57ffa3552b8a406711296ca

C:\Program Files (x86)\Steam\dumps\reports\bf9f8e6f-31af-4487-957c-3b2134009186.dmp

MD5 f5ae73368ee69ec2fadcb1681a828cff
SHA1 912993749d280ddea5d5ceb67c52a71c9ed238f9
SHA256 1c3f58a60a097ae08939b32abe0f133708fd38668770ca748afaaac282c3ad04
SHA512 fa144342933e333557045b4cbdcf105349083b3de6c41424278d7800d1c631d275a9ef83139e597955b6eaf06cb8b53ef785609b196f0f3e0f35ef61638b7ab2

memory/4804-13337-0x0000024206370000-0x000002420641E000-memory.dmp

C:\Users\Admin\AppData\Local\Steam\htmlcache\GPUCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\Steam\htmlcache\GPUCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

memory/4804-13338-0x000002420BAB0000-0x000002420BB5F000-memory.dmp

C:\Users\Admin\AppData\Local\Steam\htmlcache\GPUCache\data_1

MD5 04082087856863a1f47252faa7916fb7
SHA1 481f866cfd5d9df2da174f3af993cc6eb3b34b04
SHA256 8f8aa34e576d4c093f26df9633e1898014969839eeda2896560c2f6c100a7ad7
SHA512 7e5e51fe217d25acf62ffd78e41d3416edae40a9dbb9483dc48e0f006dd85e255416848182207b6ea0352f37ece814917ab630f986e9f87e673ca1872dea1ee0

C:\Users\Admin\AppData\Local\Steam\htmlcache\GPUCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Program Files (x86)\Steam\dumps\settings.dat

MD5 99585210bcb1d42a3ff693892c50f7cc
SHA1 749ad40d837b90519d08c329f0388dd4c8b40fe5
SHA256 1a3f25c36846fab2ea90afc0a67e046fa57b0bb804e551723304d13d6e7b423c
SHA512 fb6731d4f3a5bd93e9c6e0de47fb8670b63700a207152fd458a82a4fed203ea7e3bacbdb0882a2f697e2507eac124cada3b1b547cb0baeb2ca2fe151f222d491

C:\Program Files (x86)\Steam\dumps\settings.dat

MD5 1068b10ae3033c85f8a696114234274a
SHA1 dca0dc488b5d55d7408175c14702406f69899fd8
SHA256 1963a2a14b1f45382e0b64a385ca577c1cdfe9535dc8c76b192012c27c6a8898
SHA512 4a45c680a31b2e3be60bc8c6a29bdea341e2554ceefafb25f06aa2024c45bbbc9c28228e0a8de3d791bb16d1c2f9c5535e9def929b3e49583f7d81afc50c2676

C:\Program Files (x86)\Steam\dumps\metadata

MD5 18938cb2c83e7d3c4d6e92aa7ed402f5
SHA1 bb7a5f56d0229cb82ebe5c8448c6c013446af53d
SHA256 5885f5ef6323cf7d989858a3d5f172a7c8357fb2765e88a78613ae070f000b2c
SHA512 9ecc9103e1670000d472b4013c586f466e428bc304d4a81ba3fc204b1526d7e5ca5f05a037008c98aa6cc997909180fa6d051caa5fcddb96391de79e7cfc1be2

C:\Program Files (x86)\Steam\dumps\reports\f5aca4a4-9da1-4377-9145-d5da209c7d20.dmp

MD5 5506a45fdc98137f14cd038bd1170b32
SHA1 12f7ef66e2156697c31b9a310f386833b2d8441b
SHA256 3aa41fe1db9b69fc05d5b87f39aabf7023fb604e7c1b916523e74a314e15996c
SHA512 f630ed812f6677f31bfb1430a5637fc6cc3e22200698c36b14082f09527b44f88b00f88121605dd70425633e9f7e6700aeebe71a83b34cb88955eb1ff7240464

C:\Program Files (x86)\Steam\dumps\reports\da2e3aea-1458-4102-b2e7-be0eabc2592c.dmp

MD5 cc9b46a05f27b1af6349a83bac509e47
SHA1 c4645bf47b1054cf09df4d89369760b03ded74ce
SHA256 b3a20e565ee203eedcc479afa03080b2ffcffeed549a8f862fda5372d3376bea
SHA512 4f00da27dcb6945e313c3834554b771e473a1a48b37e71adbd1a0ea80e201cb2980473c2d08940ba6378f065245c74084b1af5a0a8221e1242db56c4e8cd5120

memory/5288-13451-0x000002CCABD20000-0x000002CCABDCE000-memory.dmp

memory/5288-13452-0x000002CCB1440000-0x000002CCB14EF000-memory.dmp

memory/4684-13479-0x0000024E713C0000-0x0000024E7146E000-memory.dmp

memory/4684-13480-0x0000024E71770000-0x0000024E7181F000-memory.dmp

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 77f45ad9ca9b23a77e36c7c702637d50
SHA1 26f1a67e8cdb028389472d5df3e2e0e3c1ad9437
SHA256 91772844571969b903ad9741252bdba60a988941620b57c9f10ad861417aea3f
SHA512 16d76edc9ab9f2796fabd6e02f5e206596e4fb7e4f4e68e2f62baa71b15dd42a65e890f8ad08787659a91f22b93b117f5b122ecad3f60c5ae967b2f5c160d964

C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index

MD5 1bb89aa5c04c3aba2a7e029e44c631f8
SHA1 2a3a7bc7384f93cea8b0794bd270105d577c574d
SHA256 142ff7f411840538ff351b248e5cdad2903d6edf246bea9982d0bd8a53ad711e
SHA512 f7b19b66f2c41d27d46ef1a7b1dc0ea6817a3eb4eaed08f164b9231c62d0980c6f5aba035589cac2bdd7a97af3484c8a20eba39ecf05a97ecbc1db713d932e8e

C:\Users\Admin\AppData\Local\CEF\User Data\Dictionaries\en-US-9-0.bdic

MD5 a78ad14e77147e7de3647e61964c0335
SHA1 cecc3dd41f4cea0192b24300c71e1911bd4fce45
SHA256 0d6803758ff8f87081fafd62e90f0950dfb2dd7991e9607fe76a8f92d0e893fa
SHA512 dde24d5ad50d68fc91e9e325d31e66ef8f624b6bb3a07d14ffed1104d3ab5f4ef1d7969a5cde0dfbb19cb31c506f7de97af67c2f244f7e7e8e10648ea8321101

C:\Users\Admin\AppData\Local\Steam\htmlcache\Network Persistent State

MD5 b5308f0ac69b18b6b2a75e7d1c21e002
SHA1 10a763b750d240393b7064af6b413cc3deea7ba6
SHA256 3f48243eb1696c24db92ae44287a2884239b324f415b12752d1b057817220ada
SHA512 7443ac28350dfe8f23846bf08ef17ffdea5c69771ce03258c50a631f47e750ede9bbc097176fcde74b0d4716e088a16e4bd491bf81af6b5a281d35169906decf

C:\Users\Admin\AppData\Local\Steam\htmlcache\Network Persistent State~RFe5eb302.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ce32faef847e550d5efc961358314c65
SHA1 ff6a0d91ec4fea6e125929ff6efcb090113c575e
SHA256 661d96716165e2c79efb8bece271645ab1c0cd3cdcd5a7def01c46fa69c970ee
SHA512 d360adf5eb705573800e8efb6c992e1cfb69b2cc9db345973f471e8ddbfe9193d8802a5f003a35668aa16f8907cfadde1e6c428c374e2768662437930ceea0ee

C:\Program Files (x86)\Steam\dumps\reports\46c321d5-92e8-4685-a3a9-c412547070fe.dmp

MD5 73ff53f62d98dd4ea2a7002a6b015613
SHA1 e677db59f9e77aeede4f2cbd6421ace35f5619b8
SHA256 eb61e424a0640e149b63c24bff9d390cb762b7730283b1f3c912779176e06b9d
SHA512 6adc5ec453799f41d4f4a0bf77d8ac89c59f0e7cd928668704fc7801315f5024f45fb89c8d16abaa3befdef24834ded706c4c7e313145ce67b744567886cc498

C:\Program Files (x86)\Steam\dumps\settings.dat

MD5 ccee651cd80269d56f11f1a3126f11b0
SHA1 aad4165fccebf794b7cb44f5ddf93ebd6edf4bbf
SHA256 edf09e2210f3121a179032ed8d63f00a2e3581edd8be89a1fdc4ce56a73caf62
SHA512 c88d27fb6172c7f4d425160818b70a170585cfe254c8efa6a96aed165d49e4d8ea747d3389e7a88404678702c117a6f86eab87ac95fc59b84e2830c529ba4fd4

C:\Program Files (x86)\Steam\dumps\metadata

MD5 ceaa139ddc2ffcced50dc950c0f6d795
SHA1 39a1d75c85b26a6f59ca356b809821f6eca05e8e
SHA256 ed8eb8b4b7f3526ad4b5bd1b9e554cdff3841b386e1e0252d49e026794db1f71
SHA512 7e4dfeae5ee1606af11f10a27629db67a24bdbe89d120356822a1ed85a9c54a6b118099adb8269e633431f9219dce2a3a18fcf2e655c2604d950163b66ea9215

C:\Program Files (x86)\Steam\dumps\reports\7988ca41-7e37-49af-ba52-eb70f828b55d.dmp

MD5 e3d7c796114ab4a175473e212aeefc36
SHA1 2ec44276bc7f0d6daef2a28980aecd63eeee4dd5
SHA256 6f181a1e249fe4fa0f98e3f110eb8676bc9d610e5e2615ee6ec8413ee893cd82
SHA512 0e922f48b3a18585936956f20700e818a87dfceb24dc3803ad8d2020a9c9670a451c4aec775307c2ff348b526c73603712e6774a2d8356061539a52d8b41c791

C:\Program Files (x86)\Steam\dumps\reports\bb9117c9-4715-4342-b634-daea06481201.dmp

MD5 315edc6b396bcc8bc56edcf2e7fd3cd5
SHA1 6c639d24c8be6e9b429406555ae532ccdd186a8a
SHA256 489efde6a8452e92b1206fdba31cdc0c5a1b9869f353fc25a0e6000cffce173c
SHA512 152d261536fb9c550c3c4d8c8684afff5dbefbb37b26a215f57770f80baf5025ef1a9009f0377798da243cb22139335dc1621a3114a8ca17d6123d6761f60996

C:\Program Files (x86)\Steam\dumps\metadata

MD5 af36f7acccb7c01546b8b06c4fe6ec38
SHA1 5abfe483eea8763aafd2d1583f7713e5696956f8
SHA256 1de6c154057d9cc7fec7337e170cb6e62d97f16f83f7e2adca5166411e7306aa
SHA512 1028cdf224aa9716abaaf49a3049ed4fba34536fe697547b47d64bb5561bfe1ca3bbe34328705b8190b53fa5602f8cd77c376c87b7632036f6e8ce8cceebdab9

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 adbe957a64a2ec573b7df8b6b7ea6bd7
SHA1 487200a6c98a4aca4eb70d5cafe374db53bc6f56
SHA256 c2f38171531c396a1e193974d430b76394b3edad5ff4ed6327eadf9356d43cb3
SHA512 e4469838279dcbebc3a6d317a5d5448ea9141458b5a863e6988db8add34ddc727658da2dc992106f07b2536183d890e6b2bc6e852d813348330c154209dc147d

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 74fc862d54345144451e127a2acdc09e
SHA1 58da0860cb7db139b7fa4493c30ddd3dc4ba3aaf
SHA256 6dc53eb8e597d94996063439b29f64d429ea62179c88992a2b7ace8df405c81e
SHA512 d3298afa56665e4cb0c1cf0ee764d1a25a6e7a8f7e353440e9b109d706c7822236e7f8cf11d3798c2f3950903d57b1f0309aeb7dc3488ba3fe9fb32982499a78

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\f_000005

MD5 a11377609c1c7b790b2a89a3292aea42
SHA1 4877a99e2b8cc706eddd6fb80be3f4798af2d15a
SHA256 8163d7bbd4d1ef333fff92e6bbe5d28fd74a6e3981028087e8367fdb9ff60b1a
SHA512 dbfeb1f3d761f6f32477b7853765bf3f5c3842202c38fb2c7d58b4e8ce073c6a9d8545eedbb6d0669fd93584f4fed959ac70e6e096532cae5c0e3721f56e22ff

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\f_000006

MD5 164f1995181772492d5ab5cb2f99f42b
SHA1 eb2d3a502908bcaf2884302b3a1d27a4888e8202
SHA256 21b068c196a39c6c1809b83a5ae9fa8aa59027e96213c6d439dc45360d385be0
SHA512 76f9b848dc85a12c6219bed699812f2e526c10c0d1b852899dec65482916ae9f9280c4f59c79a5dfda59f0221ce7ee8423f94b04791634122c3885ef23c80c09

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\f_000008

MD5 2ae701abf0add85318a97c7053e1f846
SHA1 c4fa083e43db4123d4aa8b3556d14275f70e0a35
SHA256 4aac92f812983b9f5f7641200669bc5ece549e4994672d091686df753ead7a1a
SHA512 f8b3a4709bc024bba5adb53465fe792606e1be334da3efe5c3fe84b05eb699f15c40662befe2eb4f09d841c12467d640851251d2cc3aa005f8b70acc495db151

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\f_00000a

MD5 e13edde4a25e96e573f37bdd11e020aa
SHA1 84a0c3cc6cd74b149cc27de2b0fe48bc2acb70d2
SHA256 45b526e6aa5356b278aa37e67593a25d09c9653e8a0e71fb8e155111d3b7a515
SHA512 9ba4cce47994f949731e594538f56f423ee46a8e602fe922ab6e1d173b87831ae5a80d967d695fc45a08b25aef5c494518b43cde6b4709db690e904b2cc1c053

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\f_00000b

MD5 819e740772cc0e83ea030e0d4e7c7768
SHA1 6cff4ede769f63b50933917129e3d082798206d2
SHA256 3b5c3c26f835a46c58b557aefa30ec88ac1ea9bca3154de83d6225d82b19bb60
SHA512 a0213817f3f7ecd133e489ee235f762d9faab87f478cc30d870de9b6ddfacb130ed10b88d7d2f9fb2b79ec9c525f2a45086193ca1eb07d0f05a955c457ee2aa4

C:\Users\Admin\AppData\Local\Steam\htmlcache\TransportSecurity

MD5 db8350790ba5e0f9ef56d5dab2e8c650
SHA1 b551225cc3c74276413143141a7f7f452e937688
SHA256 605034425a7350c249f7ff3b4695dbcfc3c72f978c32098f83acb16e71f5ab8e
SHA512 02234be6a8c606a31192291169b2f8e339fa277afcf3ed2381c6f9c63be54f8e4f3bd84cfa3072b74a478772abf753156f8c8d6281e2b4ef5de0c89a00cc4e74

C:\Users\Admin\AppData\Local\Steam\htmlcache\Network Persistent State

MD5 6ee499671bee1c40ae85beac39071b7b
SHA1 bb5c66c52b178fe4292b738f602700a2c79e5503
SHA256 beab5b1e101f3fc6bc5396555f420a00542f9b33df43d8868c4026bc66615938
SHA512 4957b70d99bf1093d7df075ffdffdec07b035f0c57267a8aa132a0598263b98ada945a145e1d512c639a6c4b8fe8a9c32b082fa0cd9c09585646eba7fc75669a

C:\Users\Admin\AppData\Local\Steam\htmlcache\TransportSecurity

MD5 0ae211ff2e8fcd7cf1b90c1ca9da8897
SHA1 c00d30fcaf381d192d772738ac0b3c5668127b20
SHA256 258e337d72797782d367366cef4fe838a9d7807cb29daaf15ba9f1acac5a9f16
SHA512 f44bf839a4489556bc92f7b555db3e7cd96a62b9b55177aaa85e184c07f21925692851a545ec6ec63dbe8faef8d4ce9d99dddce575de9e3ebcefbb16539e43a9

C:\Program Files (x86)\Steam\appcache\librarycache\477160_library_600x900.jpg

MD5 a7790c5d0f11ac742b3d2ca12a5dfc4c
SHA1 7ed361329cdab66f50b6b51c0cce350e4d7f268d
SHA256 f23d0fb70b8b9d27bbffc1c3192b7860e7f60756a686153e5163cb47bbdbef94
SHA512 0cf8e81be6e5263bc5656626b912d8a0c29bc379716831b2e1ce0d3e60de620215abbe459c58c3f0422aa6a78eadcc46207c4f31b8c88874d3c1da9c8af52eb3

C:\Program Files (x86)\Steam\appcache\librarycache\438100_library_600x900.jpg

MD5 67db9b6264217a2f147511ea0358121f
SHA1 4c1d1af78ea8a1ace7c0364d6a2f63dcb5c75ae0
SHA256 2a5960e52bf43c10c54c9dcdbbe3a7da2b228f05fe43ed566a59c0fa7eb0bffa
SHA512 a08ef05a44400a90e492d19b5e6a0bf362b0dd7bdf36e70ab7f2af65a1d20f53e82297799f8018dbe2e7376eae7ce67b35faf01b562d7c0f656fb223886c1265

C:\Program Files (x86)\Steam\appcache\librarycache\334230_library_600x900.jpg

MD5 efe94e60bfe9bbb56aa93fa789f8b54c
SHA1 e826c9abf7bc1884ed87fae2e8cb4b14bcf660b9
SHA256 1988c75a225d61015fb5b9371592956de077287910a7c082ce3a0a27617bd72f
SHA512 2b06519b892fef3fe853934ef00379616b3b8048abb0d6161ad24982e41bbaec624cb1fc2583bf9843e27a62c2251fb49f22078cf8bf770cadbbee97a802dbab

C:\Program Files (x86)\Steam\appcache\librarycache\397900_library_600x900.jpg

MD5 78a3e607b496f4cd7e77c5cdfb935a2a
SHA1 c7a876b707028bfaa376e9afdfb09fdebc458e18
SHA256 916f15d95a1a914ecd37cc43d80a47c30af14806d906d2c4759810b8186c186c
SHA512 c39014857672d30b4f54cc6ce847926f258943cd5482fdd95e58f2642f0c449da192a929b5a52d341792802390c8a4c192494c8a5c0d8a39a7a25165ed993b21

C:\Program Files (x86)\Steam\appcache\librarycache\761890_library_600x900.jpg

MD5 ef8d63f40787fa0c5da016bb82376e57
SHA1 60591db000adf746c345c58611475caf1d16f59a
SHA256 7b14372706336bb449f1a8c27c19ee9cf1e523be8591ff0256e9a41d26d7d56f
SHA512 ab00605c5b0784eb3cbca0118556006efb8dedcd7bc640cd4f11e2ccab2fc755cd4c5da74c40b49f48b05d6f23d7f58a3f4481d95f652331102b839147980b07

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cd9ff37b7dd97fca58c790de3477c69a
SHA1 a5af16e21169c9e2ac6737b30cb072a5d4e95a0b
SHA256 237be52d60a4b532e922901ce54087ea9732acbcbbfc16df95678146df75f783
SHA512 b2b2f7e5aa1891581495af7c962dcdb0f489ae1f77919443ccb4d9f736bd7dc01aad391ee2ec928e0bd406899fc1f523fd8190b7c80dfd2a635b9f5e1f251f66

C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index

MD5 ab49d5f7a2b707f0b606db78b426377d
SHA1 c7db6bb62a3ec76fceb6006992f9505f2b241467
SHA256 6897701c4767c75a8f89e955d8d97d0eb5dcd06c377ba30d3e61576e407d189c
SHA512 d0a38a42339a652777d5b2a88f506c11f80d98e49643076ecf6f2d963304a719c966c89e5233ce137f4fec20098af1dd867ec695a949ac2efd4d2c6683eae949

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 25eca124d8d1ffba8bddad0692ffc701
SHA1 248c6e401f14bb89ca717eb77609026fd717c04a
SHA256 36dcc674b12b61a04b10ff1c428aeb23b62c8dc4225cc64a14d345b0c65bbb3f
SHA512 50470998109aa23a46cb66ad433822b2586326ed5ec5c0d402a1d567b593ec2fe8594ab5587d1320e43db310b0b81f090dc0d6e5228ff6f690cfdc4d7d843591

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 df7c9e3dc36f2194c439a0a5aa613038
SHA1 85720d71561989e36002b328425ec105efb7448e
SHA256 870b38954576f1e846565aef03910894bd26ea51d4c3b373c6e84141a6c13eda
SHA512 b557d4cb1de312de40bb9df9973d7ca11d3df55eed7e00b5ce9a8909dd7764c3a5506130f1ea26dff39d85ef34c5dc31c2456190db0307e05ae3c15e4e72b389

C:\Users\Admin\AppData\Local\Steam\htmlcache\Network Persistent State

MD5 64b0c619e5aa859728832216db6b42b3
SHA1 063ccbe7aa3fc58738bdf66bc1cefb1e7c3e0b9b
SHA256 097f93d4aa56e502a268c67d079957e37f4b07d2167ea0c362131fe15bac75b0
SHA512 4be6995e0e4970c42e9c5dfd4e67525b2d03ba4b72bcb2bcdf28a9c262a8db915a1d4ea06670bfdc16bc39c655d8276ee3b8742676ea961f6764bd2398e26702

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 04d3fcb7b5c6d4dafbbaae02ee0b61db
SHA1 d988d95045c846a19d4bec5fe0c729359cfa0ccc
SHA256 800d25f5d34a6cff660600947fcf7dded03401813689153eb25781ddcb7e4123
SHA512 eb8d0e74767ddac4e7f3cfe2b4dfa204f90b333462e76690ac15796ba2c7d675219c677bd71b270fe5fca90ac20ae9415355c54ed3423d54b6cdd68f50afb00b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 391fdf17a4ce448a3944a0e6626cc483
SHA1 8525b61e2f2ac3fb3a6008ed50b68aaed387264a
SHA256 790fbdcb4edf79cf164d8dfc4b50b2d436d891d0b28d38fde55ad47d3333c421
SHA512 cc0bdf773e1cb0787018b0c553426ff02247a2d448970d0dd68ae756d25b5838ba48e1dbb0f27c1e65a1bbdbf16dd24e9c530ebf52c1bb2de7888d60a180b384

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4fd197990adaca58844ae94c63b4e538
SHA1 72aa3faf42797318fbcc2c7650c40718b7dcef13
SHA256 a42f163a73283bb1e282f4089e6b55395a3f9b21febd710e4c504cebc6cefea8
SHA512 21d2ead685ce9601e3e866966f5c2f24dde5616a40ce043dcd14ff05c4fcf169fae971aefec7c4e57f0e1222a82e149ec2902eb21ff6897a46685a13532837d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\b6e9879d-dca3-40cc-8a8d-beab63bebba4.tmp

MD5 afeab573a82a1323bbafa4ed7fb3c63f
SHA1 f2f0f66f7e4e475244d647cf44287bdbd1559784
SHA256 d9db2184af4c124ff422bbe39d06aac5679fd32153bb18e331eef40e6d3d6b31
SHA512 278176b4c181700b43326be4bc1b8130965408c787b8f7ab03b836cdea45afd245e90b72177df8f5c3735747f67e652d3fa60f47f80a65cd3894354157d85f50

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3c331dd215572c44c03ba8cd94b1f6bf
SHA1 cda37ab507df6ce10152b454faa371a6f5eba6a8
SHA256 27fe62f38c871feea6df05b4533da1e3bbcc2511ec389834494e91cefeca9952
SHA512 a1cc65d0f39d88d503b955e50a2765a7271deea2b3e5f7b4af4326da23e837c4fbf61c112b4ee701195e6e056baa9df5539cc80985ca5414caa4716a837550ca

C:\Users\Admin\Desktop\Town of Salem 2.url

MD5 a3762408c32cd2facb0e14b25ba5fe55
SHA1 f11aa39cba101ee3bc43a6423264821840e9e777
SHA256 0067aa10d0708e9e1e8084e5b1cc98649249d85b1b178195677b510b11766669
SHA512 7924b1f165ac44df72eca420fae2ef2ed68e18bd22410dd9ec3b1bbc7bfd35a038498cb15fd113579766ed990e98f9732e23fbe856a572bda551c1b97d7adb4a

C:\Program Files (x86)\Steam\appcache\librarycache\945360_library_600x900.jpg

MD5 7cce7a4d6bbed9e76a78ffda75ae89d7
SHA1 4e7553a43ee7a102e64b60a627f68f5f047f8351
SHA256 c5af4aa651f5fd98fbc9e12ef21ae2450f6434021bc616693aabeffe47e3e368
SHA512 db0386aed6895122ec58680b62ceb892182919c3557209f293449375319e336010c03b804b2bbb9b92255b5254d8cc1d7dec28cd02e865ae72611b47287f48e8

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 36ee41495c2f7e0702b995c2b8f98e4e
SHA1 3c02b8604316da3e635d341a178b86e4dba9dec2
SHA256 5187a3ee8b04cdccf3c224661e9d192792a3db8088fef2c16e240bfb91996591
SHA512 69eae66a7ed477f3f7cd5031524bda71ed2bbb47ddfbc80159d6d26314e5a2b082e347d7e05c47b0cd3d9a324476be9937d1dbcc5c4ceea4150acfe9b58a7bac

C:\Program Files (x86)\Steam\userdata\1014416628\7\remote\sharedconfig.vdf

MD5 93adbff87cae74b64890eedc821f3713
SHA1 25f19757d950f178f899ba8f2e2a8e51534c9aed
SHA256 4d8768ddc776de9717cfd292c4dbb8613103805c9dfce568deb162dde5c25f0c
SHA512 575be9d960163542d783dd9122f724baa349dcf5b630e0376ca6d5de75ea0c6945f4d088348a9d2062cd5f9a9d5201d6e0b381a1db4484802cce09da3c64485d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 053101d748ef50c95f1de670f76c6706
SHA1 746555ea4d4755cfc7ca44ca1c364bef534b335b
SHA256 17bbc7b1343de01161b071976ec53c64f87e65357f5a2e13819003eb66696725
SHA512 f9e7b53f93f9be43af78c33a467f5d729930a5d3d511e3239d816836bb50b44ac217296fad96650d1756812866362aab3c766c10a98cfa05fa4a88dc6179012e

C:\Users\Admin\AppData\Local\Steam\htmlcache\TransportSecurity

MD5 4a291acb186eb40ee04154edf373850e
SHA1 734d8cfa569608c6d9b576f2014d0ec2497b356a
SHA256 458db3be7344e79a5e58926e17f5d52fe5c155a1a555019260998fd7ebfe30c1
SHA512 6e563ff5c0aba198cab779f45740540b188fca546d6647a6537ccd30e1531892c8522f2b0bfe332c82fa576983ab505493e03e2a1f0ac1f70fcd64b569356b8c

C:\Program Files (x86)\Steam\steamapps\downloading\2140510\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\cinematic_serialkiller_assets_all_16eca818a0db08d32531adf137721d6a.bundle

MD5 ef2e0d18474b2151ef5876b1e89c2f1d
SHA1 aef9802fcf76c67d695bc77322bae5400d3bbe82
SHA256 3381de4ca9f3a477f25989dfc8b744e7916046b7aa369f61a9a2f7dc0963ec9e
SHA512 e81185705a3bd73645bf2b190bbf3aee060c1c72f98fa39665f254a755b0a5723ce8296422874eb50c7b5e8d6bcd90175b0ba28061221039172a3f50e8902cc8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 173298151e27e80b6fc8de615d39c596
SHA1 19a72f4c3fbef97b78483785eb42e2d3c53ac4ec
SHA256 4285d2de09388a2241f2520f747ba472bfc55dbe4a22bc333dd20e058a0617ad
SHA512 aae7aaeb94d0cc3e918305f7ffeb6d7ce815830415b38d57632256f64d22f999e7489af1b9d15be0b2f8f22a0c1959b615da8799d9efaff25ef6b833b59bef00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 7bce9d9e25fc2777df7e3ae1380befd2
SHA1 2d4bf205736a2778e2d1f234f14e4f6f23d8cb9c
SHA256 3907e917e7a6171239f1fba49f71a4a954797c918a4c76a33b1e2521c964fa41
SHA512 85d99fff4b8051c97dc361ec736bc64d6996f3ecb9f4b5d95dd378591cf38735e2477de18ac525d3d1b7f55898e3c362fa2d64d92aaf5c801ff7b24365ceb15f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6af6d3af49712a9313b8c8ece8c78453
SHA1 d820c16fab6ec3c025b30ee67e892ce7ebbd43c3
SHA256 0e0024e315e3578b5bfe269d8fc8e9e753888cba94d9367531835b25a2777a56
SHA512 369c4e7b641afc3157e065fc544301ff690b77127ab92ce0afa785c8a03e0c931188bca3e4a89632744b0f34c59e30aee220b2b42b3afa03e523ba187323c41e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 597591582cf63cdb4a72c7aedaab5477
SHA1 0ee8833872fd5fc8054bfb1a743f8df7e94e0a03
SHA256 302b0b8cba8876a57d797299eff86407937abd36f20eb7e640d6243d5f3fd600
SHA512 d2d39824d800499c6d3e4bfc0e36a775005d09e2de9ce671a61a3bf48bf6fa49dd32d01a34599b2c4c77c5bba6ae26723b3ec670c19995398ae81dec869d9d66

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6fe41e064f17ae5b61e56b2489aa84f2
SHA1 1cf4354e763f2e07f578eb7bdebfcbebefd4f0c1
SHA256 0cc06cbd2846f61ac0c5605fe4ec260913e3390d9fa859740897fb4ba6ea2f3c
SHA512 b528945f00067594aae4d978f407346978d4f0c8345355eda72da032730e941e26f9ad65b1787f4ed00da64edabd64d8d254fca464c4534173a05e14578d31b7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7402a5d38881caa967810712dd259249
SHA1 fa96974f28b270684117d66c8eccd6c01faa85c4
SHA256 7d9edda86f851012da263c40af58c8a28a677853ba60daae2bc01b2f42c2ad15
SHA512 0326e5c1dc764a0beaaefd228e405b55664c185c737fbe8186b3c46017e8dd733b84b73e34cf5ec718d96ac0668ef05a64d806b37d8334097168a680a40effeb

C:\Program Files (x86)\Steam\steamapps\downloading\2140510\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_corner_50_assets_all_e21abb074b53d597dfa651b39d36bf4a.bundle

MD5 38cc024924e8f1b44656d9b413ee7096
SHA1 d9c3f820c39d1125143760c4b134544617310bae
SHA256 fb8a317f773a4ae27b334a504d37fde4cc79c6979bce3d46c34d9ab0deaccbd6
SHA512 398d091c129089a5980ef6edf688c536ba064b107192aff5aff2f6134d2b4ced544895b8a29af33d5cda9df071386fca0e7ff79451f1b10c71508a5803645bd7

C:\Program Files (x86)\Steam\steamapps\downloading\2140510\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\cinematic_massdeath_assets_all_ac75a51f09475c59114eca8c398c392c.bundle

MD5 a22a714319fdce395d559da68b6e996e
SHA1 d3129335e80a933fa5fb5a9ba2087892e69526da
SHA256 50533aa4b884d17e95b3db02eea57c16bd5313614d27da41d820a92b5d39660f
SHA512 2d8677501d71da3325698df7a747c62e507672cb918b01f066b54b46494096c0a1623b4fb7ab6308307c45f2b8acf5cbaafd83ef08ec19243f5a2952a887a16d

C:\Program Files (x86)\Steam\steamapps\downloading\2140510\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\cinematic_victoryvampire_assets_all_20dd612dbbc2e94699bb4a47254d6be0.bundle

MD5 56d92ba00e34da10878cb7978a98cf2d
SHA1 6fe2fd551cf3ecf70d21aaf2c00709803f3522bb
SHA256 cb4a6b9832d1e2a13ce7f35c55a9fa0098adfd810868c1be71a744459b2fd363
SHA512 c78004574c430f99b18d1dbfa6e44b4275c1ee282d445f269da49f33c5666bcb73855815ffc37dc61222e6c7ff08bf62ede541273f3549d000af794d34139de0

C:\Program Files (x86)\Steam\steamapps\downloading\2140510\MonoBleedingEdge\etc\mono\4.5\Browsers\Compat.browser

MD5 0d831c1264b5b32a39fa347de368fe48
SHA1 187dff516f9448e63ea5078190b3347922c4b3eb
SHA256 8a1082057ac5681dcd4e9c227ed7fb8eb42ac1618963b5de3b65739dd77e2741
SHA512 4b7549eda1f8ed2c4533d056b62ca5030445393f9c6003e5ee47301ff7f44b4bd5022b74d54f571aa890b6e4593c6eded1a881500ac5ba2a720dc0ff280300af

C:\Program Files (x86)\Steam\steamapps\downloading\2140510\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_lawn_6_assets_all_6e014f812cbedd22ed4e6c0bb845bd88.bundle

MD5 c1bc55cad8f84f2b90b7f4aa8b718dfd
SHA1 9d1e96ef5d5ac90ed36b798f4b57d4c18334001b
SHA256 24b783db323cf1c926be6ea8eebcf920d0c5cbf94089518199224bb668c30a8f
SHA512 25ffa230d5fbb4798555621ba8e6ccf598a5e212ecf9b0020bd0001353b57e5d723cc0f3db03c387ce257414c9e6fdd6709b39f74e2136d6898b572b93ee4241

C:\Program Files (x86)\Steam\steamapps\downloading\2140510\MonoBleedingEdge\etc\mono\2.0\DefaultWsdlHelpGenerator.aspx

MD5 f7be9f1841ff92f9d4040aed832e0c79
SHA1 b3e4b508aab3cf201c06892713b43ddb0c43b7ae
SHA256 751861040b69ea63a3827507b7c8da9c7f549dc181c1c8af4b7ca78cc97d710a
SHA512 380e97f7c17ee0fdf6177ed65f6e30de662a33a8a727d9f1874e9f26bd573434c3dedd655b47a21b998d32aaa72a0566df37e901fd6c618854039d5e0cbef3f5

C:\Program Files (x86)\Steam\steamapps\downloading\2140510\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_alternativedeathanimation_1_assets_all_76aed9123545d9d7cc84b13e99724d46.bundle

MD5 b7816bcc6141906208bf53dd3a109a2f
SHA1 0b34bdac4a188c005cfe3637b04a94e3d5c8e1dd
SHA256 513a8cb29814763eab6788b31bd2721933d9b5da547a17481a6e3018d705f7ae
SHA512 2bc20a6c0b771d0fce37e9a6d777bfe6b227f07303b1361ab01326e52c63d4e0e55ad98f3602c59ebc9aa10d3f4908b774f7bce4bc230f4a41c8f91e08f2f1d5

C:\Program Files (x86)\Steam\steamapps\downloading\2140510\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_pathway_4_assets_all_75e9f4d11bb108214d941ceb28acf399.bundle

MD5 146859f87726fc4572081ecac8831662
SHA1 9f1031fb2460f9544603d13f3cd1ed16b039c5db
SHA256 18f1f37ecc20a582479813982b9b0911ac0bf21890414bb5b894de5f37c1d42c
SHA512 c410c5d0262efb02924635c4ab319e0faf6d3375c564ab433dfafa099229f78d0b65cbfce42a7af552d125e4304af1b2eabb4f2f88aeaefda69d99feb86574fd

C:\Program Files (x86)\Steam\steamapps\downloading\2140510\MonoBleedingEdge\etc\mono\4.0\settings.map

MD5 ba17ade8a8e3ee221377534c8136f617
SHA1 8e17e2aec423a8e6fb43e8cbe6215040217bb8a3
SHA256 ce1db1ad8a9512073164e3eccdc193f7eda036e1a9733caec4635de21b2865c8
SHA512 c18bcbcbd4b9a20a72b1a934d70db1eafef047f34f3ba2c6357d8e3afed07ecaab861e5571ceb58c22d4d3e5ebb34b51e366a0553c3153fbc263d1d80472e297

C:\Program Files (x86)\Steam\steamapps\downloading\2140510\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_wall_12_assets_all_f78f309960563a83fb8901e88a2f7f0d.bundle

MD5 31cd53d2e36ec0b375b7dd1c91d80f17
SHA1 704b92eacd5b36b1c3ac3e110c7373ec89e4c7f6
SHA256 b04f8777e0e3feaaf6a777e90030da7b4b6bdc508568c55851b3366d0b81d230
SHA512 7421c8351ec2554babb8014724dfd36ca585cf0e877913cc4baf2c79add68d84c23aca7d2d5b848d7e68fa5b6efed557552a424e96d4b92542e272ba80c4735f

C:\Program Files (x86)\Steam\steamapps\downloading\2140510\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\catalog_R.1.2.52.json

MD5 5ba1d675736f8e060145cec006f9d074
SHA1 7049d2af248129c9b017f126baf0f3b6ef66f445
SHA256 8f74e1d4356e1d1956b5732fd1a6d6ce4687fd021c77e8eede3e341f45d31dc9
SHA512 9179fe4d272c1c665b5becdefa9502a333b99cf527fc81fe1828eb3da7f58bcc39e4edcbc1c1f90d51dddb97ececc6c18493d398fe93c6b34c45169300ab8a45

C:\Program Files (x86)\Steam\steamapps\downloading\2140510\MonoBleedingEdge\etc\mono\4.0\web.config

MD5 d081581e16b06480a5aaef8cdfb305ab
SHA1 771648fadc7ed9a422b4bc26e38d854d066742d7
SHA256 e38bb8cc68fe5b4edecdfd288d094b9e8ced7629039b2a347682aba0d8bd7492
SHA512 6312269cfd726a991e574b1da0c3b8a2978b248118c1610d4e8791e83f3aa6d42bdd1f4f81850eaa94c026d51e73c515971a58580cd9dfbbcadf9ba0584749c4

C:\Program Files (x86)\Steam\steamapps\downloading\2140510\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\cinematic_victoryarsonist_assets_all_97d8a366f5f027e513fe1e675c8d8201.bundle

MD5 dadb3c7bdc6971266a4dbbff903bfffc
SHA1 1131e9c8956f842904187a48cc1f8d8004e54faa
SHA256 bfe15683b9e221dfaccc8ebfb3dea0231095f2b98397aa4443abfb84d1afebf6
SHA512 14e8c85dc27b78d5c9e0c3eef39f8478d09d2d2fa3ec1347913f9175271546eea8e8c2af3f507bb231c6507ff74694777f7c9135896f40245956010f6bfeb2f3

C:\Program Files (x86)\Steam\steamapps\downloading\2140510\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_house_9_assets_all_9d5d684438f87c3e4cf93fc3ba32066c.bundle

MD5 0dd53221c87d0a6071541ab08d43e903
SHA1 bfb9e4c6d4e3f1a3c05dd53ca04a2ba4984e1012
SHA256 5cc064d3e773edeb46656c187be6a2231074a6baf535d571ab0c9cffbd896c55
SHA512 7f68b0d4ec28c506819fb1e59f2f948ab6d94e6ec531af7f9e762d93e85c840ad8ebbdaaa76c0bffda58ce5f0e6c654b527e484d9bf11d074929043ebbc470e9

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\characters_37_assets_all_aac11eefc531c0c19cff0131bb7f46dd.bundle

MD5 57c57ac469a1b2a00b6a80361e6efaf5
SHA1 dbc8de48fa69eee56f054fff8db6d17223cecd89
SHA256 7d8bb89d402e848d52291b61874ead40cd0ff36965780b2c3955e252f0f3679b
SHA512 7f32384bd08e47d9e6b4854f5c60bc99a2f88dd6b89ba806cdadf26e9671a44e79faf0f3c3c1c524d03821c92ead46234c2c4c882bcb2ccb177525327d889836

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\characters_40_assets_all_17e5d3f4105cd78425abe50da784156b.bundle

MD5 6109c9bea7f8b5c3b5a73181c52eed81
SHA1 c426922bf278d154b91e1be52bf7f47740fa13ec
SHA256 cecd6e122b4aa89bdd868f1df2c33f67740a2b5bb1c0f73be51485e11af0d569
SHA512 62aa9f7e2933e6c074576df4310a53951f7a6e518b0e119d18e97dd1b6945d49d51288aa38893348a92a0be2ecdf18b4214cee378f2685dbf4e423f8e2e00605

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\cinematic_hangman_assets_all_a83aee8151003b1dbc153621a1fc3955.bundle

MD5 79af577b3428bed4faec384774548ae0
SHA1 c61a2e3f844d6bb71fa9ed56414c48dba6e5f96b
SHA256 934b163581c4ca117b22341a65b2c6c01a0dfde4ff6d448e3e41622049cb7090
SHA512 ff6dd041f29b8575cd241b884695340767f10e947f6f3d45cb751b032f5f23e4beaba0b3695ded3cfff0c3b284f573f63008c24874d52f53dffe9cda51b9226f

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_corner_44_assets_all_ba12098fedf197d92ce8006198772dd0.bundle

MD5 384d8e8f5f8104822b1a63ad73287942
SHA1 12b0522adff63aca38d8cdf737fe68a9315214b2
SHA256 5fb69da6861bbb6168a7151be61495cd2b5e66c85321cb1555e1d37e4b0ccaea
SHA512 d865ba78988f4f3547647b1cec190edaf734e2487c962383972b844d4c50afe3bc2d9e9ce7a02280d321a4c2d6d391967145a0b567dc3989e4d1dd78fb35377f

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_house_8_assets_all_f7500b52e6281a535fc33dfd767a01ae.bundle

MD5 e8926d70cd246c22dfde0c5fe471e075
SHA1 63e27fd55caf79d852a6c0afa7dc9d82bea9c36b
SHA256 4b3bc7920728148e59675e137c5d20bb5be001d22dde9de2d2f68d0afa130122
SHA512 1a880e117d3c651e88f3dafe0b0ce914724605434e7db0e43aec9320b33d9f4b890dafaaa0a10de18563bd78b0631b8848984037f91aced171604e14cfd28556

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_house_5_assets_all_1b668f2a1cf4b7db8c5261d3b32abb61.bundle

MD5 384b46f0810c0969c57a12a7bbe78dc6
SHA1 d0774c83f918952a45c653f22631cf79d109ab8b
SHA256 0f8c1796df7faeaeeeffc5b4d94096440ceb81083ec5f0c4dd01fc5b7450ce11
SHA512 d04b20b23582e353610bd0ea86e894041d5d6a11112603c894baf14891eb7467115f7d49764a5b6324d4498804a536d2566cbd74507f892dea93ec89ba4084b3

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_house_3_assets_all_6d623d1616e899c7fb93007578329a65.bundle

MD5 c0abcd546de8f15b336adae9012484c7
SHA1 df24c831483c3275aefaf6c94ea20031396a280f
SHA256 5d839ce0504d869d7fb63dec9eff376aebe8716aee61d28e715f3a93b856c3f0
SHA512 0713413ea540c3dcfcb96c82bf2f9958a603e9a85f99d29c5104488d6477655870e6e933e4abafbe15921a116c84f2b6bc36a0d556286f95fbbe2b7947ceacb8

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_house_10_assets_all_38d75822e7aa427e2d11110a3a8f39d9.bundle

MD5 8f6d6b2672f7a101f4ac3e3890ed2eb8
SHA1 2e8e68f5f6b87cce70e8180cc82f08896cbf570f
SHA256 9e96a770260b0173230c26feb47253212f015d5f62e797d0da796cc024259597
SHA512 9d05c736df49f820df84161c99298fdf4528a1988262221a53e20190fbd8c7797ab3a2439983551e421236239f888ec46acc0288253c37fc03d7119f19ce27d0

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_corner_4_assets_all_5a61c87176ab337b2085c0257379e685.bundle

MD5 b0fd3ead2d5a7a60854a72ad322ee3a6
SHA1 331c4c8f381c1158602e1e11c9f8c2f216ed10c1
SHA256 6de19098e87e8dc10ab2b32f537a5fa22dc0eaf0a32b31938ca38e93b7c2705c
SHA512 7a3e18a27bc410f393d0fc76c1e7a7b69ce5d17b3a7943b8ff58c695172bfd302d562aae16724065742114b42da74dd2ad9defafa498bf2d5c94b088486742f8

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_corner_46_assets_all_936b1409e6a491eb8db41e4f7b41f400.bundle

MD5 a28dba802b52e221cefba20b1a909c30
SHA1 61b10a2793e8b8333f6898137ef3b2054e3b41d7
SHA256 8f6960df2d85be5b4b60fe2f0c6727ab9ebeff44b199576cf4be881d1cb7b1fd
SHA512 c89095ff94fa2b7080569c203ee6e584feb20d187d874c705dd033ebefd914adb1bf7cfc72ed4308a3dc705a55c31311b558204b743489256025b5a64372c790

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_corner_42_assets_all_975083d6182c60152d2b2e15b6961feb.bundle

MD5 8aee620e192957a89896ab0e9a773bf7
SHA1 369510bafeea34357c935960c81b8f933eb0caba
SHA256 475e83b6cd5f810af298f4945ce011c4eb2e9ebe0cffb818896cf8558811473e
SHA512 43ea65902809b4830b71a984b475d4aa40f6c51570b741b6e4ed7f9065d35862e966a06dc7adc9ff2ec3ea6e09244e0440682b03a343bbf12a2957b2e2c526c4

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_corner_38_assets_all_b237fd5450d9b6109ba2a99d6dd53c8d.bundle

MD5 29fe601512028ac1a072fb8c62f06c9a
SHA1 4c7a32b0998fd4716d7fec5067661fe0f8231d05
SHA256 c91dfd95ce4382b629558212835ede4b5a2718f49c2755fc88684f48c641e6d4
SHA512 ea498f2124de82769374cb294318eff66e74e073b3f5cbf1ecc53c2bcd52df35461fa7f62325b3972f34c9174776f7aefe1c46bb5696e32b3d69bd502d33327f

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_corner_34_assets_all_0a48f2a4bcdc54cd1c7c83140bf6cbed.bundle

MD5 75d6f2b7781d34026f6404dd7b31587a
SHA1 c52d9709472c766401372879cad72616203a6184
SHA256 03832ab470f6faa9ed6738e9b448f0717ccddcf4bd55740b5c21b8ffe402f4be
SHA512 4992f0efcecc28c90cea39ce98f8a48a6a93e39e3509d586da9ac5b68d55465747d4eb9c291857ca9318383d449fae49703fc7044bf8d50da9996a61d6152362

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_corner_24_assets_all_5ddae9913762117609f53d0987ad98b3.bundle

MD5 1a4b16c4fe4efd2622cc2032c6737fc9
SHA1 3e802d02f2bcd0d7552a32e1d33d82606a245ca0
SHA256 64d6d67bf4ff423ef545a0cc44c66984767d2b7e02a6562c8fb4c807d84f96bb
SHA512 ce015e43e982277fb09281f7ef75d01ac2bbce1aa6fe5acddfbd1bb353b77832e368a8b53a45093f8add9c95c55da5c30bdd81eadbff4a02f829629735953e2d

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_corner_18_assets_all_9da22c13f481db24656cbdf099ef985f.bundle

MD5 dd6b0ba3bbe13057bc1f3ab7dfecf4ed
SHA1 49af396a7d2ca059867aada8294d7fbff24ea0fb
SHA256 bc1d59e73735e90c0f9864d10dcec5e14c4ef1c5b104b45ce758b324ac9725d2
SHA512 31a5d20d360d42ad38e4d9afab6c0c22cdf249df4d9900aba00c94d81f5ca8aa7bdf7fae82d4fa21e26b59fe63635765e5df8dedbdabb68bf42afa0c9ab1968d

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\cinematic_werewolfkill_assets_all_630fed12f90ebf2e5c70a49d1593af8f.bundle

MD5 bc070e7249a73d38a53bca89fd26068f
SHA1 55d778d196df645067da7f15164de3b2d81866b2
SHA256 9c81e136092b3762a8f11e5b28e42c6f9f2862239d827cb88aa7e98c37f9e21f
SHA512 11bdc80636970479d6c8e6071aa4406397e4531683c51aacc3965fa1c5c0cc750e277b8f8831ef538db717ede89db86c7a9a58b7198a9af80c871d5c79b335f2

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\cinematic_visit_assets_all_ee42e30860e214c53a65e4531897532f.bundle

MD5 ead7e036b68b510e64e12454bf941216
SHA1 afff2e73c39e64d5ebcdf6879b0ad493212ee9d0
SHA256 7f968196040a76eeea769b02fec43deef2f11919e431ec4626a24f16aa78688a
SHA512 de2d40fee834bd5efc1e33d5d4221b7cf9c7921b5601db4b79ed34f1c54f827e6c050a74b744761fb6c2630d7c880ac0d53c46ceafd407b904f494328628a07a

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\cinematic_victorywerewolf_assets_all_fc1a67a09bd2612581fbcadaefd563b0.bundle

MD5 e4fa50a72577e397d0ff8d3ab3e395fe
SHA1 570ba3a5d71c2ee57afe2a2d2cad3ecf967a19bb
SHA256 27620b409bdc3e3b697f62780822e7c8de0f895758f4c5cb694d4797935f0913
SHA512 539f103b6c57d44b9b9f9f06ca639d833ffc7cfe77f77ae68f7c4ef93284885e866ab6d47e8988eefd353a26fb70d8ac23fe08c3458feaf3a0daf14d12d840ce

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\cinematic_victorytown_assets_all_7e51bf1a8206aaa87710cc20b2120a9d.bundle

MD5 92828f5166a9917fa1884effeca92dab
SHA1 9959ab4f84ec2a09969320e6be287d6c58ea19a1
SHA256 0f8782af27e53428b87df07825c9b4ca0026cff514fc111f8aeca7591e1dc36b
SHA512 14938a389bacc7125b5fde2ef4004e006887fa015fb341a3eb9101a010293c11fd9cf1595ac6742d725284d5f8ef7cee80da8e04bf25eb92bf42b339769a047a

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\cinematic_victoryserialkiller_assets_all_275de0ca706cd1eeadab79e80185ffb2.bundle

MD5 7be2282dde5d0c1ffddcf5703d6b1de4
SHA1 f7c13efe0ada8bbb1fc7aaa654badb34067bf71b
SHA256 87971a2e9a5fd0106fdd9ee65803d2b9ca82f17f11bf433f29faf282fbb61cb6
SHA512 c1dcca930222920000daac955e41a87ca65fa1cdea1dba203a07c521e1e6945a1209d40592485a6dbe736d369eea87d7243e81d99046e585fef17284716ebe13

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\cinematic_serialkiller_assets_all_16eca818a0db08d32531adf137721d6a.bundle

MD5 08b9387f063cd136006b4606523e5da1
SHA1 6e2a31b6505615270c271785942c0bf07d980b9f
SHA256 f9a0e4660e4d79511c358ba4bb6012963b6a9ecc43f6c8e5c04adf65a6049191
SHA512 6887e6e1ab40d612743985a6f182243796a63efaf5e6176b20ab611eb53cb348e0fd4642dd60f9a7daac083834428184f28ee80c963f95c2be1aedad6e1beb04

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\cinematic_rolereveal_assets_all_3a80164ff595b597e3a98d701a32259a.bundle

MD5 9ebe2db230bc2fdb9e06c95fb37e1db6
SHA1 87449379a12b42d5b480aeb78af5308527f99fc8
SHA256 bf2c2fc9b358b708196feb407d8b3b94b04054e7fab76a6e555ff1b78b20bc17
SHA512 ba3a4ce1bb61349579ff7494bb90d33b0f28c25faf7994310f69ded9b8dba7bed98611f723dd8d5807358575c2d10e10f160f5827c9cc2037449fd14c2e056a9

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\cinematic_rankedwrapup_assets_all_dbcb9e09f5e7f0d2f4683eef206144e2.bundle

MD5 bdd0b51cf402f1fe7039a8b2e16c0f82
SHA1 e0278e93cf1e3c32ba80ff1cff019a1e7ac79617
SHA256 3719b0687d120ecad874d7398534405f96b7cc2d800e0971ae95c85a2b44d3da
SHA512 b63eb2c26a594c9d85c5d2d9c9c9cfd66e8476eeb7f64ab314299f90049cb12893d37a5044a4998ddaff56754379265606a926d0f0721b9fd30d404ee84bd271

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\cinematic_knighted_assets_all_add78cfd1d31b8a516561dda0010d606.bundle

MD5 d622b3b6c94db9d21c09aeb561c04814
SHA1 1fae4803bb35a0c293af4826e241ff2c06b35d7a
SHA256 b550b1619943c14bd125e62288c0cd99e66791678e5f374d449529d571e50e8c
SHA512 d073faf9cd4ad8dc11bc62e3d0fcfd9bb91bb20ccaf7ffd037384e8afe94e46dcff2c0ce1bbcd1754a062e480d2e7fb8d64255a327461c4d5b22454f34812f9f

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\cinematic_factionwins_assets_all_3e9e6cd57a1d7ff9fd1a05fc7e2b3e81.bundle

MD5 29237c983326af68a50b902b0aedf9bc
SHA1 d75e46d7d94fd3897badd78172830f7526a38bad
SHA256 d5c7068c3a0d6de28a50effa283e722b1b4180e2f90d9ad02d298ced7de82289
SHA512 3059b3ee8cc618acc08e578a5c5c282a93e728929a4628f1e963437f72eea1aa2025a5899637fc7f9c0f4a21170548d062f7437a5d80136c5ce33199ff0cd988

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\cinematic_covenkill_assets_all_4a3213ffa9d677f3c3d083c7f60ae75a.bundle

MD5 db7720673db71acc66a8b004a3fe919f
SHA1 acaa6068b3d1cdd828c841d4bea672a60242fcbd
SHA256 41945b7012eb1b3d46dd006466ef62719200da171ccc1a21df4e497ae3e79e29
SHA512 6cfcf96abf0e5e036c7fb0dd8d22277012ee319e82ccea2f8aba401b94261f44422072d59282726b55fc5a76ee4b9e33da66aff2966fae3dde018b4c3f6bb591

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\characters_9_assets_all_48086c1b2bfc25b0be3d5d0d917def71.bundle

MD5 752615fd815dee421db2eb8bba71788a
SHA1 cde3f5e6ac958d38e4515dbd410a420a25eda71e
SHA256 87089c34b7db201715b4daa385006de491a69d8dfb1bef594712424f429ffd51
SHA512 fbdf59829cf792a86ee1eecf874f347eacf82297cfce2e0e1614fb762385518ef0dd09b0581d45900b8e7f7d8a721ccb96fda95ca896cd817dc6663ca4f52783

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\characters_5_assets_all_f68d909720787afa55dbb3ecce6d7ec9.bundle

MD5 923882f6089947a35c6b58cb703d5753
SHA1 1313b8e3453ea376b1d9da05f30b6ffa801c5c63
SHA256 d68fdf4598eb0199088bdfd5c83559e939e1431c482d58161dae61d9f9f6274c
SHA512 94a7a60c5c3ea8d19aceff6a94ff876cb780cabb8a0749d9d0c722187ea4cf78bca319082362e873e40ea4f2e39541953e36f7856f3516f753cda83014a86bc9

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\characters_31_assets_all_f1cced9168d8968effea2077e4d4d297.bundle

MD5 81caba9514375aacb48d2586b5a645c1
SHA1 d92e7e8a642b4eff5ffb4c94eef7fae68bc6154e
SHA256 9f20ff83716dc2f98fe0a42fe4f8aa3a511e8a7a62584774e1aafb10af411370
SHA512 3c79ac2eed30ecf95498e379e473eba5303ae5050ec8dec823dc02a68709e1e952db57c607b2b013af1d1a6cde3b8afcff02787e93a564a3e97693189c5d2f88

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\characters_1_assets_all_6ad538a8211c5f30e3f15ab5fd3b8f69.bundle

MD5 5a27fbe388d996dc7e89cbd4cf1f3331
SHA1 334eb7211e3a177069b8fc32ad5f48f588a8c9cd
SHA256 41ad9ce10069928025f56d411c29749fa1b90eee0d895ef30f3816844747f115
SHA512 ffde5ac0b26cdaba9499d57c0611d47edc38433364e253b27de8dd26b9665a60df95ccbdecf450fe93134d8e8061974b28d67fad34df617e533674eac0217682

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\scene_map3assets_scenes_all_d8fe7ce1aad63138f3d09d8580bd6009.bundle

MD5 c1678d9927f185e448b181558f8b50b3
SHA1 d8ae39fa8114838da2b185a4e6c3d406b892a603
SHA256 a4ec3877d18a874b7010ab355467716306a27d71518ff48bf6426934e623494f
SHA512 28555552b0d302aa79e52748eb9a6ccb7cdf0f69c99c44256ac748c0d3aa7ba21bd2138dca8d919598cd3afaa65e974dbf9b38539e0cc6bbab67defe500b6471

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\tmp_assets_all_7ff47944f2aadf5c27de357d81d15ec9.bundle

MD5 cfd928b7b53f2235c9201f4b6ffe236d
SHA1 775a237e00ec20e8b0d7e0733068b295ac344789
SHA256 07d8b31af4f3227f7d36e9919bd862a103719b71f9cad0a04db53ff9e3bdacad
SHA512 39acc17f598488401b45d6513724f3bd88f9b3cdc9414cf6d0013afe7befbe284f4b9986bf2fcaf81efbed01da9966b82d14f58a44b6670b1b900f7799c24120

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\silhouettes_48_assets_all_a258545be70063bd130a5dd8d25d461d.bundle

MD5 5db620040498422d8e8843bd6738aa84
SHA1 299c959e4fc8bdb1920ae9effa60fc2e65db2814
SHA256 360a12a205118d2b638a50a3ac296be4f47b20ff60733ad7008eb4d76a1e8945
SHA512 c1df77810622bc68580422753f88857207364ffdddfef0939bed39aa232d5e5447e4f4168a68038a70a1d962f65b85daf4f95dab3330dd16d1765e33efeec4a6

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\silhouettes_44_assets_all_3a5cb0234b4fdbe79afaecaf2414bce2.bundle

MD5 112dd0d61f3486deb601f6c7deabe782
SHA1 42d207450b9038407911df16beb0fcf8704feca1
SHA256 b45dacc845182d6f962ddb37af1c0209c702fdf9b7f7445506c72784358ed6b7
SHA512 3e4c59d2a8b78051b759a680124c0f6372f13162d44f5fd6d2148e97000e0daa3ad00c1c106b9d0316f0eb81680bfabb4d4653fd46132074e8ec9919cd84405e

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\scene_map2assets_scenes_all_d7269811f35c6633b6a993aacb1199d0.bundle

MD5 744fe3b42aca3538b1cc1d7fddc46395
SHA1 0a4619f97b54730ae1ec13ff319c42180ea62bc3
SHA256 8046c068392527e8773792565e49a60a3274879ead0fde73f99db41bf814e7e9
SHA512 e2c0b683fd79b598d4b4d843d7c2900510e5e97a15260b16188fb99943fad5fbb5bd036b7077c13c94dbbebe757bcafc550dbe832c7e0e6bdda4cf1be097f4d3

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\scene_gamescenebase_scenes_all_154dadf4df307d75d811159f23e7fb1d.bundle

MD5 4e844f699eb3d8c014a13c6fc2900baf
SHA1 dd32081bd058fd2acd830c0e0fbc9c8eeb66d335
SHA256 0bc1637ef575cbc76efc0554daef49079ab83e9d48f330d1c0831bcda6753b40
SHA512 5f33ce7be240a136deb9eabe66bb1b93f29a7857eccc8d708aecfec4504efb0044136d9fe2c4023933dbb32d1ab67452395b13639482358b3dca8150563a90f4

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\scene_cauldronscene_scenes_all_2dac9979530e98f011f3cbf542b1e187.bundle

MD5 503976a16c757e6424d8100b4d498814
SHA1 05e2cef629dc7555729c4b77277b67e431deda7b
SHA256 0afa3a34abb9681b64f4184bb2c53f37677dfc2ae986a1e162b1f3c3e06e6bbd
SHA512 8ae0e1aacc7d9c918d79269e528ffc07c406cacb0ada64c17e8cbb3b38bcf07c8332f1e910062be320da6d5c821579c013f4c47d4954da89b783a01d7f76552c

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\pets_11_assets_all_558565e2b8e39e7fccd204e5a9fe8314.bundle

MD5 caadd7c2dca4df40d56a0deb8bc49aee
SHA1 33256babbe562bf4d448316c34e1cd8cc4f6e07a
SHA256 54da8eb791a3dba67494615d78c6bb9691d5353efbfa5b15255b1957fd5845e6
SHA512 21b29bcbd9abb6defd4268ecd5c1d03fbc05c8d859fb410b9b3f9d8c66dd9fc0b1a1e19454751eca415f6214d0e1ec409afbba54e91246e5fb58c981d15ea5ba

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_wall_9_assets_all_8d767c9edcbdbd356b1fb05f24974f36.bundle

MD5 299148f09b5a6f27f6648bf69f679a30
SHA1 0067fd72ab6a9de2f6065a0b542597592480b5d7
SHA256 1307ca56d60249369d5ace45b062e6d60da359bf7ea5fd30e669e8859dad145a
SHA512 a4e34a9e7afc019b35e7488e25f9fb1a9fc8130597da855c5c3ddf1e47f647db3c738f4fa0924944ce0de18077464fd360df14e3ea083f9f92e61fccc02930e9

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_wall_4_assets_all_d56316d3debf9658581e851744d320b9.bundle

MD5 8eb6bb288fb68eb4c4e63b05677b8aee
SHA1 ceb64c1677b028100c2a0feeabee7235cd954128
SHA256 cf3d6fc3437300b0d680e276ef240358c2198fc746b1bb28123be2a810e932d6
SHA512 bb5a19b160e2a16abdebf86bb06ebfc25a09134d2d0c517186564c694652d600d5d4092f39b375faf0ece0e29587245e93e467d9fd26d77b8536767d8d7124be

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_wall_31_assets_all_c59e335db3d092ecf7b8a04844db885a.bundle

MD5 3bbb06482e905edd6050296969af8b15
SHA1 113a29ee3068cd10e8bcb6bbb89126bab5121a70
SHA256 49f72ad579260fae1ce30009657d5e91f4cedbd0d996301cf4a862031f348ad0
SHA512 e29ea3db8741fd9528b36b1cae2bcf9f35a90f793003ebd711590d15c699139d01c37689e68ff37d5312a18aad3e693b7f600050870e92fa9b01ec3b99e0a77a

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_wall_29_assets_all_70f1e7792a6192816c4d5342617a4852.bundle

MD5 81b42ee5c3cdcab3bf42b92acb8601e5
SHA1 e291468c09d6c8f83ca60366fc39fba23de6e246
SHA256 468572e8cf0bcdc6810ddc07b0e25f18fa8bddfd579ab8604e5520cf08b0a010
SHA512 03ddb0e32e6c6b5c2ad129549b78f74adb248d180ccb94478e04969a432a97f616c9fb34498067fbc1fa98c9387ed607de99f9ac0103cbce7880583afce73b35

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2_Data\StreamingAssets\aa\StandaloneWindows64\decoration_wall_20_assets_all_f2a43156a0e123b77bdcce51f6fddb99.bundle

MD5 1ed4fa58913f0ee6011ff01179978a29
SHA1 67bc925668f455e0d3d121a343a36fed0457b1e9
SHA256 04dc7d6b7e931369c652bbf890f86cdb7734be1341cecda5444d5e60ea023893
SHA512 7b47ad606c2473943c74577d7ca5b48d572f156c8fa2488ce4b91921e52cc1ea72bd13cea0b8e82a25ff726581a470c232869ecad1ef309b16db68c7025516e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b0c6f4835e395cfe4680d430e4bd1c58
SHA1 a74110fa7256ee858c9b2ab1fde458bdfb7f28f6
SHA256 7d96f56c88bd91d4a47ae87166754dbccce0f7a7f50fd2a8dfbcda0c8d90e1ef
SHA512 1f051debdec59e01e3fac0dc05f8847c8074e07df3a1deb8c002480b00191efbb4794280cf399b1aa6e5b0ed3c48c4983c0602b455b9a0915e3decd0d94ca878

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\TownOfSalem2.exe

MD5 b0c522d81c2e1129bfb89d138c358f4d
SHA1 0a6c59f8d8c1ee1c911cf1d9fa732cc94042e8d2
SHA256 971f98f213874ffecb6fa558c84ef2bbcd5a6e91fb9cc62b483dea52a1169e21
SHA512 af0b29c00e032e95fc128e8051b47981912915a30d0971edf1480277c5be779b0c6526224cfade14392139af3c0224f5719d1a0db2386247dc0094084dca5aef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 579a2974c2905b9ca50b215efcf7779e
SHA1 3a4989f520a55f14512385bcecb4bb7b815e0b01
SHA256 ebe0789fe832399a1cf19bbf6312f42a52965d972380c565c5c1cb1710c4b87b
SHA512 ed4fa9abd50e6672a84b46a039aa9990cf029ed139820374a7f7dac4cd42da415495fe21d75fffe4c36cafa58759fef25e6b66bef0e0cc91056913ae47d69557

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8c6b0fd80e6240c255de24d68124f77d
SHA1 89c72db7d4e394f43e89204aaab2448b5764456e
SHA256 3d7db9e8893f720b48cad12f48e336531000f1bd9f73cc20c4aa587bcb6ac0bb
SHA512 53103955b1fdc2821e582cfd857d45eff99268f7d44e1b4888c219e5a7d4934bcc65ede5b2b228db2ab003c3cea7b2e84535d2fe97237861dc5cecea98751624

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\f_000079

MD5 e130640ff5bb9c7e2e601c39a99c4887
SHA1 38506c1c39482235734eda4825e71017eb651b43
SHA256 e6184bcab6e8f4255db3f4e49369e06e35e58b3cc421bc7d7a40a342ebd564f2
SHA512 a921c69f9a84118b5c9b9e18df5e4f49a0e025012556239e9c50958180dd46897756efb47a964eb56623043fe5987f4afb697b472be21db30a93b0b205109cb0

C:\Program Files (x86)\Steam\steamapps\common\Town of Salem 2\UnityCrashHandler64.exe

MD5 ca742f989a6103908c2264181c638a07
SHA1 9b1bdb62af3f8e639a33335312741da3c99ce5e7
SHA256 26fab2de36a0e4df86e320f559ce43fe1304a253d3961e219825ff28e660b6c6
SHA512 58b79c99d70dd43a4626f142e32866a0664f0e88cc11405a14149c7cf7d4848e82b7487dc58681f92a03c0ed951295ef8a2bda1bf73c0af97fde7b5809e84499

memory/9140-18706-0x00007FFB05D50000-0x00007FFB05E0D000-memory.dmp

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 4b4558d448db42e69e4b1e5d0e63ba2e
SHA1 9399d58b40d434152c6daec8f53a3b87cbe879c3
SHA256 9133b103321f4b01095bf5778ce5714bfd6afa79423a3eeac5586888cba1fd17
SHA512 8d20616cb7132abededf70618b2e8c78e7c4fb3278e49333b136a6f7f9578f9edc3f81847f18a3221b7e38dea811424251733a26b70a75ef58095c0b15a3bcca

C:\Program Files (x86)\Steam\userdata\1014416628\config\librarycache\2140510.json

MD5 ecdf37d018c9992a92f691be03302df7
SHA1 d78e304148343e513888935a1fba5194f00a7b62
SHA256 c7e46855a99f13d6b5f97223ecbca05ae040e48071c6924e9ed5e014a3408b17
SHA512 1775834aedbb6e79be1092bf4b26a11b4c963af2f53deba0fb90bca3fb02e9e1c43b94f1f836e8fed66da8bdbd346c8517a1622d7998f9df31d8546a9644a2cb

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 2fcca06d4e4934d305aced936498443a
SHA1 9f17eae23b71be13c441175c63072b4be4431728
SHA256 e5c077a1a498d314d5d931b57994e49ef5c014a2e04837c067836634a6b501f3
SHA512 77a2dd5a2c0b02a32a47cbbdc35f8f05204aa09616da7ad8525491dd62dd66a868e6f3565a5a9d7ea7ea692c78cd9c9f749aad306d30ce39cc45e008e2800566

memory/9140-18769-0x00007FFB05D50000-0x00007FFB05E0D000-memory.dmp

memory/9140-18860-0x00007FFB050A0000-0x00007FFB050AD000-memory.dmp

C:\Program Files (x86)\Steam\steamapps\appmanifest_2140510.acf.3999405993.tmp

MD5 958bd2dfd752013bc267b2b6cb64328a
SHA1 a5e18a6d2a92acdc03ba834fb0dbb4fe2522bdbf
SHA256 844f2f53145ffc0693c22f0c80549f4e25894b25991f712acece3ee18dd6307e
SHA512 05df961a144a97801006f18d67a2e139ab002200e6e009fb3c82141ccc32cec3f179c3951f639d8edfb5c907d7025218da959b2015679367516d68d238d5d022

C:\Users\Admin\AppData\Local\Steam\htmlcache\TransportSecurity

MD5 4e8a572d5d1daf21c24e4a912871ed8f
SHA1 32c67174dc2f3cd06a699c9ab6b75b275381c0c2
SHA256 ebbd8626aec71a9b3dfa5e28eccf5bb01495d48a9a35e1b21529422728596a8a
SHA512 b7bc47a70b5a94ca5e77b94ceb7ae34fe7cb3f68903439308f2a48221e5694b81bb413336e5115447f6d7cfe6d1d8290d78c527921d310b1fd4f50dd81b008ce

memory/3068-18902-0x00007FFB05D50000-0x00007FFB05E0D000-memory.dmp

C:\Users\Admin\AppData\LocalLow\BlankMediaGames\Town of Salem 2\com.unity.addressables\catalog_R.1.2.52.hash

MD5 6db4a6042abf7b85527409745e5fde70
SHA1 d721741ae8b89e69e6809a07b1d6055f5703f4cd
SHA256 d8c499b6f3aea275b45b6e9655f853a193968e768c3e042f741430fd89f934fe
SHA512 7fff804a6e5f170f047b7d2024414928f95a13fa4396cf5ecef2589db8596667c90f816c06ae737cb2e669ab39e6296d5c77035467f8368109c7f75b2a19bafc

C:\Program Files (x86)\Steam\appcache\librarycache\2140510_logo.png

MD5 a3349851c3f057e0838badc386486161
SHA1 512a6fe508bd6339bd66103667edd5d0479c34fc
SHA256 f8978ced75e1eb22d18d6aa4040288c729bd18fd812a64375c1901f8b83c0e36
SHA512 42c646d86f06498e7ae68cd53fb68d03b214ab04d216ac1b09a303543dccaabb1af98d02e3d1f9c9d8e7a8c6269156788649ae3a3be259aadd4a7af8f9c7bd1a

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 3a231e25aa4c84c9853c2def50e2df41
SHA1 10fee626a4a4a8c9d91fa31fca06dac8f6261ada
SHA256 e5e7bda241f93a238cada8d68ac3f1d45652788299a8017b0fcb5af9a4ff1dbf
SHA512 6129e98a9b08ed52318b2634f81e93687fdc5d96d0c3946a2f0cc9b776cece201e3c4ce1dd09dbd581b5b814f46f0831fe349a780988fe9c04e34d6ae267340d

memory/3068-19120-0x00007FFB05230000-0x00007FFB0523F000-memory.dmp

memory/9140-19155-0x000001A0F3840000-0x000001A0F3850000-memory.dmp

memory/9140-19190-0x000001A0F37B0000-0x000001A0F37C0000-memory.dmp

memory/9140-19226-0x000001A2588E0000-0x000001A2588F0000-memory.dmp

memory/9140-19231-0x000001A258910000-0x000001A258930000-memory.dmp

memory/9140-19236-0x000001A279E20000-0x000001A279E30000-memory.dmp

memory/9140-19241-0x000001A2BBE40000-0x000001A2BBE50000-memory.dmp

memory/9140-19246-0x000001A2BBE90000-0x000001A2BBEA0000-memory.dmp

memory/9140-19251-0x000001A2BBEA0000-0x000001A2BBEB0000-memory.dmp

memory/9140-19256-0x000001A30E280000-0x000001A30E290000-memory.dmp

memory/9140-19261-0x000001A30E290000-0x000001A30E2A0000-memory.dmp

memory/9140-19266-0x000001A30E2A0000-0x000001A30E2B0000-memory.dmp

memory/9140-19271-0x000001A30E2F0000-0x000001A30E300000-memory.dmp

memory/9140-19280-0x000001A30F4A0000-0x000001A30F4B0000-memory.dmp

memory/9140-19285-0x000001A30F4B0000-0x000001A30F4C0000-memory.dmp

memory/9140-19290-0x000001A30F4C0000-0x000001A30F4D0000-memory.dmp

memory/9140-19295-0x000001A30F4D0000-0x000001A30F4E0000-memory.dmp

memory/9140-19300-0x000001A30F4E0000-0x000001A30F4F0000-memory.dmp

memory/9140-19305-0x000001A30F4F0000-0x000001A30F500000-memory.dmp

memory/9140-19310-0x000001A30F500000-0x000001A30F510000-memory.dmp

memory/9140-19315-0x000001A30F510000-0x000001A30F520000-memory.dmp

memory/9140-19320-0x000001A30F520000-0x000001A30F530000-memory.dmp

memory/9140-19325-0x000001A30F530000-0x000001A30F540000-memory.dmp

memory/9140-19330-0x000001A30F540000-0x000001A30F550000-memory.dmp

memory/9140-19335-0x000001A30F550000-0x000001A30F560000-memory.dmp

memory/9140-19340-0x000001A30F560000-0x000001A30F570000-memory.dmp

memory/9140-19345-0x000001A30F570000-0x000001A30F580000-memory.dmp

memory/9140-19350-0x000001A30F580000-0x000001A30F590000-memory.dmp

memory/9140-19355-0x000001A30F590000-0x000001A30F5C0000-memory.dmp

memory/9140-19362-0x000001A30F5C0000-0x000001A30F5D0000-memory.dmp

memory/9140-19367-0x000001A30F5D0000-0x000001A30F5E0000-memory.dmp

memory/9140-19372-0x000001A30F5E0000-0x000001A30F5F0000-memory.dmp

memory/9140-19377-0x000001A30F5F0000-0x000001A30F600000-memory.dmp

memory/9140-19378-0x000001A30F600000-0x000001A30F610000-memory.dmp

memory/9140-19380-0x000001A310670000-0x000001A310680000-memory.dmp

memory/9140-19379-0x000001A310660000-0x000001A310670000-memory.dmp

memory/9140-19381-0x000001A310680000-0x000001A310690000-memory.dmp

memory/9140-19383-0x000001A3106A0000-0x000001A3106B0000-memory.dmp

memory/9140-19384-0x000001A3106B0000-0x000001A3106C0000-memory.dmp

memory/9140-19385-0x000001A311070000-0x000001A311080000-memory.dmp

memory/9140-19386-0x000001A312050000-0x000001A312060000-memory.dmp

memory/9140-19382-0x000001A310690000-0x000001A3106A0000-memory.dmp

memory/9140-19387-0x000001A312060000-0x000001A312070000-memory.dmp

memory/9140-19389-0x000001A312B50000-0x000001A312B60000-memory.dmp

memory/9140-19390-0x000001A312B60000-0x000001A312B70000-memory.dmp

memory/9140-19392-0x000001A327D70000-0x000001A327D80000-memory.dmp

memory/9140-19391-0x000001A312C80000-0x000001A312C90000-memory.dmp

memory/9140-19393-0x000001A327D80000-0x000001A327D90000-memory.dmp

memory/9140-19388-0x000001A312B40000-0x000001A312B50000-memory.dmp

C:\Users\Admin\AppData\Local\Steam\htmlcache\TransportSecurity

MD5 02cb4200574b227c47765c0e8f898ce9
SHA1 ca1e117d428a257694c41c8e30037344aec98e7a
SHA256 0e850c180753357f6de32f38d9730ea31c9936f00404286b62ac60c6bfd275e0
SHA512 c4ff948771b371c66e01a97a48e2b4511e0812c413516809f406bb6a0135bf8a87e2b70447bc2af22ebdd34769e498d2d8b2ac9322ea25ce95cf896394ba715f

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 03cb1143b5725b65baef038e47447b52
SHA1 210d0382d18d9a6d99941194d166479c406960dd
SHA256 66d407cf6553fe0a1aff0a1e97f9f1442bd9ed7f20a988266697b3b87329e09c
SHA512 9b3c8657ebf957cc27b8325ca4eaff5c970c201fd61025830fe039c7310a27fc2cf25a3e3280ddb57674bdce4a36547927c3949fc95be9b5100e42626915751b

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 ed502a4370412672c2a7819106cd8c6a
SHA1 9e3586695a764863ba85831d383ad56481a613b1
SHA256 8bef1c4edd899ee176662372ee4cc194e6b3faf0c8d68f2b8c87afddc1e5afbe
SHA512 dc25135569fb8d6272cc25f39d8fe01165ba5d4bed6c0c0c278b34d31eb2a7f3d1e0e194ec466689753594cc7b7d8a0e4fb72a51fe5f72809d94401606f7eec3

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 18d8f181a968a051019742d163d91aff
SHA1 81041fb9503f578cbf7d03ca01c0e647e1ba355b
SHA256 6bd7f125c4a35675a98c15cb74e5a09f2631b9e0b376ecc6c4d92c4fa80f8155
SHA512 bfa89c7d043450a400c9365586044e9d97285eb3470e9e24cf5ccbe60720599deb366ba0e93c2ff9d3c51efd4e568a56275010537d5b6ed4e42ed2bfb925290b