Analysis Overview
SHA256
0b4181bf7240b6e37d69122d546c0942a8c28c8019faee75ecbd1bab76942033
Threat Level: Known bad
The file file was found to be: Known bad.
Malicious Activity Summary
Lumma Stealer
Loads dropped DLL
Executes dropped EXE
Suspicious use of SetThreadContext
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Suspicious behavior: AddClipboardFormatListener
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Checks SCSI registry key(s)
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
Checks processor information in registry
Suspicious behavior: MapViewOfSection
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-02-28 21:40
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-28 21:40
Reported
2024-02-28 21:50
Platform
win10v2004-20240226-en
Max time kernel
537s
Max time network
510s
Command Line
Signatures
Lumma Stealer
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zO46FDE899\Set-up.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Setup_files\Set-up.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Setup_files\Set-up.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Setup_files\Set-up.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Setup_files\Set-up.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Setup_files\Set-up.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Setup_files\Set-up.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Setup_files\Set-up.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Setup_files\Set-up.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Setup_files\Set-up.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Setup_files\Set-up.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Setup_files\Set-up.exe | N/A |
Loads dropped DLL
Suspicious use of SetThreadContext
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\system32\taskmgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\BIOS | C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily | C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3808065738-1666277613-1125846146-1000\{4A294679-FF3D-49CF-B8C2-025AA074730B} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings | C:\Windows\system32\taskmgr.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious behavior: MapViewOfSection
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Desktop\Setup_files\Set-up.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Setup_files\Set-up.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\more.com | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Setup_files\Set-up.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\more.com | N/A |
| N/A | N/A | C:\Windows\SysWOW64\more.com | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Setup_files\Set-up.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\more.com | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Setup_files\Set-up.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Setup_files\Set-up.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\more.com | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Setup_files\Set-up.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Setup_files\Set-up.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\more.com | N/A |
| N/A | N/A | C:\Windows\SysWOW64\more.com | N/A |
| N/A | N/A | C:\Windows\SysWOW64\more.com | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Setup_files\Set-up.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Setup_files\Set-up.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\more.com | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeRestorePrivilege | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: 35 | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: 35 | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| Token: SeSystemProfilePrivilege | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| Token: SeCreateGlobalPrivilege | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| Token: 33 | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\taskmgr.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\file.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=4972 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5740 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4496 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=3960 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=5424 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=3880 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=6180 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --mojo-platform-channel-handle=6372 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6484 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --mojo-platform-channel-handle=4884 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --mojo-platform-channel-handle=5844 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5500 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=6228 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=30 --mojo-platform-channel-handle=6592 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=31 --mojo-platform-channel-handle=6668 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=32 --mojo-platform-channel-handle=6644 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=33 --mojo-platform-channel-handle=7076 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=39 --mojo-platform-channel-handle=7928 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=38 --mojo-platform-channel-handle=7724 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=37 --mojo-platform-channel-handle=7228 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=36 --mojo-platform-channel-handle=7420 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=35 --mojo-platform-channel-handle=7404 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=34 --mojo-platform-channel-handle=7272 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=40 --mojo-platform-channel-handle=8196 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=42 --mojo-platform-channel-handle=8488 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --no-appcompat-clear --mojo-platform-channel-handle=8436 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=43 --mojo-platform-channel-handle=8752 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=44 --mojo-platform-channel-handle=9104 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=45 --mojo-platform-channel-handle=9120 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=46 --mojo-platform-channel-handle=9304 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=47 --mojo-platform-channel-handle=6816 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=48 --mojo-platform-channel-handle=9648 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=49 --mojo-platform-channel-handle=9856 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=50 --mojo-platform-channel-handle=9960 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=51 --mojo-platform-channel-handle=4940 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.FileUtilService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=8340 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=9860 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=54 --mojo-platform-channel-handle=9764 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\Temp1_Install_x64x86+manual.v3.zip\Setup_filess.rar"
C:\Users\Admin\AppData\Local\Temp\7zO46FDE899\Set-up.exe
"C:\Users\Admin\AppData\Local\Temp\7zO46FDE899\Set-up.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.70 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.52 --initial-client-data=0x238,0x23c,0x240,0x234,0x248,0x7ffc9b282e98,0x7ffc9b282ea4,0x7ffc9b282eb0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=2300 --field-trial-handle=2248,i,15888825595805581231,2352798064389485993,262144 --variations-seed-version /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=3076 --field-trial-handle=2248,i,15888825595805581231,2352798064389485993,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2196 --field-trial-handle=2248,i,15888825595805581231,2352798064389485993,262144 --variations-seed-version /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=4360 --field-trial-handle=2248,i,15888825595805581231,2352798064389485993,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=4360 --field-trial-handle=2248,i,15888825595805581231,2352798064389485993,262144 --variations-seed-version /prefetch:8
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\Temp1_Install_x64x86+manual.v3.zip\Setup_filess.rar"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4164 --field-trial-handle=2248,i,15888825595805581231,2352798064389485993,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4848 --field-trial-handle=2248,i,15888825595805581231,2352798064389485993,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --mojo-platform-channel-handle=4824 --field-trial-handle=2248,i,15888825595805581231,2352798064389485993,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5384 --field-trial-handle=2248,i,15888825595805581231,2352798064389485993,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5152 --field-trial-handle=2248,i,15888825595805581231,2352798064389485993,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5228 --field-trial-handle=2248,i,15888825595805581231,2352798064389485993,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=4576 --field-trial-handle=2248,i,15888825595805581231,2352798064389485993,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=5292 --field-trial-handle=2248,i,15888825595805581231,2352798064389485993,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=4636 --field-trial-handle=2248,i,15888825595805581231,2352798064389485993,262144 --variations-seed-version /prefetch:8
C:\Users\Admin\Desktop\Setup_files\Set-up.exe
"C:\Users\Admin\Desktop\Setup_files\Set-up.exe"
C:\Windows\SysWOW64\more.com
C:\Windows\SysWOW64\more.com
C:\Users\Admin\Desktop\Setup_files\Set-up.exe
"C:\Users\Admin\Desktop\Setup_files\Set-up.exe"
C:\Windows\SysWOW64\more.com
C:\Windows\SysWOW64\more.com
C:\Users\Admin\AppData\Local\Temp\Kerwinn.pif
C:\Users\Admin\AppData\Local\Temp\Kerwinn.pif
C:\Users\Admin\Desktop\Setup_files\Set-up.exe
"C:\Users\Admin\Desktop\Setup_files\Set-up.exe"
C:\Windows\SysWOW64\more.com
C:\Windows\SysWOW64\more.com
C:\Users\Admin\AppData\Local\Temp\Kerwinn.pif
C:\Users\Admin\AppData\Local\Temp\Kerwinn.pif
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=4588 --field-trial-handle=2248,i,15888825595805581231,2352798064389485993,262144 --variations-seed-version /prefetch:8
C:\Users\Admin\AppData\Local\Temp\Kerwinn.pif
C:\Users\Admin\AppData\Local\Temp\Kerwinn.pif
C:\Users\Admin\Desktop\Setup_files\Set-up.exe
"C:\Users\Admin\Desktop\Setup_files\Set-up.exe"
C:\Windows\SysWOW64\more.com
C:\Windows\SysWOW64\more.com
C:\Users\Admin\AppData\Local\Temp\Kerwinn.pif
C:\Users\Admin\AppData\Local\Temp\Kerwinn.pif
C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE
"C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE" "C:\Users\Admin\Desktop\UnprotectSuspend.pptx" /ou ""
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1436 --field-trial-handle=2248,i,15888825595805581231,2352798064389485993,262144 --variations-seed-version /prefetch:8
C:\Users\Admin\Desktop\Setup_files\Set-up.exe
"C:\Users\Admin\Desktop\Setup_files\Set-up.exe"
C:\Windows\SysWOW64\more.com
C:\Windows\SysWOW64\more.com
C:\Users\Admin\Desktop\Setup_files\Set-up.exe
"C:\Users\Admin\Desktop\Setup_files\Set-up.exe"
C:\Windows\SysWOW64\more.com
C:\Windows\SysWOW64\more.com
C:\Users\Admin\AppData\Local\Temp\Kerwinn.pif
C:\Users\Admin\AppData\Local\Temp\Kerwinn.pif
C:\Users\Admin\Desktop\Setup_files\Set-up.exe
"C:\Users\Admin\Desktop\Setup_files\Set-up.exe"
C:\Windows\SysWOW64\more.com
C:\Windows\SysWOW64\more.com
C:\Users\Admin\Desktop\Setup_files\Set-up.exe
"C:\Users\Admin\Desktop\Setup_files\Set-up.exe"
C:\Windows\SysWOW64\more.com
C:\Windows\SysWOW64\more.com
C:\Users\Admin\AppData\Local\Temp\Kerwinn.pif
C:\Users\Admin\AppData\Local\Temp\Kerwinn.pif
C:\Users\Admin\Desktop\Setup_files\Set-up.exe
"C:\Users\Admin\Desktop\Setup_files\Set-up.exe"
C:\Users\Admin\AppData\Local\Temp\Kerwinn.pif
C:\Users\Admin\AppData\Local\Temp\Kerwinn.pif
C:\Users\Admin\AppData\Local\Temp\Kerwinn.pif
C:\Users\Admin\AppData\Local\Temp\Kerwinn.pif
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Users\Admin\Desktop\Setup_files\Set-up.exe
"C:\Users\Admin\Desktop\Setup_files\Set-up.exe"
C:\Windows\SysWOW64\more.com
C:\Windows\SysWOW64\more.com
C:\Users\Admin\Desktop\Setup_files\Set-up.exe
"C:\Users\Admin\Desktop\Setup_files\Set-up.exe"
C:\Windows\SysWOW64\more.com
C:\Windows\SysWOW64\more.com
C:\Users\Admin\AppData\Local\Temp\Kerwinn.pif
C:\Users\Admin\AppData\Local\Temp\Kerwinn.pif
C:\Users\Admin\AppData\Local\Temp\Kerwinn.pif
C:\Users\Admin\AppData\Local\Temp\Kerwinn.pif
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 203.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 172.64.134.21:443 | the.gatekeeperconsent.com | udp |
| US | 172.64.134.21:443 | the.gatekeeperconsent.com | tcp |
| US | 172.64.96.6:445 | www.ezojs.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| GB | 92.123.241.137:443 | www.microsoft.com | tcp |
| GB | 104.77.160.9:443 | bzib.nelreports.net | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 172.64.135.21:443 | privacy.gatekeeperconsent.com | udp |
| US | 104.16.57.101:443 | static.cloudflareinsights.com | tcp |
| DE | 52.222.190.45:443 | cdn.amplitude.com | tcp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | 104.242.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.134.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.202.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.241.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.160.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.135.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.57.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 45.190.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.41.67.172.in-addr.arpa | udp |
| US | 172.64.135.21:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 104.19.214.37:443 | cdn.otnolatrnup.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 172.64.97.6:445 | www.ezojs.com | tcp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 172.64.134.21:443 | privacy.gatekeeperconsent.com | udp |
| US | 52.27.240.229:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | 20.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.214.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.203.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.193.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | 229.240.27.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 8.8.8.8:53 | 9.228.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| DE | 52.85.92.52:443 | tags.crwdcntrl.net | tcp |
| IE | 54.77.245.72:443 | bcp.crwdcntrl.net | tcp |
| IE | 54.72.69.210:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 72.245.77.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.69.72.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.92.85.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.200:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 41.110.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 45.19.74.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nw-umwatson.events.data.microsoft.com | udp |
| US | 20.189.173.20:443 | nw-umwatson.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 20.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| IE | 74.125.193.113:445 | translate.google.com | tcp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| FR | 13.39.145.251:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | 251.145.39.13.in-addr.arpa | udp |
| IE | 74.125.193.138:445 | translate.google.com | tcp |
| IE | 74.125.193.101:445 | translate.google.com | tcp |
| IE | 74.125.193.139:445 | translate.google.com | tcp |
| IE | 74.125.193.100:445 | translate.google.com | tcp |
| IE | 74.125.193.102:445 | translate.google.com | tcp |
| IE | 74.125.193.138:139 | translate.google.com | tcp |
| US | 8.8.8.8:53 | download2268.mediafire.com | udp |
| US | 8.8.8.8:53 | download2268.mediafire.com | udp |
| US | 199.91.155.9:443 | download2268.mediafire.com | tcp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | download2268.mediafire.com | udp |
| US | 104.19.214.37:443 | otnolatrnup.com | udp |
| US | 199.91.155.9:443 | download2268.mediafire.com | tcp |
| US | 8.8.8.8:53 | 9.155.91.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.16.114.74:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.114.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 104.19.214.37:80 | otnolatrnup.com | tcp |
| US | 104.19.214.37:80 | otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | woreppercomming.com | udp |
| US | 8.8.8.8:53 | woreppercomming.com | udp |
| US | 8.8.8.8:53 | woreppercomming.com | udp |
| IE | 74.125.193.147:443 | www.google.com | udp |
| IE | 209.85.203.95:443 | ajax.googleapis.com | tcp |
| DE | 54.230.206.56:443 | woreppercomming.com | tcp |
| US | 8.8.8.8:53 | 147.193.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.202.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.203.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.206.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.ovardu.com | udp |
| US | 8.8.8.8:53 | www.ovardu.com | udp |
| US | 8.8.8.8:53 | www.ovardu.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 172.67.174.4:443 | www.ovardu.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.16.57.101:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | www.opera.com | udp |
| US | 8.8.8.8:53 | www.opera.com | udp |
| US | 8.8.8.8:53 | www.opera.com | udp |
| DE | 3.123.145.11:443 | www.opera.com | tcp |
| US | 8.8.8.8:53 | 94.203.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.174.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.202.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn-production-opera-website.operacdn.com | udp |
| US | 8.8.8.8:53 | cdn-production-opera-website.operacdn.com | udp |
| US | 8.8.8.8:53 | www.googleoptimize.com | udp |
| US | 8.8.8.8:53 | www.googleoptimize.com | udp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| IE | 209.85.202.113:443 | www.googleoptimize.com | tcp |
| US | 8.8.8.8:53 | www-static.operacdn.com | udp |
| US | 8.8.8.8:53 | www-static.operacdn.com | udp |
| US | 8.8.8.8:53 | www-static.operacdn.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| DE | 52.222.190.163:443 | cdn.amplitude.com | tcp |
| US | 8.8.8.8:53 | 11.145.123.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.202.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.85.84.104.in-addr.arpa | udp |
| GB | 92.123.128.175:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 100.193.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.193.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.190.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 52.27.240.229:443 | api.amplitude.com | tcp |
| IE | 209.85.203.155:443 | stats.g.doubleclick.net | tcp |
| IE | 209.85.203.155:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| IE | 74.125.193.147:443 | www.google.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | 155.203.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| IE | 172.253.116.94:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.160.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.116.253.172.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| IE | 209.85.203.95:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 172.64.134.21:443 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 172.64.97.6:443 | www.ezojs.com | udp |
| US | 172.64.134.21:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 104.19.215.37:443 | cdn.otnolatrnup.com | udp |
| US | 8.8.8.8:53 | 6.97.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 172.64.134.21:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| FR | 15.188.219.54:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 172.64.192.4:443 | go.ezodn.com | udp |
| US | 172.64.134.21:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | 37.215.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.192.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.219.188.15.in-addr.arpa | udp |
| GB | 96.16.109.9:443 | ads.pubmatic.com | tcp |
| IE | 209.85.202.156:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| US | 172.64.193.4:443 | bshr.ezodn.com | udp |
| IE | 209.85.202.156:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| DE | 52.85.92.52:443 | tags.crwdcntrl.net | tcp |
| IE | 209.85.202.154:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| IE | 74.125.193.157:443 | googleads.g.doubleclick.net | udp |
| IE | 74.125.193.157:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 156.202.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.109.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.193.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.193.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.202.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | ut.pubmatic.com | udp |
| US | 8.8.8.8:53 | ut.pubmatic.com | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| NL | 185.64.189.226:443 | ut.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| IE | 54.72.69.210:443 | bcp.crwdcntrl.net | tcp |
| US | 104.16.57.101:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 104.16.114.74:445 | static.mediafire.com | tcp |
| FR | 15.188.219.54:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | 68732db950fda59b23aaab3a2728678d.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 68732db950fda59b23aaab3a2728678d.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 68732db950fda59b23aaab3a2728678d.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | prebid.smilewanted.com | udp |
| US | 8.8.8.8:53 | prebid.smilewanted.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| IE | 172.253.116.132:443 | 68732db950fda59b23aaab3a2728678d.safeframe.googlesyndication.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| IE | 52.50.112.109:443 | hb.yellowblue.io | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| IE | 172.253.116.132:443 | 68732db950fda59b23aaab3a2728678d.safeframe.googlesyndication.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.9.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | 109.112.50.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.116.253.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 104.22.69.131:443 | prebid.smilewanted.com | tcp |
| US | 104.22.69.131:443 | prebid.smilewanted.com | tcp |
| US | 104.22.69.131:443 | prebid.smilewanted.com | tcp |
| US | 104.22.69.131:443 | prebid.smilewanted.com | tcp |
| US | 104.22.69.131:443 | prebid.smilewanted.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 145.40.97.67:443 | prebid.a-mo.net | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| IE | 52.17.192.45:443 | ads.yieldmo.com | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| IE | 209.85.202.132:443 | tpc.googlesyndication.com | tcp |
| US | 172.64.152.89:443 | cdn-ima.33across.com | tcp |
| DE | 54.192.210.17:443 | cdn.prod.uidapi.com | tcp |
| IE | 54.77.245.72:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| US | 104.16.113.74:445 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| IE | 209.85.202.132:443 | tpc.googlesyndication.com | tcp |
| IE | 209.85.202.132:443 | tpc.googlesyndication.com | tcp |
| IE | 209.85.202.132:443 | tpc.googlesyndication.com | tcp |
| IE | 209.85.202.132:443 | tpc.googlesyndication.com | tcp |
| IE | 209.85.202.132:443 | tpc.googlesyndication.com | tcp |
| US | 104.16.114.74:139 | static.mediafire.com | tcp |
| IE | 209.85.202.132:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 172.64.192.4:443 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | 131.69.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.152.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.202.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.210.192.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| IE | 74.125.193.147:443 | www.google.com | udp |
| IE | 74.125.193.147:443 | www.google.com | udp |
| IE | 209.85.202.132:443 | tpc.googlesyndication.com | udp |
| IE | 74.125.193.147:443 | www.google.com | tcp |
| IE | 209.85.203.132:443 | cdn.ampproject.org | tcp |
| IE | 209.85.203.132:443 | cdn.ampproject.org | tcp |
| IE | 209.85.203.132:443 | cdn.ampproject.org | tcp |
| IE | 209.85.203.132:443 | cdn.ampproject.org | tcp |
| IE | 209.85.203.132:443 | cdn.ampproject.org | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| IE | 209.85.202.132:443 | tpc.googlesyndication.com | udp |
| IE | 209.85.202.156:443 | googleads.g.doubleclick.net | udp |
| IE | 209.85.202.132:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 132.203.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| IE | 74.125.193.147:443 | www.google.com | tcp |
| US | 34.120.107.143:443 | oajs.openx.net | tcp |
| US | 8.8.8.8:53 | 156.193.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| IE | 209.85.203.95:443 | translate-pa.googleapis.com | udp |
| DE | 162.19.138.117:443 | id5-sync.com | tcp |
| IE | 209.85.203.95:443 | translate-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.19.214.37:443 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | download2268.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 199.91.155.9:443 | download2268.mediafire.com | tcp |
| US | 8.8.8.8:53 | 143.107.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.116.253.172.in-addr.arpa | udp |
| US | 104.19.214.37:443 | otnolatrnup.com | tcp |
| US | 199.91.155.9:443 | download2268.mediafire.com | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 34.120.107.143:443 | oajs.openx.net | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| IE | 74.125.193.147:443 | www.google.com | udp |
| US | 104.22.68.131:443 | csync.smilewanted.com | tcp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| NL | 145.40.97.66:443 | prebid.a-mo.net | tcp |
| IE | 52.17.192.45:443 | ads.yieldmo.com | tcp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| IE | 52.17.192.45:443 | ads.yieldmo.com | tcp |
| GB | 96.16.109.9:443 | ads.pubmatic.com | tcp |
| GB | 96.16.109.9:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | 131.68.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.120.38.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 172.64.192.4:443 | bshr.ezodn.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 172.64.192.4:443 | bshr.ezodn.com | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 104.22.5.69:443 | id.hadron.ad.gt | tcp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| IE | 74.125.193.157:443 | googleads.g.doubleclick.net | udp |
| IE | 209.85.202.154:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.62.75.3.in-addr.arpa | udp |
| DE | 141.95.98.65:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | sploit-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | sploit-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| GB | 20.162.145.158:443 | sploit-edge.smartscreen.microsoft.com | tcp |
| IE | 209.85.202.132:443 | tpc.googlesyndication.com | udp |
| US | 35.244.159.8:443 | google-bidout-d.openx.net | tcp |
| US | 35.244.159.8:443 | google-bidout-d.openx.net | tcp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| GB | 13.87.96.169:443 | dl-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 65.98.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.145.162.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| IE | 74.125.193.157:443 | googleads.g.doubleclick.net | udp |
| IE | 209.85.202.156:443 | googleads.g.doubleclick.net | udp |
| DE | 162.19.138.117:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| FR | 185.235.86.56:443 | ag.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | tcp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | tcp |
| US | 8.8.8.8:53 | assets.a-mo.net | udp |
| US | 8.8.8.8:53 | assets.a-mo.net | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 104.19.158.19:443 | assets.a-mo.net | tcp |
| NL | 185.235.87.187:443 | gem.gbc.criteo.com | tcp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| GB | 185.64.190.79:443 | image8.pubmatic.com | tcp |
| IE | 74.125.193.157:443 | cm.g.doubleclick.net | tcp |
| IE | 74.125.193.157:443 | cm.g.doubleclick.net | tcp |
| NL | 213.19.162.90:443 | pixel-eu.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.158.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 187.87.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | static.smilewanted.com | udp |
| US | 8.8.8.8:53 | static.smilewanted.com | udp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| DE | 52.58.248.46:443 | rtb.mfadsrvr.com | tcp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| NL | 213.19.162.90:443 | pixel-eu.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 216.200.232.249:443 | sync.mathtag.com | tcp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| DE | 37.252.171.149:443 | ib.adnxs.com | tcp |
| DE | 51.38.120.206:443 | onetag-sys.com | udp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| NL | 213.19.162.80:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| FR | 154.54.250.151:443 | ads.stickyadstv.com | tcp |
| NL | 81.17.55.123:443 | ssbsync-global.smartadserver.com | tcp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 52.46.128.147:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 79.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.162.19.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.248.58.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.250.54.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.162.19.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.232.200.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.128.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | ow.pubmatic.com | udp |
| US | 8.8.8.8:53 | ow.pubmatic.com | udp |
| US | 8.8.8.8:53 | prebid-server.rubiconproject.com | udp |
| US | 8.8.8.8:53 | prebid-server.rubiconproject.com | udp |
| NL | 131.153.158.209:443 | id.a-mx.com | tcp |
| NL | 185.64.189.116:443 | ow.pubmatic.com | tcp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| NL | 213.19.162.71:443 | prebid-server.rubiconproject.com | tcp |
| NL | 145.40.97.67:443 | prebid.a-mo.net | tcp |
| NL | 145.40.97.67:443 | prebid.a-mo.net | tcp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| NL | 81.17.55.97:443 | sync.smartadserver.com | tcp |
| NL | 81.17.55.97:443 | sync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 209.158.153.131.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.162.19.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| DE | 3.71.149.231:443 | ups.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| NL | 185.89.211.12:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| NL | 185.89.211.12:443 | secure.adnxs.com | tcp |
| NL | 213.19.162.80:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| IE | 63.32.195.109:443 | ice.360yield.com | tcp |
| IE | 63.32.195.109:443 | ice.360yield.com | tcp |
| US | 8.8.8.8:53 | 97.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.149.71.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.211.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| IE | 54.194.215.148:443 | ap.lijit.com | tcp |
| IE | 54.194.215.148:443 | ap.lijit.com | tcp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| DK | 37.157.3.20:443 | cm.adform.net | tcp |
| DK | 37.157.3.20:443 | cm.adform.net | tcp |
| US | 8.8.8.8:53 | 109.195.32.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.215.194.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | us.shb-sync.com | udp |
| US | 8.8.8.8:53 | us.shb-sync.com | udp |
| US | 8.8.8.8:53 | us.shb-sync.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.2.110.33:443 | us.shb-sync.com | tcp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| DE | 18.155.145.11:443 | s.ad.smaato.net | tcp |
| US | 8.8.8.8:53 | 20.3.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.110.2.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.145.155.18.in-addr.arpa | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | ow.pubmatic.com | udp |
| US | 8.8.8.8:53 | ow.pubmatic.com | udp |
| NL | 185.64.189.116:443 | ow.pubmatic.com | tcp |
| NL | 185.64.189.116:443 | ow.pubmatic.com | tcp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| NL | 81.17.55.109:443 | ssbsync-global.smartadserver.com | tcp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| GB | 96.16.109.9:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | 109.55.17.81.in-addr.arpa | udp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | t.pubmatic.com | udp |
| US | 8.8.8.8:53 | t.pubmatic.com | udp |
| NL | 185.64.189.226:443 | t.pubmatic.com | tcp |
| DE | 52.58.248.46:443 | rtb.mfadsrvr.com | tcp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | ads.us.e-planning.net | udp |
| US | 8.8.8.8:53 | ads.us.e-planning.net | udp |
| US | 8.8.8.8:53 | ads.us.e-planning.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| NL | 193.3.178.3:443 | ads.us.e-planning.net | tcp |
| NL | 193.3.178.3:443 | ads.us.e-planning.net | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | lexicon.33across.com | udp |
| US | 8.8.8.8:53 | lexicon.33across.com | udp |
| US | 35.244.193.51:443 | lexicon.33across.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | 3.178.3.193.in-addr.arpa | udp |
| NL | 213.19.162.90:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | 51.193.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | hbx.media.net | udp |
| US | 8.8.8.8:53 | hbx.media.net | udp |
| GB | 23.44.232.24:443 | hbx.media.net | tcp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | 24.232.44.23.in-addr.arpa | udp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | udp |
| DE | 51.89.9.252:443 | onetag-sys.com | udp |
| IE | 209.85.202.132:443 | tpc.googlesyndication.com | udp |
| IE | 74.125.193.157:443 | cm.g.doubleclick.net | udp |
| IE | 209.85.202.156:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 172.64.134.21:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| IE | 172.253.116.94:443 | www.google.co.uk | udp |
| IE | 209.85.202.132:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| IE | 209.85.202.132:443 | tpc.googlesyndication.com | udp |
| IE | 209.85.202.154:443 | securepubads.g.doubleclick.net | udp |
| IE | 74.125.193.157:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | csm.nl3.eu.criteo.net | udp |
| US | 8.8.8.8:53 | csm.nl3.eu.criteo.net | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edge-mobile-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-mobile-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-mobile-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | 90.65.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| IE | 94.245.104.56:443 | api.edgeoffer.microsoft.com | tcp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 13.87.96.169:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 56.104.245.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 13.107.253.64:443 | edge-consumer-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | 64.253.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | drilmoralwandreowpops.shop | udp |
| US | 172.67.207.102:443 | drilmoralwandreowpops.shop | tcp |
| US | 8.8.8.8:53 | technologyenterdo.shop | udp |
| US | 172.67.180.132:443 | technologyenterdo.shop | tcp |
| US | 8.8.8.8:53 | lighterepisodeheighte.fun | udp |
| US | 8.8.8.8:53 | problemregardybuiwo.fun | udp |
| US | 8.8.8.8:53 | detectordiscusser.shop | udp |
| US | 104.21.60.92:443 | detectordiscusser.shop | tcp |
| US | 8.8.8.8:53 | edurestunningcrackyow.fun | udp |
| US | 8.8.8.8:53 | pooreveningfuseor.pw | udp |
| US | 8.8.8.8:53 | turkeyunlikelyofw.shop | udp |
| US | 8.8.8.8:53 | 102.207.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.180.67.172.in-addr.arpa | udp |
| US | 172.67.202.191:443 | turkeyunlikelyofw.shop | tcp |
| US | 8.8.8.8:53 | associationokeo.shop | udp |
| US | 104.21.10.242:443 | associationokeo.shop | tcp |
| US | 8.8.8.8:53 | 191.202.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 242.10.21.104.in-addr.arpa | udp |
| US | 172.67.207.102:443 | drilmoralwandreowpops.shop | tcp |
| US | 172.67.180.132:443 | technologyenterdo.shop | tcp |
| US | 8.8.8.8:53 | lighterepisodeheighte.fun | udp |
| US | 8.8.8.8:53 | problemregardybuiwo.fun | udp |
| US | 104.21.60.92:443 | detectordiscusser.shop | tcp |
| US | 8.8.8.8:53 | edurestunningcrackyow.fun | udp |
| US | 8.8.8.8:53 | pooreveningfuseor.pw | udp |
| US | 172.67.202.191:443 | turkeyunlikelyofw.shop | tcp |
| US | 104.21.10.242:443 | associationokeo.shop | tcp |
| US | 172.67.207.102:443 | drilmoralwandreowpops.shop | tcp |
| US | 172.67.180.132:443 | technologyenterdo.shop | tcp |
| US | 8.8.8.8:53 | lighterepisodeheighte.fun | udp |
| US | 8.8.8.8:53 | problemregardybuiwo.fun | udp |
| US | 104.21.60.92:443 | detectordiscusser.shop | tcp |
| US | 8.8.8.8:53 | edurestunningcrackyow.fun | udp |
| US | 8.8.8.8:53 | pooreveningfuseor.pw | udp |
| US | 172.67.202.191:443 | turkeyunlikelyofw.shop | tcp |
| US | 104.21.10.242:443 | associationokeo.shop | tcp |
| US | 172.67.207.102:443 | drilmoralwandreowpops.shop | tcp |
| US | 8.8.8.8:53 | 97.32.109.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 172.67.180.132:443 | technologyenterdo.shop | tcp |
| US | 8.8.8.8:53 | problemregardybuiwo.fun | udp |
| US | 104.21.60.92:443 | detectordiscusser.shop | tcp |
| US | 8.8.8.8:53 | edurestunningcrackyow.fun | udp |
| US | 8.8.8.8:53 | pooreveningfuseor.pw | udp |
| US | 172.67.202.191:443 | turkeyunlikelyofw.shop | tcp |
| US | 104.21.10.242:443 | associationokeo.shop | tcp |
| US | 8.8.8.8:53 | 63.141.182.52.in-addr.arpa | udp |
| US | 172.67.207.102:443 | drilmoralwandreowpops.shop | tcp |
| US | 172.67.180.132:443 | technologyenterdo.shop | tcp |
| US | 8.8.8.8:53 | lighterepisodeheighte.fun | udp |
| US | 8.8.8.8:53 | problemregardybuiwo.fun | udp |
| US | 104.21.60.92:443 | detectordiscusser.shop | tcp |
| US | 8.8.8.8:53 | edurestunningcrackyow.fun | udp |
| US | 8.8.8.8:53 | pooreveningfuseor.pw | udp |
| US | 172.67.202.191:443 | turkeyunlikelyofw.shop | tcp |
| US | 104.21.10.242:443 | associationokeo.shop | tcp |
| US | 172.67.207.102:443 | drilmoralwandreowpops.shop | tcp |
| US | 172.67.180.132:443 | technologyenterdo.shop | tcp |
| US | 8.8.8.8:53 | problemregardybuiwo.fun | udp |
| US | 104.21.60.92:443 | detectordiscusser.shop | tcp |
| US | 8.8.8.8:53 | edurestunningcrackyow.fun | udp |
| US | 8.8.8.8:53 | pooreveningfuseor.pw | udp |
| US | 172.67.202.191:443 | turkeyunlikelyofw.shop | tcp |
| US | 104.21.10.242:443 | associationokeo.shop | tcp |
| US | 172.67.207.102:443 | drilmoralwandreowpops.shop | tcp |
| US | 172.67.180.132:443 | technologyenterdo.shop | tcp |
| US | 8.8.8.8:53 | lighterepisodeheighte.fun | udp |
| US | 8.8.8.8:53 | problemregardybuiwo.fun | udp |
| US | 104.21.60.92:443 | detectordiscusser.shop | tcp |
| US | 8.8.8.8:53 | edurestunningcrackyow.fun | udp |
| US | 8.8.8.8:53 | pooreveningfuseor.pw | udp |
| US | 172.67.202.191:443 | turkeyunlikelyofw.shop | tcp |
| US | 104.21.10.242:443 | associationokeo.shop | tcp |
| US | 172.67.207.102:443 | drilmoralwandreowpops.shop | tcp |
| US | 172.67.180.132:443 | technologyenterdo.shop | tcp |
| US | 8.8.8.8:53 | lighterepisodeheighte.fun | udp |
| US | 8.8.8.8:53 | problemregardybuiwo.fun | udp |
| US | 104.21.60.92:443 | detectordiscusser.shop | tcp |
| US | 8.8.8.8:53 | edurestunningcrackyow.fun | udp |
| US | 8.8.8.8:53 | pooreveningfuseor.pw | udp |
| US | 172.67.202.191:443 | turkeyunlikelyofw.shop | tcp |
| US | 104.21.10.242:443 | associationokeo.shop | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\7zO46FDE899\Set-up.exe
| MD5 | 37668418edb0f30c6f38d08c5ef319b7 |
| SHA1 | 72d173273dfc9a5cf0661ece8e6d90c602679ba2 |
| SHA256 | 4a7930a7130fe7c3c9822d90517e873e3e477c9a6978d096f740dc5b03770365 |
| SHA512 | 9c5c0c3a095824c51c349487c2366e4dcd1f3602082627296ac06569b72e28ef1d976f8b3ef8df30a81d4483c3220cbb6ee429f7ad4633d8692b9bf3f4104fd9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 044b025576e143b0589ddb81bee674f5 |
| SHA1 | 98d4b036e99ddf4000ef7387efcf5412d9fcfc2e |
| SHA256 | 08cac7507cc2271f081a39fa97d36bbd7e25d2d0685b722a2ef3fe838e6d67ea |
| SHA512 | 0bd5fee4d38ca627c945ee460274ccfcf1cdf890a553f48c3f5a50825f8272e055d1c263ab077af9c365484b07ab8120d21bf039ffad0bf6743c15eb0cbdd40a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9472e8c9ab2b685e36225d241284ec51 |
| SHA1 | caea054aee406868f22ba650df9a7aabeee9fe0e |
| SHA256 | 8c50fd149e898a48567beb1f92034111f427f388e5b0adc18acd82722f3f8f78 |
| SHA512 | 9467893fffe535a315c85a455195a91bcf6a4b0df062af896e760eea47f18ecd3ce2084923e6ba546b9ce17a3650510c9b411fc9c9d94f57c9c66a90c0453fda |
\??\pipe\crashpad_4100_VKQBHJQBBSMXIXFA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 376e951336d7dfcc63fb374f799e3964 |
| SHA1 | 5f38ddb6efd22d2e04112f085e2cf5ed25b60f38 |
| SHA256 | 42c434f0b8eff29b9739026d3a0e3cde31b47a0126b7489c640f1d2defa16936 |
| SHA512 | 8ca2953d00faf14178b2b6eb24f4ce4d7070d5cda59ec256c0cfd71e5520064b912bbdb8af0878e90bf8c3324d9bec1a209471ee86a991880d5a443ce881af72 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\b618111f-4703-434f-b27a-5f971d882ce3.tmp
| MD5 | 9ed833dcf1b0e05b7fa3a7e84cef6823 |
| SHA1 | d4c8f3fbfa3dba9b59b1976c60b8307cf6d9a455 |
| SHA256 | e27385ff0079e62f3cc0bfd5eca70b8b1489eceb23d5ebdc14d6ddcc99f9bbb8 |
| SHA512 | 420f9c45ac4ebee2fd5b63af58bb23c54a1c92599514af3456b7b2dc51d32478e335d6777d9aa36078191bc2104e4411a741fca3d856cb8fea87adfa7da14673 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
| MD5 | 20d4b8fa017a12a108c87f540836e250 |
| SHA1 | 1ac617fac131262b6d3ce1f52f5907e31d5f6f00 |
| SHA256 | 6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d |
| SHA512 | 507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c5487fd344a3894142ab6370e705fb6f |
| SHA1 | 32451c85a03c9371d655b1f9876d7ca773aafd8b |
| SHA256 | 79e23777d0258d0291168b39d8779a5c003e2fdbba9c190bee22a416a4a8b977 |
| SHA512 | 2d2d36ae89e6648b3f46ba3ceb979e922c80a1c9fd73a34bb4f68b68b323c735ef3d2e2815c8f5d2cc0c06c01c2344d286a3967e64c8b92e299b8f15aecd6a72 |
C:\Users\Admin\Desktop\Setup_files\x86\Acrobat\AGM.dll
| MD5 | 8d573b19c397d68c416c45025b2ccea4 |
| SHA1 | 0bdb0704d22ff7ef9e7ae61d512e198ca162e475 |
| SHA256 | f42713fdf517e56d7148ce47ea6e5ca953086ffd024258736e1dff78ebcc5e47 |
| SHA512 | 196d2732b1c428f2993884d66780cc05329be33b2fbf0be01152c0e652f4f0b9c8786409cc171c3a4ebe89f9b6e9f9db1dc2f586f7e49e0687764769481f11d4 |
C:\Users\Admin\Desktop\Setup_files\x86\Acrobat\AdobeXMP.dll
| MD5 | 7c3033588c1a187918cf3fd246069a3f |
| SHA1 | 2b637a9d37de604ae8e98fcbc73746ccc0402b31 |
| SHA256 | e958f4ed8272a96e599ff9f0a79331e7b5109104a9d20d3f760c7eb162daf7e0 |
| SHA512 | 80d513d25477081c84af87e8127a02bb332204ad7399ac653a27ca726e446fd25518d36189bf90b10cbf34119d35501e006a2e06dbca5a96dc2348aff6b6fe91 |
C:\Users\Admin\Desktop\Setup_files\x86\Acrobat\AIDE.dll
| MD5 | ad388ce4c2cc3aaff605994da782d57e |
| SHA1 | f43c3f588c77a34e8b81b63247ac1d7657016050 |
| SHA256 | d3ba1adbfeef8f19e4aa570299c06d39a87dfc5fe3d85946270b722e44dacda7 |
| SHA512 | f8e8f0fc5d8e01f8afe1aac55d3a301fa0019c6e80099616abf5a41c09aeabd0294e4391ddac170c2cd5bcff0b9e9cb4b559a2eca50a273e398083542065e27b |
C:\Users\Admin\Desktop\Setup_files\x86\ACE.dll
| MD5 | d0ae82cdf9911bec3eddda128602af04 |
| SHA1 | 58e167521f2b028d03aeb6c926d34c2c969fa9c6 |
| SHA256 | f9675304d13efaee32e6b4a3317b64231a59b684532a898d12b4e7ed88518afd |
| SHA512 | c1520462a8e02ab09e2a101207e88cf6861b48c32b7c2523047251496479740a84987fb19aba4dc8610abe2c81e5f7dbc80c51b8667f4953e17dda583d27557d |
C:\Users\Admin\Desktop\Setup_files\VCRUNTIME140.dll
| MD5 | 49c96cecda5c6c660a107d378fdfc3d4 |
| SHA1 | 00149b7a66723e3f0310f139489fe172f818ca8e |
| SHA256 | 69320f278d90efaaeb67e2a1b55e5b0543883125834c812c8d9c39676e0494fc |
| SHA512 | e09e072f3095379b0c921d41d6e64f4f1cd78400594a2317cfb5e5dca03dedb5a8239ed89905c9e967d1acb376b0585a35addf6648422c7ddb472ce38b1ba60d |
C:\Users\Admin\Desktop\Setup_files\baronet.psd
| MD5 | 0269a57b6e0f2335d1854467fdb77fe5 |
| SHA1 | 5cf7735bda9004fc7f273d8d2107083327f60dab |
| SHA256 | 59578736a427cdf58ddb75d261833c07f88bf30fce418c3169361e71bda83e51 |
| SHA512 | 1093b825c8df5cf8acc84710625af542872eac3b0d5a81eee7fc29059be7e3c1e163712a1455306ca66bfae287d64e392edfe7d5cc47c30a90a7e2c8d11bb914 |
C:\Users\Admin\Desktop\Setup_files\vcruntime140_1.dll
| MD5 | cf0a1c4776ffe23ada5e570fc36e39fe |
| SHA1 | 2050fadecc11550ad9bde0b542bcf87e19d37f1a |
| SHA256 | 6fd366a691ed68430bcd0a3de3d8d19a0cb2102952bfc140bbef4354ed082c47 |
| SHA512 | d95cd98d22ca048d0fc5bca551c9db13d6fa705f6af120bbbb621cf2b30284bfdc7320d0a819bb26dab1e0a46253cc311a370bed4ef72ecb60c69791ed720168 |
C:\Users\Admin\Desktop\Setup_files\msvcp140.dll
| MD5 | 1ba6d1cf0508775096f9e121a24e5863 |
| SHA1 | df552810d779476610da3c8b956cc921ed6c91ae |
| SHA256 | 74892d9b4028c05debaf0b9b5d9dc6d22f7956fa7d7eee00c681318c26792823 |
| SHA512 | 9887d9f5838aa1555ea87968e014edfe2f7747f138f1b551d1f609bc1d5d8214a5fdab0d76fcac98864c1da5eb81405ca373b2a30cb12203c011d89ea6d069af |
C:\Users\Admin\Desktop\Setup_files\mozglue.dll
| MD5 | f6bfad927df2d41d45b81b2aad66579b |
| SHA1 | 48a057a409bd5091f25acdfcd48d1b9dc34f89e1 |
| SHA256 | cc7df4b14c7f0429036417e7eab4457989a116d54017082aa877f4bdd001cac9 |
| SHA512 | 3fe337193c656ca1fe7fa59975f0861eb3f6700c86e2edf814b4d1d109480f70f12e0d0bb470f34e449a630ed443746ac763e3b53f20f673779489c9da1ef39b |
C:\Users\Admin\Desktop\Setup_files\alabamine.odp
| MD5 | eb5cfac8d73685f03badbe6f173e0a30 |
| SHA1 | 33d3789b2edc20006dbdda37563d29897a1ac6d6 |
| SHA256 | 8bdb171e0e2c2c1b7687d9bc815549b6985f094efbc3566205c5b279f2537a48 |
| SHA512 | 791222dc7d27be70bf1d011e6b136f8f54cc5ef671a8d96a91ab3154736c2d2736438d08af0528940f778a84893f748d17084857b30360aee13f38cfb7c46649 |
memory/5028-529-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
memory/5028-536-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
memory/5028-537-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\afdfc74e
| MD5 | b8cd6b99f5206bacc29d26504031e303 |
| SHA1 | ae5a90d40dad9903c11e112c28c2ddd57fca57dc |
| SHA256 | 3297d18ce3084d09d8ed475b23a2df23bc989d8987a685252ca885e1349acf22 |
| SHA512 | 670881b20947611f9c0d2bec054d63049929aaca505f1faf19b4e547a04c83aea26579274359c1d419610ed397443f5b66e2f10d77c7f5b03655d1d673cf83a1 |
memory/4720-540-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/2532-556-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
memory/2532-569-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
memory/2532-570-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\b7aaa03f
| MD5 | 71b5b20eb7d3fc64620149738758e053 |
| SHA1 | 29e861cc1189407c7c19e0e6db85bf2a1d6032ce |
| SHA256 | ba7c535d153821889b8ddd23b7dd9818e85fe19177a2ea46eb4645824b076eb6 |
| SHA512 | 31ee5ae42aafb29044e876eb5192c241b7ca3d973c230af3495eb82aef1a6094608f79d21836ec2aa9efd69648276418c305e31f0db9d6b74c621d1c7510a770 |
memory/4720-575-0x0000000075490000-0x000000007560B000-memory.dmp
memory/4720-576-0x0000000075490000-0x000000007560B000-memory.dmp
memory/5912-578-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/4240-586-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
C:\Users\Admin\AppData\Roaming\pla\mozglue.dll
| MD5 | 169238472c2546d616ca7d25d3cf910e |
| SHA1 | a00a469bffe4c1222e597892f193ff9f083d8c8e |
| SHA256 | ea5be1d855a356a3912e6c56285d02f5252bc3f2b7f4c62122944185866221e5 |
| SHA512 | 8a07821ebf5c8c514ba115554e7e3ecaf956436c1ec5a654be42953fb37bb384d16e2f8e7950396966d520dce000d61b317a7b05d6d3af7e4d49547611859957 |
memory/4240-599-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
memory/4720-601-0x0000000075490000-0x000000007560B000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Kerwinn.pif
| MD5 | 578b84dffcdde848e5726fb87f7795fc |
| SHA1 | 54e40becf54cbf4a1c30558140febc872e14ee6b |
| SHA256 | 3af13cc9a44cd8ac077ae3d1b8a00625e5e288c51d6d797231b2de4a1aba87fd |
| SHA512 | 0d73f2ef0664d273f096fd17a0d4a7c73adbaf1551a041cb7802a9bd6d69c04121c561e57b8dfdd7a415899568baf832cb44307d4024d053049b976cc870e5e3 |
memory/5724-603-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/4240-604-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\bf2aff19
| MD5 | 20f413800d477dbfd3a959ff99ec6df4 |
| SHA1 | 786d1bd295ad2ab2e2437467348bbcb2ddfdfcde |
| SHA256 | 22880ba655b7b9862b7c25fe003079cf0222a7461ec87621a69a3aba941940a4 |
| SHA512 | d0757624be9aa0dba8da6b9e8830d7cb0dfd5532e373bafc2219b1b49682c55b823be66dc14336f5db826e5a0d74bfe4730c1d08148af99c32724de2a8a5825d |
memory/5724-609-0x00000000005A0000-0x00000000005EA000-memory.dmp
memory/5200-610-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/644-613-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/5724-614-0x0000000000100000-0x0000000000154000-memory.dmp
memory/5724-615-0x0000000000C70000-0x0000000000C71000-memory.dmp
memory/5724-616-0x0000000000C70000-0x0000000000C71000-memory.dmp
memory/5724-618-0x0000000000C70000-0x0000000000C71000-memory.dmp
memory/5724-621-0x00000000005A0000-0x00000000005EA000-memory.dmp
memory/644-622-0x00000000005B0000-0x00000000005FA000-memory.dmp
memory/644-627-0x0000000000100000-0x0000000000154000-memory.dmp
memory/644-628-0x00000000010B0000-0x00000000010B1000-memory.dmp
memory/644-630-0x00000000005B0000-0x00000000005FA000-memory.dmp
memory/5708-632-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/5708-633-0x0000000000340000-0x000000000038A000-memory.dmp
memory/5708-636-0x0000000000100000-0x0000000000154000-memory.dmp
memory/5708-638-0x0000000000CB0000-0x0000000000CE2000-memory.dmp
memory/5708-637-0x0000000000CB0000-0x0000000000CE2000-memory.dmp
memory/5708-639-0x0000000000CB0000-0x0000000000CE2000-memory.dmp
memory/5708-640-0x0000000000CB0000-0x0000000000CE2000-memory.dmp
memory/5708-646-0x0000000000340000-0x000000000038A000-memory.dmp
memory/5716-648-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
memory/5716-655-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
memory/5716-656-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
memory/4480-658-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/4752-661-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/4752-662-0x0000000000820000-0x000000000086A000-memory.dmp
memory/4396-663-0x00007FFC81410000-0x00007FFC81420000-memory.dmp
memory/4396-665-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/4396-664-0x00007FFC81410000-0x00007FFC81420000-memory.dmp
memory/4396-666-0x00007FFC81410000-0x00007FFC81420000-memory.dmp
memory/4396-668-0x00007FFC81410000-0x00007FFC81420000-memory.dmp
memory/4396-667-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/4396-670-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/4396-669-0x00007FFC81410000-0x00007FFC81420000-memory.dmp
memory/4396-671-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/4396-672-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/4396-673-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/4396-674-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/4396-675-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/4396-677-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/4396-676-0x00007FFC7F3B0000-0x00007FFC7F3C0000-memory.dmp
memory/4396-678-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/4396-679-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/4396-680-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/4396-681-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/4396-682-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/4396-684-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/4396-683-0x00007FFC7F3B0000-0x00007FFC7F3C0000-memory.dmp
memory/4752-686-0x0000000000100000-0x0000000000154000-memory.dmp
memory/4752-687-0x0000000001660000-0x0000000001692000-memory.dmp
memory/4752-689-0x0000000001660000-0x0000000001692000-memory.dmp
memory/4752-690-0x0000000001660000-0x0000000001692000-memory.dmp
memory/4752-688-0x0000000001660000-0x0000000001692000-memory.dmp
memory/4752-702-0x0000000000820000-0x000000000086A000-memory.dmp
memory/4396-713-0x00007FFC81410000-0x00007FFC81420000-memory.dmp
memory/4396-714-0x00007FFC81410000-0x00007FFC81420000-memory.dmp
memory/4396-715-0x00007FFC81410000-0x00007FFC81420000-memory.dmp
memory/4396-716-0x00007FFC81410000-0x00007FFC81420000-memory.dmp
memory/4396-717-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/4396-718-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/4396-719-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/5372-720-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
memory/5372-727-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
memory/5372-728-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
memory/5492-730-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/3848-731-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
memory/3848-738-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
memory/5492-741-0x0000000075530000-0x00000000756AB000-memory.dmp
memory/5492-742-0x0000000075530000-0x00000000756AB000-memory.dmp
memory/3848-743-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
memory/3676-745-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
memory/3676-752-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
memory/5492-754-0x0000000075530000-0x00000000756AB000-memory.dmp
memory/3876-755-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/4880-756-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/3676-757-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
memory/6072-759-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
memory/6072-766-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
memory/4880-767-0x0000000000BB0000-0x0000000000BFA000-memory.dmp
memory/3564-768-0x00007FFCC1390000-0x00007FFCC1585000-memory.dmp
memory/6072-772-0x00007FFCA3920000-0x00007FFCA3A92000-memory.dmp
memory/4880-774-0x0000000000100000-0x0000000000154000-memory.dmp
memory/4880-775-0x0000000000CA0000-0x0000000000CA1000-memory.dmp
memory/4880-777-0x0000000000CA0000-0x0000000000CA1000-memory.dmp
memory/4880-776-0x0000000000CA0000-0x0000000000CA1000-memory.dmp
memory/4880-778-0x0000000000CA0000-0x0000000000CA1000-memory.dmp
memory/2604-787-0x0000000000100000-0x0000000000154000-memory.dmp
memory/2604-788-0x00000000011A0000-0x00000000011D2000-memory.dmp
memory/2604-789-0x00000000011A0000-0x00000000011D2000-memory.dmp
memory/2604-791-0x00000000011A0000-0x00000000011D2000-memory.dmp
memory/2604-790-0x00000000011A0000-0x00000000011D2000-memory.dmp
memory/2604-792-0x00000000011A0000-0x00000000011D2000-memory.dmp
memory/3700-799-0x0000000000100000-0x0000000000154000-memory.dmp
memory/3700-800-0x0000000000C60000-0x0000000000C92000-memory.dmp
memory/3700-801-0x0000000000C60000-0x0000000000C92000-memory.dmp
memory/3700-802-0x0000000000C60000-0x0000000000C92000-memory.dmp
memory/3700-803-0x0000000000C60000-0x0000000000C92000-memory.dmp