Analysis Overview
SHA256
9d95e947dbd2a170fa8900a06982f361deeb55012ed8b4087ccc9bc188c25cab
Threat Level: Likely malicious
The file TLauncher-Installer-1.3.7.exe was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
UPX packed file
Checks computer location settings
Executes dropped EXE
Loads dropped DLL
Registers COM server for autorun
Adds Run key to start application
Checks installed software on the system
Installs/modifies Browser Helper Object
Enumerates connected drives
Drops file in System32 directory
Drops file in Program Files directory
Drops file in Windows directory
Enumerates physical storage devices
Suspicious use of SetWindowsHookEx
Uses Volume Shadow Copy service COM API
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Modifies data under HKEY_USERS
Modifies Internet Explorer settings
Enumerates system info in registry
Uses Volume Shadow Copy WMI provider
Uses Task Scheduler COM API
Checks processor information in registry
Modifies registry class
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Modifies Internet Explorer Phishing Filter
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-04 12:16
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-04 12:16
Reported
2024-05-04 12:32
Platform
win7-20240220-en
Max time kernel
732s
Max time network
924s
Command Line
Signatures
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBB}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0055-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0016-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0023-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0087-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0069-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0039-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0086-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0013-0001-0099-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0063-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0009-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0047-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0057-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0006-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0010-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0048-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0072-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBB}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0013-0001-0079-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0017-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0075-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\SunJavaUpdateSched = "\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" | C:\Windows\system32\msiexec.exe | N/A |
Checks installed software on the system
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\G: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\A: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\system32\msiexec.exe | N/A |
Installs/modifies Browser Helper Object
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\NoExplorer = "1" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\NoExplorer = "1" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435B-BC74-9C25C1C588A9} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\system32\WindowsAccessBridge-64.dll | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File opened for modification | C:\Windows\system32\WindowsAccessBridge-64.dll | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\Java\jre1.8.0_51\installer.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\net.properties | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\w2k_lsa_auth.dll | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\deploy.jar | C:\Program Files\Java\jre1.8.0_51\bin\unpack200.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\pack200.exe | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\amd64\jvm.cfg | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\deploy\messages_ko.properties | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\jfr.jar | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\fontmanager.dll | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\jpeg.dll | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\ext\sunmscapi.jar | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\security\javaws.policy | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\jawt.dll | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\kcms.dll | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\images\cursors\win32_CopyDrop32x32.gif | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\management\snmp.acl.template | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\LICENSE | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\THIRDPARTYLICENSEREADME-JAVAFX.txt | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\deploy\messages_de.properties | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\images\cursors\win32_CopyNoDrop32x32.gif | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\jfxswt.jar | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\kinit.exe | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\nio.dll | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\fonts\LucidaTypewriterBold.ttf | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\images\cursors\win32_MoveDrop32x32.gif | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\security\blacklisted.certs | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\javaws.exe | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\javaws.pack | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\javacpl.exe | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\rmiregistry.exe | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\sunec.dll | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\ext\sunpkcs11.jar | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\hijrah-config-umalqura.properties | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\zip.dll | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\deploy\messages_sv.properties | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\deploy\[email protected] | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\jce.jar | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\sunmscapi.dll | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\tnameserv.exe | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\ext\jaccess.jar | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\fonts\LucidaTypewriterRegular.ttf | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\eula.dll | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\j2pcsc.dll | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\ext\access-bridge-64.jar | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\rmid.exe | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\cmm\PYCC.pf | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\fonts\LucidaBrightDemiBold.ttf | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\jfr.dll | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\jp2iexp.dll | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\sound.properties | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\dt_shmem.dll | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\images\cursors\win32_LinkDrop32x32.gif | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\deploy.pack | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\jsse.jar | C:\Program Files\Java\jre1.8.0_51\bin\unpack200.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\glass.dll | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\glib-lite.dll | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\jsdt.dll | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\security\US_export_policy.jar | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\java.dll | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\ext\localedata.jar | C:\Program Files\Java\jre1.8.0_51\bin\unpack200.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\jp2launcher.exe | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\bin\jsound.dll | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_51\lib\deploy\messages.properties | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Installer\f77f27a.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI2234.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\f77f283.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.app.log | C:\Windows\SysWOW64\dxdiag.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3135.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI31A5.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\f77f27a.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIF411.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\f77f280.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI30B7.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\f77f283.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\f77f27d.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\ | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\f77f27f.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\f77f27d.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\f77f280.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\f77f285.msi | C:\Windows\system32\msiexec.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\system32\msiexec.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\msiexec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer Phishing Filter
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\PhishingFilter | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\PhishingFilter\ClientSupported_MigrationTime = a81dda271d9eda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "4" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}\Policy = "0" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}\AppPath = "C:\\Program Files\\Java\\jre1.8.0_51\\bin" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 0018b8381d9eda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4B5F-9EE6-34795C46E7E7} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000abb8596cc50c0546bfda6658dcffc23300000000020000000000106600000001000020000000ce7a184ab90c1174d6949b18b3c04d7ef22ff573988dcfae235a90856f127cbd000000000e8000000002000020000000d7776a8aa0fa8a4af1d4f1f0b2456867f37166e7965646865db2c925451437ce90000000db718a0b83d4d215253f47435ab5dc55ee1f0ff1bea9d8664784571c8823e19ff5f8f2a1532d5ab22717cfba596fe4e996658d7febc7a94dd419ea41d361dcba159e7994479b09ef0ddc823f692baa0cc74edc92d0d9543ac796807bcc9cba12568a30417f4d64920daea569975bca7535098e6ad4d10041c49deb00f0fc0b1d247b08988a606bad65941a9131836ca64000000010594f49510332dad916a6ccba3746b755235d31bca99af349154b2ea3d8c4334edcd0d9730d0573839a0be24a01bd1185eedad034ee4c6a2fce60f96b0efb31 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}\AppPath = "C:\\Program Files\\Java\\jre1.8.0_51\\bin" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}\Policy = "3" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA}\Compatibility Flags = "1024" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}\AppName = "ssvagent.exe" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}\AppName = "javaws.exe" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}\AppName = "jp2launcher.exe" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA}\AlternateCLSID = "{CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA}" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}\AppPath = "C:\\Program Files\\Java\\jre1.8.0_51\\bin" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}\Policy = "3" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2E | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2E | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2F | C:\Windows\system32\msiexec.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0090-ABCDEFFEDCBC} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}\ = "Java Plug-in 1.7.0_01" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0070-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0037-ABCDEFFEDCBB}\ = "Java Plug-in 1.8.0_37" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBA}\ = "Java Plug-in 1.6.0_64" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBC} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0098-ABCDEFFEDCBC}\ = "Java Plug-in 1.6.0_98" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\ = "Java Plug-in 1.7.0_25" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0013-0001-0074-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0075-ABCDEFFEDCBB} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0094-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBA}\ = "Java Plug-in 1.7.0_41" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBB} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBB} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0045-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}\ = "Java Plug-in 1.4.2_31" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}\ = "Java Plug-in 1.5.0_38" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBA}\ = "Java Plug-in 1.7.0_29" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0028-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0035-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}\ = "Java Plug-in 1.3.1_12" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0057-ABCDEFFEDCBA} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0079-ABCDEFFEDCBA} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0023-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0017-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0013-0001-0048-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}\ = "Java Plug-in 1.5.0_38" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0014-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0093-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBB}\ = "Java Plug-in 1.7.0_53" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0013-0001-0037-ABCDEFFEDCBA}\ = "Java Plug-in 1.3.1_37" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBC} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0085-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0084-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0085-ABCDEFFEDCBC} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0013-0001-0040-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0076-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0070-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0075-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}\ = "Java Plug-in 1.5.0_09" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBC} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBC} | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0048-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_51\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0013-0001-0033-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_51\installer.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Java\jre1.8.0_51\bin\jp2launcher.exe | N/A |
| N/A | N/A | C:\Program Files\Java\jre1.8.0_51\bin\jp2launcher.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\dxdiag.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\dxdiag.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Users\Admin\AppData\Local\Temp\TLauncher-Installer-1.3.7.exe
"C:\Users\Admin\AppData\Local\Temp\TLauncher-Installer-1.3.7.exe"
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
"C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe" __IRAOFF:1773458 "__IRAFN:C:\Users\Admin\AppData\Local\Temp\TLauncher-Installer-1.3.7.exe" "__IRCT:3" "__IRTSS:24078146" "__IRSID:S-1-5-21-2721934792-624042501-2768869379-1000"
C:\Program Files\Windows Sidebar\sidebar.exe
"C:\Program Files\Windows Sidebar\sidebar.exe" /showGadgets
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef60d9758,0x7fef60d9768,0x7fef60d9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1132 --field-trial-handle=1220,i,10867505653345641035,14053385026565277846,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1464 --field-trial-handle=1220,i,10867505653345641035,14053385026565277846,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1536 --field-trial-handle=1220,i,10867505653345641035,14053385026565277846,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2296 --field-trial-handle=1220,i,10867505653345641035,14053385026565277846,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2304 --field-trial-handle=1220,i,10867505653345641035,14053385026565277846,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=3216 --field-trial-handle=1220,i,10867505653345641035,14053385026565277846,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1380 --field-trial-handle=1220,i,10867505653345641035,14053385026565277846,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3448 --field-trial-handle=1220,i,10867505653345641035,14053385026565277846,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3452 --field-trial-handle=1220,i,10867505653345641035,14053385026565277846,131072 /prefetch:8
C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe
"C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe"
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" http://java-for-minecraft.com/
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2672 CREDAT:275457 /prefetch:2
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RYNL6UIN\jre-8u51-windows-x64.exe
"C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RYNL6UIN\jre-8u51-windows-x64.exe"
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Program Files\Java\jre1.8.0_51\installer.exe
"C:\Program Files\Java\jre1.8.0_51\installer.exe" /s INSTALLDIR="C:\Program Files\Java\jre1.8.0_51\\" REPAIRMODE=0
C:\ProgramData\Oracle\Java\installcache_x64\bspatch.exe
"bspatch.exe" baseimagefam8 newimage diff
C:\Program Files\Java\jre1.8.0_51\bin\unpack200.exe
"C:\Program Files\Java\jre1.8.0_51\bin\unpack200.exe" -r "C:\Program Files\Java\jre1.8.0_51\lib\deploy.pack" "C:\Program Files\Java\jre1.8.0_51\lib\deploy.jar"
C:\Program Files\Java\jre1.8.0_51\bin\unpack200.exe
"C:\Program Files\Java\jre1.8.0_51\bin\unpack200.exe" -r "C:\Program Files\Java\jre1.8.0_51\lib\javaws.pack" "C:\Program Files\Java\jre1.8.0_51\lib\javaws.jar"
C:\Program Files\Java\jre1.8.0_51\bin\unpack200.exe
"C:\Program Files\Java\jre1.8.0_51\bin\unpack200.exe" -r "C:\Program Files\Java\jre1.8.0_51\lib\plugin.pack" "C:\Program Files\Java\jre1.8.0_51\lib\plugin.jar"
C:\Program Files\Java\jre1.8.0_51\bin\unpack200.exe
"C:\Program Files\Java\jre1.8.0_51\bin\unpack200.exe" -r "C:\Program Files\Java\jre1.8.0_51\lib\rt.pack" "C:\Program Files\Java\jre1.8.0_51\lib\rt.jar"
C:\Program Files\Java\jre1.8.0_51\bin\unpack200.exe
"C:\Program Files\Java\jre1.8.0_51\bin\unpack200.exe" -r "C:\Program Files\Java\jre1.8.0_51\lib\charsets.pack" "C:\Program Files\Java\jre1.8.0_51\lib\charsets.jar"
C:\Program Files\Java\jre1.8.0_51\bin\unpack200.exe
"C:\Program Files\Java\jre1.8.0_51\bin\unpack200.exe" -r "C:\Program Files\Java\jre1.8.0_51\lib\jsse.pack" "C:\Program Files\Java\jre1.8.0_51\lib\jsse.jar"
C:\Program Files\Java\jre1.8.0_51\bin\unpack200.exe
"C:\Program Files\Java\jre1.8.0_51\bin\unpack200.exe" -r "C:\Program Files\Java\jre1.8.0_51\lib\ext\localedata.pack" "C:\Program Files\Java\jre1.8.0_51\lib\ext\localedata.jar"
C:\Program Files\Java\jre1.8.0_51\bin\unpack200.exe
"C:\Program Files\Java\jre1.8.0_51\bin\unpack200.exe" -r "C:\Program Files\Java\jre1.8.0_51\lib\ext\jfxrt.pack" "C:\Program Files\Java\jre1.8.0_51\lib\ext\jfxrt.jar"
C:\Program Files\Java\jre1.8.0_51\bin\javaw.exe
"C:\Program Files\Java\jre1.8.0_51\bin\javaw.exe" -Xshare:dump
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Program Files\Java\jre1.8.0_51\bin\javaws.exe
"C:\Program Files\Java\jre1.8.0_51\bin\javaws.exe" -wait -fix -permissions -silent
C:\Program Files\Java\jre1.8.0_51\bin\javaw.exe
"C:\Program Files\Java\jre1.8.0_51\bin\javaw.exe" -classpath "C:\Program Files\Java\jre1.8.0_51\lib\deploy.jar" com.sun.deploy.panel.JreLocator
C:\Program Files\Java\jre1.8.0_51\bin\jp2launcher.exe
"C:\Program Files\Java\jre1.8.0_51\bin\jp2launcher.exe" -secure -javaws -jre "C:\Program Files\Java\jre1.8.0_51" -vma LWNsYXNzcGF0aABDOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlMS44LjBfNTFcbGliXGRlcGxveS5qYXIALURqYXZhLnNlY3VyaXR5LnBvbGljeT1maWxlOkM6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUxLjguMF81MVxsaWJcc2VjdXJpdHlcamF2YXdzLnBvbGljeQAtRHRydXN0UHJveHk9dHJ1ZQAtWHZlcmlmeTpyZW1vdGUALURqbmxweC5ob21lPUM6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUxLjguMF81MVxiaW4ALURqYXZhLnNlY3VyaXR5Lm1hbmFnZXIALURzdW4uYXd0Lndhcm11cD10cnVlAC1YYm9vdGNsYXNzcGF0aC9hOkM6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUxLjguMF81MVxsaWJcamF2YXdzLmphcjtDOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlMS44LjBfNTFcbGliXGRlcGxveS5qYXI7QzpcUHJvZ3JhbSBGaWxlc1xKYXZhXGpyZTEuOC4wXzUxXGxpYlxwbHVnaW4uamFyAC1EamF2YS5hd3QuaGVhZGxlc3M9dHJ1ZQAtRGpubHB4Lmp2bT1DOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlMS44LjBfNTFcYmluXGphdmF3LmV4ZQ== -ma LXdhaXQALWZpeAAtcGVybWlzc2lvbnMALXNpbGVudAAtbm90V2ViSmF2YQ==
C:\Program Files\Java\jre1.8.0_51\bin\javaws.exe
"C:\Program Files\Java\jre1.8.0_51\bin\javaws.exe" -wait -fix -shortcut -silent
C:\Program Files\Java\jre1.8.0_51\bin\jp2launcher.exe
"C:\Program Files\Java\jre1.8.0_51\bin\jp2launcher.exe" -secure -javaws -jre "C:\Program Files\Java\jre1.8.0_51" -vma LWNsYXNzcGF0aABDOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlMS44LjBfNTFcbGliXGRlcGxveS5qYXIALURqYXZhLnNlY3VyaXR5LnBvbGljeT1maWxlOkM6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUxLjguMF81MVxsaWJcc2VjdXJpdHlcamF2YXdzLnBvbGljeQAtRHRydXN0UHJveHk9dHJ1ZQAtWHZlcmlmeTpyZW1vdGUALURqbmxweC5ob21lPUM6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUxLjguMF81MVxiaW4ALURqYXZhLnNlY3VyaXR5Lm1hbmFnZXIALURzdW4uYXd0Lndhcm11cD10cnVlAC1YYm9vdGNsYXNzcGF0aC9hOkM6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUxLjguMF81MVxsaWJcamF2YXdzLmphcjtDOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlMS44LjBfNTFcbGliXGRlcGxveS5qYXI7QzpcUHJvZ3JhbSBGaWxlc1xKYXZhXGpyZTEuOC4wXzUxXGxpYlxwbHVnaW4uamFyAC1EamF2YS5hd3QuaGVhZGxlc3M9dHJ1ZQAtRGpubHB4Lmp2bT1DOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlMS44LjBfNTFcYmluXGphdmF3LmV4ZQ== -ma LXdhaXQALWZpeAAtc2hvcnRjdXQALXNpbGVudAAtbm90V2ViSmF2YQ==
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 5C0FDC27A0F5528E815F5EB6D0A8B671
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\SysWOW64\cmd.exe" /c del "C:\Program Files\Java\jre1.8.0_51\installer.exe"
C:\Program Files\Java\jre1.8.0_51\bin\javaw.exe
-cp "C:\Program Files\Java\jre1.8.0_51\bin\..\lib\deploy.jar" com.sun.deploy.panel.ControlPanel -getUserWebJavaStatus
C:\Program Files\Java\jre1.8.0_51\bin\javaw.exe
-cp "C:\Program Files\Java\jre1.8.0_51\bin\..\lib\deploy.jar" com.sun.deploy.panel.ControlPanel -getUserPreviousDecisionsExist 30
C:\Windows\system32\msiexec.exe
"C:\Windows\system32\\msiexec.exe" /i "C:\Users\Admin\AppData\LocalLow\Oracle\Java\AU\au.msi" ALLUSERS=1 /qn
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding A5DB8CDF8674CF0354155EB70EC4292B
C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe
"C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe" -r jre 1.8.0_51-b16
C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe
"C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe"
C:\Program Files\Java\jre1.8.0_51\bin\javaw.exe
"C:\Program Files\Java\jre1.8.0_51\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe"
C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe
"C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe"
C:\Program Files\Java\jre1.8.0_51\bin\javaw.exe
"C:\Program Files\Java\jre1.8.0_51\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe"
C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe
"C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe"
C:\Program Files\Java\jre1.8.0_51\bin\javaw.exe
"C:\Program Files\Java\jre1.8.0_51\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe"
C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe
"C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe"
C:\Program Files\Java\jre1.8.0_51\bin\javaw.exe
"C:\Program Files\Java\jre1.8.0_51\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe"
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe -Xmx1024m -Dfile.encoding=UTF8 -Djava.net.preferIPv4Stack=true --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.time=ALL-UNNAMED --add-opens=java.desktop/java.awt=ALL-UNNAMED --add-opens=java.desktop/sun.awt.image=ALL-UNNAMED --add-opens=java.desktop/sun.java2d=ALL-UNNAMED --add-opens=java.desktop/java.awt.color=ALL-UNNAMED --add-opens=java.desktop/java.awt.image=ALL-UNNAMED --add-opens=java.desktop/com.apple.eawt=ALL-UNNAMED --add-opens=java.base/java.util.regex=ALL-UNNAMED --add-opens=java.desktop/javax.swing=ALL-UNNAMED --add-opens=java.desktop/java.beans=ALL-UNNAMED --add-opens=javafx.web/com.sun.webkit.network=ALL-UNNAMED -cp C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\aopalliance-1.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\checker-qual-3.12.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-codec-1.9.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-compress-1.23.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-io-2.11.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-lang3-3.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-logging-1.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-logging-api-1.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-vfs2-2.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\desktop-common-util-1.11.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\DiscordIPC-0.5.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\dnsjava-2.1.8.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\error_prone_annotations-2.18.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\failureaccess-1.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\fluent-hc-4.5.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\gson-2.8.8.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\guava-31.0.1-jre.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\guice-7.0.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\guice-assistedinject-7.0.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\hamcrest-core-1.3.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\http-download-1.11.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\httpclient-4.5.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\httpcore-4.4.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\j2objc-annotations-1.3.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jakarta.inject-api-2.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-base-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-base-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-controls-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-controls-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-graphics-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-graphics-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-media-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-media-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-swing-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-swing-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-web-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-web-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javax.annotation-api-1.3.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jaxb-api-2.3.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jaxb-core-2.3.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jaxb-impl-2.3.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jcl-over-slf4j-1.7.25.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jopt-simple-5.0.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\json-20230227.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jsr305-3.0.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\junit-4.13.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\junixsocket-common-2.6.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\junixsocket-native-common-2.6.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\junrar-0.7.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\log4j-1.2.17.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\logback-classic-1.2.10.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\logback-core-1.2.10.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\lombok-1.18.30.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\maven-scm-api-1.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\maven-scm-provider-svn-commons-1.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\maven-scm-provider-svnexe-1.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\MinecraftServerPing-1.0.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\mockserver-netty-no-dependencies-5.14.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\modpack-dto-2.2914.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\picture-bundle-3.72.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\plexus-utils-1.5.6.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\regexp-1.3.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\skin-server-API-1.3.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\slf4j-api-1.7.25.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\statistics-dto-1.73.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\tlauncher-resource-1.6.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\url-cache-1.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\xz-1.9.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\original-TLauncher-2.923.jar; org.tlauncher.tlauncher.rmo.TLauncher -starterConfig=C:\Users\Admin\AppData\Roaming\.tlauncher\starter\starter.json -requireUpdate=false -currentAppVersion=2.923
C:\Windows\system32\cmd.exe
cmd.exe /C chcp 437 & wmic CPU get NAME
C:\Windows\system32\chcp.com
chcp 437
C:\Windows\System32\Wbem\WMIC.exe
wmic CPU get NAME
C:\Windows\system32\cmd.exe
cmd.exe /C chcp 437 & set processor
C:\Windows\system32\chcp.com
chcp 437
C:\Windows\system32\cmd.exe
cmd.exe /C chcp 437 & dxdiag /whql:off /t C:\Users\Admin\AppData\Roaming\.minecraft\logs\tlauncher\dxdiag.txt
C:\Windows\system32\chcp.com
chcp 437
C:\Windows\system32\dxdiag.exe
dxdiag /whql:off /t C:\Users\Admin\AppData\Roaming\.minecraft\logs\tlauncher\dxdiag.txt
C:\Windows\SysWOW64\dxdiag.exe
"C:\Windows\SysWOW64\dxdiag.exe" /whql:off /t C:\Users\Admin\AppData\Roaming\.minecraft\logs\tlauncher\dxdiag.txt
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x578
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef60d9758,0x7fef60d9768,0x7fef60d9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1192 --field-trial-handle=1312,i,3552685845592570979,10125245764488845976,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1368 --field-trial-handle=1312,i,3552685845592570979,10125245764488845976,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1600 --field-trial-handle=1312,i,3552685845592570979,10125245764488845976,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2312 --field-trial-handle=1312,i,3552685845592570979,10125245764488845976,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2324 --field-trial-handle=1312,i,3552685845592570979,10125245764488845976,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1192 --field-trial-handle=1312,i,3552685845592570979,10125245764488845976,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1432 --field-trial-handle=1312,i,3552685845592570979,10125245764488845976,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3436 --field-trial-handle=1312,i,3552685845592570979,10125245764488845976,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3556 --field-trial-handle=1312,i,3552685845592570979,10125245764488845976,131072 /prefetch:8
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://fb.com/tlauncher
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4020 CREDAT:275457 /prefetch:2
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4020 CREDAT:275469 /prefetch:2
C:\Windows\system32\cmd.exe
cmd.exe /C chcp 437 & wmic qfe get HotFixID
C:\Windows\system32\chcp.com
chcp 437
C:\Windows\System32\Wbem\WMIC.exe
wmic qfe get HotFixID
C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe
"C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe"
C:\Program Files\Java\jre1.8.0_51\bin\javaw.exe
"C:\Program Files\Java\jre1.8.0_51\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe"
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe -Xmx1024m -Dfile.encoding=UTF8 -Djava.net.preferIPv4Stack=true --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.time=ALL-UNNAMED --add-opens=java.desktop/java.awt=ALL-UNNAMED --add-opens=java.desktop/sun.awt.image=ALL-UNNAMED --add-opens=java.desktop/sun.java2d=ALL-UNNAMED --add-opens=java.desktop/java.awt.color=ALL-UNNAMED --add-opens=java.desktop/java.awt.image=ALL-UNNAMED --add-opens=java.desktop/com.apple.eawt=ALL-UNNAMED --add-opens=java.base/java.util.regex=ALL-UNNAMED --add-opens=java.desktop/javax.swing=ALL-UNNAMED --add-opens=java.desktop/java.beans=ALL-UNNAMED --add-opens=javafx.web/com.sun.webkit.network=ALL-UNNAMED -cp C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\aopalliance-1.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\checker-qual-3.12.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-codec-1.9.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-compress-1.23.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-io-2.11.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-lang3-3.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-logging-1.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-logging-api-1.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-vfs2-2.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\desktop-common-util-1.11.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\DiscordIPC-0.5.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\dnsjava-2.1.8.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\error_prone_annotations-2.18.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\failureaccess-1.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\fluent-hc-4.5.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\gson-2.8.8.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\guava-31.0.1-jre.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\guice-7.0.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\guice-assistedinject-7.0.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\hamcrest-core-1.3.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\http-download-1.11.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\httpclient-4.5.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\httpcore-4.4.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\j2objc-annotations-1.3.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jakarta.inject-api-2.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-base-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-base-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-controls-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-controls-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-graphics-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-graphics-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-media-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-media-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-swing-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-swing-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-web-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-web-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javax.annotation-api-1.3.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jaxb-api-2.3.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jaxb-core-2.3.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jaxb-impl-2.3.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jcl-over-slf4j-1.7.25.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jopt-simple-5.0.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\json-20230227.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jsr305-3.0.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\junit-4.13.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\junixsocket-common-2.6.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\junixsocket-native-common-2.6.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\junrar-0.7.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\log4j-1.2.17.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\logback-classic-1.2.10.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\logback-core-1.2.10.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\lombok-1.18.30.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\maven-scm-api-1.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\maven-scm-provider-svn-commons-1.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\maven-scm-provider-svnexe-1.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\MinecraftServerPing-1.0.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\mockserver-netty-no-dependencies-5.14.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\modpack-dto-2.2914.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\picture-bundle-3.72.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\plexus-utils-1.5.6.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\regexp-1.3.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\skin-server-API-1.3.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\slf4j-api-1.7.25.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\statistics-dto-1.73.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\tlauncher-resource-1.6.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\url-cache-1.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\xz-1.9.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\original-TLauncher-2.923.jar; org.tlauncher.tlauncher.rmo.TLauncher -starterConfig=C:\Users\Admin\AppData\Roaming\.tlauncher\starter\starter.json -requireUpdate=false -currentAppVersion=2.923
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\system32\cmd.exe
cmd.exe /C chcp 437 & wmic CPU get NAME
C:\Windows\system32\chcp.com
chcp 437
C:\Windows\System32\Wbem\WMIC.exe
wmic CPU get NAME
C:\Windows\system32\cmd.exe
cmd.exe /C chcp 437 & set processor
C:\Windows\system32\chcp.com
chcp 437
C:\Windows\system32\cmd.exe
cmd.exe /C chcp 437 & dxdiag /whql:off /t C:\Users\Admin\AppData\Roaming\.minecraft\logs\tlauncher\dxdiag.txt
C:\Windows\system32\chcp.com
chcp 437
C:\Windows\system32\dxdiag.exe
dxdiag /whql:off /t C:\Users\Admin\AppData\Roaming\.minecraft\logs\tlauncher\dxdiag.txt
C:\Windows\SysWOW64\dxdiag.exe
"C:\Windows\SysWOW64\dxdiag.exe" /whql:off /t C:\Users\Admin\AppData\Roaming\.minecraft\logs\tlauncher\dxdiag.txt
C:\Windows\system32\cmd.exe
cmd.exe /C chcp 437 & wmic qfe get HotFixID
C:\Windows\system32\chcp.com
chcp 437
C:\Windows\System32\Wbem\WMIC.exe
wmic qfe get HotFixID
C:\Windows\system32\cmd.exe
cmd.exe /C start "Open path" "C:\Users\Admin\AppData\Roaming\.minecraft\"
C:\Windows\system32\cmd.exe
cmd.exe /C start "Open path" "C:\Users\Admin\AppData\Roaming\.minecraft\"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3896 --field-trial-handle=1312,i,3552685845592570979,10125245764488845976,131072 /prefetch:8
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x0
C:\Windows\system32\csrss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\winlogon.exe
winlogon.exe
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x0
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | dl2.tlauncher.org | udp |
| US | 104.20.37.13:443 | dl2.tlauncher.org | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 216.58.201.110:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | java-for-minecraft.com | udp |
| US | 172.67.143.19:80 | java-for-minecraft.com | tcp |
| US | 172.67.143.19:80 | java-for-minecraft.com | tcp |
| US | 172.67.143.19:443 | java-for-minecraft.com | tcp |
| US | 172.67.143.19:443 | java-for-minecraft.com | tcp |
| US | 172.67.143.19:443 | java-for-minecraft.com | tcp |
| US | 172.67.143.19:443 | java-for-minecraft.com | tcp |
| US | 172.67.143.19:443 | java-for-minecraft.com | tcp |
| US | 172.67.143.19:443 | java-for-minecraft.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 172.67.143.19:443 | java-for-minecraft.com | tcp |
| US | 172.67.143.19:443 | java-for-minecraft.com | tcp |
| US | 8.8.8.8:53 | javadl.sun.com | udp |
| NL | 92.123.165.224:443 | javadl.sun.com | tcp |
| NL | 92.123.165.224:443 | javadl.sun.com | tcp |
| US | 8.8.8.8:53 | javadl.oracle.com | udp |
| NL | 92.123.165.224:443 | javadl.oracle.com | tcp |
| NL | 92.123.165.224:443 | javadl.oracle.com | tcp |
| US | 8.8.8.8:53 | sdlc-esd.oracle.com | udp |
| US | 23.220.112.104:443 | sdlc-esd.oracle.com | tcp |
| US | 23.220.112.104:443 | sdlc-esd.oracle.com | tcp |
| US | 8.8.8.8:53 | javadl-esd-secure.oracle.com | udp |
| NL | 92.123.165.224:443 | javadl-esd-secure.oracle.com | tcp |
| US | 8.8.8.8:53 | rps-svcs.sun.com | udp |
| US | 2.18.190.79:80 | rps-svcs.sun.com | tcp |
| NL | 92.123.165.224:80 | javadl-esd-secure.oracle.com | tcp |
| NL | 92.123.165.224:443 | javadl-esd-secure.oracle.com | tcp |
| US | 8.8.8.8:53 | www.java.com | udp |
| NL | 23.62.61.163:443 | www.java.com | tcp |
| US | 8.8.8.8:53 | sjremetrics.java.com | udp |
| IE | 66.235.152.225:443 | sjremetrics.java.com | tcp |
| US | 8.8.8.8:53 | repo.tlauncher.org | udp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 8.8.8.8:53 | repo.fastrepo.org | udp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 8.8.8.8:53 | repo.tlauncher.org | udp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 8.8.8.8:53 | repo.fastrepo.org | udp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 8.8.8.8:53 | page.tlauncher.org | udp |
| US | 104.20.36.13:443 | page.tlauncher.org | tcp |
| US | 104.20.36.13:443 | page.tlauncher.org | tcp |
| US | 8.8.8.8:53 | advancedrepository.com | udp |
| DE | 46.4.112.215:443 | advancedrepository.com | tcp |
| US | 104.20.36.13:80 | page.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 8.8.8.8:53 | tlauncher.org | udp |
| US | 104.20.37.13:443 | tlauncher.org | tcp |
| DE | 46.4.112.215:80 | advancedrepository.com | tcp |
| DE | 46.4.112.215:80 | advancedrepository.com | tcp |
| N/A | 127.0.0.1:55444 | tcp | |
| DE | 46.4.112.215:443 | advancedrepository.com | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 8.8.8.8:53 | img.tlauncher.org | udp |
| US | 8.8.8.8:53 | img.fastrepo.org | udp |
| US | 104.20.37.13:443 | img.tlauncher.org | tcp |
| US | 104.26.11.134:80 | img.fastrepo.org | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| US | 8.8.8.8:53 | launchermeta.mojang.com | udp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 13.107.246.64:443 | launchermeta.mojang.com | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.37.13:443 | img.tlauncher.org | tcp |
| US | 8.8.8.8:53 | stat.fastrepo.org | udp |
| DE | 78.46.79.62:443 | stat.fastrepo.org | tcp |
| DE | 78.46.79.62:443 | stat.fastrepo.org | tcp |
| US | 104.20.36.13:80 | img.tlauncher.org | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | fb.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 163.70.151.35:443 | fb.com | tcp |
| GB | 163.70.151.35:443 | fb.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | m.facebook.com | udp |
| GB | 163.70.151.35:443 | m.facebook.com | tcp |
| GB | 163.70.151.35:443 | m.facebook.com | tcp |
| US | 8.8.8.8:53 | z-m-static.xx.fbcdn.net | udp |
| GB | 163.70.151.33:443 | z-m-static.xx.fbcdn.net | tcp |
| GB | 163.70.151.33:443 | z-m-static.xx.fbcdn.net | tcp |
| GB | 163.70.151.33:443 | z-m-static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | 2ip.eu | udp |
| US | 8.8.8.8:53 | 2ip.eu | udp |
| DK | 77.111.240.65:443 | 2ip.eu | tcp |
| DK | 77.111.240.65:443 | 2ip.eu | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.200.35:443 | beacons.gcp.gvt2.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| DE | 46.4.112.215:443 | advancedrepository.com | tcp |
| US | 104.20.36.13:80 | img.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.37.13:443 | img.tlauncher.org | tcp |
| DE | 46.4.112.215:80 | advancedrepository.com | tcp |
| DE | 46.4.112.215:80 | advancedrepository.com | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| DE | 46.4.112.215:443 | advancedrepository.com | tcp |
| US | 104.20.37.13:443 | img.tlauncher.org | tcp |
| US | 104.26.11.134:80 | img.fastrepo.org | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 8.8.8.8:53 | launchermeta.mojang.com | udp |
| US | 13.107.246.64:443 | launchermeta.mojang.com | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.37.13:443 | img.tlauncher.org | tcp |
| DE | 78.46.79.62:443 | stat.fastrepo.org | tcp |
| US | 104.20.36.13:80 | img.tlauncher.org | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| DE | 46.4.112.215:80 | advancedrepository.com | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 13.107.246.64:443 | launchermeta.mojang.com | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| DE | 46.4.112.215:80 | advancedrepository.com | tcp |
| US | 104.20.36.13:80 | img.tlauncher.org | tcp |
| US | 104.20.37.13:443 | img.tlauncher.org | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| GB | 142.250.200.35:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | beacons2.gvt2.com | udp |
| US | 216.239.34.117:443 | beacons2.gvt2.com | tcp |
| US | 216.239.34.117:443 | beacons2.gvt2.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | beacons3.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons3.gvt2.com | tcp |
| GB | 172.217.169.67:443 | beacons3.gvt2.com | udp |
Files
\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
| MD5 | a14411ca54ffb3b223c21c63a784409b |
| SHA1 | 33050df5397e5a44169cf0cd702d776269233f36 |
| SHA256 | 1c830be41a2d969da6e8e889a1ae23fc41594d5323520e5a39de7f2c32c5dc5b |
| SHA512 | 0bc34e8d826e3e026068c52c41eb4617e9bff553c675ff45c525ac4210b6cf878267fdfb4b6796d4de4dad2e8145eb3dd98220ee01957bd3e839e9f8a8d4bba7 |
memory/2356-6-0x0000000003510000-0x00000000038F9000-memory.dmp
memory/2356-15-0x0000000003510000-0x00000000038F9000-memory.dmp
memory/2356-16-0x0000000003510000-0x00000000038F9000-memory.dmp
memory/1412-18-0x00000000000F0000-0x00000000004D9000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\lua5.1.dll
| MD5 | c333af59fa9f0b12d1cd9f6bba111e3a |
| SHA1 | 66ae1d42b2de0d620fe0b7cc6e1c718c6c579ed0 |
| SHA256 | fad540071986c59ec40102c9ca9518a0ddce80cf39eb2fd476bb1a7a03d6eb34 |
| SHA512 | 2f7e2e53ba1cb9ff38e580da20d6004900494ff7b7ae0ced73c330fae95320cf0ab79278e7434272e469cb4ea2cbbd5198d2cd305dc4b75935e1ca686c6c7ff4 |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\200.ico
| MD5 | e043a9cb014d641a56f50f9d9ac9a1b9 |
| SHA1 | 61dc6aed3d0d1f3b8afe3d161410848c565247ed |
| SHA256 | 9dd7020d04753294c8fb694ac49f406de9adad45d8cdd43fefd99fec3659e946 |
| SHA512 | 4ae5df94fd590703b7a92f19703d733559d600a3885c65f146db04e8bbf6ead9ab5a1748d99c892e6bde63dd4e1592d6f06e02e4baf5e854c8ce6ea0cce1984f |
memory/1412-599-0x0000000000920000-0x0000000000923000-memory.dmp
memory/1412-598-0x0000000010000000-0x0000000010051000-memory.dmp
\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\Wow64.lmd
| MD5 | da1d0cd400e0b6ad6415fd4d90f69666 |
| SHA1 | de9083d2902906cacf57259cf581b1466400b799 |
| SHA256 | 7a79b049bdc3b6e4d101691888360f4f993098f3e3a8beefff4ac367430b1575 |
| SHA512 | f12f64670f158c2e846e78b7b5d191158268b45ecf3c288f02bbee15ae10c4a62e67fb3481da304ba99da2c68ac44d713a44a458ef359db329b6fef3d323382a |
\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRZip.lmd
| MD5 | dabd469bae99f6f2ada08cd2dd3139c3 |
| SHA1 | 6714e8be7937f7b1be5f7d9bef9cc9c6da0d9e9b |
| SHA256 | 89acf7a60e1d3f2bd7804c0cd65f8c90d52606d2a66906c8f31dce2e0ea66606 |
| SHA512 | 9c5fd1c8f00c78a6f4fd77b75efae892d1cb6baa2e71d89389c659d7c6f8b827b99cecadb0d56c690dd7b26849c6f237af9db3d1a52ae8531d67635b5eff5915 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 29f65ba8e88c063813cc50a4ea544e93 |
| SHA1 | 05a7040d5c127e68c25d81cc51271ffb8bef3568 |
| SHA256 | 1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184 |
| SHA512 | e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa |
C:\Users\Admin\AppData\Local\Temp\Tar23DE.tmp
| MD5 | 435a9ac180383f9fa094131b173a2f7b |
| SHA1 | 76944ea657a9db94f9a4bef38f88c46ed4166983 |
| SHA256 | 67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34 |
| SHA512 | 1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\BrowserInstaller.exe
| MD5 | 83a8f0546164c9ba1a248acedefd6e5d |
| SHA1 | 7652f353ed74015e7e78bc9f9e305a48d336b6d1 |
| SHA256 | e7c5072ec60d32022b3c818c527ad86f4985837a4f0e9fc6477f54ae86d9f1c9 |
| SHA512 | 111d11acdaef0036ff5cabeb16ed55bf4c681fa6eb3c006af450a0ebadae3e213a8f3abb0f4a9aecc8e893af7a79b4eb7f74a5fc3743e338c3e3136b5d7f9f2d |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG3.BMP
| MD5 | f5d6a81635291e408332cc01c565068f |
| SHA1 | 72fa5c8111e95cc7c5e97a09d1376f0619be111b |
| SHA256 | 4c85cdddd497ad81fedb090bc0f8d69b54106c226063fdc1795ada7d8dc74e26 |
| SHA512 | 33333761706c069d2c1396e85333f759549b1dfc94674abb612fd4e5336b1c4877844270a8126e833d0617e6780dd8a4fee2d380c16de8cbf475b23f9d512b5a |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG2.BMP
| MD5 | f35117734829b05cfceaa7e39b2b61fb |
| SHA1 | 342ae5f530dce669fedaca053bd15b47e755adc2 |
| SHA256 | 9c893fe1ab940ee4c2424aa9dd9972e7ad3198da670006263ecbbb5106d881e3 |
| SHA512 | 1805b376ab7aae87061e9b3f586e9fdef942bb32488b388856d8a96e15871238882928c75489994f9916a77e2c61c6f6629e37d1d872721d19a5d4de3e77f471 |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG1.BMP
| MD5 | 3adf5e8387c828f62f12d2dd59349d63 |
| SHA1 | bd065d74b7fa534e5bfb0fb8fb2ee1f188db9e3a |
| SHA256 | 1d7a67b1c0d620506ac76da1984449dfb9c35ffa080dc51e439ed45eecaa7ee0 |
| SHA512 | e4ceb68a0a7d211152d0009cc0ef9b11537cfa8911d6d773c465cea203122f1c83496e655c9654aabe2034161e132de8714f3751d2b448a6a87d5e0dd36625be |
C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe
| MD5 | 2dae3de14a845ea813402de06b365026 |
| SHA1 | b05af4568ce7b2fcc44cff52f8bbde93b98c71b7 |
| SHA256 | 3fc25f066ba624cb976d0212725ed6f8c5f036d859e30944f8235a73bc2cf3e2 |
| SHA512 | 7bf62dfc2ec5dcb5c5506333aafd700a4c3522982eaa1474c069c0c43fa643c2ae0d2e31c33067f1ff54ebb0ae2137cb53b794957005b3672c3da1895f91d9ed |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\IRIMG4.PNG
| MD5 | e90db569b60630c31581fb0ce2df9c55 |
| SHA1 | 7f1bc71940f580c79a43e94be3d379a46039f7a2 |
| SHA256 | 89214216b91f315878142066f3febe8573affdc661bac3660c10377e861fdfe9 |
| SHA512 | 5a0fce78f0f9d304fdfbc41bf40d9405c45436ba67aba93cbe32b840e769e809c3dbbb73f61b434c9faa69aee8dd82d4e7c2464aa2c7baab26862fd824e3968c |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\IRIMG3.PNG
| MD5 | 423967f5de5e38e936f1fe20f7e65e8d |
| SHA1 | 959069f5c157c5cdee86a55c9f7c4726e350a417 |
| SHA256 | 8dd76cdfd0239b409208a873c5b7e533149a6154b31c04194b36920c4dcff37b |
| SHA512 | d6590a8e7f5c6e30563b5433eebda5d5d26868562edc2c927360cd3a13e68f30b78f9041da4d20f40ad577fb7e4c1c107c206dfcb25702833c5466c7795087fc |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\IRIMG1.PNG
| MD5 | 959f2ffb5f3bf8e7aa4daac8fb95bf28 |
| SHA1 | 518a200b0d360ae76aa7caff799a5db2344a32ba |
| SHA256 | 3e951323e17e502de5b3d342924a576d51a05024a73657fdb8a8a9f07c0b59c8 |
| SHA512 | 9b67adb6aebd97ba552933b74b3acc0210822cc64ab9876fba7e648a826b53c93d9b9e30d616c33454233d2db09c3c1a202bfb15c99932399e08f09786a2b276 |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\IRIMG10.PNG
| MD5 | f48058f1c26ac266bf01960e271d1dc7 |
| SHA1 | d06afaeb6e73c7f0b88b45b60fda28200e62d39b |
| SHA256 | fc9e01e0b4d11cee2696d6d51729284d775bbce53bdb0a0f3bd376f10b145a23 |
| SHA512 | 82904ba2c918506b94d4ca66a99ffabee3120005afc6be5e37a651444a66710bc5b922ccf1dd214c958f7a59da50084d14ad9d011de39c5257c0463c7540b3e0 |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\IRIMG13.PNG
| MD5 | 852f2a89033362ca1418da6298630760 |
| SHA1 | 24c45b20e2284842928b54c04e7826b1d8a1dafe |
| SHA256 | 0cfe4a342e9abf08cb0577239fa859194082ca4ce17f0d15b6087cc875f987bd |
| SHA512 | ede225ebcd7fafcb25c34abf4a4e7a90be1df1730b987d0dc4ae571c4e7f08bfe81e3880e484c248670a2d5f0c547f6c4df80f59d8e8d9a250d9831d9e74556d |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\uninstall.xml
| MD5 | 054aecf886611935c82cb961eb3ac31c |
| SHA1 | 7c79d08bd6cbaa60db2a645ebe542f670dd18fd9 |
| SHA256 | d92b458492dc534ee4d0ba3c24166164b14955c45329401885f64a2fb8e6ecb3 |
| SHA512 | 0b82aceaec2a2a6528b22639d924cf1b21b5cb43f3a78026c020bed4e170398a5382951c1d043a2b976915aeca6f6f9ddfdc2a1d2ba143c7203b8eaa9f29b656 |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\uninstall.xml
| MD5 | 1fc45990c71b60e843c44ca7403bde85 |
| SHA1 | e3739b136360a4caa92fe0698dffc4d654b6fcb0 |
| SHA256 | 85c436b43e53d2e47730925ce502bd158e36909526f1fa2dcb657113345deea3 |
| SHA512 | 8ede4f5b64808f15f71a36ed43f357608163759c777d73dbe91c903c8461be8b620b9ea8d4bf1c947b05203ff46a19b7455624adb8b6da8a0f34a7c6107462ba |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG9.PNG
| MD5 | c1fddde8d0f33b9aae08f34d2a3f5202 |
| SHA1 | 3ce3d305b1ec3ee2f2d8346a67be410c59aa38c6 |
| SHA256 | 9d588ed0ca63dc9475e602ce8a5a51ea527b1f4dd8c5f4376cd0fc7038cf3174 |
| SHA512 | 2d33e9133ac1c857aca5dc43af45af14fdd6b46b2103fdb45865e72ccc07a198a33a87a72ef97db9ff40563b446cc22a8828403c852b3709a1a9cfbafd2edb7e |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG14.PNG
| MD5 | ad0f62646ec79e11f88d672609f4f796 |
| SHA1 | 53bbd348d7aea9a1fbf736167dbd1df3e1f92946 |
| SHA256 | 72add1e28bf7b31746d84fbb7d36119e4a7af7d0da7c682fe767d6fdc51e6a44 |
| SHA512 | 39e7f06053c6e7c44042c7fded82e10212d77b0a15e8d5488be94412acf2c56825775f5d634e29b229af4171ec9e2ad2c6160d7b6ca39d0ffa4784a343470dfd |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG15.PNG
| MD5 | d403eb7fbc203d21fc399f4cef18508a |
| SHA1 | 5db578f74e412038a446ef23e067514919d25f54 |
| SHA256 | 46eb5c27cca4d0fb3fcb59c71cdc8dfc8e90a5932f79118fa9bbf585f5ff0fa3 |
| SHA512 | 0e0e228313d81f855781de544d867801ca2a8adc1d6c8a6819b6717db672ee181c665da01b88003b130cb36412f321b13a1fd8e50384d939a0f1439a95a92874 |
memory/1412-1250-0x0000000010000000-0x0000000010051000-memory.dmp
memory/1412-1249-0x00000000000F0000-0x00000000004D9000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG17.PNG
| MD5 | daf480f723b23d6cfdc9141c80c788ff |
| SHA1 | 437e589c8eb2b32e33a2b80f5d3db9607dec48d0 |
| SHA256 | 03a60271f823e4cb91e8a61d72b317e0ed0c569102bf928bdb8ced75a9b4d89a |
| SHA512 | b41642ea30721a37b5ce78f8ad920be7ea374d220f2308918b88f8555272cb37bd0696b07103bbf79e8736d5dbd24fbe0b8ba2c13f19328c3b610022ac7aa24d |
memory/1412-1828-0x00000000000F0000-0x00000000004D9000-memory.dmp
\??\pipe\crashpad_3692_UDOPBZAANDXDXMLH
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp
| MD5 | 18e723571b00fb1694a3bad6c78e4054 |
| SHA1 | afcc0ef32d46fe59e0483f9a3c891d3034d12f32 |
| SHA256 | 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa |
| SHA512 | 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\4d4f652e-553a-476f-9c07-549fa2bac310.tmp
| MD5 | fc9dc93bc1bd257ac6569813cd869379 |
| SHA1 | 9b7566cfa4e184b00f1c17dc855985119768e985 |
| SHA256 | ea41e9966e8c0aab34449e711e56c22a16a006693a2217dcd8e3d163e0fc1e90 |
| SHA512 | 69c5f5a975a584465f412e9c9e7730d3825f45597e2e297f442f66c103336800ba62c4d20d23d12c912d5e3199d7c4133be3ab082449049554344a59d716772c |
memory/2964-1974-0x0000000000400000-0x0000000000417000-memory.dmp
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fea6a00e0ce0a4b38d3f85f3271320c1 |
| SHA1 | f4b044e30d182015b33b35b49de4b625e46edfa7 |
| SHA256 | 54f2ce7c3d38b8f92dfb55b9ca79307808fe6a6c7f2e727a8e88a2d027e9d866 |
| SHA512 | 04514bffca9fd2f17d17c96037da2b101d84c64e786ec7d00fc03fc35b2b6d6200aacef73a84c3f35714cc6ec1c031b12188b0af60d5c94b895f027d7564867e |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RYNL6UIN\jre-8u51-windows-x64.exe.l5gqhyo.partial
| MD5 | b9919195f61824f980f4a088d7447a11 |
| SHA1 | 447fd1f59219282ec5d2f7a179ac12cc072171c3 |
| SHA256 | 3895872bc4cdfb7693c227a435cf6740f968e4fa6ce0f7449e6a074e3e3a0f01 |
| SHA512 | d9f4e268531bd48f6b6aa4325024921bca30ebfff3ae6af5c069146a3fc401c411bdeceb306ba01fbf3bcdc48e39a367e78a1f355dc3dd5f1df75a0d585a10c6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 782dcc9259610b5b6180252e3ed98a8c |
| SHA1 | 0a3f6149bb521679e3c4687f4efec89d367cfef6 |
| SHA256 | 181f6ae486826ed831c1a49c6407cf2f7dd26f2a1911f857d564bd75d6f67b9e |
| SHA512 | 8f68eff416abadc0235386d0303f875725edb0010f63f7475de024f3b1d8d195066cb2a840eeecfffac7f1d350cc212e218f4a8643cea30f8cceef48edc76032 |
C:\Users\Admin\AppData\Local\Temp\jusched.log
| MD5 | 6e6048e2bf2207262457774cc3490169 |
| SHA1 | 6cac45394b1ab427b795615185e962e8ac929ca4 |
| SHA256 | 7faf987a33a0e659ed4b41ceea9b49291329aa59509f1046da0b0af35026af15 |
| SHA512 | 5d3d2f2d278ff78fc41d894d733a98f49f0ced5fb30956375f3bf7e98512fdc2ba94b9e5d8fc26dc20ca2194d2331783a41a165c7f5f55627b52c48919e52bd2 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\HO65QB61.txt
| MD5 | ef70c488f2107068fd4e2fa24627e3c6 |
| SHA1 | 3a92b98d3385c2fba23a73e9fcd1fe0df517d2b1 |
| SHA256 | 5de035f5d0f2e0dcd9611a522037479eec3fd980b40ab475448c91df9442c18c |
| SHA512 | 308f34ef1419c3b96df6ecb59e9e8f8a1d755f77aaf72d44f9d05cbcdd990b111df2876abd9067a32feb53fcabd2fea7e0f948548a61546e4be16679e6493113 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
| MD5 | 5a1b7dc69422517f419c1d346f0e8ca7 |
| SHA1 | 176b927a09c0a65a73eef2250773ea6fe87ca092 |
| SHA256 | 54a22bcde4bb6d75f00df67ae39634046a30e9787a1c28b2c0d6363b85b27028 |
| SHA512 | 7e28633267fa355bb62660f354ca2cd9f5ab9bd56f952cf4d230121182f62dd5c3939dd92902b06609f1058f7ed7b050bff07355840df9433b3efff14814719c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
| MD5 | f5a5b44b5847ec076ad924d86e92414b |
| SHA1 | e0b4f04e0f903101dbe7bc8bb77f053011054c09 |
| SHA256 | 179810fb366f9cba1487abecea08be3773010820447b49a74b518bd8433315cc |
| SHA512 | f9f2732bd1eb03c001ecdacb419cfdc1d5db98eb83c948e9c5fb08cceb51bae3fa08ff2cd94e7ce1a79dbb42a2c53c21f1523f68c6f0b772567a37ce02ab3c54 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 67017a196fb1bc3e905c6cf6af070865 |
| SHA1 | 558d44fc71b9ed5a5b30d5531f02ff61519f3d45 |
| SHA256 | 752e24d00dba5b7f661290e840efa8c508ab0e03e24fcb922356d1def5f34863 |
| SHA512 | 0eecf013503a0241ceece6e695c9c2a566038db06c7c94ed74b7c318588cc29ba4ea332aa9d0d86f825c14c21ccc657ed13702d8cb6a5d73b8af5139f7fd0598 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 844007ffe75b017d8d706d96caab446b |
| SHA1 | eda43c35e5e76f8b6694a685f09c49eb8283b5f3 |
| SHA256 | 9d87ac01b1997cbdbc9d39598f71f30d1658dbb72892b2c73037d4e1de03de20 |
| SHA512 | 276746b8d106ee4a1513824ce148c264983c5e9ed0eb22723fa14c4dfea9775c17a4c5ece6be9376d5c9fa65ec67f7c0897b8e939b75287629ccd195921d1286 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ff7cdfd8a4d521081794fb7637b61729 |
| SHA1 | 8f3f22047bcf4d812a78fcbc0b565990d985ada8 |
| SHA256 | 29b4cec6f8606bf72258d948c4a25ce3bad9f0944fe9010b908d20fe7c47055e |
| SHA512 | 6590d35d2a0759c7c116f1c5c19655738d2743dfac75f10ad52405b49d552e0d515f8411034949728403c0b51f757e2139421a3088ffdef7a6e6cf167d476fbd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 77c8cabf09c5400ef181b88348a77358 |
| SHA1 | 1ed7fb8b0d7e6d20147b0fdff2427f395161f978 |
| SHA256 | b9b04bafdebd72a3ed1db82d35df7c9d46666308376071d0dd5f0cb02a6c5432 |
| SHA512 | 850f434770935005247d0294efaced1682f389a56fc2de1eb8d7afa4fd6338902e6f0858a8cfbbb62ba2ba3cd5572103bde925bee42ef628cbebebf34ea4c8d7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1b10aac0765a56612889e6a719eed4f6 |
| SHA1 | 27939b913138ad83c0db113c765913b94ea466ba |
| SHA256 | a05594d188de3743b917176af6548cec2e846ae351d5520d6c8973d475ca11f4 |
| SHA512 | c0a2a43ea7c7783b7ebc49de7671abac66ca152e7920e14177d41509251eb381d657fa6c8fd7506490eda05572cab685ec1045eb4a9257096153270dc5c27582 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d08dd6c77d7d3329967c3402203880ab |
| SHA1 | 3d24beda9b7306bab4e3184167d99fbd5a54a234 |
| SHA256 | 1d1cec13a7ac2ffe0238bf09008c2dfd409c511c70a2a0c257dbeda09ee5d8c2 |
| SHA512 | 4c84d778fc3c67b804b55a35566d1dff871478e77057429d2dc75569f432e3ab581c31daf7a1873f0ee12e3cbb36c0c6228944de5b5e81999e5c61e9eb6939e8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f098fc959227a7bd8813dd6bf1777858 |
| SHA1 | d4db9fde5638506a14efb835896b09843cca6f49 |
| SHA256 | ec293be0970952831f96fea66e1fc0abfd0e3bc40cf45d5a6039186690acd22e |
| SHA512 | bcbbbd56595fd9747b4f69f8fb2193925f8e72a4045cb532b2a6334a005a409b5872f53f742f775557d1d9700533f09dffc7c28ac63a3b934f6270d04504dff6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | dcbe0403d8c2a5fa265bf8298201f234 |
| SHA1 | a1386b15d214fc81a3d9d18bdb42ea33ea85c009 |
| SHA256 | 77aa6ffedc8bf0f1b0727c9c1d6610dbace729fa9ea97ec50b444c6bcbbcbce8 |
| SHA512 | 2fc78b6389b0c821445622b560b14d15d19c10384c32a0a462bc49d2d634709da1ed8c15caef70505d28de5a3fb589415a176eeffc751ace95b0ab6ed1afed20 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0cbbeeef93d8daf06edf3d0679016e4e |
| SHA1 | 5215dbc98bd34881aae17fec1f096904147568b3 |
| SHA256 | 467d23221ae0f6bb0aae56a580b9f1caa1fbc296ce4e9d881a24bc35563cff2a |
| SHA512 | 53fa070f5eca6dddc09daf12d47adcb35aa15bcf64e1f3b0d8428c10d6fc49c5f5c10d0fe4e4840501d5d13b7bf0b68d6adfb0a61aa81253d53c751c550a1dac |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0db5d4757b1086bfbaf9705754d4cc0b |
| SHA1 | 5d55a45939f085d7054a6d76c854ebad32e0a267 |
| SHA256 | 1ee4078e750c443c29345057d63fd5b4c9df24f521d51d1fed0a8a150f16b9a5 |
| SHA512 | 77cac30cda2d137bd8d2b258f3ea6069db9c2571e5a844c131400a03056b3111d2e0277b8f20c1fb22d07d8e121d70a5c405e9cee8bd55504b157ce077069ab1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 659600df081c0191139b0cf1dd1bcc7c |
| SHA1 | 3152882e566203a90fd092a1cacb5722c8b4362e |
| SHA256 | 1b5a72737267e179f1f7b81a96edf2cb303a915e06645b691c7dc0a0589d7d01 |
| SHA512 | 52777b8da52ffb6e5749f60709f730310cd9ab917489d2b83da75bbb23693947cd517d86e5c4b6665bec6d95a89a43dc2fc8d033558ca544c848b23678aba217 |
C:\Users\Admin\AppData\LocalLow\Sun\Java\jre1.8.0_51_x64\jre1.8.0_51.msi
| MD5 | 1ef598379ff589e452e9fc7f93563740 |
| SHA1 | 82ad65425fa627176592ed5e55c0093e685bfeef |
| SHA256 | d4bdc230eaebefe5a9aa3d9127d12ac09d050bf51771f0c78a6a9d79a1f9dbf2 |
| SHA512 | 673f4b08fc25e09e582f5f7e01b2369e361f6a5b480f0aa2f1d5991f10076ba8a9d6b1f2227979b514acc458b4fdc254fc3c14173db7e38b50793174d4697f23 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_6043FC604A395E1485AF7AC16D16B7CE
| MD5 | 3fd837816b618bae6d643e944b273abf |
| SHA1 | 10736f1b25b41c9b253ad73c97caa5bb016f81fc |
| SHA256 | 70c5e3ec7571f27c0f19203be006e0965259629d11744b6787bebe530bc7bf6b |
| SHA512 | feb2971071d9433e7d7bc0e8a983427e9253440268c12428861e82467731262bf9bf51b41b0fb920e35421c59a33ba29a4cc8185c01df4260ce6754f6ae2104a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\40C68D5626484A90937F0752C8B950AB
| MD5 | 1d4cf94e4a56567e377bb752277b6bbe |
| SHA1 | ab8ea195c7c45adcb2e4be1f7590eb7836ea445f |
| SHA256 | ff8e7ca5e4ac0d75c76a956b91959c37f2b217580b3a2a9eaba589bea84e4f04 |
| SHA512 | 609c76d19d9b41ddc68d5850dd2b4152af24b6f11ee973b1f0339336a5cfecd695180cccd121f1ee99068b24cd50f5f1ddbd6d86f9320304cadf2266d9751c9c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EA618097E393409AFA316F0F87E2C202_1E65FD33F74047223AF4D58CBFD34BCE
| MD5 | ccde5242b05410fc389ef55055aef628 |
| SHA1 | 1cf2823683e06612009f39bf6579c1d9f781cd22 |
| SHA256 | bf5c6c21f7360904039a89d7d0f45f19229df0409ec8d73f5f510016bbab53ca |
| SHA512 | fa17b282526a19fd27da18ed479fcea82149e85b5eb220e75d80612b75cc3bd4543e61451443f46c77c306d7ab4f05acb15ec6700c4875fde9addcc142a72998 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EA618097E393409AFA316F0F87E2C202_1E65FD33F74047223AF4D58CBFD34BCE
| MD5 | 0c88ba76b6242141106911a19e9e5d87 |
| SHA1 | d217fd96c68d007802f52d7e7d3dc994bb0d5155 |
| SHA256 | b64adf0ec421adb9e45d7b13c550b104f33a7662a9c66e435bb73f799b5b261c |
| SHA512 | 739d3376ca0773694a7c18589c88388a3f02bb6921b9cc508ee3fec25a356ffdd4cc37b8e9701a470337afb489cc28cb275a6a37c2d6df0cbad00d267f842a35 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 24aac891f6895e7355e53d68b77396ea |
| SHA1 | eaaf4ab2a85c10042cd8b8647778b575c6390402 |
| SHA256 | a98886983d16bf90274efe23f9fc00bc75d3fe77e943a39c8bb3f515c6ca93c6 |
| SHA512 | c374ca5b06dab72da9c37e28213755b9340668d0301bf2c31a68e7f4a015c45788694ffee1c36b84d3cbc08726b3bdd4a5d4685d8dabdf1d2e3b31633b10586c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\40C68D5626484A90937F0752C8B950AB
| MD5 | cbed24fd2b55aea95367efca5ee889de |
| SHA1 | 946f48b5c344fd57113845cd483fed5fb9fa3e54 |
| SHA256 | 1dc8a0fcbe260b77adfe5ad9aaac543239b2a0d9f4e1f3c2657beee4376ffee4 |
| SHA512 | c504a11ea576f8ce14de26a0617e22e71e14db0f1dadefc187ce94e4a35a83743c743824e3629899c262aae4772bb86a0ee5bb643db20645483f0c376215ec6b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_6043FC604A395E1485AF7AC16D16B7CE
| MD5 | 5bfa51f3a417b98e7443eca90fc94703 |
| SHA1 | 8c015d80b8a23f780bdd215dc842b0f5551f63bd |
| SHA256 | bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128 |
| SHA512 | 4cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399 |
C:\Users\Admin\AppData\Local\Temp\jusched.log
| MD5 | e3a0c52e661d56fc2e10bb74ac8431b0 |
| SHA1 | 431a13824c678e04fa446a68660faf5b4e5be7b7 |
| SHA256 | 13c16ce06e06bef17f0aed8260fa95e95159cef7f0888fe0e788690406214d8b |
| SHA512 | f1d87aa34749d122f83f7a13c72d35ed220dca2e241ef5ac84caa8d1cd1bd287435fd2332a620f5574bd7c3bfa57ec9b3f14be2e6d2ec51cd5a230c66b2ff466 |
C:\ProgramData\Oracle\Java\installcache_x64\bspatch.exe
| MD5 | 2e7543a4deec9620c101771ca9b45d85 |
| SHA1 | fa33f3098c511a1192111f0b29a09064a7568029 |
| SHA256 | 32a4664e367a5c6bc7316d2213e60086d2813c21db3d407350e4aca61c1b16a1 |
| SHA512 | 8a69acae37d34930ed1b37a48012f4c1b214eacb18e46c7adc54aaa720b75c17ac0512206e7c7a72669c9f53e393b13ef9b7783f02482f19ea756c1022580f0d |
memory/2080-2698-0x0000000000400000-0x0000000000417000-memory.dmp
memory/2080-2702-0x0000000000230000-0x0000000000247000-memory.dmp
memory/2080-2703-0x0000000000230000-0x0000000000247000-memory.dmp
C:\ProgramData\Oracle\Java\installcache_x64\diff
| MD5 | d417682702b140d7131851bae877f046 |
| SHA1 | aa78da727e8a62c839a9bb6f7a93b48d3a04be70 |
| SHA256 | 3b3657c83e4f588f0e759cd46e99309cece2ebb54af2c377f9dc087ec764fda8 |
| SHA512 | 9e107b7f61e42410807aa1e6761ac7adce412846f69ae8e2e21b147e39d1a95d41367e21624381750eb11c77322206c4d869a477e5442e8323405c85854c03cd |
memory/2080-2707-0x0000000000400000-0x0000000000417000-memory.dmp
\Program Files\Java\jre1.8.0_51\bin\unpack200.exe
| MD5 | 5b071854133d3eb6848a301a2a75c9b2 |
| SHA1 | ffa1045c55b039760aa2632a227012bb359d764f |
| SHA256 | cc8d67216b1e04d7a41bf62f9c1088cd65a3d21796c5a562851e841b3afa28cf |
| SHA512 | f9858ec0a1bfb7540512ede3756653d094ff9fe258d13a8431599280db945e8d9ea94c57595c6a21aa4fbfcd733eea9b887bfcf87e84279a7e632db55380920c |
C:\Program Files\Java\jre1.8.0_51\bin\MSVCR100.dll
| MD5 | df3ca8d16bded6a54977b30e66864d33 |
| SHA1 | b7b9349b33230c5b80886f5c1f0a42848661c883 |
| SHA256 | 1d1a1ae540ba132f998d60d3622f0297b6e86ae399332c3b47462d7c0f560a36 |
| SHA512 | 951b2f67c2f2ef1cfcd4b43bd3ee0e486cdba7d04b4ea7259df0e4b3112e360aefb8dcd058becccacd99aca7f56d4f9bd211075bd16b28c2661d562e50b423f0 |
C:\Program Files\Java\jre1.8.0_51\lib\deploy.pack
| MD5 | 5cfc3a1b269312f7a2d2f1d7c0497819 |
| SHA1 | d048284db9ce7103156f8bbce988b4d9978786b7 |
| SHA256 | 80ba80d2a6c20deef6e2f3973337e15e22eec30508899ae998bf191ba725db26 |
| SHA512 | 8735af7c8bc5b48aac42120326a5dee21f98512ba31c57c77b6fc3906b7b1b98e5f22f57a31f26dc3e16abe63a6f15ef2e115c7fc17bbab35e846dc373da9c6b |
C:\Program Files\Java\jre1.8.0_51\lib\javaws.pack
| MD5 | 5a83bc9b3e4a7e960fd757f3ad7cd263 |
| SHA1 | f5f308aec7e93accb5d6714c178b8bf0840fb38d |
| SHA256 | 0a95ab97c85e534b72a369b3ee75200f8075cb14e6f226196b18fd43e6ba42f5 |
| SHA512 | b8e554bbf036d0500686e878597ffdefa8bcd091ab6533eae76fa04eda310cec7cac89b71911f1f81012f499c7bec890ac9032685945f7e5e6b68f7ad3f7430c |
C:\Program Files\Java\jre1.8.0_51\lib\plugin.pack
| MD5 | 538777ddaa33641aa2c17b8f71eed307 |
| SHA1 | ac7b5fdba952ce65b5a85578f2a81b37daed0948 |
| SHA256 | 9948b1c18d71a790e7b5a82d773fea95d25ab67109843a3f3888f3f0ac9d1135 |
| SHA512 | 7a5877e0eaef6424ea473a203184fedb902cd9d47df5d95d6f617ca4efa1162f0ffd418e9bc6b7492f938cb33fc6384907237487d6ad4f6d0d2d962402529d8b |
memory/2504-2961-0x0000000000440000-0x0000000000441000-memory.dmp
C:\Program Files\Java\jre1.8.0_51\bin\javacpl.exe
| MD5 | f49218872d803801934638f44274000d |
| SHA1 | 871d70960ff7db8c6d11fad68d0a325d7fc540f1 |
| SHA256 | bb80d933bf5c60ee911dc22fcc7d715e4461bc72fd2061da1c74d270c1f73528 |
| SHA512 | 94432d6bc93aad68ea99c52a9bcb8350f769f3ac8b823ba298c20ff39e8fa3b533ef31e55afeb12e839fd20cf33c9d74642ce922e2805ca7323c88a4f06d986d |
C:\Program Files\Java\jre1.8.0_51\bin\javaws.exe
| MD5 | 5ed6faed0b5fe8a02bb78c93c422f948 |
| SHA1 | 823ed6c635bd7851ccef43cbe23518267327ae9a |
| SHA256 | 60f2898c91ef0f253b61d8325d2d22b2baba1a4a4e1b67d47a40ffac511e95a5 |
| SHA512 | 5a8470567f234d46e88740e4f0b417e616a54b58c95d13c700013988f30044a822acfef216770181314fa83183a12044e9e13e6257df99e7646df9a047244c92 |
C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npdeployJava1.dll
| MD5 | cb63e262f0850bd8c3e282d6cd5493db |
| SHA1 | aca74def7a2cd033f18fc938ceb2feef2de8cb8c |
| SHA256 | b3c10bf5498457a76bba3b413d0c54b03a4915e5df72576f976e1ad6d2450012 |
| SHA512 | 8e3ad8c193a5b4ab22292893931dc6c8acd1f255825366fdd7390f3d8b71c5a51793103aeacecfb4c92565b559f37aec25f8b09abb8289b2012a79b0c5e8cb3b |
memory/3360-3040-0x0000000000230000-0x0000000000231000-memory.dmp
memory/3472-3052-0x0000000000340000-0x000000000034A000-memory.dmp
memory/3472-3053-0x0000000000340000-0x000000000034A000-memory.dmp
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\deployment.properties
| MD5 | b79fde6ec124b327c60be68e682ed8ac |
| SHA1 | 837b0ab96346c89d8b1bfcbeb3acfc6fdfef6864 |
| SHA256 | 78d3f79d99e421d4f23adcf605ae073fd9b684870a1f3bf95095ef4e258f9212 |
| SHA512 | 1152c2250684571e6dacd0acafc1f2776572613fd328de65e740c7be2d3d50bd753d6e1972c8340563eb9bef001d06f650554988e56c4df76f653dff19b721e5 |
memory/3472-3083-0x0000000000230000-0x0000000000231000-memory.dmp
memory/3472-3089-0x0000000000230000-0x0000000000231000-memory.dmp
memory/884-3098-0x0000000000480000-0x000000000048A000-memory.dmp
memory/884-3099-0x0000000000480000-0x000000000048A000-memory.dmp
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\deployment.properties
| MD5 | 5434bcb04b60feb8a3e1134338be3377 |
| SHA1 | f057b42ef9ba2deaf3f6b9e21331666e561366c8 |
| SHA256 | 547789f83696d7adebd44cf322e79cfd1924030674d05324722fad1eb7211c63 |
| SHA512 | 27fac9143ca6052bb19b726d66b0b0d000864b188b1f90a0757f052fd8acdc55959ac1a05a41fead12c183e4dc560dd20ae45fd39d740c0f3c883dfeb5856077 |
memory/884-3131-0x0000000000430000-0x0000000000431000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\~DF50417E8A9C6ACFB7.TMP
| MD5 | d48a50e008ac617c04e7e4390a88472b |
| SHA1 | 84fc23d1d3aa50934614ad3d69348b896c509b43 |
| SHA256 | 08d4ac7fcf24731e9286a3f2bf73e41c2514580e237368376ca8cb84b6647e77 |
| SHA512 | d6343af06390bee735526b051d0073be0e44ff77c9c80cff4ef0ba32b9533f3e9fda1363281a4fe507b0d8651a3f7a4d4f049ad1377891af1768d479e58d5e09 |
memory/884-3142-0x0000000000430000-0x0000000000431000-memory.dmp
memory/884-3143-0x0000000000430000-0x0000000000431000-memory.dmp
C:\Config.Msi\f77f27e.rbs
| MD5 | 3ed139e4950a3bb2a15a94eff6b31905 |
| SHA1 | eff482af49fde7d59229dd04b6503cd90d82a5c0 |
| SHA256 | 1d2b4d1e30ee976e586ed2b85c5c0f22abbae134e9f316ba7c6485104bd59f45 |
| SHA512 | 5f9689e4343c43de63fffc99879585b8d4b1a54a3408bd0e3315577670ad6490faeecf004dab1d12705741485acb7b3f7780035b9354c490a0b8d2d0dfd7901b |
memory/1540-3188-0x0000000000130000-0x0000000000131000-memory.dmp
memory/1540-3191-0x0000000000130000-0x0000000000131000-memory.dmp
memory/2720-3208-0x0000000000430000-0x0000000000431000-memory.dmp
memory/2720-3210-0x0000000000430000-0x0000000000431000-memory.dmp
C:\Windows\Installer\f77f285.msi
| MD5 | 4afca17a0a4d54c04b8c3af40fb2a775 |
| SHA1 | 96934a0657f09b25640b6ad18f26af6bd928d62f |
| SHA256 | b15d3a450b7b3e5ce3194ab9e518796cc5f164c3e28762ffe36966990dcd2fe8 |
| SHA512 | ee76f5fcfdd9c1202fd5abdc2bbde8fb2543cee83265f6d2fb5458d1a086152ff6bdd4bf62a88150d325ea282bd2ecd66dd5f127bdd847cfa69cdb88985a8305 |
C:\Config.Msi\f77f284.rbs
| MD5 | d99aebb4507c770fac0ce31ec5273438 |
| SHA1 | 07871d4f474d676873feacdfc6fdc463fc97772d |
| SHA256 | 5f5e6e72e42083bdd7093b4672a023276f11028fd5f0732b85a1f6846749e963 |
| SHA512 | 26782deb69cc4be1ef0c77e0e28eb2c26b1592f9333ded18f75c43d06cbf150f0e6fb6d7cfccd169b32786855360ed97cc037390e152d79395b0636087254d4a |
memory/3928-3277-0x0000000000400000-0x0000000000417000-memory.dmp
memory/3980-3287-0x0000000000230000-0x0000000000231000-memory.dmp
memory/3980-3300-0x0000000000270000-0x000000000027A000-memory.dmp
memory/3980-3299-0x0000000000270000-0x000000000027A000-memory.dmp
memory/3980-3302-0x0000000000230000-0x0000000000231000-memory.dmp
memory/3980-3321-0x0000000000230000-0x0000000000231000-memory.dmp
memory/3980-3345-0x0000000000230000-0x0000000000231000-memory.dmp
memory/3980-3364-0x0000000000230000-0x0000000000231000-memory.dmp
memory/3980-3372-0x0000000000230000-0x0000000000231000-memory.dmp
memory/3980-3380-0x0000000000230000-0x0000000000231000-memory.dmp
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\cache\https_repo.fastrepo.org\tlauncher-sources\prod\release\tlauncher\appConfig.json
| MD5 | a9bd1871a6a69e12bb017e1375b0a659 |
| SHA1 | 0cc4c515fea150c982d02fa73acf73cfa68810e7 |
| SHA256 | f725e50dc4377a28b06589b028cd3cff58845d5ed882b22b17129c4413f8b9b3 |
| SHA512 | 0595d54b19805f57a1b09a492c90c4c9f655d6a501179966b1a282b0aec90b27eeba634ee4a54fb9982f80ae046e6feb2b3e2097f14a0a3e051e80c162a83bd6 |
memory/3980-3393-0x0000000000230000-0x0000000000231000-memory.dmp
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\cache\https_repo.fastrepo.org\tlauncher-sources\prod\release\tlauncher\2.923\dependencies.json
| MD5 | 24817047786540dd5d8cbfb94132c84d |
| SHA1 | ff45f1ae7748fab985e0580c5746b0327a4b59ac |
| SHA256 | a5584b00241e6aa455dce9c0d584d61f8350a7bc07a4137e9289e23f46878721 |
| SHA512 | 6e048803859517d052d88d8c96c382d481620c1d930e219051264cb2c4d096b5b68d8e8e66ba2244ef7343df99f120600f8763f67bcf060c3132743eca7934ef |
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\cache\https_repo.fastrepo.org\tlauncher-sources\prod\release\tlauncher\2.923\resources.json
| MD5 | 8ab0113596cd48af76657e53d5d93e70 |
| SHA1 | 3ab4244668932e0396022372d8f311c62ce1b89b |
| SHA256 | b0a6157bb0f4da765f93d13ca167017144c5eb15955015b0b42f7d7c0b70599d |
| SHA512 | 55fb4d7ed644ae5e47ee376b00323199788baf596b493b4959ec4c88bdb37295ee59e34d3a7d4310fc9e35d776e1ae19fcead53c09d3a440dcfec8dc6736b170 |
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\cache\https_repo.fastrepo.org\tlauncher-sources\prod\release\tlauncher\javaConfig.json
| MD5 | e2cbea0a8a22b79e63558273dded5e6c |
| SHA1 | bfbbbba0679adcbcf9e079ed3c7c7a60cb0b2d61 |
| SHA256 | 10d0f3646be0a7d73942d7bdd1e55c4b8df0c34cad7ad15a9dc23b2932155007 |
| SHA512 | a6aa26ff49c911fb4705df1e8e434c72e206b20fdaae0abc529e2734f5db49c75da35c3d75769e0ac1b6795de540de4c7e1089b387217fc58f8b19b023064e5a |
memory/3980-3439-0x0000000000230000-0x0000000000231000-memory.dmp
memory/3980-3461-0x0000000000230000-0x0000000000231000-memory.dmp
memory/3980-3463-0x0000000000230000-0x0000000000231000-memory.dmp
memory/3980-3462-0x0000000000230000-0x0000000000231000-memory.dmp
memory/3980-3651-0x0000000000270000-0x000000000027A000-memory.dmp
memory/3980-3650-0x0000000000270000-0x000000000027A000-memory.dmp
memory/3980-4001-0x0000000000270000-0x0000000000272000-memory.dmp
memory/3592-4026-0x0000000000500000-0x000000000050A000-memory.dmp
memory/3592-4025-0x0000000000500000-0x000000000050A000-memory.dmp
memory/3592-4167-0x0000000000500000-0x000000000050A000-memory.dmp
memory/3592-4168-0x0000000000500000-0x000000000050A000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\imageio6532991709945709585.tmp
| MD5 | a439014382612e34b571515b64a71058 |
| SHA1 | 6b5e3070b27d66e5be4fa719c2adf662ddcf9323 |
| SHA256 | ab54464948dec30d9d13e624bd5e5d0d59ef641b9efdab4eb869fb255a54e357 |
| SHA512 | e33c7b8b7aaa6fd551057f8dca9bf84686ef97b6a6b3653a4bc64129faeb3385e70d7f5e366e4f6536d61bf9ba69d64ba6a155962cb8763680e7e00f30632654 |
C:\Users\Admin\AppData\Local\Temp\imageio6044076113569141162.tmp
| MD5 | 12010d9c529ad2ad3979c3a7e7ebb6d1 |
| SHA1 | 185800c92cbfc1ca6978a663f15aa8bf47b664e5 |
| SHA256 | 7e20b79a691e10fcd0d78f70723384a4a8d574310adc507d6babbe87ee4f9af5 |
| SHA512 | 4fe1890ed691f81c5716da565150a408beb1c7a91f1dda3e9f65f665dd6744c624de45fc4c22e09ef8c9e99c84d6c6d60a6c199bb1cbe93c70a7b2da3abda7d7 |
C:\Users\Admin\AppData\Local\Temp\imageio791085530646740427.tmp
| MD5 | 794eb92e3b9d16b375d8e07b08ba29a6 |
| SHA1 | 1e45467f771e3dc86de7c026d5239513db961367 |
| SHA256 | 3aa536e4a0eaf52249c31ad4c033cf59af476d71682d0a14656059220f6fd217 |
| SHA512 | 6a22fcc67788528fbe6cbe89eb166bde8d91dcf808f65cce948fdf040f22aba8b81d68e8e8beb987b8e5de554576678f5e7df9eeac0cd83454c20072fb396819 |
memory/1716-4361-0x0000000000280000-0x000000000028A000-memory.dmp
memory/1716-4362-0x0000000000280000-0x000000000028A000-memory.dmp
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\legal\java.logging\COPYRIGHT
| MD5 | 4586c3797f538d41b7b2e30e8afebbc9 |
| SHA1 | 3419ebac878fa53a9f0ff1617045ddaafb43dce0 |
| SHA256 | 7afb3a2dc57cb16223dddc970e0b464311e5311484c793abf9327a19ef629018 |
| SHA512 | f2c722ae80d2c0dcdb30a6993864eb90b85be5311261012d4585c6595579582d1b37323613f5417d189adcd096fa948e0378c1e6c59761bf94d65c0a5c2f2fd3 |
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\legal\java.logging\LICENSE
| MD5 | 16989bab922811e28b64ac30449a5d05 |
| SHA1 | 51ab20e8c19ee570bf6c496ec7346b7cf17bd04a |
| SHA256 | 86e0516b888276a492b19f9a84f5a866ed36925fae1510b3a94a0b6213e69192 |
| SHA512 | 86571f127a6755a7339a9ed06e458c8dc5898e528de89e369a13c183711831af0646474986bae6573bc5155058d5f38348d6bfdeb3fd9318e98e0bf7916e6608 |
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\legal\javafx.web\ASSEMBLY_EXCEPTION
| MD5 | c62a00c3520dc7970a526025a5977c34 |
| SHA1 | f81a2bcb42ccbf898d92f59a4dc4b63fef6c2848 |
| SHA256 | a4b7ad48df36316ddd7d47fcecc1d7a2c59cbfe22728930220ef63517fd58cb0 |
| SHA512 | 60907d1910b6999b8210b450c6695b7cc35a0c50c25d6569cf8bb975a5967ca4e53f0985bee474b20379df88bb0891068347ecf3e9c42900ed19a1dcbc2d56ec |
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\legal\javafx.web\ADDITIONAL_LICENSE_INFO
| MD5 | 494903d6add168a732e73d7b0ba059a0 |
| SHA1 | f85c0fd9f8b04c4de25d85de56d4db11881e08ca |
| SHA256 | 0a256a7133bd2146482018ba6204a4ecc75836c139c8792da53536a9b67071d4 |
| SHA512 | b6e0968c9fd9464623bfa595bf47faf8f6bc1c55b09a415724c709ef8a3bcf8a954079cce1e0e6c91d34c607da2cecc2a6454d08c370a618fb9a4d7d9a078b24 |
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\legal\javafx.web\LICENSE
| MD5 | f815ea85f3b4676874e42320d4b8cfd7 |
| SHA1 | 3a2ddf103552fefe391f67263b393509eee3e807 |
| SHA256 | 01a4ebd2a3b2671d913582f1241a176a13e9be98f4e3d5f2f04813e122b88105 |
| SHA512 | ddf09f482536966ac17313179552a5efc1b230fa5f270ebde5df6adebf07ee911b9ef433dfbfcb4e5236922da390f44e355709ecaf390c741648dd2a17084950 |
memory/2548-5378-0x0000000001CB0000-0x0000000001CBA000-memory.dmp
memory/2548-5377-0x0000000001CB0000-0x0000000001CBA000-memory.dmp
memory/2468-5533-0x0000000002270000-0x000000000227A000-memory.dmp
memory/2468-5532-0x0000000002270000-0x000000000227A000-memory.dmp
memory/2468-5613-0x000000001ECE0000-0x000000001ECEA000-memory.dmp
memory/2468-5612-0x000000001ECE0000-0x000000001ECEA000-memory.dmp
memory/2468-5611-0x000000001ECE0000-0x000000001ECEA000-memory.dmp
memory/2468-5609-0x000000001ECE0000-0x000000001ECEA000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\+JXF14620177154701361972.tmp
| MD5 | 54a91b0619ccf9373d525109268219dc |
| SHA1 | 1d1d41fcadc571decb6444211b7993b99ce926e2 |
| SHA256 | b2efabca5ea4bc56eea829713706b5cd0788b82aca153bd4adde9b1573933b4f |
| SHA512 | 7f79ff3b42a672371814f42814aa5646328b1a314691d30ce09ffdc7a322adcb1af66625274f7fac024ca2f22a42b625001735711c430faef6e077e1f1d24887 |
C:\Users\Admin\AppData\Local\Temp\+JXF18101109512842254982.tmp
| MD5 | afa7a91dadd77b23634a0fdf18c148f3 |
| SHA1 | 6cbb57ba2355cf442e06899898ff5af55867103e |
| SHA256 | 9287925cae90ac480804094ff0876832065e2db116470da1f524d79ed9c18b70 |
| SHA512 | 84d123b67505522c256f4ff79c3822eabe2d63036023896e9854298ff39e050bef7894f6320ccf950592015760354683c4dbd19aa203d433a04a5d6bb28e8115 |
C:\Users\Admin\AppData\Local\Temp\+JXF10047163830868602816.tmp
| MD5 | 3f142e45b739c9129c9290e21290ab2b |
| SHA1 | 33e540e1a4acf20afc968fe3df3367135ba34992 |
| SHA256 | 8fb821bc49ab6aaa58e915763e92e9e4cc445af3d47309dd738e8e4b7a8271b9 |
| SHA512 | bd0bb654b238b6b870b9633ff2a31471d8e492aa3e3c6436bd4dc36c1f8332a739d9022bb56aff37fa5c756bbde5bf3c582daabc2db0135f6f6460c7f6f755a6 |
C:\Users\Admin\AppData\Local\Temp\+JXF1410142456383733954.tmp
| MD5 | ec5d243a9958b3858b5a71fb9a690da7 |
| SHA1 | d80b02c91addef2ef58136d1a7df0189f453388c |
| SHA256 | a4ece920f221b78d43b550d615c5934db162b64a331ffa663a85199e74ef2e6b |
| SHA512 | 479512c6076249a63a822d307b3d8c65d44d19abfadc597f0293fedf2c4fbac2ba6f60ca98d2c1dbb638ad09f3eb1419b6ef391fb098c7d1b62237bce9d79931 |
C:\Users\Admin\AppData\Local\Temp\+JXF9934656631034570785.tmp
| MD5 | 4c41e856744eb797e9936359a6509287 |
| SHA1 | 0959e6f4dd535eb6fae388b6b9ac179dcf3afd76 |
| SHA256 | 83ff53f599acefc11f5cf63fd0516d4db72aacf7f0125a5f79c9ff222cbf9dd7 |
| SHA512 | 07ae284caa316315da74246c960198a7d549acf86f96cec550f41109fcd870a69ccac9818361657fb859e89d2bdc8398c7731c80d274d99a768102022a5f6e8b |
memory/1624-6037-0x0000000000300000-0x000000000030A000-memory.dmp
memory/1624-6036-0x0000000000300000-0x000000000030A000-memory.dmp
memory/1624-6035-0x0000000000300000-0x000000000030A000-memory.dmp
memory/1624-6038-0x00000000006F0000-0x000000000074C000-memory.dmp
memory/1624-6041-0x00000000006F0000-0x000000000074C000-memory.dmp
memory/1624-6040-0x00000000006F0000-0x000000000074C000-memory.dmp
memory/1624-6039-0x00000000006F0000-0x000000000074C000-memory.dmp
memory/2468-6042-0x0000000002270000-0x000000000227A000-memory.dmp
memory/2468-6043-0x0000000002270000-0x000000000227A000-memory.dmp
memory/1624-6044-0x0000000000730000-0x000000000075A000-memory.dmp
memory/1624-6045-0x0000000000730000-0x000000000075A000-memory.dmp
memory/2468-6046-0x000000001ECE0000-0x000000001ECEA000-memory.dmp
memory/2468-6047-0x000000001ECE0000-0x000000001ECEA000-memory.dmp
memory/2468-6049-0x000000001ECE0000-0x000000001ECEA000-memory.dmp
memory/2468-6048-0x000000001ECE0000-0x000000001ECEA000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 39e40b362bdc1e121c6c6a234cf5a7d0 |
| SHA1 | e7d46c8386bad51ab8b775c828ece711ef320302 |
| SHA256 | e593936454d92cdc9ca94e2ab9a6ad6fcce1b336d57adeb62c2ab0a23a938192 |
| SHA512 | b4250429c50a73e4d72e6f54008bb29cdd7bdd016096d9de8e4a6ee79a9cc2b9b39125b004e5d588633510615724ca4a11a96d32b540433927acdbb58e26b8d1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000010.dbtmp
| MD5 | 60e3f691077715586b918375dd23c6b0 |
| SHA1 | 476d3eab15649c40c6aebfb6ac2366db50283d1b |
| SHA256 | e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee |
| SHA512 | d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\000009.dbtmp
| MD5 | 979c29c2917bed63ccf520ece1d18cda |
| SHA1 | 65cd81cdce0be04c74222b54d0881d3fdfe4736c |
| SHA256 | b3524365a633ee6d1fa9953638d2867946c515218c497a5ec2dbef7dc44a7c53 |
| SHA512 | e38f694fd6ab9f678ae156528230d7a8bfb7b59a13b227f59f9c38ab5617db11ebb6be1276323a905d09c4066a3fe820cf58077ab48bf201f3c467a98516ee7a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 992ffb474d1eb50bb88dc0a9c7bb4b68 |
| SHA1 | c568df8b2fee1465ab6a242cf5fe4f10718a6c9f |
| SHA256 | c869d56ac385d3afa00264215d13af084ff857a915d7bf4d8133b4bea5ea700e |
| SHA512 | 2504775dff3cc7b6817a2818ce1c7b17e1d1824ca8c37c275503a3828e38060444352b7a1c0dc2fbabe9717a53ba69bda98b3bce0f01c5a8ffc43a0f1ee611c2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | bda28b9a89e3b04453668a57668c8818 |
| SHA1 | 2fa3c4ce4b9a6311df80e144a5649cb0aa5f143b |
| SHA256 | 89effbbf828bdb493dccf969a269f9dfcc012159eb597e3c5565d51a7d2a3046 |
| SHA512 | b69c6b2dbf103fc45425480b18729f32ad82acc2c4f7ab97278c5312d3ae533625baa1927892b81975c305147fbfc1cbe0c0ccb8ff15fe71dbb2ca8f861d1b03 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0b7b6b1dc3b0ad983419eeb923e07853 |
| SHA1 | 6b24e0ee0af69dc8cd050de63637cbd1fb439504 |
| SHA256 | 03bded02829f495d54766d678532e987331719b87fbbb7d082bb7fbc016b891c |
| SHA512 | fd8a6ee2dcf594c311f482eb58fa01194b814dd4745c6fb37d8101a031a87e3637d2109272052e46db2eb23fbbc2029901b9f9b1b5c5872c2aa8e025407b77db |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RYNL6UIN\4Kv5U5b1o3f[1].png
| MD5 | a81a5e7f71ae4153e6f888f1c92e5e11 |
| SHA1 | 39c3945c30abff65b372a7d8c691178ae9d9eee0 |
| SHA256 | 2bc7a47889c56ad49f1b8b97385d5a4d212e79bb8a9b30df0665a165f58b273e |
| SHA512 | 1df32349b33f6a6fcb1f8b6093abd737fa0638cdd6e3fd90a7e1852bd0e40bc2633cb4e13c4824fb948d1e012e5cb9eed0b038b121404865495d4e57e123db69 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f5369f42bf2dd1a8a31169c8ea41cb63 |
| SHA1 | ec4c7c9535fd649de30350bff9025f6b31c997d6 |
| SHA256 | 314c4528751f448e40aff88d23dc16dbaadf6b5b9eadc19bad6ea8638fbbfe1b |
| SHA512 | 69dfe7441b5485e639453ba7750a3398d706a108481abf771237c62ed5699cc3832ec76d8c562ed378b2630da67831244b924e9786fbf370a2a2030bf7dff2f6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 515aa4b231a7cdb0b62e0c02403b2bdf |
| SHA1 | 0ff4d3c775661dd69fab7a330a51cba387fb7386 |
| SHA256 | be6d6395989ef865c5787687433f65f7e3832dc9adb118df10eec1f3f4be649b |
| SHA512 | bb259c5859038666b8a68cc6bd274987fc73aef2cf247a34ee637f94c8ca300b9cdce855a5e76a39ac40ede81985cfab9f29a993ee71ddb49aa758c6f926f3c2 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RSAB58HZ\favicon[1].png
| MD5 | dff90d5c8faded63d31a2190773ecf7d |
| SHA1 | 83712e07e4db9e0957b436a6058b38467634f595 |
| SHA256 | b86b3b539eced4d4eb4b38a24cc23f8d27169bfad70e6f71910c8b6d3484d44f |
| SHA512 | 570beda1b741a45ee508b16361d9f102622b64d20ddfb62cf5ddb062187593438118b7d3e356ea3d9660b686994458b64ad1b930548dc6aed99ebacd1648778e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5eb5bd21f0dc5cafaa42cfd194c035d5 |
| SHA1 | 9725bc6c506773c6e05aa51cd2cb2bcfbab1aa58 |
| SHA256 | 07f24bacc32ce3f8af34baa655662edb724aefebd724ef2d5bd0571b9e96db7e |
| SHA512 | 19a2198a3863c2c2f53c4b52e0b79ca7d2f8f70de75456aa4979edbdc8f38c70558244fa37975736c3baf9e6b4e46da353acb87d92baad05b6703eb1de7c5616 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | caa18f27fa62f3222769ad5d6dd73636 |
| SHA1 | a33442b3f8f48658c52654982122dcc5ffbf6c60 |
| SHA256 | 96b91a18883d9a57681f1c7b7e4a7bc626e63ce16823f826341aab7173da4b3f |
| SHA512 | 02ab60f79a5e27a717b58bc2645bda924406f0bdd715fd8b4aa9632bbbb7e8f545fb3433a100290218b67d7709aad243e9bc6b9e9f68f5cdd6e97d25aa199325 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 899e4a2093079722ca9fdef159a22d6f |
| SHA1 | 35c46c9cc1e973b5b4dac5d5f32a2caf336683b2 |
| SHA256 | 4faa204c88e7e99a10ccbf9b22e0ddb9bf5421fd78abf45b3e483b9c8bcbb1f2 |
| SHA512 | 484942b4bcaf0fd841cc23faf5e4f89d29a1e13b12d50949ca9117217e044453179e3f09db27dbcc41c57b172f779a4c0b6fe6a69d5238e248caa5d930988bae |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f3d37712d0510751b6c67ac03bb116ec |
| SHA1 | 1a76268f623e9e9b0cf6f38c3a74a26acbfce17c |
| SHA256 | 1d4b2e39a9fd3182a307fd57915ce28316b617a105a0237933e57a5cc330633f |
| SHA512 | 1bdea7ac4a58ddd9b586d4b19720a1c8526c9d769da8be596dcdde12668c54b9632257744acc68830c5000dfa4afb1136f92b1ae1b98dc528ad266cfb26f4780 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 926d79a1ac6db9181a8a177bc733b596 |
| SHA1 | 73b7b5708edb45128464a9e4898ff6301b724df3 |
| SHA256 | 2543c7b4852dc1c98bc962855b10007651d0a56a56c6ff02d6b09ef3e94ae81a |
| SHA512 | 6c75ac15c5a4e6686b6cd51827a96cca63ab256d56dec69392e4acacb2b2259a40c73370322685f79544e46e804a532201f8ef2005822f6a1f1e408d7d75e846 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | 864f59bbb2c0cf11fcd0b837e3cb01d4 |
| SHA1 | 2fee1a24e49ea1699ec7186809edb4e15a731106 |
| SHA256 | f0c81a1069da4367817596d5ff1e083a5874e8630e4a092cb3c6b365ae2f0037 |
| SHA512 | 0a9f0eab3232ef73672f28a2fe976ebb08bf2eaa88d9b2e90d809655d5ec06de83eb04341bac57e850d2a8d8c911c36d4d613bcfea85c9295f85de567b3f5a45 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 19648729828636c86670dfea7afc1a1b |
| SHA1 | da3ac03796d198ad7492b4d97555bd1a3b3a8caa |
| SHA256 | 483af388dcc50ee7d3e805e2f3f436f4a5a30ee89733cab1ebc95102ddf9509f |
| SHA512 | fa48f222710ba6a474374edecb31c567623aabceeacd14ae27cbdf16c22bc0673e9c078df144221f412e5af5b6f24f14847b96245bdab13dbe3d0c7540ad172f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cd9a076c99442c50e2796f0d2c63ce0d |
| SHA1 | 56e3f95326ff7e8575a2654520335a074d131e89 |
| SHA256 | c7b350f863f5092df75d32c1f3d8f027f90a4d4a5f9914f7b56ed8ed1e8e73e7 |
| SHA512 | 02a433af89caa9715b29041915d5b871344f675b7d60c822af6dcc4c922d4ccd9596e84ca52fab246d1eb3c50176ee7fa422d62932e6ee156ebccc4c0d4ad6a5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4f05b97ac0019de7ebed148cd3016b11 |
| SHA1 | f4bd9c854898ab98eca74e724d2909665b6c7ce9 |
| SHA256 | 03e9b9958d7d41172ddbe26e3a0c003406a96ceb7a8e0d0607f72cf084eef52c |
| SHA512 | 7046fc1ea6e6431e5c6d975929f24ee8200ad40498be978d275d33bac7e8abb6bd99f5330c1b86152e1aad4b620bee1fd0484defa31ae3943194e8606ef7a1be |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a769d66d5bc466d29721de8e14f1d3b6 |
| SHA1 | e22d765bb341fe2d78ed7d429ffae29fb46bca05 |
| SHA256 | d5dfae65c7437c301aae97195521547c8115c7d1b0b3ecfcd5ea66b504a0764f |
| SHA512 | e6644ae6cd638d1bd84a33738f56828245dfce8ab470914e82d7c48b4080217bfa641ef91a7269c288c092e8801eea796c0224eb79b11639f7e0951084526110 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 063400e02efc21e596e64cd9a4c96c28 |
| SHA1 | 574801e0a2e1e87c753f611e6bf472e18efd3adf |
| SHA256 | b90e7841112c14f80e7cd9ff2477694ea80d2c939bbe0c77110cc66e060f466e |
| SHA512 | 0e887036cede285b4cb4ce483a881d9f500f5f52e3147821421c63913f5f1c9e3566c999b287ea46fb57f5d916cd989cc3e6bce6e2c5a8af39c13e48efb08fc3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e3ae1b2f92208b8ba49bef8ee64c4e1a |
| SHA1 | ca676cd792a628545395b9695ccbffff7c482739 |
| SHA256 | 19d9df455ea67233234204f53d1309b5fdb0f92ad86527f691d5ec94c6cb4ae3 |
| SHA512 | bcd95ab4c4399b037126c52c0953dc08ac4129fa8f2749b5177b598ab353e13709e1a99e3c0717a4ac86e476572768fffd46d23b1ef791de7c62043af215b39f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 10eba948f47d665db2ba8ee8c44467f1 |
| SHA1 | 6dc7511eb8f3ebbd14a9fd2ce7a530382061e310 |
| SHA256 | 213244a63773a47a2fd95ba6be0784e46b044f94d254113ab9885bffe3f76523 |
| SHA512 | f62b4cffe5fbd3dba2e7b8660b25e0a40015eb9adf2684b07272dd50219f870416ce981e76196c1b9669520317874807f27680b1285d4e5cd964ba94daddd6fd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6c6e2b4207b47ed0d5316ed4c6eafdc4 |
| SHA1 | 852c124b4e7d0cde3d10c06d727becb9adc62ba9 |
| SHA256 | 3ee7ed2622248a91b3bd4d7823f98cec8c21643f024a57cd0935c07b48d3e420 |
| SHA512 | 54f2ebc2f31ef5172c25863d77f9cfffe09434b9da0d84f5a50bff4fb6d1f829b1aac89810ab71a514b536fcb22bf8b299fa94ef72f3640c7b7fdf8bf5f167a0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7cb8dc992a180f4ec5b0d16571be35b1 |
| SHA1 | 4f5fce4e55afe80a6a40146af5c7be6bc08367c4 |
| SHA256 | 7a2687191b580f94e5eb792531585dbe4d0c0a00d9ad9a61d2f2d8be2b93333b |
| SHA512 | 63886f244df992814e9905d5a96874754060373d7d75c42f9a815a40e3c3c3aa8df5a3b062f02808127412edfaefe8e94b9f5b23b58ee0e1beb8e9de2b56cd8d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9897d9eb8c128d23400e560baa1a68ad |
| SHA1 | b6d30927445e69ae2199344cafda8b7b5f1a1cd7 |
| SHA256 | 3358a60fd5db579723dc011281856c00e1e4ae4f1a64f84e8746852929fd9ccf |
| SHA512 | 45e0be8fadfbdd74bb3dc22d393dc6ef76580d252c18bee9f14065b402501b2935a2af2073ad62095759dfb212c5dcfec1dfdb029839d67b8e4bad1b67f261de |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e9669ab67783075401c5ef5fad578a60 |
| SHA1 | 781f58c66f4fc30ae4189b1d65b8e86555fd2dc9 |
| SHA256 | 0a15d71cabc86b347d5864d2de69c7ecfe6fe249b1962a928cbf02f94301910c |
| SHA512 | 081686beeec9e994f870ac11a63282985e77f574a53ceca54a4650fb78560bec287a3a46e278c110c0d3c367f637c0561e7fbe562cdf77f6e3630607b289d3e6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5e5037665c8e4feb5a86b436ea0d362f |
| SHA1 | 4b57565fe65f833349a8f78351bcfb4dafa90755 |
| SHA256 | 986f0695b765d1c18545d4f55835efe4f61ae28466599389b596eedd8b8a7f9d |
| SHA512 | 52270950f9947a9885fb123f739c2635c9f646d69c7f8010c12cb8620bec91c31596afe22852212c3ec1c1c59124fe9eba8b6a166645627e29edde8f03428878 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8f56c8b3863ffdc75ed541772e360d82 |
| SHA1 | de798a53a5095053eb29b1e7b3c92e6f7084e545 |
| SHA256 | 235a70018d18125b6facb6e45f1e44be773232b7ed21a6af39ba7bfbc5376a85 |
| SHA512 | 4a3f494d72f475244d5bf8b21c4145b336a8fb2edadd40419d89e8c3e65e14b63ca93493b1c46eaa222934e491af67d3afb9751e0cbf44cd12dc5bb3b9402860 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 486d4a2169d8b8e64755bc5f5d555851 |
| SHA1 | 5a906df59f2847713653323b4151c8d76441b653 |
| SHA256 | f1f10280940c675e804b7d8d1cd2cc1bd3eca44fb992c985f2662fd5822f2e1f |
| SHA512 | 85da02d72149c75acd46389a1dad5582bb49102a98768857851c379b25d27e3bf1defa0b5f3442c53c746757a896ea6f82b16aa0a6b7e197b840acbc250b93e6 |
memory/1248-7277-0x00000000022C0000-0x00000000022CA000-memory.dmp
memory/1248-7276-0x00000000022C0000-0x00000000022CA000-memory.dmp
memory/3184-7425-0x000000001C1C0000-0x000000001C1CA000-memory.dmp
memory/3184-7426-0x000000001C1C0000-0x000000001C1CA000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\imageio5679390226611353936.tmp
| MD5 | 61228da7aadf85fff625ca4628a26305 |
| SHA1 | 7594b1efb0d3960d081b979590f454716a332997 |
| SHA256 | 9d79cb50f6c13050feb806b39af184a37e271581cc7a0b173cc1bbb363bb3a6e |
| SHA512 | 2b799dff133fe99ceac1f1bad24e94b43e4a41f928a451ea166ea8dcb18b824ce81be6a9ae9a0d1721ee627180f9e7ae59ff39659f8bf90913d1dc65298a8259 |
C:\Users\Admin\AppData\Local\Temp\+~JF18066373605762125740.tmp
| MD5 | 99fc0816a09395454061301fefa42bf1 |
| SHA1 | adbc3bde424bcf7dbc38f148005c8319825891f2 |
| SHA256 | d0c8f44a774b8490ceee29889cdabc72381fa35fb621619a78fd28211d90241c |
| SHA512 | 0a0120d13c729e1b8826b8265dcb47275f4dd1f210a20e708b7cf38cba7ec447e0521c44b51284bff5beddb3a3ac24486aadb085975eaac50be36f5c7bed2e51 |
C:\Users\Admin\AppData\Local\Temp\+~JF18339204347263300867.tmp
| MD5 | 94ea9cb73d133bb69b1bc5267d93ea00 |
| SHA1 | c5fa660b6784cf33282ddcb5125c61cbd82515fc |
| SHA256 | fce548284667e4ae378441fbe726b0d6a25ba159b8d58b9ec4d8a88dedf55ea1 |
| SHA512 | 57b12f2490df8f4a052d639db6b80c5a284277dbf3621cbb74b034db75c5cc728f3bc1e41e241a1db2333b3c758f69b4482d9706c0a6397742f659cda897c560 |
C:\Users\Admin\AppData\Local\Temp\+~JF2577783706683287286.tmp
| MD5 | f057be881b8b55f9f5bbd47e0df885f2 |
| SHA1 | 0d886de51b46c856c39415beeaeba6ae497a30ac |
| SHA256 | 45d5a0ad112e15e1d356d76428419c960d7f71545a0b61a32a1f4e0e9ba60c9e |
| SHA512 | 6e4cfc52d015d8f0bb476f867a1d40b7a61e9f58d76b9c0051d658d03cd3a7161f96eaf29ac24ae276e386a5c5eec2e6a505ce0d2b07a9176ddd2d20909363d6 |
memory/2704-7597-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/2704-7600-0x0000000140000000-0x00000001405E8000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\+JXF2153902227315816549.tmp
| MD5 | b0064b538c44db5272e1c240a70157d7 |
| SHA1 | 9f36b67231e8b5becc4db89e4963b4c982766c12 |
| SHA256 | 9384b96c3c71d777fe20da8ffec067a4a50802f1ef42a1f3543d2b8059a45add |
| SHA512 | f5a6f858fcc92327095bc30012f09148f271f39644c3d65557466307d89ea20bc79c8da466a283e0ed4a870922b99ef1c94de4bec08b728cf6eefd8ce016a6b7 |
C:\Users\Admin\AppData\Local\Temp\+JXF3769618318873744399.tmp
| MD5 | 2e991f1cbf1803c2750019936d9f5e04 |
| SHA1 | 2bf6fbea79f3b3bc3a919bde154c8c44439a1b35 |
| SHA256 | 0bf95b2c365784e76d65857ebcb64630b383ad6c9051b71014d2f32021c0e945 |
| SHA512 | a2655dc018ef33daade7dbf3c9968d4292bdc99b8bea81e1bf6af0aa26d161f62953b50fd5674f8a8189f6d6a90de66f0b2d4f7d6110b75e66b5e50ae17b063c |
C:\Users\Admin\AppData\Local\Temp\+JXF15050411717729978062.tmp
| MD5 | 6b21a8d311369174d2828c9b040a639e |
| SHA1 | 1c2895403992e5c3f1c78d292a20a839f65b9ce4 |
| SHA256 | 02bfb7853a60b1ad2fb0f60fb1ab567d6bc83d043433c3c407b941600435529c |
| SHA512 | d3a87059699a5ccdac4dc2d22a4bcc839c1e12da36dbe43533a4d58d596792c9ba66cb505de65b1e07a1c52eb6864b302066f625cbdd7e3ec54c359d3724e6ec |
memory/2704-7851-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/2704-7860-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/2704-7921-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/2704-7920-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/2536-7923-0x0000000000400000-0x000000000040A000-memory.dmp
memory/2536-7924-0x0000000000400000-0x000000000040A000-memory.dmp
memory/2536-7925-0x0000000002730000-0x000000000278C000-memory.dmp
memory/2536-7926-0x0000000002730000-0x000000000278C000-memory.dmp
memory/3184-7927-0x000000001C1C0000-0x000000001C1CA000-memory.dmp
memory/3184-7928-0x000000001C1C0000-0x000000001C1CA000-memory.dmp
memory/2536-7929-0x0000000002730000-0x000000000278C000-memory.dmp
memory/2704-7931-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/2704-7930-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/2704-7932-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/2704-7933-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/2536-7935-0x0000000000520000-0x000000000054A000-memory.dmp
memory/2536-7934-0x0000000000520000-0x000000000054A000-memory.dmp
memory/2704-7936-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/2704-7937-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/2704-7938-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/2704-7943-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/2704-7952-0x0000000140000000-0x00000001405E8000-memory.dmp
C:\Users\Admin\AppData\Roaming\.minecraft\TlauncherProfiles.json
| MD5 | 9902252cf802085600c46d924a747272 |
| SHA1 | 5563405551088301f0305e2a03682ef607f762b0 |
| SHA256 | a56051644ef205fd0381e3f73a04407d9a7a49d282ed4e0c101f4c1b1973fd82 |
| SHA512 | 6e78b714aeb170e754ca57e3d87b2917500334e71f1d29c283e133b9bd3efa77114ea1c66e48d1381acf71b4f1738855127a01b871a861f0624b5ef209e68108 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 7b6a6faa93681205eaa0a491f522b3db |
| SHA1 | 0ced5d41a88c0993d70b27f6ddd89fd615dcfb34 |
| SHA256 | 5ee05ca30b3670c18de57363a4d9175d211ff7fa2a2625a5d81d76286ad5062c |
| SHA512 | f04b20663b8c959d2187223229be164e5eefab9080c1437ebc5e8503f61014a7ccf75d02593c30b0898dfd81af19caaabc7b6076408033246380969e7b012324 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8c18d0952b37f02b7e7e91d6bf9217d5 |
| SHA1 | 333ed6fe8e220559e0f04aac1463462ce9756353 |
| SHA256 | 7d625c2db9a4c61218eb0cd37be960c66882d4d8a61728207b9d15225d8e2f7d |
| SHA512 | 9b3d9761a1556892bc66b0f98dd8e78df00526f53ac8bb7bab7dda94e35dea3ded08960bbb5367f193b015b9ebb5d8de3160196f91c96865def1d452881ea6b3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 44632a699252a750c768b4078fdc0208 |
| SHA1 | f0e153a81512c8950ecdf4cbefb5e33b1beb47bb |
| SHA256 | 0d80f789f3b9b405742e3cf37c4547283a15f4e3551f0f5de9c0eb4507fb23e4 |
| SHA512 | 90f04b06c0f27d006e67d732b8917a9cef5aa50071554766a880c56e79071d427f2e622dff045f78b9026f8cb20b5078d1b90f539424feae59bb70c7bb2b7273 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 757eeca83c9088be0ad701352a3f2bba |
| SHA1 | d67d8150d498c3965972d245c0429e5f5dcdd5ee |
| SHA256 | 21ee7f4142a5a6346149cda958870513960db6db6b0456b9816dcb1f11822a47 |
| SHA512 | 5b0bef29fee942071bebf6e6d7c9e83b273f95bd2178cd866382bed18769d934bac670505d4d4ff17570c16b34d06ac34f286028996596353f998ca1913d777d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ce8c261635aae903b32efe76601464eb |
| SHA1 | 33d20a67ace4b44d357955273ff3f25ea2daa4b9 |
| SHA256 | de06452756073703d6e27f90896eca2f252caadfdca07b6a28cfe197d2369168 |
| SHA512 | b0dc363255eb0b0027ca5460eb92d79c7048350b383d3002fc0f7a7645e917dd291b3d142d582fb1dd40e3dd93086356b62f168767211b20ecc496f77ce76416 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-04 12:16
Reported
2024-05-04 12:46
Platform
win10v2004-20240419-en
Max time kernel
1799s
Max time network
1801s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-17203666-93769886-2545153620-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\TLauncher-Installer-1.3.7.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133592995440999741" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\TLauncher-Installer-1.3.7.exe
"C:\Users\Admin\AppData\Local\Temp\TLauncher-Installer-1.3.7.exe"
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
"C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe" __IRAOFF:1773458 "__IRAFN:C:\Users\Admin\AppData\Local\Temp\TLauncher-Installer-1.3.7.exe" "__IRCT:3" "__IRTSS:24078146" "__IRSID:S-1-5-21-17203666-93769886-2545153620-1000"
C:\Windows\SysWOW64\werfault.exe
werfault.exe /h /shared Global\f9b0049bca5f4984aff79e0286c5e3d6 /t 764 /p 2012
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7fffd234cc40,0x7fffd234cc4c,0x7fffd234cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1944,i,3969247042535907705,2469800725644689107,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=1936 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2004,i,3969247042535907705,2469800725644689107,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2136 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2200,i,3969247042535907705,2469800725644689107,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2392 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3200,i,3969247042535907705,2469800725644689107,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3216 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3452,i,3969247042535907705,2469800725644689107,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3316 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4580,i,3969247042535907705,2469800725644689107,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4584 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3756,i,3969247042535907705,2469800725644689107,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3772 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4600,i,3969247042535907705,2469800725644689107,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4860 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4972,i,3969247042535907705,2469800725644689107,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4764 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3772,i,3969247042535907705,2469800725644689107,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4528 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://docs.oracle.com/javase/8/docs
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fffccdb46f8,0x7fffccdb4708,0x7fffccdb4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,6459744201727361239,17373144986377402687,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,6459744201727361239,17373144986377402687,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2076,6459744201727361239,17373144986377402687,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2716 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,6459744201727361239,17373144986377402687,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,6459744201727361239,17373144986377402687,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3456 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,6459744201727361239,17373144986377402687,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,6459744201727361239,17373144986377402687,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,6459744201727361239,17373144986377402687,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5716 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,6459744201727361239,17373144986377402687,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5716 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,6459744201727361239,17373144986377402687,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,6459744201727361239,17373144986377402687,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,6459744201727361239,17373144986377402687,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,6459744201727361239,17373144986377402687,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4364 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5024,i,3969247042535907705,2469800725644689107,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5240 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,6459744201727361239,17373144986377402687,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1948 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dl2.tlauncher.org | udp |
| US | 104.20.37.13:443 | dl2.tlauncher.org | tcp |
| US | 8.8.8.8:53 | 13.37.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.53.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.15.97.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 11.179.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 216.58.201.110:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | 4.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 172.217.16.238:443 | clients2.google.com | udp |
| GB | 172.217.16.238:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | docs.oracle.com | udp |
| BE | 104.68.70.89:443 | docs.oracle.com | tcp |
| BE | 104.68.70.89:443 | docs.oracle.com | tcp |
| BE | 104.68.70.89:443 | docs.oracle.com | tcp |
| BE | 104.68.70.89:443 | docs.oracle.com | tcp |
| BE | 104.68.70.89:443 | docs.oracle.com | tcp |
| BE | 104.68.70.89:443 | docs.oracle.com | tcp |
| US | 8.8.8.8:53 | 89.70.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.oracleimg.com | udp |
| BE | 23.55.97.240:443 | www.oracleimg.com | tcp |
| BE | 104.68.70.89:443 | docs.oracle.com | tcp |
| US | 8.8.8.8:53 | 240.97.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| IE | 52.214.77.117:443 | dpm.demdex.net | tcp |
| US | 8.8.8.8:53 | consent.truste.com | udp |
| US | 8.8.8.8:53 | oracle.demdex.net | udp |
| GB | 18.244.155.55:443 | consent.truste.com | tcp |
| US | 8.8.8.8:53 | oracle.sc.omtrdc.net | udp |
| US | 8.8.8.8:53 | cm.everesttech.net | udp |
| IE | 52.18.190.199:443 | cm.everesttech.net | tcp |
| IE | 66.235.152.221:443 | oracle.sc.omtrdc.net | tcp |
| IE | 66.235.152.221:443 | oracle.sc.omtrdc.net | tcp |
| US | 8.8.8.8:53 | consent.trustarc.com | udp |
| GB | 216.137.44.99:443 | consent.trustarc.com | tcp |
| GB | 216.137.44.99:443 | consent.trustarc.com | tcp |
| GB | 216.137.44.99:443 | consent.trustarc.com | tcp |
| US | 8.8.8.8:53 | consent-pref.trustarc.com | udp |
| US | 8.8.8.8:53 | 55.155.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.152.235.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 199.190.18.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.9.84.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.44.137.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.77.214.52.in-addr.arpa | udp |
| GB | 18.165.227.6:443 | consent-pref.trustarc.com | tcp |
| US | 8.8.8.8:53 | consent-st.trustarc.com | udp |
| GB | 143.204.194.118:443 | consent-st.trustarc.com | tcp |
| US | 8.8.8.8:53 | 118.194.204.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.227.165.18.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
| MD5 | a14411ca54ffb3b223c21c63a784409b |
| SHA1 | 33050df5397e5a44169cf0cd702d776269233f36 |
| SHA256 | 1c830be41a2d969da6e8e889a1ae23fc41594d5323520e5a39de7f2c32c5dc5b |
| SHA512 | 0bc34e8d826e3e026068c52c41eb4617e9bff553c675ff45c525ac4210b6cf878267fdfb4b6796d4de4dad2e8145eb3dd98220ee01957bd3e839e9f8a8d4bba7 |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\lua5.1.dll
| MD5 | c333af59fa9f0b12d1cd9f6bba111e3a |
| SHA1 | 66ae1d42b2de0d620fe0b7cc6e1c718c6c579ed0 |
| SHA256 | fad540071986c59ec40102c9ca9518a0ddce80cf39eb2fd476bb1a7a03d6eb34 |
| SHA512 | 2f7e2e53ba1cb9ff38e580da20d6004900494ff7b7ae0ced73c330fae95320cf0ab79278e7434272e469cb4ea2cbbd5198d2cd305dc4b75935e1ca686c6c7ff4 |
memory/2012-14-0x0000000000DD0000-0x00000000011B9000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\200.ico
| MD5 | e043a9cb014d641a56f50f9d9ac9a1b9 |
| SHA1 | 61dc6aed3d0d1f3b8afe3d161410848c565247ed |
| SHA256 | 9dd7020d04753294c8fb694ac49f406de9adad45d8cdd43fefd99fec3659e946 |
| SHA512 | 4ae5df94fd590703b7a92f19703d733559d600a3885c65f146db04e8bbf6ead9ab5a1748d99c892e6bde63dd4e1592d6f06e02e4baf5e854c8ce6ea0cce1984f |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\Wow64.lmd
| MD5 | da1d0cd400e0b6ad6415fd4d90f69666 |
| SHA1 | de9083d2902906cacf57259cf581b1466400b799 |
| SHA256 | 7a79b049bdc3b6e4d101691888360f4f993098f3e3a8beefff4ac367430b1575 |
| SHA512 | f12f64670f158c2e846e78b7b5d191158268b45ecf3c288f02bbee15ae10c4a62e67fb3481da304ba99da2c68ac44d713a44a458ef359db329b6fef3d323382a |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRZip.lmd
| MD5 | dabd469bae99f6f2ada08cd2dd3139c3 |
| SHA1 | 6714e8be7937f7b1be5f7d9bef9cc9c6da0d9e9b |
| SHA256 | 89acf7a60e1d3f2bd7804c0cd65f8c90d52606d2a66906c8f31dce2e0ea66606 |
| SHA512 | 9c5fd1c8f00c78a6f4fd77b75efae892d1cb6baa2e71d89389c659d7c6f8b827b99cecadb0d56c690dd7b26849c6f237af9db3d1a52ae8531d67635b5eff5915 |
memory/2012-597-0x00000000073B0000-0x00000000073B3000-memory.dmp
memory/2012-596-0x0000000010000000-0x0000000010051000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\BrowserInstaller.exe
| MD5 | 83a8f0546164c9ba1a248acedefd6e5d |
| SHA1 | 7652f353ed74015e7e78bc9f9e305a48d336b6d1 |
| SHA256 | e7c5072ec60d32022b3c818c527ad86f4985837a4f0e9fc6477f54ae86d9f1c9 |
| SHA512 | 111d11acdaef0036ff5cabeb16ed55bf4c681fa6eb3c006af450a0ebadae3e213a8f3abb0f4a9aecc8e893af7a79b4eb7f74a5fc3743e338c3e3136b5d7f9f2d |
memory/2012-614-0x0000000010000000-0x0000000010051000-memory.dmp
memory/2012-613-0x0000000000DD0000-0x00000000011B9000-memory.dmp
memory/2012-638-0x0000000010000000-0x0000000010051000-memory.dmp
memory/2012-640-0x0000000010000000-0x0000000010051000-memory.dmp
memory/2012-672-0x0000000010000000-0x0000000010051000-memory.dmp
\??\pipe\crashpad_5052_HIIRQXZJOKYVFACY
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | daa64da6df01f313ca7c48fe882f92c4 |
| SHA1 | 2e1bdeed6333b5b5be60b990954c35d0804009c7 |
| SHA256 | c9cdc22b8900ba44a18e1c5011118342a0cafb894dc475cdccb8381f2f3aa4d4 |
| SHA512 | d9312b9ce4b8bbccb369103ca8e94c6b97801585579dd97caecb826e3245e22181af52389728f6ee977583c682bbeb4710c0664c0ed4ccf9e4bdfb8224fb7111 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a9e55f5864d6e2afd2fd84e25a3bc228 |
| SHA1 | a5efcff9e3df6252c7fe8535d505235f82aab276 |
| SHA256 | 0f4df3120e4620555916be8e51c29be8d600d68ae5244efad6a0268aabc8c452 |
| SHA512 | 12f45fa73a6de6dfe17acc8b52b60f2d79008da130730b74cc138c1dcd73ccc99487165e3c8c90dc247359fde272f1ec6b3cf2c5fcb04e5093936144d0558b75 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b778c002dc0bdd9a5af4adf8104f3c36 |
| SHA1 | fe1fbf03378048482829b72b12f26ca9e2b6a38c |
| SHA256 | b4a1baf5cd215669d28c8d1141e43948fec3d01b677a654dbebb9965462e0c9c |
| SHA512 | 0ed49ec827b9dd3f3a0ec23390cbe0fc7e092e5ee4a93182ecd7f914b3acd030012895f7065e7f8477bd71fbee23bc5eb1b9ac1b9eb289e3a35732f7e8402be1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e72e5e11a15322cb1e704df7ab6f6c08 |
| SHA1 | a3ca87dc86f2d9d1268c99c7b37ba0737c255472 |
| SHA256 | 3463c526437d245a6bf629f6a81eacb196be2c6ddf2b15d2a67d760a6f9f0daf |
| SHA512 | 78c4601b51854d1d69d17c0b8723f6ce96844aa6feabf8e5babf378e6d52c55708bf743382f1273a3501472fde9e0d9bb102a651e0cc4b206379fb299fa25ee6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | dbac49e66219979194c79f1cf1cb3dd1 |
| SHA1 | 4ef87804a04d51ae1fac358f92382548b27f62f2 |
| SHA256 | f24ed6c5bf4b734a9af4d64e14a80a160bea569f50849f70bf7b7277c4f48562 |
| SHA512 | bb314d61f53cf7774f6dfb6b772c72f5daf386bc3d27d2bb7a14c65848ee86e6c48e9c5696693ded31846b69b9372a530175df48494e3d61a228e49d43401ad1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bfb3d3e7451536fe2a286ee016a125b7 |
| SHA1 | e572bfb2492888c51fb1eb80fda84e0fb5cf877b |
| SHA256 | f647f36628de6cce394d5af367889a0c30d5f7a9693a94d1464fd4f74486ec83 |
| SHA512 | 0ec3b0267fc9072a6ad3b6674172619a5da5c199629881641449292ec60e292c96f5afcd739a1a2a50278293f3a9fa2b58510d98a7899f115bd77de6913be59c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fc79592b37a498ff288401648100562a |
| SHA1 | 5b9d39e63b50dfda07ec88cdb44c62036db65e97 |
| SHA256 | 11d8b65d36341ccd0f2bdd61d5f8d92a68bc8486dc9aa6891925aebd011cafe1 |
| SHA512 | 428eaffd5c14c39312997983554a234fd2ade1d4b4c76ef8117dbc5f7f0475c6916acd802fe671172e6a2912442c07513bb43a2a27a105917fd748140742d3bc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 1efd0726dc26e8d35e2f0b394e674758 |
| SHA1 | 11783728213917e664dd11f954f8959128960238 |
| SHA256 | c5b3d04305f5badc32334adec30b8e3ae1941d43dfd31a22842f7f39a30e7099 |
| SHA512 | f53d80e0d75cbc6b9af8468b193c684ea14400bfe14cf4533add9567bc878b193333b502c6b8c1f4a9383d67aeb66d34233a88d82536aa19f3ae5420da01168c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1c13e24beb68514feb2ac8ccd6b4868a |
| SHA1 | 2e6234880e31a4b5139d47c0092cc19b897f7443 |
| SHA256 | f6ed63bfa7e2d7c51fc2b0e2d8da13e736495544d1a78ee9e8c1f740b1953373 |
| SHA512 | 6722f2576f3b4a257a30bfc590b32d680e44ed5076643afb63a8b335658885acce88fe6a5b2bcc4279c4dc3e0e212b5e04838c391d5cd7d7580b6873e67305c1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 141c807044ef06d69bb1b14d3b2a5fe0 |
| SHA1 | 268da26e33ee41d249f0108aafcd15563c51bc2e |
| SHA256 | 99f4d4026cdce2e00c220a476184b8538180e1f8e8e5bc71acf7e50bafc51fe3 |
| SHA512 | 66971f9c00f5925fa7904077e828fb94320318b52db564024f2330b1c072e2b1e270e674797e9915322d842261ae03899954081a49d64cc236c86d7b7b0c81d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 88dcb7d960a8c81466b189ee0d9912b5 |
| SHA1 | c368889c3626bf9a1ed7d49ad86519f3c4609e69 |
| SHA256 | 20ee5e3df23a62a58f04200f52eea62e21aafd78756e3a7a360962b145e01a39 |
| SHA512 | 0811db4a970d4fe7df48045e005212e28d732151a8ad35c94fdb81ea3a0e56bbc9a2aabb5ff7d83ea890aa8ae575ec5a1d32c3883a0aaefa6ca27dc16ff70ad0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 43fd604585f00536dd2f86981d656179 |
| SHA1 | 22f4340d562476d0db8f22a2568ed71cb3cb5d3e |
| SHA256 | d8d27ec428aef7204688f7cdca97d6cf207242e0a31386c955ac20687055812c |
| SHA512 | 00b0051de63d21a29ae68160f05218299ef735f5835fad73f211aff3922463e4720c2c4f9148386c152affc29de4cfe6b2051b5e56c1b867f7b8b09e0bb2018d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | ec6821fac1df9299161522ffaa8fd196 |
| SHA1 | 6541e85c2801bf57c5bbecabcbf49eed7b091eb7 |
| SHA256 | ea12a458121bb9a1271a715386e7480d28268cd8ae05194fa64d0d5f4543cc5b |
| SHA512 | d6eec46d4d65d7cfa47006bae48e12f3ae7677417f0f447f8e89fca983a9234a8018ad91ab9515e313921dcf963f462c2f6f78a1c80acd503eddc97d47847496 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a33c2f5c10a09bcdb166c28047bfa594 |
| SHA1 | f7cea6768e529832f2b6771f8fb7d8a83340ebe2 |
| SHA256 | 81afd94d2b240c436038082770fe35b07511de6d0f773c96db40b1cdb54526de |
| SHA512 | 13c52587f01c7ff44406ab16a13a11cd55cee3808b8cd92ab67f3aabc787188ea1dc74f02224802a98a4ff2f069c3ba1737ac583928978e77ca5e963f79a3664 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1b6199191a901f53dd19e3b1123cabc0 |
| SHA1 | 65df55f26d4fa853766852d57f3a002a87ef3749 |
| SHA256 | b72040dc144f389f6a14032d2809078a67c2fd60cd9d654b5d82e092fe215b64 |
| SHA512 | a9fe23c76fbc600a65b85c16a34aee17022dd50b47b33b7d20a0d6ecaaa5aa688c0e22033190757072b688e23817f06e4812c2346f30cda9c8a7aec17e30f54d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d070735e968c4a9bb764a89f9915ddb3 |
| SHA1 | c0891c30cd193caad681935f775ae38a7ebe6e35 |
| SHA256 | d03144914665d6336947effcd66d664cf015f227bf17d09258aca74837e98f69 |
| SHA512 | 0566c4e81cc59f773125f1839a09f5f8ec8a504af1f2baa8548c6afe57339fbd86c1f119227f6cc9455f5b371e613fcb6e1d4c8390d59b67f2473ae499be63b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 9e3ae150ee4f141dce4f6ae20c1b02f9 |
| SHA1 | 54b820f23ac23f84125531eaad2b4429bb1a51fa |
| SHA256 | 66cac4defb095c82a9d8eb5980c0b13e562a1c47b1b8427b7cc785c1041bca16 |
| SHA512 | 0e7d18147817a9423458e98539c59604a5d3a55ebb2ac484d64cd272dcc13aeebed61b06a053f8591a4f6275378fabd422a309d566d29991835df83e4745f8ad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b2a884c5d04abb2d0f1fa18ffc8e8a00 |
| SHA1 | cc5aaf410a9730a1e814bfe55ba42034fc71956f |
| SHA256 | 231310251107b459a7e4039f93b61341041b9d67f32da0631d6e1d5591d39f41 |
| SHA512 | fe1f92018257ad4179ce3bc9784444b8a7e98311c115ef2a7e6d01c54b1a6794f4b5260ec9f7c15d262a11fe6812f1732642a8bf813ac95e38c66b23da595984 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ed016c4856c70a334d409ad320831af4 |
| SHA1 | 9156c3a007990509f076018254cba23b3deb9be1 |
| SHA256 | 016f1c63804622b779b1a4bca54f61e828bcee81a37486dc72d9c4aa8049a017 |
| SHA512 | da997d8cb2ca1a3ab652a4496aae9b0e52e89446b230c8eedb666cbc819621a9ad2fe7ceb4d94f95f6c3ed27887c3349f11c671e5c64a952675b781287c6b1cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8d1754d49ee7eb10a5986e9f1391e879 |
| SHA1 | 4e948107d6da29e7301aabe9ad30acb419e419a3 |
| SHA256 | 5e976d99009cb95d181547c19ea20d758dd433bf90d111ed246b2ad857ef7d2d |
| SHA512 | 77a68823017d962ca1cca6d6bbca3555b308f0a039d72332f16e4f57b50f6980532090c01eb6c25b63441caee216030a29289c3a0732d67f7c060f4e171cd2bc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f9b29a26525ac537d673936a78ad41db |
| SHA1 | 1d11dd634e70740699c2fc83157a39557dfa77f2 |
| SHA256 | 3ecc1ae1e825d7ac7cc7ed85734c53d4987d690f85d739e5d2708a241c465508 |
| SHA512 | 72b30256403bd0ad6b44e92ce9ebbe9d6da7e8d899b32838b28f1f0514b3874b12f455fdb5b25fbe427d9be96c10e4ba35553eb8fb7b905cf916b332c01e17f1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5ac8c17423d39a86ca5c0d847098acb9 |
| SHA1 | a527d12c3a8d86894aff053d0e7742e3d20de75a |
| SHA256 | f979f9614b93863c7a2aa1560b9ece6df38cdfe3d0c7bf3f0ce4d7fb15920a14 |
| SHA512 | 48a013a3aaaf253c6d26bf4cd738a5f322207089a9c4a0ebc8fe93d649259b24e8c61a8262ab9e6cc7c9739da6da7b6ff2463d41698f6a47bcbb4429efdd0264 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 27bbb45948f1c3366b5603f2d630ed00 |
| SHA1 | 7a76b875d20a7d8f952525e74a8b64aede0ff75a |
| SHA256 | 33c97dee51efd49ec5d9e2bb946f724705c48fba23eea17619945f45eaafed60 |
| SHA512 | fcdfa0a58af1c7a93c99b29bf20861cd32a5a4d543bbab3c3ce441871e1e1c24b8dd56f3460f15c60861ed1c0f51e3bbf8b277850182769e89922c0adb86260f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f1f7ceaa35552e7c62ee7a7c491efd3f |
| SHA1 | d0e270e577040be02b3c6e150fea00a684ab3c2e |
| SHA256 | e565e5fa347beb93ac71b4c39fdd7ee6275a46fd210802023b9c8e8f5ceebb1c |
| SHA512 | 14b09791bdf88b5fca398d6ee277db4b6646b38d52cc233d734ef52647144ad69f3d7734d54feb07372e2f6be572589da535fefb26c5e63be9439818d9081b79 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d66116c11145ec3ad25bc4ca1590c54d |
| SHA1 | e2cef8f77c493c38dc2deafea75cd550550e7902 |
| SHA256 | b238194ad3f2d45b7ca219d96392396c5ab0569b0d5da854433f5f38d48a2d4c |
| SHA512 | 87bb53cc8f38ad12ee5b3c2e38fb58b077ba3448a0ee875ba043986bdbbc338d64e41ed091f172139c3c9313ed0ba8ac7e7c7abde1f0576897a19989813715c7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6910ee69f2363c84f5880977f64a364d |
| SHA1 | e6a9abce1c9a339cb5266f06124c9afb986cb09c |
| SHA256 | dd3408a39c47ab377099edbd4a81d4a2925bab86529a4fa0a895fb257fb3eb08 |
| SHA512 | cbf9fee26e5a59df0742601182a5e1a87bc4690b0c13e37c3668a192962bae62596857396b63a68a46a35ee84e1b980d47cb0c706eb22a172dbdf337d1fc7535 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ee6ff85a9baaeaf67abaae0b89d686a9 |
| SHA1 | 6259d7fe292baae73b38fdffea4fc7b741433b20 |
| SHA256 | 6acb26a483c384801839fa48f375082098d1f4e86656b4eab315b6871dbc70fd |
| SHA512 | 188e354eec45f627b2e2de127673f1d8c29d4caa2d6ff625120b06b4f5d547db6675eebdf757d7000f6b038c12a6fce6a294313b49b2855a71d4b810b5fbbedb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c12ce8e71744b4857ea32c8e33c53b84 |
| SHA1 | 241f7b3384fe863fb213fc50fdda9f37f962032c |
| SHA256 | 169b1c9f0b637b0684a425b3f9c062fbce20c11ad50cc3faecb829c058d31516 |
| SHA512 | 552d5c53e7e43d1f6b6ccc347e74d436f58e1864dcfe684309ad5c65817df21ddf4701e80847f5bf525696cd156cf1cd49e41ea53a041a78c20c598f91a07703 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | af2540faa1afcf5c5b27d3ff72f3000c |
| SHA1 | 8c7371291d871488bbe97c9a0ddf1662431641b4 |
| SHA256 | 97605b9bd5898d9d396e1b2e03992e473a9ab11531beaf47da0730999481cf8b |
| SHA512 | ad379bb92c2ae62a6f4be3d8e18f165e0a678e19a40d57a6b8be796db17da02e8d3ab914a9e52f995c09c120a82f25eadd7b1f154d990548a1ae930c1b16b3a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | be1b6c0cafb83f811ee7db1fb4b75262 |
| SHA1 | 288a2f92561a59052fe5138092201d3387e83a08 |
| SHA256 | 88695fe7c487cd509490795b162a05a0e3eb2dab88259a44d3b5b899e2563a03 |
| SHA512 | 50dec0da6a9b3169054bfafbfc512606ec82e392fcfbfec8952c1757a6ea91aa2f60cca9fa9e13debf59b9f42a17d43b942cfa62964bd8d46292f9c726eadfd0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 18e34ba642d5c967d5c67d29cdec3ba1 |
| SHA1 | b180fc132f679460299494242f2cac89d696a73a |
| SHA256 | e41cc253923268cbda4a606773acced60c7c1a2a1e176df856d556047b7e2665 |
| SHA512 | 43d3b284e82d22bbd0d34e46df4329c8a6d7d1e4d5a9b32382c4e699eb4daac63d4dfdcb399197a099724770bd8260ab6d9d630f5b067d1d55be47028e02dcbd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 831bd9ec605fd17a237dabc40742517e |
| SHA1 | 2102e4115574958c8275acc639f758257bff7e96 |
| SHA256 | 035d8a2979de165a1e7a2c894943e311de92ccacfd8b97341588a1a16327f049 |
| SHA512 | 78ae6b02dc9df72be1b0703812692f750874dc8019b40fea7e8d6f99057cd79cd1cdcc4c5dd96fcb15ef0b2e45e874b455d595c67ede22fe12d80b463ffcdcc2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 56af6e650fe4f9c3a9cf2544b939dc26 |
| SHA1 | b127dd0aaf3341a6622195798d6fcef9de76c2c3 |
| SHA256 | 0be39c0019d35922ed71f91bf956c672fb13989ddc6bf62ef7d86c5d20e6a9ff |
| SHA512 | 16b574499404d3df0250ebc0409cb9db49b4efa756e9f58d2b45b0385be0171fb4f4bbaf1e335f04b057e81d740d63b7501ee963804caa2ce2fb8556ab6629d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a6b41394a9c43e530b3fea83b180c1e2 |
| SHA1 | 038ddaa7a256b52e123bfb3cd44ea6f8112257b9 |
| SHA256 | 096314ee515288ac3fde831041430e7882a4037c1285fe9751c1eb9494f478e7 |
| SHA512 | c9c36df07441d6e5b19443c59694922846c408e079e789138b291fb2e341d521e43baa44f3dcf5c3e2b40efb1ca43dd8427740ce43aff261ea0bc58e9f55fc24 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 562a707770f62f30fcd6b6ddb6d76d7f |
| SHA1 | ef209feffb6f251a3e347e547b7e15d21640493b |
| SHA256 | f0eb5b0766ae5f830ff5bb907c9721319ccdeabbc56b47c165d0ba82675e2fab |
| SHA512 | f78c6562ad2de7b818e2bc1eb4efa7129f0e966da0c7375a44e33576973d758a03ca38f0e34a1721a5928d497342095232ed7691bc879d921c0ed531f2bee3cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 463f4210e9e2a80ee2a1ecd3c35e7b65 |
| SHA1 | 94096c5f3d907f69ba7460aafcb09748e034a6b6 |
| SHA256 | 0945a3a0c1f9742fe0e1f54bac2c86ee3913c35b4338ed54441481e59c407fdd |
| SHA512 | 93179fe869f2140ac6fa526720b343057087bb02b106b246c74734b4f80178769fae9321afaada940c95e0559e0ceee544792387c382fa76da47248c4ab0a0ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2066a040732c092fb99d950ee16a671c |
| SHA1 | 5e705b1fd175a5fc3c6ee1285c73d0e329c275dd |
| SHA256 | 26e7778424dc68facc968b6ca2d01ab9e89f73f1f7823e565e77bc0276e043c6 |
| SHA512 | ee60ae7059d574771744303d7e695037aaa999914793ed7c06c0754751f0b5c5773b5f6d2c938893fbef4cd5cda22336016baf8c2e76f3dad93ff7c6eaae7db2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e0c09ca98b9763d7646a86bb90b4cd3e |
| SHA1 | 3da74521183430cfd5168e1fdfcf1eecf3e20422 |
| SHA256 | 19166709c3ef7fe5328faedeedc41d064c7d10dc5a797f66a1be5943218c9e9f |
| SHA512 | b34a2b5902266236dd8f329a3ee76ea9905343e00a118807832411ad4cdf78852fdf839155b5b03727d56bcd5798a69db618a82e33769b51c0fb67562e4fee1a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c18ae44a6fdc54b8bb09608307676a88 |
| SHA1 | e1510a5187f28447ae03ca91cad0e816d0793614 |
| SHA256 | 0aeefd9e774b6a38c4e172335abbcc0f2625631f24d07d532bcc7642e0698c95 |
| SHA512 | 01244b4f136c4b4f61798e0ca29f5f94f1309bcde3ca6c14be9460e640ebc7b0919bb86fefde77c233a5a6e6a5494e9690fbdbc7cb3d46bd5cc6b272170ad9ed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d994328858a4a4f57d1066e984a2037a |
| SHA1 | 9fc00d117208c5c002c59c95689e31bd98a1f86f |
| SHA256 | 10421775ef8a78a141b061233b0a23cb9fcef11fa3bfb64d3ed7f4cebfa8f3d0 |
| SHA512 | 9e21504b49e658b165b0dc746ee8d12ea595ee2ab45041db0051dd46a9953cf6dcac46289a6e4bd54c9edbadc4f0ab62775ebe6217aa22c932643260ab724ff5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dea10d097135c6b0739f2886d5c41f22 |
| SHA1 | f2320baae798c051d140a65dffe859a0971a6dfb |
| SHA256 | df2fb4814842416b8660afd7e9a2771923a8183f76247c70709176e2a2a3ae88 |
| SHA512 | 5d9419774ccbf13312cec56a7df998b5910a4096d43f594477c6a2787868b72e0b9cec63f7ab238499b0e48aa1f4af13da4c598793d1d36a57a80614f285562a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 18469d32fc8910df22a0ad2a6255635a |
| SHA1 | 3e9ec3f3abd0639747c778e3bc5c21dac5875220 |
| SHA256 | 7ffefac5bc015149c872c58bca032b4abd4f41f86c84fe41d2fef47e322b2b17 |
| SHA512 | 7a4b9f3c1d88371b714878fb2032125047dd5b0108b82abff8ab4402f1cca72298753db4fd71941f5997d09ff8db3c276596ccaa99df0447843a2371a3706aa8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 328fd3fe78725b116963f916718ca613 |
| SHA1 | cad5b34a2933b2801c2921537f1fe44dffae01ad |
| SHA256 | f46ce23270bb8e5353b98ff3fe3b9344a5063eb558752659bcea967700019a51 |
| SHA512 | 82ca692396be953668aed6b8b360b1ca7ad5f6a18f85bbc236317fabd35efe8ac4e3add15e4ee8d2ca6a0c3432847efffc220c294e96d92660912c334f572e2f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0d156722866e0ce13d93d1ebdc290f11 |
| SHA1 | 3615512b7a636645c8d0372ba82577c57cedefbe |
| SHA256 | f1ecb0fee6ca2eedd180f32a354527fc6105e1a215f70e42ecfbd548438274b8 |
| SHA512 | f05b52ed1ecedbe4d41f096e2fca56f07e2d1c00f6cf5b0607040a62c2b62bacbcac125b935ecd35afa1b33ff8ec34c1464ddfdb1b2bc53e29a3c1191fb826d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 037a2a543968e77924ac6ea6fabda64b |
| SHA1 | 3526ec1473541021a81eb7d4f207b2855d891bd2 |
| SHA256 | d86a96bd36de81ace3fd8a63d2c0664451d32d9150a034b5000bf53e6d7ede90 |
| SHA512 | 69f26fc51854c15e8aa7702606d84e43c187de1b08dd0ecd96bde8b48459d290026cf5a6d8d5a9bb9020f2d37be09d69a59b7c2ac31cdaf7f6242361fab979c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3445bc1f4629456b00afdd6ed8305088 |
| SHA1 | 6907bbc9b437366c95f2bda1c2aa526b90320802 |
| SHA256 | 1bc198929d4fce42278b93018c3fd167199fa64704ef68f5deedc8d7b5c1a332 |
| SHA512 | a604341bf3c6487ab42151efa9916f8359b41b4cc5776ef3385b080962d779d8f4795036c580c0d17c4455dfe82dac9e5364b0ba2d609a4488d9e58c9bfa366f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7bff0d7cbe026d5eb3f46c3ac76ed79e |
| SHA1 | a1c97f183951751bb0b5c0d1cfe976ca3868e7fd |
| SHA256 | 3f5edb10fb0cbb95dbd1591e2ebc4856d5dd3d86a666e86f6ff9be12a308b696 |
| SHA512 | bb32a34f568d188ca02a5e050af536798097458c15af7ae5dcaabedd1c154b122242409d6ea320c2f405b5334540d377c2c467288a28e7ce6595b4c0e6a71a64 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4a3b59ee67817599a179715b6f1e09ba |
| SHA1 | b89c8824e2192371df08a23e2a15617ebbcb66ae |
| SHA256 | 24f0eebc37c4bfccb01661662087e7560b36aad8cab014f70f69dd15761bd397 |
| SHA512 | b1269cfb4826534ad9eee788fdf20c21fa50c0e11be9ab2ce16b833e7965441eebe8ace80cd07f77df62d60ef1927aa1a5bfba768c8c942f19264b576161d6b7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 90d9e9181e523e821f70c263d9475606 |
| SHA1 | 98f064f2a27368170edcf45c394fe5c91066b008 |
| SHA256 | bbca1c0673924c3befe26e16387ac235b11a01252f7338d79ccd5c5f7a5d41cf |
| SHA512 | 7131ade19a4cde422bfc5245661662119797f7aac9c3d1579ae6fc8edc15b23b2116fbcd17f7775e8313914eeb292f0fe2db552d4f6069241136374f868d2ec6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\196065f4-19db-4e17-946d-82526878a9d0.tmp
| MD5 | 2dd49721b347c361a1d54bac3e051414 |
| SHA1 | 8be410485efa82cfb4d0d6931a9a170298bff5a3 |
| SHA256 | 8b3fbb47a6da48e5094688c749f129a41f40058b06cc8fb9f15e155ed6609b14 |
| SHA512 | 0f986290e3cc2b2431c6f8e70e08ab44df045515eeb0e0e90a65b441745c53cc70093c837555d3a576137e197e2fd7a43877fecec5dd2f2c7405c37b61d2b534 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ee7a6ed43735d00e60c5838c34474eb1 |
| SHA1 | 8c4d548ae51f555f648b4f764875229101abe580 |
| SHA256 | 2f53ae7091932c6bb4f46f31a487ba5fa8d76391310ec9a7cb358f99bd5e0774 |
| SHA512 | 15f04a68cef0f60353ef6a16f1fda5cc90f044a7ab4f8c4016b05cf9ca11981f6f1378dc885f71c9d842f3783361fc84a605c958feb274ef980e9c1d80f447f7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fdb735e0c292c4c357a6f8153e6978f5 |
| SHA1 | 634365353b8b488bbd9b93b8811b889ea68fec71 |
| SHA256 | 1a331515718b9cf86c542b7587da86a9c5737c213c47c1d1a122790faba413e2 |
| SHA512 | 2dfa90544f332235a357f3c32277ae9d0c1c444da7cfca22bd29d22e8e79751ec08706534fdeee6ad9a97db8777a20ff9d020813d5315ad49572f8470b0a7d5c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | db4fc99db2983a27c6216bdff33dbcd5 |
| SHA1 | 4f4a39a8aff010e7ec42edd51ad9f621a3395aa9 |
| SHA256 | 2a9541fb72a2338f85bb472e99387894c8176264304c51f9da3bd4e6463fb868 |
| SHA512 | 0a31e8bda75bf43d7ffb7bfca2981da493cebe7de4d1dc1706ea7c771390bd5cb0eaff086fae21be313fe73b580290082dad51c793119af65114f702a1591e79 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | eb74153ac074e6262522d2f31fc11691 |
| SHA1 | 86e72fcd9d96d725f0f196eea612a8e44eb03956 |
| SHA256 | f2c9a2c754742868a91109ac9e5206d01bf4ebdc11b3f90b3436a1cde6557414 |
| SHA512 | 066b76b5a31a23f81f62d0431c200ba9f8986777ac55f29524be36e0857a1f7232753e097cb6b4bed1ed2a195027bb6509a062f8009b78ce4cc59157f9d5215a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1032fa497d94d562d2aaeebe891f3bb9 |
| SHA1 | 2f148a31bbaf8bd86e3b2797e2a98a37b6ded090 |
| SHA256 | f1bff2438f7d8407d2ef67a43b088c25bb4527e5392c1d91f1b039388aafa105 |
| SHA512 | 8a960d8c77048a5e507837ac85a4199c70f48fd20714b9409686479b7567f9e2c17cd44449f46fea9df8e0f12684632f3bd027ec916599b1a2cd0b9a13216e6a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 76b3a9dac270b0b38de484785c93ed01 |
| SHA1 | 646f30727b465554e2adc7997eba602b42549a69 |
| SHA256 | c2f6ba78267b122376330590c22a5638301c5d736b16df33c7050160a1dcee94 |
| SHA512 | 2cdb2cfe3d791c4971212f3d857dbad52cf336879531dbfbc38cb523accf7aa6003c92a067a63eb7cdab004a8e220f6126f0818d0af3cfc07af052195c2b155f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | be414f1d9cafe911a26dc5c932ed1331 |
| SHA1 | c0223c1f73edafd37aace5860d92baa86dc5dca5 |
| SHA256 | 76623864667d46c006639a77fb2dd923b0824afd921a5f1345e45862d9b5da52 |
| SHA512 | f91a29c58f7e340fa890c46963465aa6c4ca4545b2ed5e3876950539c78e194835f06fce9519ca62435495e586049f414621ecf20fdc0e90f1340d3f9115e599 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9416326d6769bfb2bca557dd496ef737 |
| SHA1 | a9cce76d6a4095bdf39ade5c613d271d8b8e972c |
| SHA256 | 293a749829a79a42255289196f2f5a955ca5e5bcac38c261439234dda5dfe438 |
| SHA512 | 5971898130a5b4d2744d9b61f484898d34500504fe7dc21e1df432925a68aa3036dc5e43a32e3175ffb70b477cf7118dc821cef6c0d4cd00460a91b677a73ff9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4fbb7a8304972d836c8c887592ad881a |
| SHA1 | f2085d5e771e0ef903a79dcacea9eae3568eb851 |
| SHA256 | 7ca521401f63ed070aca4a581ae54fe68bc73089945e03b450bcf9f8e67a7fbe |
| SHA512 | 9da7bead6f90d991fd4c0b72347db66cd2e76e4fbe8662519d3e84f41c8aa8d12a4a4b3d74a1fbfdfe2f2c8159137a3bd12237f9c56df9dc40c319d010259e7c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2aab71cbafe47126111d39fc365fb46c |
| SHA1 | c0ef5e2f3486a829db31f269c1ecf910d71258fc |
| SHA256 | 24dcddda081adf38da5cbb79333afc8884d0398c1788da6b97cfad76c9b28558 |
| SHA512 | 941638ab70a822b6675eb07b11a21bc0b6e836c5df6ee76b552a62cb0a0eb2a739c63d86688f1c55b60d8270e71b4ac7813f6e972240fbc8627492aca683470b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d497c4835e481bf0770785fe346f6dbc |
| SHA1 | f9b515478caaeef1eaeaf33ef720b87c74496099 |
| SHA256 | 526d853868a25c35600de4c8a091b1bca9d2d4eb882c162cc2349bfe868a4a26 |
| SHA512 | 61b599b2e52bc40c116b156a55e5d751e9549fc9a843a725ebcb934fd6f7b2c204fcc7f3f2b8bb214cd1b4d7754579dd710d76ea99a1661fa124f3dc2d52fb58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 096092260803b225587ae025cdcaefd0 |
| SHA1 | 715b227aa445d7d3a6b70100224fcd84826bdad5 |
| SHA256 | 0c8e76073a65f0b3b96d5bff4db7fd63ab1b2af6de1a5eb95f5bbf0f46613a58 |
| SHA512 | 54dddbbf6435ef9598c7082b432123e81c6ea403a430eb674b51bb75a97e8f47ecea7345d7d355171fc0cb6e307785c925772c6f4e54e91249aeeab2359555a5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5aeec297ca4222303d73903b1c0e8af5 |
| SHA1 | 3763f8b8ed272e0f356aa44dd69af34e030dfa0e |
| SHA256 | 25f5250afeb704ccc20203f32baf415ae572d050379b597bace9c3ff6419afc8 |
| SHA512 | dfb7391277ebc590ad5a6df80aa17986b24a7026613a709d977ff3613f7d11494bbc38936836b5ec1865cac73047838e62419d989e6e66fc62eb7ae07784316d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fe2fbec33866ca1819e880cb9cc1e78a |
| SHA1 | 3451b395d09af41703c6b02445dc8df408942251 |
| SHA256 | 25c06706a3322c01fcc0e9e214016e90de30d000612e893993ef9f9babdd26cf |
| SHA512 | b7752655831aab1a6ffbc952f27ba744b3f309c89f28094b9dd72631736e6657a62de760ca7a23a0ed3c84186160da12276c4d884e636b7d2adeda9052fa1b5e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ebcc68a931f9fea43fbd22a12954e9f0 |
| SHA1 | 0b685a71ac30729048949baa6175eacec231926c |
| SHA256 | 5079ebdccba1ff7e594ce6e9ea6f89e8da2e64f70f431a22a5178f198e08f459 |
| SHA512 | cedafc21360520d1fe18f70b56539e04bf0d1113b05dd50a7238f8ce07c0151006c3b40cd74ed843d2a8a7354c12a096cbb4e5b5b4d8a3133486ac604ba704fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ee4c595072504c24d00997fd3c77e979 |
| SHA1 | 78350bc1efae26347ef530e74ac9b95f7c9eed83 |
| SHA256 | 58808af0e3600551b850c359c4eea20aaf96563fbffbf3a15861fe7c1364f48f |
| SHA512 | 73ba32e99abceac2a620c6bfbf5bb0857d1eab167b7045905b59b289828513c9b9b41fbef42a209b5debee93b7748c3d6d5682cb8656d3f12cb2e626b9e8959f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6ef3cfc41c7be581ee0a9c40bd294985 |
| SHA1 | a1b86845d42103b23b0c1a2caf8500dcd99efe35 |
| SHA256 | dd046b0854b4ba3953d34f4a2cc0129ff02ce396a44cd1200ae3e3ec2347a4a9 |
| SHA512 | 4d09c2065561391a6186b8caa3773ef482557f23b166d643485246b7bb6f8c2b212d30f1055483a74a44ceb7b2a40d24e922e3d52a1a4c261f40848a0049e7d1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d258b999d3bb9db893376e2f30a1b2c6 |
| SHA1 | faa9f3cbbae63e64e6a87ce9c4bd2d6a27a752e9 |
| SHA256 | c38e7a8a1661064f9105732859ebe5d43951d87df79738c2206e1ac5ef6eb88a |
| SHA512 | ed82205b8a18d0c6801c403fd3958f8faebf8fb16ce5279a079ede080c61474d131c26722919f15e81bd4aa819bc037536104470f1b9e242866ad5c672749168 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c0bdbaad2cd3cfd96935460b0cd94a05 |
| SHA1 | be38243c9e14240837884b190378522c59cebf3f |
| SHA256 | 8e9cba6c2df09ed301120323fe8d045b738a1a208a33a037726fa688e09a3bdf |
| SHA512 | 12d95d22d6cd539edeedea91c810405c42c36b536233717638b7344ecadc08e288e3653d9cab043215bda419bc386a90cfac167f367a455f4edbf09fd9c014d3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1ff08e237d48f78129e071cb07dd9189 |
| SHA1 | 45baeae3e36501623efe191fefe70e2a8a7a9efa |
| SHA256 | 5dddeea984cc12c029eb5e64f514fcfa01a852fbe9afb7a25b988e2046aeb45c |
| SHA512 | 95f9d78b2b83f4d3e96faa0bc3378278981bfafc43965ca973db5db3432d0b642b8f6d709e1157c068706614734d96a5a45a7214c2d2558040b8af0ed90ff555 |