Malware Analysis Report

2025-01-02 08:03

Sample ID 240510-c1k6kshb72
Target https://github.com/Tenclea/ReYANG
Tags
privateloader loader spyware stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://github.com/Tenclea/ReYANG was found to be: Known bad.

Malicious Activity Summary

privateloader loader spyware stealer

PrivateLoader

Reads user/profile data of web browsers

Executes dropped EXE

Checks computer location settings

Loads dropped DLL

Legitimate hosting services abused for malware hosting/C2

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SendNotifyMessage

Modifies registry class

Suspicious use of WriteProcessMemory

Suspicious use of AdjustPrivilegeToken

Enumerates system info in registry

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-10 02:32

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-10 02:32

Reported

2024-05-10 02:35

Platform

win10v2004-20240426-en

Max time kernel

149s

Max time network

152s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/Tenclea/ReYANG

Signatures

PrivateLoader

loader privateloader

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-1162180587-977231257-2194346871-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\ReYANG-Windows\ReYANG-win.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1162180587-977231257-2194346871-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\ReYANG-Windows\ReYANG-win.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\ReYANG-Windows\ReYANG-win.exe N/A
N/A N/A C:\Users\Admin\Downloads\ReYANG-Windows\ReYANG-win.exe N/A

Reads user/profile data of web browsers

spyware stealer

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1162180587-977231257-2194346871-1000_Classes\Local Settings C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeRestorePrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: 35 N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\7-Zip\7zG.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 464 wrote to memory of 4756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 4756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1160 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1196 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 1196 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 464 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/Tenclea/ReYANG

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9a1dd46f8,0x7ff9a1dd4708,0x7ff9a1dd4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2220,12416122780659008230,8597670933508149220,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2228 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2220,12416122780659008230,8597670933508149220,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2220,12416122780659008230,8597670933508149220,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2908 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,12416122780659008230,8597670933508149220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,12416122780659008230,8597670933508149220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3396 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2220,12416122780659008230,8597670933508149220,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4832 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2220,12416122780659008230,8597670933508149220,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4832 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,12416122780659008230,8597670933508149220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,12416122780659008230,8597670933508149220,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,12416122780659008230,8597670933508149220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,12416122780659008230,8597670933508149220,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3500 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,12416122780659008230,8597670933508149220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2220,12416122780659008230,8597670933508149220,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6064 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2220,12416122780659008230,8597670933508149220,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5400 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\ReYANG-Windows\" -ad -an -ai#7zMap9511:90:7zEvent31074

C:\Users\Admin\Downloads\ReYANG-Windows\ReYANG-win.exe

"C:\Users\Admin\Downloads\ReYANG-Windows\ReYANG-win.exe"

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ReYANG-Windows\required\http-proxies.txt

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2220,12416122780659008230,8597670933508149220,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5416 /prefetch:2

C:\Users\Admin\Downloads\ReYANG-Windows\ReYANG-win.exe

"C:\Users\Admin\Downloads\ReYANG-Windows\ReYANG-win.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,12416122780659008230,8597670933508149220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6200 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,12416122780659008230,8597670933508149220,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,12416122780659008230,8597670933508149220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6396 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,12416122780659008230,8597670933508149220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6296 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,12416122780659008230,8597670933508149220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6584 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2220,12416122780659008230,8597670933508149220,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3468 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2220,12416122780659008230,8597670933508149220,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3032 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 71.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.109.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 camo.githubusercontent.com udp
US 185.199.108.133:443 camo.githubusercontent.com tcp
US 185.199.108.133:443 camo.githubusercontent.com tcp
US 185.199.108.133:443 camo.githubusercontent.com tcp
US 185.199.108.133:443 camo.githubusercontent.com tcp
US 185.199.108.133:443 camo.githubusercontent.com tcp
US 185.199.108.133:443 camo.githubusercontent.com tcp
US 8.8.8.8:53 154.110.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.109.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 140.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 collector.github.com udp
US 140.82.114.22:443 collector.github.com tcp
US 140.82.114.22:443 collector.github.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 8.8.8.8:53 22.114.82.140.in-addr.arpa udp
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
NL 23.62.61.97:443 www.bing.com tcp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
NL 23.62.61.97:443 www.bing.com tcp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 77.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 8.8.8.8:53 22.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 8.8.8.8:53 api.proxyscrape.com udp
US 8.8.8.8:53 openproxylist.xyz udp
US 8.8.8.8:53 www.proxyscan.io udp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 104.18.10.5:443 api.proxyscrape.com tcp
US 104.18.10.5:443 api.proxyscrape.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 104.21.0.95:443 openproxylist.xyz tcp
US 54.157.24.8:443 www.proxyscan.io tcp
US 54.157.24.8:443 www.proxyscan.io tcp
US 104.18.10.5:443 api.proxyscrape.com tcp
US 104.18.10.5:443 api.proxyscrape.com tcp
US 104.21.0.95:443 openproxylist.xyz tcp
US 104.21.0.95:443 openproxylist.xyz tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 54.157.24.8:443 www.proxyscan.io tcp
US 54.157.24.8:443 www.proxyscan.io tcp
ID 101.255.116.163:33333 tcp
LY 102.214.165.241:1976 tcp
IN 103.143.168.58:84 tcp
ID 103.13.204.24:8082 tcp
KE 102.212.30.22:8080 tcp
ID 103.105.55.170:8085 discordapp.com tcp
BD 103.127.1.130:80 discordapp.com tcp
CN 101.224.168.47:8060 tcp
ID 116.68.172.169:8080 tcp
TW 118.163.13.200:8080 tcp
DE 116.203.28.43:80 discordapp.com tcp
ID 117.54.114.101:80 tcp
JP 116.80.58.72:4649 tcp
ID 118.99.122.8:8080 tcp
ID 117.54.114.35:80 tcp
DE 116.203.75.22:3131 discordapp.com tcp
AO 154.127.240.126:64001 tcp
ZA 154.0.14.116:3128 tcp
AO 154.127.240.120:64001 tcp
IT 151.22.181.205:8080 discordapp.com tcp
US 154.16.146.41:80 tcp
CN 153.101.67.170:9002 tcp
HK 152.101.73.180:13579 discordapp.com tcp
AO 154.127.240.117:64002 tcp
DE 176.9.90.155:80 tcp
EC 177.234.194.154:999 tcp
CO 177.93.60.70:999 tcp
BR 177.43.72.250:3128 tcp
AR 177.136.85.113:999 tcp
UA 176.8.230.197:8187 tcp
BR 177.222.25.9:8080 tcp
RU 176.110.121.90:21776 tcp
IR 193.151.153.142:8080 discordapp.com tcp
RU 193.162.143.135:4444 discordapp.com tcp
RU 193.162.143.150:4444 discordapp.com tcp
RU 193.138.178.6:8282 tcp
RU 193.162.143.137:4444 discordapp.com tcp
RU 193.162.143.170:4444 discordapp.com tcp
RU 193.162.143.171:4444 discordapp.com tcp
RU 193.162.143.152:4444 discordapp.com tcp
CN 222.243.174.132:81 tcp
HK 23.225.133.85:41698 discordapp.com tcp
CN 222.174.178.122:4999 tcp
CN 219.129.167.82:2222 tcp
CN 220.248.70.237:9002 tcp
GB 217.112.80.252:80 tcp
HK 23.225.133.68:41698 discordapp.com tcp
CN 218.6.120.111:7777 tcp
KH 43.255.113.232:85 discordapp.com tcp
KH 43.255.113.232:81 discordapp.com tcp
DE 116.203.28.43:80 discordapp.com tcp
RU 193.162.143.170:4444 discordapp.com tcp
RU 193.162.143.137:4444 discordapp.com tcp
RU 193.162.143.152:4444 discordapp.com tcp
RU 193.162.143.135:4444 discordapp.com tcp
RU 193.162.143.150:4444 discordapp.com tcp
RU 193.162.143.171:4444 discordapp.com tcp
DE 116.203.28.43:80 discordapp.com tcp
NP 43.245.93.193:53805 discordapp.com tcp
RU 193.162.143.170:4444 discordapp.com tcp
RU 193.162.143.137:4444 discordapp.com tcp
RU 193.162.143.152:4444 discordapp.com tcp
RU 193.162.143.135:4444 discordapp.com tcp
RU 193.162.143.150:4444 discordapp.com tcp
RU 193.162.143.171:4444 discordapp.com tcp
US 8.8.8.8:53 133.110.199.185.in-addr.arpa udp
US 8.8.8.8:53 5.10.18.104.in-addr.arpa udp
US 8.8.8.8:53 8.24.157.54.in-addr.arpa udp
US 8.8.8.8:53 95.0.21.104.in-addr.arpa udp
BD 103.127.1.130:80 discordapp.com tcp
IN 43.243.174.26:83 tcp
KH 43.255.113.232:83 discordapp.com tcp
KH 43.255.113.232:8083 discordapp.com tcp
KH 43.255.113.232:8084 discordapp.com tcp
ID 43.252.238.86:8080 tcp
CA 67.43.227.227:22551 discordapp.com tcp
IR 193.151.153.142:8080 discordapp.com tcp
BD 103.127.1.130:80 discordapp.com tcp
KH 43.255.113.232:8083 discordapp.com tcp
KH 43.255.113.232:83 discordapp.com tcp
IR 193.151.153.142:8080 discordapp.com tcp
US 8.8.8.8:53 43.28.203.116.in-addr.arpa udp
US 8.8.8.8:53 22.75.203.116.in-addr.arpa udp
US 8.8.8.8:53 135.143.162.193.in-addr.arpa udp
US 8.8.8.8:53 137.143.162.193.in-addr.arpa udp
US 8.8.8.8:53 150.143.162.193.in-addr.arpa udp
US 8.8.8.8:53 171.143.162.193.in-addr.arpa udp
US 8.8.8.8:53 170.143.162.193.in-addr.arpa udp
US 8.8.8.8:53 152.143.162.193.in-addr.arpa udp
US 8.8.8.8:53 142.153.151.193.in-addr.arpa udp
US 8.8.8.8:53 130.1.127.103.in-addr.arpa udp
US 8.8.8.8:53 180.73.101.152.in-addr.arpa udp
US 8.8.8.8:53 85.133.225.23.in-addr.arpa udp
US 8.8.8.8:53 227.227.43.67.in-addr.arpa udp
US 8.8.8.8:53 232.113.255.43.in-addr.arpa udp
US 69.79.101.97:999 tcp
KH 43.255.113.232:85 discordapp.com tcp
KH 43.255.113.232:81 discordapp.com tcp
CA 67.43.236.21:20283 discordapp.com tcp
KH 43.255.113.232:8083 discordapp.com tcp
KH 43.255.113.232:83 discordapp.com tcp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
KH 43.255.113.232:85 discordapp.com tcp
KH 43.255.113.232:81 tcp
MM 65.18.114.254:55443 tcp
US 8.8.8.8:53 170.55.105.103.in-addr.arpa udp
US 8.8.8.8:53 68.133.225.23.in-addr.arpa udp
US 8.8.8.8:53 193.93.245.43.in-addr.arpa udp
US 8.8.8.8:53 21.236.43.67.in-addr.arpa udp
CA 72.10.160.91:1137 discordapp.com tcp
AO 154.127.240.117:64002 tcp
AO 154.127.240.120:64001 tcp
AO 154.127.240.126:64001 tcp
US 8.8.8.8:53 91.160.10.72.in-addr.arpa udp
US 8.8.8.8:53 205.181.22.151.in-addr.arpa udp
ID 101.255.116.163:33333 discordapp.com tcp
LY 102.214.165.241:1976 tcp
IN 103.143.168.58:84 discordapp.com tcp
ID 103.13.204.24:8082 tcp
KE 102.212.30.22:8080 tcp
ID 103.105.55.170:8085 tcp
CN 101.224.168.47:8060 tcp
ID 116.68.172.169:8080 tcp
TW 118.163.13.200:8080 tcp
ID 117.54.114.101:80 tcp
JP 116.80.58.72:4649 discordapp.com tcp
ID 118.99.122.8:8080 tcp
ID 117.54.114.35:80 tcp
DE 116.203.75.22:3131 discordapp.com tcp
ZA 154.0.14.116:3128 tcp
IT 151.22.181.205:8080 tcp
US 154.16.146.41:80 tcp
CN 153.101.67.170:9002 tcp
DE 176.9.90.155:80 tcp
EC 177.234.194.154:999 tcp
CO 177.93.60.70:999 tcp
BR 177.43.72.250:3128 tcp
AR 177.136.85.113:999 tcp
UA 176.8.230.197:8187 tcp
BR 177.222.25.9:8080 tcp
RU 176.110.121.90:21776 tcp
RU 193.138.178.6:8282 tcp
CN 222.243.174.132:81 tcp
HK 23.225.133.85:41698 discordapp.com tcp
CN 222.174.178.122:4999 tcp
CN 219.129.167.82:2222 tcp
CN 220.248.70.237:9002 tcp
GB 217.112.80.252:80 tcp
HK 23.225.133.68:41698 discordapp.com tcp
CN 218.6.120.111:7777 tcp
NP 43.245.93.193:53805 tcp
IN 43.243.174.26:83 tcp
KH 43.255.113.232:8084 tcp
ID 43.252.238.86:8080 tcp
CA 67.43.227.227:22551 discordapp.com tcp
HK 152.101.73.180:13579 discordapp.com tcp
HK 152.101.73.180:13579 discordapp.com tcp
US 8.8.8.8:53 72.58.80.116.in-addr.arpa udp
US 69.79.101.97:999 discordapp.com tcp
CA 67.43.236.21:20283 discordapp.com tcp
AO 154.127.240.117:64002 tcp
AO 154.127.240.126:64001 tcp
AO 154.127.240.120:64001 tcp
IQ 65.20.154.62:28080 tcp
CA 67.43.227.227:27851 discordapp.com tcp
FI 65.21.159.49:80 discordapp.com tcp
MM 65.18.114.254:55443 tcp
FI 65.21.159.49:80 discordapp.com tcp
FI 65.21.159.49:80 discordapp.com tcp
SY 82.97.215.240:80 tcp
CA 72.10.164.178:8711 discordapp.com tcp
US 8.8.8.8:53 97.101.79.69.in-addr.arpa udp
US 8.8.8.8:53 49.159.21.65.in-addr.arpa udp
CA 72.10.160.91:1137 discordapp.com tcp
US 8.8.8.8:53 178.164.10.72.in-addr.arpa udp
US 8.8.8.8:53 58.168.143.103.in-addr.arpa udp
US 8.8.8.8:53 163.116.255.101.in-addr.arpa udp
CA 72.10.164.178:18451 discordapp.com tcp
LV 85.115.112.178:8197 tcp
CA 72.10.164.178:18497 discordapp.com tcp
CA 72.10.164.178:1805 discordapp.com tcp
ID 101.255.116.163:33333 tcp
LY 102.214.165.241:1976 tcp
IN 103.143.168.58:84 tcp
ID 103.13.204.24:8082 tcp
KE 102.212.30.22:8080 tcp
ID 103.105.55.170:8085 tcp
CN 101.224.168.47:8060 tcp
ID 116.68.172.169:8080 tcp
TW 118.163.13.200:8080 tcp
ID 117.54.114.101:80 tcp
ID 118.99.122.8:8080 tcp
ID 117.54.114.35:80 tcp
DE 116.203.75.22:3131 tcp
ZA 154.0.14.116:3128 tcp
IT 151.22.181.205:8080 tcp
US 154.16.146.41:80 tcp
CN 153.101.67.170:9002 tcp
DE 176.9.90.155:80 tcp
EC 177.234.194.154:999 tcp
CO 177.93.60.70:999 tcp
BR 177.43.72.250:3128 tcp
AR 177.136.85.113:999 tcp
UA 176.8.230.197:8187 tcp
BR 177.222.25.9:8080 tcp
RU 176.110.121.90:21776 tcp
RU 193.138.178.6:8282 tcp
CN 222.243.174.132:81 tcp
HK 23.225.133.85:41698 tcp
CN 222.174.178.122:4999 tcp
CN 219.129.167.82:2222 tcp
CN 220.248.70.237:9002 tcp
GB 217.112.80.252:80 tcp
HK 23.225.133.68:41698 tcp
CN 218.6.120.111:7777 tcp
NP 43.245.93.193:53805 tcp
IN 43.243.174.26:83 tcp
KH 43.255.113.232:8084 discordapp.com tcp
ID 43.252.238.86:8080 tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 104.18.10.5:443 api.proxyscrape.com tcp
US 104.18.10.5:443 api.proxyscrape.com tcp
US 104.21.0.95:443 openproxylist.xyz tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 54.157.24.8:443 www.proxyscan.io tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 54.157.24.8:443 www.proxyscan.io tcp
US 104.18.10.5:443 api.proxyscrape.com tcp
US 104.18.10.5:443 api.proxyscrape.com tcp
US 104.21.0.95:443 openproxylist.xyz tcp
US 104.21.0.95:443 openproxylist.xyz tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 54.157.24.8:443 www.proxyscan.io tcp
US 54.157.24.8:443 www.proxyscan.io tcp
ID 101.255.116.163:33333 tcp
LY 102.214.165.241:1976 discordapp.com tcp
IN 103.143.168.58:84 tcp
ID 103.13.204.24:8082 tcp
KE 102.212.30.22:8080 tcp
ID 103.105.55.170:8085 discordapp.com tcp
BD 103.127.1.130:80 discordapp.com tcp
CN 101.224.168.47:8060 tcp
ID 116.68.172.169:8080 tcp
TW 118.163.13.200:8080 tcp
DE 116.203.28.43:80 discordapp.com tcp
ID 117.54.114.101:80 discordapp.com tcp
JP 116.80.58.72:4649 discordapp.com tcp
ID 118.99.122.8:8080 tcp
ID 117.54.114.35:80 discordapp.com tcp
DE 116.203.75.22:3131 discordapp.com tcp
AO 154.127.240.126:64001 tcp
ZA 154.0.14.116:3128 discordapp.com tcp
AO 154.127.240.120:64001 tcp
IT 151.22.181.205:8080 discordapp.com tcp
US 154.16.146.41:80 discordapp.com tcp
CN 153.101.67.170:9002 tcp
HK 152.101.73.180:13579 discordapp.com tcp
AO 154.127.240.117:64002 tcp
DE 176.9.90.155:80 tcp
EC 177.234.194.154:999 discordapp.com tcp
CO 177.93.60.70:999 tcp
BR 177.43.72.250:3128 tcp
AR 177.136.85.113:999 tcp
UA 176.8.230.197:8187 tcp
BR 177.222.25.9:8080 tcp
RU 176.110.121.90:21776 tcp
IR 193.151.153.142:8080 discordapp.com tcp
RU 193.162.143.135:4444 discordapp.com tcp
RU 193.162.143.150:4444 discordapp.com tcp
RU 193.138.178.6:8282 discordapp.com tcp
RU 193.162.143.137:4444 discordapp.com tcp
RU 193.162.143.170:4444 discordapp.com tcp
RU 193.162.143.171:4444 discordapp.com tcp
RU 193.162.143.152:4444 discordapp.com tcp
CN 222.243.174.132:81 tcp
HK 23.225.133.85:41698 discordapp.com tcp
CN 222.174.178.122:4999 tcp
CN 219.129.167.82:2222 tcp
CN 220.248.70.237:9002 tcp
GB 217.112.80.252:80 tcp
HK 23.225.133.68:41698 discordapp.com tcp
CN 218.6.120.111:7777 tcp
KH 43.255.113.232:85 discordapp.com tcp
KH 43.255.113.232:81 discordapp.com tcp
DE 116.203.28.43:80 discordapp.com tcp
RU 193.162.143.135:4444 discordapp.com tcp
RU 193.162.143.137:4444 discordapp.com tcp
RU 193.162.143.152:4444 discordapp.com tcp
RU 193.162.143.170:4444 discordapp.com tcp
RU 193.162.143.150:4444 discordapp.com tcp
RU 193.162.143.171:4444 discordapp.com tcp
DE 116.203.28.43:80 discordapp.com tcp
NP 43.245.93.193:53805 discordapp.com tcp
IR 193.151.153.142:8080 discordapp.com tcp
RU 193.162.143.135:4444 discordapp.com tcp
RU 193.162.143.137:4444 discordapp.com tcp
RU 193.162.143.152:4444 discordapp.com tcp
RU 193.162.143.170:4444 discordapp.com tcp
RU 193.162.143.150:4444 discordapp.com tcp
RU 193.162.143.171:4444 discordapp.com tcp
KH 43.255.113.232:85 discordapp.com tcp
IN 43.243.174.26:83 tcp
KH 43.255.113.232:83 discordapp.com tcp
KH 43.255.113.232:8083 discordapp.com tcp
KH 43.255.113.232:8084 discordapp.com tcp
ID 43.252.238.86:8080 discordapp.com tcp
CA 67.43.227.227:22551 discordapp.com tcp
HK 152.101.73.180:13579 discordapp.com tcp
IR 193.151.153.142:8080 discordapp.com tcp
KH 43.255.113.232:83 discordapp.com tcp
KH 43.255.113.232:8083 discordapp.com tcp
KH 43.255.113.232:8084 discordapp.com tcp
US 69.79.101.97:999 tcp
HK 152.101.73.180:13579 discordapp.com tcp
KH 43.255.113.232:83 discordapp.com tcp
US 8.8.8.8:53 41.146.16.154.in-addr.arpa udp
US 8.8.8.8:53 116.14.0.154.in-addr.arpa udp
KH 43.255.113.232:85 discordapp.com tcp
CA 67.43.236.21:20283 discordapp.com tcp
KH 43.255.113.232:8084 discordapp.com tcp
MM 65.18.114.254:55443 tcp
US 8.8.8.8:53 154.194.234.177.in-addr.arpa udp
US 8.8.8.8:53 6.178.138.193.in-addr.arpa udp
CA 72.10.160.91:1137 discordapp.com tcp
ID 101.255.116.163:33333 tcp
LY 102.214.165.241:1976 tcp
IN 103.143.168.58:84 tcp
ID 103.13.204.24:8082 tcp
KE 102.212.30.22:8080 tcp
BD 103.127.1.130:80 discordapp.com tcp
CN 101.224.168.47:8060 tcp
ID 116.68.172.169:8080 tcp
TW 118.163.13.200:8080 tcp
ID 117.54.114.101:80 tcp
JP 116.80.58.72:4649 tcp
ID 118.99.122.8:8080 discordapp.com tcp
ID 117.54.114.35:80 discordapp.com tcp
DE 116.203.75.22:3131 tcp
AO 154.127.240.126:64001 tcp
AO 154.127.240.120:64001 tcp
IT 151.22.181.205:8080 discordapp.com tcp
US 154.16.146.41:80 tcp
CN 153.101.67.170:9002 tcp
AO 154.127.240.117:64002 tcp
DE 176.9.90.155:80 tcp
EC 177.234.194.154:999 discordapp.com tcp
CO 177.93.60.70:999 tcp
BR 177.43.72.250:3128 tcp
AR 177.136.85.113:999 tcp
UA 176.8.230.197:8187 tcp
BR 177.222.25.9:8080 tcp
RU 176.110.121.90:21776 tcp
RU 193.138.178.6:8282 discordapp.com tcp
CN 222.243.174.132:81 tcp
HK 23.225.133.85:41698 discordapp.com tcp
CN 222.174.178.122:4999 tcp
CN 219.129.167.82:2222 tcp
CN 220.248.70.237:9002 tcp
GB 217.112.80.252:80 discordapp.com tcp
HK 23.225.133.68:41698 discordapp.com tcp
CN 218.6.120.111:7777 tcp
NP 43.245.93.193:53805 tcp
IN 43.243.174.26:83 tcp
IQ 65.20.154.62:28080 tcp
ID 43.252.238.86:8080 tcp
KH 43.255.113.232:8083 discordapp.com tcp
US 69.79.101.97:999 discordapp.com tcp
KH 43.255.113.232:81 discordapp.com tcp
BD 103.127.1.130:80 discordapp.com tcp
CA 67.43.227.227:27851 discordapp.com tcp
FI 65.21.159.49:80 discordapp.com tcp
FI 65.21.159.49:80 discordapp.com tcp
SY 82.97.215.240:80 discordapp.com tcp
CA 72.10.164.178:8711 discordapp.com tcp
US 8.8.8.8:53 35.114.54.117.in-addr.arpa udp
FI 65.21.159.49:80 discordapp.com tcp
CA 72.10.164.178:18451 discordapp.com tcp
CA 67.43.236.21:20283 discordapp.com tcp
LV 85.115.112.178:8197 tcp
MM 65.18.114.254:55443 discordapp.com tcp
US 8.8.8.8:53 241.165.214.102.in-addr.arpa udp
US 8.8.8.8:53 101.114.54.117.in-addr.arpa udp
US 8.8.8.8:53 240.215.97.82.in-addr.arpa udp
AO 154.127.240.126:64001 tcp
AO 154.127.240.120:64001 tcp
AO 154.127.240.117:64002 tcp
CA 72.10.164.178:18497 discordapp.com tcp
CA 72.10.164.178:1805 discordapp.com tcp
US 8.8.8.8:53 252.80.112.217.in-addr.arpa udp
US 74.50.96.247:8888 discordapp.com tcp
CA 72.10.160.91:1137 discordapp.com tcp
LV 85.115.112.178:8197 tcp
ID 101.255.116.163:33333 tcp
LY 102.214.165.241:1976 discordapp.com tcp
IN 103.143.168.58:84 tcp
ID 103.13.204.24:8082 tcp
KE 102.212.30.22:8080 tcp
CN 101.224.168.47:8060 tcp
ID 116.68.172.169:8080 tcp
TW 118.163.13.200:8080 tcp
ID 117.54.114.101:80 tcp
JP 116.80.58.72:4649 tcp
ID 118.99.122.8:8080 tcp
ID 117.54.114.35:80 discordapp.com tcp
DE 116.203.75.22:3131 tcp
IT 151.22.181.205:8080 discordapp.com tcp
US 154.16.146.41:80 tcp
CN 153.101.67.170:9002 tcp
DE 176.9.90.155:80 tcp
EC 177.234.194.154:999 discordapp.com tcp
CO 177.93.60.70:999 tcp
BR 177.43.72.250:3128 tcp
AR 177.136.85.113:999 tcp
UA 176.8.230.197:8187 tcp
BR 177.222.25.9:8080 tcp
RU 176.110.121.90:21776 tcp
US 8.8.8.8:53 247.96.50.74.in-addr.arpa udp
US 8.8.8.8:53 254.114.18.65.in-addr.arpa udp
CN 222.243.174.132:81 tcp
CN 222.174.178.122:4999 tcp
CN 219.129.167.82:2222 tcp
CN 220.248.70.237:9002 tcp
GB 217.112.80.252:80 tcp
CN 218.6.120.111:7777 tcp
BG 79.124.77.148:3128 discordapp.com tcp
NP 43.245.93.193:53805 tcp
IN 43.243.174.26:83 tcp
IQ 65.20.154.62:28080 tcp
ID 43.252.238.86:8080 tcp
US 69.79.101.97:999 tcp
ID 103.110.10.190:3128 discordapp.com tcp
IN 103.155.54.26:83 discordapp.com tcp
ID 103.148.130.6:8080 tcp
SY 82.97.215.240:80 tcp
CA 72.10.164.178:18451 discordapp.com tcp
LV 85.115.112.178:8197 tcp
CA 67.43.236.21:20283 discordapp.com tcp
TR 103.130.145.169:80 discordapp.com tcp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 collector.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 140.82.113.21:443 collector.github.com tcp
TR 103.130.145.169:80 discordapp.com tcp
KH 43.255.113.232:81 discordapp.com tcp
TR 103.130.145.169:80 discordapp.com tcp
US 8.8.8.8:53 169.145.130.103.in-addr.arpa udp
US 8.8.8.8:53 21.113.82.140.in-addr.arpa udp
US 8.8.8.8:53 26.54.155.103.in-addr.arpa udp
US 8.8.8.8:53 190.10.110.103.in-addr.arpa udp
LY 102.214.167.129:1976 discordapp.com tcp
CA 72.10.164.178:1805 discordapp.com tcp
US 8.8.8.8:53 129.167.214.102.in-addr.arpa udp
US 74.50.96.247:8888 discordapp.com tcp
ID 103.124.196.134:8080 tcp
CA 72.10.160.91:1137 discordapp.com tcp
NL 23.62.61.194:443 www.bing.com tcp
ID 103.172.23.82:8080 tcp
LY 102.215.197.202:9999 tcp
KR 119.196.143.79:1024 discordapp.com tcp
US 12.186.205.122:80 discordapp.com tcp
ID 117.54.114.32:80 tcp
BD 118.179.121.114:5020 tcp
ID 117.54.114.97:80 tcp
TH 122.155.165.191:3128 tcp
CN 116.63.129.202:6000 tcp
US 154.16.146.45:80 discordapp.com tcp
AO 154.127.240.123:64002 tcp
EG 154.236.179.226:1981 tcp
TR 173.213.71.6:80 discordapp.com tcp
US 154.16.146.42:80 discordapp.com tcp
AO 154.127.240.118:64002 tcp
US 154.16.146.48:80 discordapp.com tcp
AO 154.127.240.123:64001 tcp
BR 177.73.136.29:8080 tcp
EC 177.234.213.9:999 tcp
AT 178.115.253.35:8080 tcp
DE 178.63.84.228:60320 discordapp.com tcp
SG 178.128.113.118:23128 discordapp.com tcp
NL 178.255.222.22:3128 tcp
AR 177.87.250.66:999 tcp
BR 177.128.212.190:8080 tcp
RU 193.162.143.180:4444 discordapp.com tcp
RU 193.162.143.46:4444 discordapp.com tcp
RU 193.162.143.215:4444 discordapp.com tcp
RU 193.162.143.201:4444 discordapp.com tcp
RU 193.162.143.202:4444 discordapp.com tcp
RU 193.162.143.177:4444 discordapp.com tcp
US 8.8.8.8:53 194.61.62.23.in-addr.arpa udp
BG 79.124.77.148:3128 tcp
RU 193.162.143.180:4444 discordapp.com tcp
RU 193.162.143.46:4444 discordapp.com tcp
RU 193.162.143.215:4444 discordapp.com tcp
RU 193.162.143.201:4444 discordapp.com tcp
RU 193.162.143.202:4444 discordapp.com tcp
RU 193.162.143.177:4444 discordapp.com tcp
US 12.186.205.122:80 discordapp.com tcp
RU 193.162.143.198:4444 discordapp.com tcp
DE 178.63.84.228:60320 discordapp.com tcp
RU 193.162.143.180:4444 discordapp.com tcp
RU 193.162.143.46:4444 discordapp.com tcp
RU 193.162.143.215:4444 discordapp.com tcp
RU 193.162.143.201:4444 discordapp.com tcp
RU 193.162.143.202:4444 discordapp.com tcp
RU 193.162.143.177:4444 discordapp.com tcp
RU 193.162.143.198:4444 discordapp.com tcp
RU 193.162.143.226:4444 discordapp.com tcp
IQ 65.20.154.62:28080 tcp
US 12.186.205.122:80 discordapp.com tcp
TR 31.145.154.138:9093 tcp
TR 173.213.71.6:80 discordapp.com tcp
US 23.94.199.149:8080 discordapp.com tcp
US 23.122.184.9:8888 discordapp.com tcp
US 34.170.0.159:3128 discordapp.com tcp
CN 222.138.76.6:9002 tcp
RU 193.162.143.198:4444 discordapp.com tcp
RU 193.162.143.226:4444 discordapp.com tcp
DE 178.63.84.228:60320 discordapp.com tcp
RS 217.26.67.57:3180 tcp
ID 36.89.16.186:8866 tcp
RU 193.162.143.226:4444 discordapp.com tcp
KR 221.168.33.155:8080 discordapp.com tcp
US 8.8.8.8:53 228.84.63.178.in-addr.arpa udp
US 8.8.8.8:53 46.143.162.193.in-addr.arpa udp
US 8.8.8.8:53 180.143.162.193.in-addr.arpa udp
US 8.8.8.8:53 215.143.162.193.in-addr.arpa udp
US 8.8.8.8:53 201.143.162.193.in-addr.arpa udp
US 8.8.8.8:53 202.143.162.193.in-addr.arpa udp
US 8.8.8.8:53 177.143.162.193.in-addr.arpa udp
US 8.8.8.8:53 122.205.186.12.in-addr.arpa udp
US 8.8.8.8:53 6.71.213.173.in-addr.arpa udp
US 8.8.8.8:53 79.143.196.119.in-addr.arpa udp
US 8.8.8.8:53 118.113.128.178.in-addr.arpa udp
US 8.8.8.8:53 198.143.162.193.in-addr.arpa udp
US 8.8.8.8:53 149.199.94.23.in-addr.arpa udp
US 8.8.8.8:53 226.143.162.193.in-addr.arpa udp
US 8.8.8.8:53 9.184.122.23.in-addr.arpa udp
US 8.8.8.8:53 159.0.170.34.in-addr.arpa udp
US 8.8.8.8:53 86.238.252.43.in-addr.arpa udp
RU 45.90.218.209:4444 discordapp.com tcp
RU 45.9.75.181:4444 discordapp.com tcp
KH 43.255.113.232:8082 discordapp.com tcp
TR 173.213.71.6:80 discordapp.com tcp
RU 45.90.218.209:4444 discordapp.com tcp
RU 45.9.75.181:4444 discordapp.com tcp
RU 45.90.218.209:4444 discordapp.com tcp
RU 45.9.75.181:4444 discordapp.com tcp
VN 45.117.177.41:2001 discordapp.com tcp
IN 103.155.54.26:83 tcp
ID 103.148.130.6:8080 tcp
KH 43.255.113.232:8082 tcp
RU 45.89.65.217:4444 discordapp.com tcp
KH 43.255.113.232:82 tcp
DE 45.129.183.14:3128 discordapp.com tcp
KH 43.255.113.232:8080 discordapp.com tcp
CA 72.10.160.90:19553 discordapp.com tcp
CA 72.10.160.90:15029 discordapp.com tcp
RU 45.89.65.217:4444 discordapp.com tcp
SY 82.97.215.240:80 tcp
RU 45.89.65.217:4444 discordapp.com tcp
US 8.8.8.8:53 209.218.90.45.in-addr.arpa udp
US 8.8.8.8:53 181.75.9.45.in-addr.arpa udp
US 8.8.8.8:53 155.33.168.221.in-addr.arpa udp
US 8.8.8.8:53 217.65.89.45.in-addr.arpa udp
US 8.8.8.8:53 90.160.10.72.in-addr.arpa udp
CA 72.10.164.178:18451 discordapp.com tcp
HK 23.225.133.68:41698 discordapp.com tcp
CA 72.10.160.90:11097 discordapp.com tcp
CA 67.43.228.251:30093 discordapp.com tcp
CA 67.43.236.20:7193 tcp
US 8.8.8.8:53 251.228.43.67.in-addr.arpa udp
US 8.8.8.8:53 14.183.129.45.in-addr.arpa udp
CA 67.43.228.253:30417 discordapp.com tcp
AO 154.127.240.123:64002 tcp
AO 154.127.240.123:64001 tcp
AO 154.127.240.118:64002 tcp
CA 72.10.164.178:1805 discordapp.com tcp
HK 23.225.133.85:41698 discordapp.com tcp
TH 122.155.165.191:3128 tcp
US 8.8.8.8:53 253.228.43.67.in-addr.arpa udp
US 74.50.96.247:8888 discordapp.com tcp
ID 103.124.196.134:8080 tcp
US 68.183.100.186:8000 discordapp.com tcp
RU 84.252.73.132:4444 discordapp.com tcp
RU 84.252.73.132:4444 discordapp.com tcp
RU 84.252.73.132:4444 discordapp.com tcp
ID 103.172.23.82:8080 tcp
US 76.169.129.241:8080 tcp
LY 102.215.197.202:9999 tcp
ID 117.54.114.32:80 discordapp.com tcp
BD 118.179.121.114:5020 tcp
ID 117.54.114.97:80 tcp
CN 116.63.129.202:6000 tcp
US 154.16.146.45:80 tcp
EG 154.236.179.226:1981 tcp
US 154.16.146.42:80 tcp
US 154.16.146.48:80 tcp
BR 177.73.136.29:8080 discordapp.com tcp
EC 177.234.213.9:999 discordapp.com tcp
AT 178.115.253.35:8080 tcp
NL 178.255.222.22:3128 tcp
AR 177.87.250.66:999 discordapp.com tcp
BR 177.128.212.190:8080 tcp
BG 79.124.77.148:3128 discordapp.com tcp
US 8.8.8.8:53 186.100.183.68.in-addr.arpa udp
US 8.8.8.8:53 132.73.252.84.in-addr.arpa udp
US 8.8.8.8:53 41.177.117.45.in-addr.arpa udp
KH 43.255.113.232:8080 discordapp.com tcp
KR 8.213.151.128:3128 discordapp.com tcp
TR 31.145.154.138:9093 tcp
US 23.94.199.149:8080 discordapp.com tcp
US 34.170.0.159:3128 tcp
CN 222.138.76.6:9002 tcp
CA 67.43.236.20:7193 tcp
SG 178.128.113.118:23128 discordapp.com tcp
RS 217.26.67.57:3180 tcp
ID 36.89.16.186:8866 tcp
US 8.8.8.8:53 66.250.87.177.in-addr.arpa udp
US 8.8.8.8:53 128.151.213.8.in-addr.arpa udp
US 8.8.8.8:53 8.122.99.118.in-addr.arpa udp
VN 45.117.177.41:2001 discordapp.com tcp
IN 103.155.54.26:83 tcp
ID 103.148.130.6:8080 tcp
AO 154.127.240.118:64002 tcp
AO 154.127.240.123:64002 tcp
AO 154.127.240.123:64001 tcp
KH 43.255.113.232:8082 tcp
KH 43.255.113.232:82 tcp
DE 45.129.183.14:3128 tcp
CA 72.10.160.90:19553 discordapp.com tcp
CA 72.10.160.90:15029 discordapp.com tcp
RU 85.173.165.36:46330 tcp
IR 77.238.123.226:80 discordapp.com tcp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
NL 23.62.61.97:443 th.bing.com tcp
NL 23.62.61.194:443 th.bing.com tcp
NL 23.62.61.194:443 th.bing.com tcp
NL 23.62.61.97:443 th.bing.com tcp
CA 72.10.164.178:24603 discordapp.com tcp
IR 77.238.123.226:80 discordapp.com tcp
ID 103.148.25.201:8080 tcp
CA 72.10.160.90:11097 discordapp.com tcp
IR 77.238.123.226:80 discordapp.com tcp
TH 122.155.165.191:3128 tcp
ID 103.160.205.170:3127 tcp
US 8.8.8.8:53 226.123.238.77.in-addr.arpa udp
US 8.8.8.8:53 45.146.16.154.in-addr.arpa udp
US 8.8.8.8:53 48.146.16.154.in-addr.arpa udp
US 8.8.8.8:53 42.146.16.154.in-addr.arpa udp
CA 67.43.236.20:7193 tcp
US 8.8.8.8:53 aefd.nelreports.net udp
DE 2.21.20.139:443 aefd.nelreports.net tcp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 20.190.159.23:443 login.microsoftonline.com tcp
ID 103.148.192.74:80 tcp
DE 2.21.20.139:443 aefd.nelreports.net udp
KH 43.255.113.232:8080 discordapp.com tcp
ID 103.137.83.120:8080 tcp
ID 103.145.150.26:8080 tcp
US 8.8.8.8:53 9.213.234.177.in-addr.arpa udp
US 8.8.8.8:53 29.136.73.177.in-addr.arpa udp
US 8.8.8.8:53 32.114.54.117.in-addr.arpa udp
US 8.8.8.8:53 139.20.21.2.in-addr.arpa udp
US 8.8.8.8:53 23.159.190.20.in-addr.arpa udp
IN 103.125.155.230:8080 tcp
ID 103.124.196.134:8080 tcp
US 68.183.100.186:8000 discordapp.com tcp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 8b167567021ccb1a9fdf073fa9112ef0
SHA1 3baf293fbfaa7c1e7cdacb5f2975737f4ef69898
SHA256 26764cedf35f118b55f30b3a36e0693f9f38290a5b2b6b8b83a00e990ae18513
SHA512 726098001ef1acf1dd154a658752fa27dea32bca8fbb66395c142cb666102e71632adbad1b7e2f717071cd3e3af3867471932a71707f2ae97b989f4be468ab54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 537815e7cc5c694912ac0308147852e4
SHA1 2ccdd9d9dc637db5462fe8119c0df261146c363c
SHA256 b4b69d099507d88abdeff4835e06cc6711e1c47464c963d013cef0a278e52d4f
SHA512 63969a69af057235dbdecddc483ef5ce0058673179a3580c5aa12938c9501513cdb72dd703a06fa7d4fc08d074f17528283338c795334398497c771ecbd1350a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 fdaa06c1a5c0c7cce156c21c3a341218
SHA1 66e0f931ce81f7598e667633dd2dd6a3edbd2b41
SHA256 eca05f4dde7023ad8aa56d795e3c9f87f1e4e9ddfd46a812166472b9d6757b97
SHA512 ad8cf0d840079cb6856e40338065372653ee1e4b020ebd879b08ec8f4c12f81b7f717febe428b7f72802916bdd6af441ced636b41af321721921154644499411

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 fa4cc30651eb70b00a68cc24b5df3082
SHA1 ffc9001c7e56371455ee61cc08e96889d04baf53
SHA256 664436dfd74bb1260d3176bd0aa181ff359d655a632851eb5d22566137ef2bed
SHA512 85775beb178b316d55a075b737e57179772176c62bcc03b74d751331c5eed2ffbcfe84bb82f71b8bd0b215cdf0be49c2ffaefcdb6411e84ce99166d966aa875e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 710af1440fcc6605d771f955c84927dd
SHA1 ff2c314d809567da16517846f7310269fec15ae5
SHA256 55a44eab62b36b3516aed2ea4efc6eeeb0fac70ed5f28a3abf4e1e00f04b3c13
SHA512 3a8cc293dfbd8dad34b76364a148cf522f1c3b75b9521de000524e1624ebcf3acd3c4da73d54c131d24c9f2bab23f6f883a865b0136983cc4efe66c7189d62f7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 afbfb6e0aab772f405141e2b2108acae
SHA1 e677d64a52832f1f5c7cfc8ab40fa6867f0260b1
SHA256 87c8dc81a472ef392528dbe96e4431b28ad06133de121df2c7d92b92c14fc6f4
SHA512 fcccb052e9a0bb9f2d996f46ef79969bd38342f1b87b9e31c8e658a9a29d452109ce137bbf3f111ef1f6fc27da4a4bfaf2dafcee50c3e24e9edc1eb3d0704004

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5785ab.TMP

MD5 11c7221d9e8cd2ac7c2bd358854d607e
SHA1 17b36c3f637a9f10180ceceeb278d26d86c48787
SHA256 c5b5fdd014425cd569565eb53583fd8066191c1c4efede03a88b41ea5a727bb3
SHA512 8d800fc624fd6884334b1aed583aadb5db375b661e26cc8fc2eae883c915490df4f7afba1fb0197e5474ffec7bf69fe7d45605a3855a17e5ae4bf5a59c68e5f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3e690146e0b4b1a48ee409809584cf8d
SHA1 cbe68bdfbb86777abfc1768e35f0d6595e205d4f
SHA256 46997561761bb558ec8f3ec900a9757336a9818678f920742be57d09e813090c
SHA512 8c0a0ba7e64140fbabab484e16179bc83101f9e735950e64eae3324e61bdb443cba45b8263cee1a65492641c8112fffa227be8dc596c2318ef201898ed0fad8b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f94dd6da4a76f63f48c89a2a6f3c8e0b
SHA1 a090ba72f2e7f049a8f22e343be0589f88ac8dff
SHA256 ba5e7eb87952d3d78971e24acdf54cb7cc22886da0d8fb792f253112f32a110a
SHA512 3797acbaaab3b7b38764823efc3b5ceabe06162b92a6d8fa6ec993029c1b0f55e99a604feac94c4f9a94561d39e743a4a1f44b19a23b1647e06d5073e26f4de2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 274c9513098635574ab79d36ed508630
SHA1 8b08eb91e603a556ef75e9e7a18b3e9857a54910
SHA256 c2bc315314f77eb894c4408e46a81f8fa6836454cbf96eb45de6e36336ca0201
SHA512 f7748ddf63fb7b5db1f3949c27fe19c31f47df8614fa3ec6bd3ecabfd7caf4ace72bccfb57c38c433f2fdf5b6b371bf56512e594667bfe8658737ef247ecf3ea

C:\Users\Admin\Downloads\Unconfirmed 863822.crdownload

MD5 a150089be54a7375f3e9c7ed51a8784b
SHA1 16d741a238f7d1a4e11d71dd0df24d3f91cbc698
SHA256 3682eb85d6c27e72adf2bb1de1888946287d7ab2daa9d4ac58a4c0b2858f5182
SHA512 d1687dcbe3a6c46343d17ed4e0cbffc4a971aaf074c6aefde66817cd37ebe0a2680367cb55a63f003b55c470cea02338a27c4fa1e1fe0d8d09e0f3a6234c60ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0ae643adca7fe30a853fcd33486bb047
SHA1 de686afc4852ae5abd91cee08a98d14c98392cd1
SHA256 b93c5ea5ebe2e5379ac244d31f5ca946449f356017aa40228251700f95c4be04
SHA512 74e10e241f3bba3010d871f9c14e9e691589b62760e55a3391dff752aa423abbb44e5a72ff9ade863108f7b4495c1596086b558f25cfef4e04d0b0eac9a50902

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6d578ad7d553f21b56519ad18cfed778
SHA1 21be7af4a80a20e490e4d48307d2c294dabc329e
SHA256 44af38c552791e49ce524f6ca38a6c1b2adc698b707b8bd60cb738653bad1454
SHA512 8000f0ab876272801d2ffb5ea4042adf81be89f02ba9113d02f3df05a875b6a7878aa11013f9a34f61c9f29cc121b58baebf97056c4affa49a45ce2a0e3b5bcb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 96c28aed00edd8d9559c90c610dcf2dd
SHA1 2d2e608ddbfb6e1c63e78c17a9532162a86f0b46
SHA256 587922dc9246fe8a5825b0e6097bed977365dd934b190a99cea170d44f3d9f5d
SHA512 29c718ea9167ffd43865342bf029b28ae6f969753882a8727bfa2dfc7802589e7080739ce85ee4d51654c5add51e6fc992a2ef9058720fe1d57e9fd95b14d27c

C:\Users\Admin\Downloads\ReYANG-Windows\ReYANG-win.exe

MD5 b23926a5155fdb7b6a2b346798b3ed89
SHA1 f765081c0ff0e84008f30dcdf75293ae5f79a7b3
SHA256 840a59be8a916081f7f969ece99b1986ba2b46f9c7d3ea23a2e39fee6d16f090
SHA512 94d3a32d4c862079ffa52582ff3357bbdfeffc40fb1761702249e9de461fdfcf1198a95f3589e34ce0c495b4b2ec273122abfb6697d3efa079407fe6d76ac4fe

C:\Users\Admin\Downloads\ReYANG-Windows\config.yml

MD5 98d55c31ac02b32ac3c147cad3a97ed0
SHA1 1d72218c5cdd5cfe65187d66833eeaa16fad9368
SHA256 b61bac80531f43058953c0747218203b4794908db361ed0a032d79f1168f6bdc
SHA512 36e48ab538dc41350ad4cb2a0127a1727db54b136e65f12526ac1648d884e462a28ebf7f7ca85eff37da5e7de9baddac9b28819395e65a7eb3dc83dbdd50f78e

C:\Users\Admin\AppData\Local\Temp\pkg\da2172ce055fa47d6a0ea1c90654f530abed33f69a74d52fab06c4c7653b48fd\@primno\dpapi\prebuilds\win32-x64\node.napi.node

MD5 04bfbfec8db966420fe4c7b85ebb506a
SHA1 939bb742a354a92e1dcd3661a62d69e48030a335
SHA256 da2172ce055fa47d6a0ea1c90654f530abed33f69a74d52fab06c4c7653b48fd
SHA512 4ea97a9a120ed5bee8638e0a69561c2159fc3769062d7102167b0e92b4f1a5c002a761bd104282425f6cee8d0e39dbe7e12ad4e4a38570c3f90f31b65072dd65

C:\Users\Admin\AppData\Local\Temp\pkg-USXJak\3cb442a7039ddcad2aac3f8bd5bfd6a4f9ff253ce47c1616b3a4495f11a5d0b9

MD5 3072b68e3c226aff39e6782d025f25a8
SHA1 cf559196d74fa490ac8ce192db222c9f5c5a006a
SHA256 7fb52b781709b065c240b6b81394be6e72e53fe11d7c8e0f7b49dd417eb78a01
SHA512 61ebc72c20195e99244d95af1ab44fa06201a1aee2b5da04490fdc4312e8324a40b0e15a7b42fab5179753d767c1d08ae1a7a56ac71a6e100e63f83db849ee61

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

MD5 c7de58b8cadfe968400a40687b05bc2c
SHA1 ad34d2b8727022eedc0a2330a27d82dcc6ff0b84
SHA256 045863f71e41f7c9187ed7ae943aa8d806c013687419af9e5f5eb8b274c64e61
SHA512 3cc6743e04e1400ebc509dd259e16fe964833f062cc45bd9f66ac76e9acea1c66632e8ea02f3501641cd718b8cafc252909b74d8af1e0125c40c8dfcffb1167a

C:\Users\Admin\AppData\Local\Temp\pkg\da2172ce055fa47d6a0ea1c90654f530abed33f69a74d52fab06c4c7653b48fd\@primno\dpapi\test\dpapi.spec.ts

MD5 eae2e98d30b688201cdb21dba195caa7
SHA1 2e023daae996d1562d77db748bbe488ff5b8ffc9
SHA256 76c7b4ef93b24d30ffda6de645aecbf2859ce44053b48d71750aeeb92a0ed82a
SHA512 8411e9ac726a02c3adc2ee8315166bcd026e6418d79118a130e8e4b952e585aa92324d526d45812238593a30211da6fa58dc0e9899fc6b6df17a75b711ea3e3e

C:\Users\Admin\AppData\Local\Temp\pkg\da2172ce055fa47d6a0ea1c90654f530abed33f69a74d52fab06c4c7653b48fd\@primno\dpapi\src\main.cpp

MD5 88934cc736b505ada3d07afe22083568
SHA1 6d1d112f4e7fc943dc5c9ce5ad2f32154aeb2f3a
SHA256 1ada21451bab629832372d519e366bfb08c80facfefe5a40c76a4f10a697c905
SHA512 9f45386cba32d13a50360916b0c2f240e43cba5983a86ad80f85c75cd8e6ac2c6b931992842a736e84e234b91fc46a7a66824a3a2748f474cf1bbd22ec138a99

C:\Users\Admin\AppData\Local\Temp\pkg\da2172ce055fa47d6a0ea1c90654f530abed33f69a74d52fab06c4c7653b48fd\@primno\dpapi\src\dpapi_win.cpp

MD5 4a55597a2c7466278439452bb708b822
SHA1 eaadcda8f410f2dd1fd9522fd7a2221624dd1713
SHA256 da37b02fb0babb651244479ea019d229fff1c41ecde74bc06335b5e603d9b30e
SHA512 b20efe8026de41dd8c13c6f844455cacc13fa80bc3dd41fef422fb178054a7c8d6f14af8b1d6928e52648ab95a793aee1f996dc2aceead3aa8d317a99aad23bb

C:\Users\Admin\AppData\Local\Temp\pkg\da2172ce055fa47d6a0ea1c90654f530abed33f69a74d52fab06c4c7653b48fd\@primno\dpapi\src\dpapi_not_supported.cpp

MD5 c510e65ebcb2fa7c00712e770ec8c692
SHA1 ca1ea3c8340dcf69f344d5eaa884631eef37472b
SHA256 7c03cec11c438b6d2512239477d9f1b45d6e16763122a3a36458ab339f50d3c4
SHA512 b0b312426b4409c80b45a0f3337069be9870e050dc8b55184fb2bc63532c247089c8d35cbd1f12f0bd2bd38d581566faa74a6469b548a1ad7d837285ad37c178

C:\Users\Admin\AppData\Local\Temp\pkg\da2172ce055fa47d6a0ea1c90654f530abed33f69a74d52fab06c4c7653b48fd\@primno\dpapi\src\dpapi_addon.h

MD5 ea1e5899ec0210d7de4ce325d1d94022
SHA1 464da48d40547cb08a67a1ed38cb0ae8369f2f42
SHA256 18280b1135123aff82fbf4188a5aadfc9a5d6fffad9309f72f347f380f2da550
SHA512 6dae672ea822a7dc5e42914def21c019c0fa8aeaf1c27c155b78312d8a33a63ae9a1910dd32b72760578671780b8c37b91ff5e1f6588f08c7fbaaff80d8fb6fd

C:\Users\Admin\AppData\Local\Temp\pkg\da2172ce055fa47d6a0ea1c90654f530abed33f69a74d52fab06c4c7653b48fd\@primno\dpapi\dist\index.d.ts

MD5 fec85fa3a3a7565a40baf3ce1bb3ce01
SHA1 9ecd3b70ea677c149d32ff49179151647e867987
SHA256 cb781599f1fa516e89e70f9cea142fbe35df7e42e2b48cf499839b8a23e203f4
SHA512 d3633d143fa7dff7048aa9acaedb73171d5222828fe56300cb57b4ff2ad6fdf576dd54d3d757f7b83f9ab639c26ece6044882a7bd66b4ac293d0b32559cde56d

C:\Users\Admin\AppData\Local\Temp\pkg\da2172ce055fa47d6a0ea1c90654f530abed33f69a74d52fab06c4c7653b48fd\@primno\dpapi\dist\index.js

MD5 0b33e83d33b01a51625a0fdcbef42ce3
SHA1 1c29d999ff7da39426b97f2eb31a3d83db8f5fc7
SHA256 a7ff0225cb5ebcbef8499c6c8ac2be924f584eb375dacb1d8bd3dc6540b510f2
SHA512 1d04caf4fc2e876bdf2a089ae938a41fe4d3f2928aa846709bafd2de236fa8c754fcc84d7e8a5f5734bc1cecc04b395ab9d2114945b35e8c85cd3b9ee8f9799c

C:\Users\Admin\AppData\Local\Temp\pkg\da2172ce055fa47d6a0ea1c90654f530abed33f69a74d52fab06c4c7653b48fd\@primno\dpapi\binding.gyp

MD5 91d941775043df9c39de968e43d95e3b
SHA1 fd881a43ce443f0eedfd11d595eb47f873d0e083
SHA256 d093676ff7f72b93d21cd1cb809167ab2198868f990eac8ab7dd4d196f33f18d
SHA512 bbd8019c300e68d951b97e3d2b3e3088b110ee318b150b39b4c8e374a1239f929f6bc17b131ef8321d8e68ba443f28c0119f4605a97aa4061b4f3195591c6ded

C:\Users\Admin\AppData\Local\Temp\pkg\da2172ce055fa47d6a0ea1c90654f530abed33f69a74d52fab06c4c7653b48fd\@primno\dpapi\package.json

MD5 2f21c3a26ec0b7aa14918f7347428f40
SHA1 dc0dc2418a4197eb605501d1f95da5b9d8b655e2
SHA256 34f3eb34fc4f852b4d68dbfdc1dde831467bc8fe2b4280c50453efb56444078a
SHA512 49f6c54a80a4ee476127a2d5c89c5722257dfbc21ca241e6502ff2cd858a59fe16e5993188acb57c3802c3dd0a67d007323105b948082806fad58aa6360af9f4

C:\Users\Admin\AppData\Local\Temp\pkg\7fb52b781709b065c240b6b81394be6e72e53fe11d7c8e0f7b49dd417eb78a01\sqlite3\lib\trace.js

MD5 e5c2de3c74bc66d4906bb34591859a5f
SHA1 37ec527d9798d43898108080506126b4146334e7
SHA256 d06caec6136120c6fb7ee3681b1ca949e8b634e747ea8d3080c90f35aeb7728f
SHA512 e250e53dae618929cbf3cb2f1084a105d3a78bdfb6bb29e290f63a1fd5fbb5b2fab934ad16bc285e245d749a90c84bdc72fdc1a77af912b7356c18b0b197fbe5

C:\Users\Admin\AppData\Local\Temp\pkg\7fb52b781709b065c240b6b81394be6e72e53fe11d7c8e0f7b49dd417eb78a01\sqlite3\lib\sqlite3.js

MD5 275019a4199a84cfd18abd0f1ae497aa
SHA1 8601683f9b6206e525e4a087a7cca40d07828fd8
SHA256 8d6b400ae7f69a80d0cdd37a968d7b9a913661fa53475e5b8de49dda21684973
SHA512 6422249ccd710973f15d1242a8156d98fa8bdea820012df669e5363c50c5d8492d21ffefcdfa05b46c3c18033dde30f03349e880a4943feda8d1ee3c00f952b0

C:\Users\Admin\AppData\Local\Temp\pkg\7fb52b781709b065c240b6b81394be6e72e53fe11d7c8e0f7b49dd417eb78a01\sqlite3\lib\sqlite3.d.ts

MD5 ef8ef3bd8e4332d3fc264f0adf877b8d
SHA1 7e4d52f5e397ed1d51dcced24ace9a5e00f91500
SHA256 a39db87a3a3aa954ac3f6553b9fbfc642eb22bef7586cc1f0559e676aa073fa8
SHA512 5e456ee839f988fed95f816278a3da6998c8757403b98351c4bc26ca197146747b7a20e0c1a702818053547c4d9f9bcf9607bb778c88ca7cf22f21d9c9b4b091

C:\Users\Admin\AppData\Local\Temp\pkg\7fb52b781709b065c240b6b81394be6e72e53fe11d7c8e0f7b49dd417eb78a01\sqlite3\lib\sqlite3-binding.js

MD5 ff6a0462767c6bf185a566f4aef65ba5
SHA1 7a3c3ee6748d00fac6e51e366518bb48a41794bb
SHA256 049b7b1b10417274be6c3e6a9518ac364729354435298d70abf834c35e8f3bf3
SHA512 088d706f5a18323128547b0f126564fb7fa7a36dc8365ee8287663b2cb63da2d02a991bc5cda19af24da2aa063357c25f21347835f9a8aaef341b33bd21127df

C:\Users\Admin\AppData\Local\Temp\pkg\7fb52b781709b065c240b6b81394be6e72e53fe11d7c8e0f7b49dd417eb78a01\sqlite3\binding.gyp

MD5 c15ddfb3a6b52dfb1296423cd1742b79
SHA1 5974a5e7b7adf82c77d5ac39658efc92c95af51a
SHA256 82567c55bb0ba88de564bbc66e7e4557b1747caff6bb950ce568c87f73050e8e
SHA512 35bc7f00b8663d6fb18341d461f9031b7fee823cee87dc6ac6e1926be31db0503b1e32b5a6f08754194b2fa97207deb774b41322d7ff6dcbe0f3b9b73a5aba5e

C:\Users\Admin\AppData\Local\Temp\pkg\7fb52b781709b065c240b6b81394be6e72e53fe11d7c8e0f7b49dd417eb78a01\sqlite3\package.json

MD5 4092df8ba917fc1f5c1a894e82dbcda7
SHA1 64f6bd61b1f5add58797b1cb4b7f2c4f0209ee93
SHA256 6e76bbf0929f90c0fd803b4a5c920d2a3895d0d6d5f21aaec2d581ef55b54854
SHA512 878ab30b2a488caea72a0ebfdedb6769a84726811cc7dcc3723200244d2348ff525644637fd7a5517c4a034b19a1b4008ae9ae1ec4e8161f3b3092cbf5a1eb6e

C:\Users\Admin\AppData\Local\Temp\pkg\7fb52b781709b065c240b6b81394be6e72e53fe11d7c8e0f7b49dd417eb78a01\sqlite3\deps\sqlite-autoconf-3410100.tar.gz

MD5 c6d5034cf39232299ccfdf8e3ddc5781
SHA1 e77599a2df4c5b114c942ddba4483550d8982bf2
SHA256 4dadfbeab9f8e16c695d4fbbc51c16b2f77fb97ff4c1c3d139919dfc038c9e33
SHA512 6e6dafc35b8b11df3cd3bea48aaf84a102893242cffbe18eb7b111791563095111a2a8a5632636b8f46523d98d16e2b48dab79ee6707a141b22c2e6fde3002a2

C:\Users\Admin\AppData\Local\Temp\pkg\7fb52b781709b065c240b6b81394be6e72e53fe11d7c8e0f7b49dd417eb78a01\sqlite3\deps\extract.js

MD5 f0a82a6a6043bf87899114337c67df6c
SHA1 a906c146eb0a359742ff85c1d96a095bd0dd95fd
SHA256 5be353d29c0fabea29cfd34448c196da9506009c0b20fde55e01d4191941dd74
SHA512 d26879f890226808d9bd2644c5ca85cc339760e86b330212505706e5749464fafad1cb5f018c59a8f034d68d327cd3fa5234ceac0677de1ac9ae09039f574240

C:\Users\Admin\AppData\Local\Temp\pkg\7fb52b781709b065c240b6b81394be6e72e53fe11d7c8e0f7b49dd417eb78a01\sqlite3\deps\common-sqlite.gypi

MD5 92c4c5168a6a883f2a69ea4a1a37b7b5
SHA1 6dedc03d603631c1f70c626f5ef9d8ee6f342efa
SHA256 7b557c097c162c9ba04985ab822f92a176bf848c34ca38e54f061057ad0d8bd0
SHA512 904e605fe5bf1134031edcadc91ed55bf72d7fb1c862f99f25a672d29fdb34af22d4114cae389a853d703bc35bfc2c8429f86608fed5eec897c115ac3dea8de5

C:\Users\Admin\AppData\Local\Temp\pkg\7fb52b781709b065c240b6b81394be6e72e53fe11d7c8e0f7b49dd417eb78a01\sqlite3\deps\sqlite3.gyp

MD5 0e4d1d898d697ec33a9ad8a27f0483bf
SHA1 1505f707a17f35723cd268744c189d8df47bb3a3
SHA256 8793f62b1133892ba376d18a15f552ef12b1e016f7e5df32ffb7279b760c11bd
SHA512 c530aba70e5555a27d547562d8b826b186540068af9b4ccd01483ec39f083a991ac11d0cc66f40acaa8b03d774080f227ee705a38995f356a14abe6e5f97b545

C:\Users\Admin\AppData\Local\Temp\pkg\7fb52b781709b065c240b6b81394be6e72e53fe11d7c8e0f7b49dd417eb78a01\sqlite3\src\async.h

MD5 7fcbaffdc03bb5164fbb27f8552dcf5d
SHA1 590e3430c1dfa30f241d56ea01f364d5b9e7e991
SHA256 b6e86bf43d74c8ee2c2f57eb1947be6ce5d8c258c4866609571ed6c97b58b53c
SHA512 e44d4850651e0e070d3f686db3d3797632121e32dc65b869739c0b45cfa13c055fc42d650f04c41915264b8772fcfeb2a38148b9fbe21a001af5a455854336b5

C:\Users\Admin\AppData\Local\Temp\pkg\7fb52b781709b065c240b6b81394be6e72e53fe11d7c8e0f7b49dd417eb78a01\sqlite3\src\backup.cc

MD5 0378851cbf52bbc5bde41bcc23532741
SHA1 ebdf918ccfd19a5b07e71d6e446d203468c32ff7
SHA256 c011d2d4e3ac82c55a8f9a9af39d4adea144ab5f1d2dc259299fbf6107b8a6d0
SHA512 cc7354f3d9a815156c5fd8cd134b61bd398df707a79a3d8d287018d58a9ec326cf0d238138a7dbc2e3f0ab0a6ef8063339b531769e25707263d4782cf88e5947

C:\Users\Admin\AppData\Local\Temp\pkg\7fb52b781709b065c240b6b81394be6e72e53fe11d7c8e0f7b49dd417eb78a01\sqlite3\src\backup.h

MD5 283f3987e0e65dca1b029bdbb625ccc2
SHA1 285d7995459c11a47e13834ae3ec0167eacf7d01
SHA256 d3956cdbb650e1ecff8c94fe4e8645f80e10088156d409703c19f186a9c41aa8
SHA512 ff5c21bd53bf75b33a5430d1abdc8a8649af1535ec02aa5fceb91ed1189e44f0818e25556946d3ad8032b077fa30e73503464aff219b42cbace1ea3f97acb605

C:\Users\Admin\AppData\Local\Temp\pkg\7fb52b781709b065c240b6b81394be6e72e53fe11d7c8e0f7b49dd417eb78a01\sqlite3\src\database.cc

MD5 d3e2d9c6b33e40f55f6e7c8ca338ea05
SHA1 49a0f20904612566ad64b01e4bf32ac36f1e3acb
SHA256 9b799ccdcf9649a9b79d78dcc2882f60e1a9bfbac98949ad18cef97cb433b22b
SHA512 6012fa83d0cd547d8401b8f9342da046e940b1fe135e6fb71d79d80444ba7101ad161a157bf5e63ec8a24a8cf7a48f641de1d4578ab4b49204294f8951030a60

C:\Users\Admin\AppData\Local\Temp\pkg\7fb52b781709b065c240b6b81394be6e72e53fe11d7c8e0f7b49dd417eb78a01\sqlite3\src\database.h

MD5 f023c6c0baf0411cb6eef0a7b2baad13
SHA1 748b78bf3ed5adc11e83f705033d8338d7eef2b5
SHA256 8c5bcd084dddab2f2994b6cddc9b69a8f78a1034588b765e7bd859f27868fe43
SHA512 08648cb37c0284799bb98fa2eb1abb508c8b992b43425203839e1e7f4092b7d2d7c83f6419417281ae278d3d61ade0b65959cf12f0c449a9688ee97749593dad

C:\Users\Admin\AppData\Local\Temp\pkg\7fb52b781709b065c240b6b81394be6e72e53fe11d7c8e0f7b49dd417eb78a01\sqlite3\src\threading.h

MD5 f2a075d3101c2bf109d94f8c65b4ecb5
SHA1 d48294aec0b7aeb03cf5d56a9912e704b9e90bf6
SHA256 e0ab4f798bccb877548b0ab0f3d98c051b36cde240fdf424c70ace7daf0ffd36
SHA512 d95b5fda6cb93874fe577439f7bd16b10eae37b70c45ae2bd914790c1e3ba70dfb6bda7be79d196f2c40837d98f1005c3ed209cab9ba346ada9ce2ed62a87f13

C:\Users\Admin\AppData\Local\Temp\pkg\7fb52b781709b065c240b6b81394be6e72e53fe11d7c8e0f7b49dd417eb78a01\sqlite3\src\statement.h

MD5 13d7bf3557e57ef3036bad68cfa8faae
SHA1 94c1af952f38e9f1ad2d722ec3a063fbe666e66b
SHA256 2c99d9cef21876db64b610dd9baba8de1f7c94028d6d1c463eb3db213745b3bf
SHA512 63e4543833d602b0c6ad9c21438e61782c252a5e30b776a9c942e1ecc34c1a7c471a39195caa20aefb072add66c83d99af902d620857d18ddad196f4f207a161

C:\Users\Admin\AppData\Local\Temp\pkg\7fb52b781709b065c240b6b81394be6e72e53fe11d7c8e0f7b49dd417eb78a01\sqlite3\src\statement.cc

MD5 e4fdd4a8050136f79a1812970449eaaf
SHA1 2aaf4df70fd3b3acc34c258dd6067c259de33a18
SHA256 f868e9b32074053bdb621d6d1ffc8d8dbe65d14f95b273d57d97b0479741731a
SHA512 0ca732aa6c706bc0c0c54d09ff31e9c648c7baf5fa81ea44606276072767664f0d72cbe3f8c354eec120f5f2040dcda52481d9d32ba286f22c23cf51fa6919e3

C:\Users\Admin\AppData\Local\Temp\pkg\7fb52b781709b065c240b6b81394be6e72e53fe11d7c8e0f7b49dd417eb78a01\sqlite3\src\node_sqlite3.cc

MD5 7d033e9b15e4f2230d8ef59cde708c69
SHA1 9b05c5cf3f4fc9b2c20ba46420002bb48edceb21
SHA256 e80fae190ace1a5153a397ae9fe55d6d28651471fb7bebf9bbb5528095d70f44
SHA512 0e709a8c58b73cf6d90f99ce2e0d9f2dbd8defe8dc8bc8919f82ab8ce66e7b4435dacb25b919e3a75030777e6a91beb2132653424b129f12d1169e6a28ab163c

C:\Users\Admin\AppData\Local\Temp\pkg\7fb52b781709b065c240b6b81394be6e72e53fe11d7c8e0f7b49dd417eb78a01\sqlite3\src\macros.h

MD5 592ca8ac280135c059c9ed651ac738c3
SHA1 ac8e8b5e835ea2810a443df2a57f3bdc3c60b2c6
SHA256 8d1afb5d27eab8302de08aca87eb6edc1b99ae963a854d3bd652a4fc61cbe3c6
SHA512 b4e317200e3cab4dfac93e684150d21f7dd89a656f8a9f576b9cfb22090e8db6c458008a4a1406121fabdac034cfb80200a740d0caf6ec63fbf71ad2fde41029

C:\Users\Admin\AppData\Local\Temp\pkg\7fb52b781709b065c240b6b81394be6e72e53fe11d7c8e0f7b49dd417eb78a01\sqlite3\src\gcc-preinclude.h

MD5 55a9165c6720727b6ec6cb815b026deb
SHA1 e737e117bdefa5838834f342d2c51e8009011008
SHA256 9d4264bb1dcbef8d927bb3a1809a01b0b89d726c217cee99ea9ccfdc7d456b6f
SHA512 79ed80377bfb576f695f271ed5200bb975f2546110267d264f0ab917f56c26abf6d3385878285fe3e378b254af99b59bdb8bbcab7427788c90a0460eb2ee5b77

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 fae86adcdf0e27a85a9f152c599fed47
SHA1 443ee50bf025e23032f86628448938f7bf86679a
SHA256 25957642b5b4cea01dc686e9458062f32d98642fefc4add40110ed4e52b0e137
SHA512 f9b2cae22474118d9dcdda2d2435a8daad5d4c38a1c0e42d9ef5382094ac99f720fe05581f21e6fe3501481fc0a3260dcbfe5fbafd9f56701a510f4edc24b2b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 42d0cb4544cdf877fcf8400778832917
SHA1 00f88873895e1c55b1dc1b3af8609a0635a83f96
SHA256 fe751760e155355bebc87d97dffeead77c0fb1bfaba0d89885951b3323edc32e
SHA512 bf5815b73d7a80a1b30686dc8fa035ef917ee9dee970ef72316babbbbe0dcd7b81ccd696164f1ab6eced1045760f3aec30f927b9fc75abdbb5a1e016b983e433