Malware Analysis Report

2025-03-15 04:40

Sample ID 240515-1fm2fadb4z
Target Yuqu v_7.98.zip
SHA256 ff61a80e81df211aed7752b338d5efb8298ac047a4d6133cf0b60b0b03f87d16
Tags
redline discovery infostealer spyware stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

ff61a80e81df211aed7752b338d5efb8298ac047a4d6133cf0b60b0b03f87d16

Threat Level: Known bad

The file Yuqu v_7.98.zip was found to be: Known bad.

Malicious Activity Summary

redline discovery infostealer spyware stealer

RedLine payload

RedLine

Reads user/profile data of web browsers

Accesses cryptocurrency files/wallets, possible credential harvesting

Checks installed software on the system

Suspicious use of SetThreadContext

Suspicious use of FindShellTrayWindow

NTFS ADS

Enumerates system info in registry

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Suspicious use of AdjustPrivilegeToken

Modifies data under HKEY_USERS

Suspicious behavior: EnumeratesProcesses

Suspicious use of SendNotifyMessage

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies registry class

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-15 21:35

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-15 21:35

Reported

2024-05-15 21:44

Platform

win11-20240426-en

Max time kernel

474s

Max time network

490s

Command Line

C:\Windows\Explorer.exe /idlist,,"C:\Users\Admin\AppData\Local\Temp\Yuqu v_7.98.zip"

Signatures

RedLine

infostealer redline

RedLine payload

Description Indicator Process Target
N/A N/A N/A N/A

Reads user/profile data of web browsers

spyware stealer

Accesses cryptocurrency files/wallets, possible credential harvesting

spyware

Checks installed software on the system

discovery

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133602826471456001" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1696768468-2170909707-4198977321-1000_Classes\Local Settings\MuiCache C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1696768468-2170909707-4198977321-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Yuqu v_7.98.zip:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2764 wrote to memory of 3776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 3776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2444 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 2444 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2764 wrote to memory of 4756 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Windows\Explorer.exe

C:\Windows\Explorer.exe /idlist,,"C:\Users\Admin\AppData\Local\Temp\Yuqu v_7.98.zip"

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb21ccab58,0x7ffb21ccab68,0x7ffb21ccab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1528 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2216 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3036 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3172 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4144 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3832 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4516 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4464 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4692 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4852 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4740 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=1488 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1548 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3288 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3828 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4996 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5116 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=3184 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5424 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5656 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6000 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6328 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5840 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6604 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=6112 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5768 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=7044 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=6884 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=7236 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=7492 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=7708 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=7896 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=7844 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=8276 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=8404 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=7920 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=8732 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=8916 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=9008 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=9184 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=9188 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=8412 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=9000 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=5952 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=9600 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=9612 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=9652 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=9776 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=9780 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=9960 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=10084 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=10104 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=10252 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=10376 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=10548 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=10704 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=9968 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=9316 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=11352 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=9748 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=5668 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=10536 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=10972 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=10628 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=9648 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=8732 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=10532 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=10308 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=9960 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=9528 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=11496 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=10372 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --mojo-platform-channel-handle=12244 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=12084 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=11896 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=11764 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=12100 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=12140 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11836 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8

C:\Users\Admin\Downloads\Yuqu v_7.98\Yuqu v_7.98.exe

"C:\Users\Admin\Downloads\Yuqu v_7.98\Yuqu v_7.98.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\Yuqu v_7.98\README.txt

C:\Users\Admin\Downloads\Yuqu v_7.98\Yuqu v_7.98.exe

"C:\Users\Admin\Downloads\Yuqu v_7.98\Yuqu v_7.98.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe

"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc

Network

Country Destination Domain Proto
FR 142.250.178.132:443 www.google.com tcp
FR 142.250.178.132:443 www.google.com udp
US 8.8.8.8:53 132.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 67.213.58.216.in-addr.arpa udp
FR 142.250.179.78:443 play.google.com tcp
FR 142.250.178.142:443 clients2.google.com udp
N/A 224.0.0.251:5353 udp
FR 142.250.178.142:443 clients2.google.com tcp
US 104.21.81.156:443 yuqucheats.com tcp
US 104.21.81.156:443 yuqucheats.com tcp
US 104.21.81.156:443 yuqucheats.com udp
US 104.16.114.74:443 www.mediafire.com tcp
US 104.16.114.74:443 www.mediafire.com tcp
US 104.21.42.32:443 the.gatekeeperconsent.com tcp
US 104.16.114.74:443 www.mediafire.com udp
US 172.67.199.186:443 the.gatekeeperconsent.com tcp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 104.21.63.106:443 www.ezojs.com tcp
FR 142.250.201.174:443 translate.google.com tcp
GB 18.154.84.60:443 cdn.amplitude.com tcp
US 8.8.8.8:53 73.80.16.104.in-addr.arpa udp
US 8.8.8.8:53 106.63.21.104.in-addr.arpa udp
US 8.8.8.8:53 174.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 60.84.154.18.in-addr.arpa udp
US 8.8.8.8:53 cdn.otnolatrnup.com udp
US 104.16.53.110:443 cdn.otnolatrnup.com tcp
US 172.67.199.186:443 the.gatekeeperconsent.com udp
US 104.21.42.32:443 the.gatekeeperconsent.com udp
FR 142.250.179.74:443 translate-pa.googleapis.com tcp
US 172.67.73.78:443 www.mediafiredls.com tcp
US 54.184.119.250:443 api.amplitude.com tcp
FR 15.188.219.54:443 g.ezoic.net tcp
US 104.21.87.79:443 g.ezodn.com tcp
US 104.21.87.79:443 g.ezodn.com tcp
US 104.21.87.79:443 g.ezodn.com tcp
US 104.21.42.32:443 the.gatekeeperconsent.com udp
US 104.21.87.79:443 g.ezodn.com udp
BE 64.233.167.157:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 250.119.184.54.in-addr.arpa udp
FR 216.58.214.162:443 securepubads.g.doubleclick.net tcp
FR 142.250.178.132:443 www.google.com udp
FR 142.250.179.74:443 translate-pa.googleapis.com udp
US 172.67.142.121:443 g.ezodn.com tcp
FR 142.250.179.66:443 googleads.g.doubleclick.net tcp
FR 216.58.214.162:443 securepubads.g.doubleclick.net udp
US 172.67.142.121:443 g.ezodn.com udp
BE 64.233.167.157:443 stats.g.doubleclick.net udp
US 216.239.34.36:443 region1.google-analytics.com tcp
IE 52.30.206.92:443 id.crwdcntrl.net tcp
IE 54.77.42.245:443 id.crwdcntrl.net tcp
GB 18.245.143.58:443 tags.crwdcntrl.net tcp
US 216.239.34.36:443 region1.google-analytics.com tcp
FR 142.250.201.174:443 fundingchoicesmessages.google.com udp
US 104.26.9.169:443 script.4dex.io tcp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 ib.adnxs.com udp
FR 15.188.219.54:443 g.ezoic.net tcp
US 107.151.11.18:443 ghb1.adtelligent.com tcp
US 178.128.135.204:443 rt.marphezis.com tcp
FR 142.250.179.66:443 googleads.g.doubleclick.net tcp
US 104.22.31.209:443 static.smilewanted.com tcp
US 104.22.31.209:443 static.smilewanted.com tcp
US 104.22.31.209:443 static.smilewanted.com tcp
US 104.22.31.209:443 static.smilewanted.com tcp
DE 51.89.9.253:443 onetag-sys.com tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
NL 145.40.97.66:443 prebid.a-mo.net tcp
GB 108.138.217.61:443 hb.yellowblue.io tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
US 172.64.151.101:443 ssum.casalemedia.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
IE 52.31.212.184:443 ap.lijit.com tcp
FR 142.250.179.66:443 googleads.g.doubleclick.net tcp
FR 142.250.179.66:443 googleads.g.doubleclick.net tcp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
US 34.102.146.192:443 oa.openxcdn.net tcp
US 104.22.53.86:443 cdn.id5-sync.com tcp
US 34.96.70.87:443 invstatic101.creativecdn.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
US 104.18.35.167:443 cdn-ima.33across.com tcp
GB 18.245.254.89:443 cdn.prod.uidapi.com tcp
US 178.128.135.204:443 rt.marphezis.com tcp
FR 142.250.179.65:443 94d87ad2c3911eaa06aa079f36bfc70e.safeframe.googlesyndication.com tcp
US 172.64.151.101:443 ssum.casalemedia.com udp
DE 51.89.9.253:443 onetag-sys.com udp
US 23.227.151.242:443 ghb1.adtelligent.com tcp
US 104.26.9.169:443 script.4dex.io tcp
FR 216.58.214.65:443 tpc.googlesyndication.com tcp
US 104.18.23.145:443 cadmus.script.ac tcp
US 34.120.135.53:443 oajs.openx.net tcp
DE 141.95.33.120:443 id5-sync.com tcp
FR 216.58.214.65:443 tpc.googlesyndication.com udp
US 34.120.135.53:443 oajs.openx.net udp
US 8.8.8.8:53 253.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 184.212.31.52.in-addr.arpa udp
US 8.8.8.8:53 18.11.151.107.in-addr.arpa udp
US 8.8.8.8:53 229.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 204.135.128.178.in-addr.arpa udp
US 8.8.8.8:53 192.146.102.34.in-addr.arpa udp
US 8.8.8.8:53 89.254.245.18.in-addr.arpa udp
US 8.8.8.8:53 87.70.96.34.in-addr.arpa udp
US 8.8.8.8:53 167.35.18.104.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 86.53.22.104.in-addr.arpa udp
US 8.8.8.8:53 65.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 242.151.227.23.in-addr.arpa udp
US 8.8.8.8:53 65.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 145.23.18.104.in-addr.arpa udp
US 8.8.8.8:53 120.33.95.141.in-addr.arpa udp
US 8.8.8.8:53 53.135.120.34.in-addr.arpa udp
US 34.98.64.218:443 us-u.openx.net tcp
NL 178.250.1.11:443 gum.criteo.com tcp
US 104.16.52.110:443 cdn.otnolatrnup.com udp
US 199.91.155.76:443 download2335.mediafire.com tcp
US 199.91.155.76:443 download2335.mediafire.com tcp
US 104.16.52.110:80 cdn.otnolatrnup.com tcp
US 104.16.52.110:80 cdn.otnolatrnup.com tcp
GB 108.156.46.54:443 woreppercomming.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
DE 3.75.62.37:443 ups.analytics.yahoo.com tcp
DE 79.127.216.47:443 c3.a-mo.net tcp
US 104.22.4.69:443 id.hadron.ad.gt tcp
US 52.223.40.198:443 match.adsrvr.org tcp
DK 37.157.6.237:443 cm.adform.net tcp
GB 2.18.108.180:443 acdn.adnxs.com tcp
US 172.67.174.4:443 www.ovardu.com tcp
US 172.64.149.180:443 js-sec.indexww.com tcp
DE 3.74.95.155:443 www.opera.com tcp
NL 193.3.178.4:443 ads.us.e-planning.net tcp
US 23.53.112.234:443 ads.pubmatic.com tcp
US 8.8.8.8:53 ce.lijit.com udp
IE 18.203.106.185:443 ce.lijit.com tcp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
US 74.121.140.211:443 sync.mathtag.com tcp
US 23.220.112.27:443 hbx.media.net tcp
DE 3.121.157.160:443 rtb.mfadsrvr.com tcp
US 69.173.146.5:443 pixel-us-east.rubiconproject.com tcp
US 52.6.128.241:443 aorta.clickagy.com tcp
GB 185.83.71.234:443 sync.adtelligent.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
BE 104.68.66.120:443 cdn-production-opera-website.operacdn.com tcp
BE 104.68.66.120:443 cdn-production-opera-website.operacdn.com tcp
BE 104.68.66.120:443 cdn-production-opera-website.operacdn.com tcp
BE 104.68.66.120:443 cdn-production-opera-website.operacdn.com tcp
BE 104.68.66.120:443 cdn-production-opera-website.operacdn.com tcp
BE 104.68.66.120:443 cdn-production-opera-website.operacdn.com tcp
FR 216.58.214.78:443 www.googleoptimize.com tcp
US 8.8.8.8:53 234.71.83.185.in-addr.arpa udp
US 8.8.8.8:53 241.128.6.52.in-addr.arpa udp
US 104.19.158.19:443 assets.a-mo.net tcp
NL 193.3.178.2:443 s.e-planning.net tcp
BE 104.68.66.120:443 cdn-production-opera-website.operacdn.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 104.22.51.98:443 spl.zeotap.com tcp
NL 193.3.178.4:443 ads.us.e-planning.net tcp
US 3.210.83.218:443 cookies.nextmillmedia.com tcp
FR 142.250.178.130:443 cm.g.doubleclick.net tcp
DE 3.74.95.155:443 www.opera.com tcp
FR 154.54.250.81:443 ads.stickyadstv.com tcp
DE 37.252.171.52:443 secure.adnxs.com tcp
DE 37.252.171.52:443 secure.adnxs.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
DE 91.228.74.159:443 cms.quantserve.com tcp
DE 91.228.74.159:443 cms.quantserve.com tcp
FR 142.250.178.130:443 cm.g.doubleclick.net udp
US 209.54.182.161:443 s.amazon-adsystem.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 104.17.43.93:443 gum.aidemsrv.com tcp
US 80.77.87.162:443 cs.admanmedia.com tcp
BE 104.68.78.171:443 secure-assets.rubiconproject.com tcp
US 67.202.105.24:443 ssc-cms.33across.com tcp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 93.43.17.104.in-addr.arpa udp
NL 89.149.192.197:443 ssbsync.smartadserver.com tcp
BE 2.21.18.175:443 eus.rubiconproject.com tcp
US 34.98.64.218:443 us-u.openx.net udp
US 151.101.1.44:443 trc.taboola.com tcp
US 204.236.219.255:443 i.liadm.com tcp
US 3.144.50.154:443 dmp.v.fwmrm.net tcp
NL 46.228.164.11:443 ad.turn.com tcp
NL 46.228.164.11:443 ad.turn.com tcp
DK 37.157.4.29:443 c1.adform.net tcp
NL 79.127.227.46:443 c3.a-mo.net tcp
NL 178.250.1.9:443 dis.criteo.com tcp
NL 198.47.127.19:443 image6.pubmatic.com tcp
GB 185.64.190.79:443 image8.pubmatic.com tcp
US 8.2.110.134:443 cs.krushmedia.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
IE 67.220.226.232:443 aax-eu.amazon-adsystem.com tcp
NL 89.149.192.74:443 sync.smartadserver.com tcp
US 3.229.202.201:443 pxl.iqm.com tcp
IE 54.76.221.56:443 pr-bh.ybp.yahoo.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
US 216.239.34.36:443 region1.google-analytics.com udp
DE 162.19.138.117:443 lb.eu-1-id5-sync.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
IE 54.220.209.169:443 dpm.demdex.net tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 64.202.112.31:443 b1sync.zemanta.com tcp
NL 198.47.127.205:443 simage2.pubmatic.com tcp
FR 164.132.25.181:443 ssbsync-global.smartadserver.com tcp
DE 141.95.33.120:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 11.164.228.46.in-addr.arpa udp
US 8.8.8.8:53 19.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 79.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 255.219.236.204.in-addr.arpa udp
US 8.8.8.8:53 29.4.157.37.in-addr.arpa udp
US 8.8.8.8:53 154.50.144.3.in-addr.arpa udp
US 8.8.8.8:53 232.226.220.67.in-addr.arpa udp
US 8.8.8.8:53 134.110.2.8.in-addr.arpa udp
US 8.8.8.8:53 74.192.149.89.in-addr.arpa udp
US 8.8.8.8:53 56.221.76.54.in-addr.arpa udp
US 8.8.8.8:53 201.202.229.3.in-addr.arpa udp
US 8.8.8.8:53 117.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 8.213.145.82.in-addr.arpa udp
US 8.8.8.8:53 205.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 31.112.202.64.in-addr.arpa udp
US 8.8.8.8:53 169.209.220.54.in-addr.arpa udp
US 8.8.8.8:53 181.25.132.164.in-addr.arpa udp
US 8.8.8.8:53 api-2-0.spot.im udp
US 8.8.8.8:53 sync.targeting.unrulymedia.com udp
FR 172.217.20.198:443 s0.2mdn.net tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
GB 18.164.68.91:443 api-2-0.spot.im tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
DE 85.114.159.118:443 dsp.adfarm1.adition.com tcp
GB 185.64.190.81:443 image4.pubmatic.com tcp
DE 85.114.159.118:443 dsp.adfarm1.adition.com tcp
US 54.161.109.156:443 sync.srv.stackadapt.com tcp
NL 193.0.160.131:443 p.rfihub.com tcp
IE 34.240.216.83:443 match.prod.bidr.io tcp
IE 34.240.216.83:443 match.prod.bidr.io tcp
US 151.101.2.49:443 sync-tm.everesttech.net tcp
FR 141.95.172.216:443 green.erne.co tcp
IE 54.217.19.5:443 cm.adgrx.com tcp
SE 213.155.156.169:443 d5p.de17a.com tcp
SI 195.5.165.20:443 core.iprom.net tcp
DE 18.156.157.28:443 sonata-notifications.taptapnetworks.com tcp
NL 35.214.147.109:443 csync.loopme.me tcp
US 35.186.193.173:443 ipac.ctnsnet.com tcp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
SE 213.155.156.169:443 d5p.de17a.com tcp
SI 195.5.165.20:443 core.iprom.net tcp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
FR 141.94.171.214:443 pixel-eu.onaudience.com tcp
FR 51.178.195.217:443 rtb-csync.smartadserver.com tcp
FR 51.178.195.217:443 rtb-csync.smartadserver.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
NL 147.75.84.158:443 pb-am.a-mo.net tcp
NL 193.3.178.3:443 sync.e-planning.net tcp
US 8.8.8.8:53 173.193.186.35.in-addr.arpa udp
US 8.8.8.8:53 109.147.214.35.in-addr.arpa udp
US 8.8.8.8:53 49.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 28.157.156.18.in-addr.arpa udp
US 8.8.8.8:53 20.165.5.195.in-addr.arpa udp
US 8.8.8.8:53 214.171.94.141.in-addr.arpa udp
US 8.8.8.8:53 217.195.178.51.in-addr.arpa udp
US 8.8.8.8:53 158.84.75.147.in-addr.arpa udp
US 8.8.8.8:53 169.156.155.213.in-addr.arpa udp
US 8.8.8.8:53 ice.360yield.com udp
IE 34.248.105.183:443 ice.360yield.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
NL 147.75.84.158:443 pb-am.a-mo.net tcp
IE 108.128.173.21:443 ad.360yield.com tcp
US 8.2.110.33:443 us.shb-sync.com tcp
GB 108.156.39.10:443 s.ad.smaato.net tcp
DE 52.57.150.20:443 ps.eyeota.net tcp
NL 147.75.84.158:443 pb-am.a-mo.net tcp
US 64.202.112.31:443 b1sync.zemanta.com tcp
US 64.202.112.31:443 b1sync.zemanta.com tcp
DE 79.127.216.47:443 c3.a-mo.net tcp
US 35.186.253.211:443 rtb.openx.net tcp
NL 35.204.74.118:443 um.simpli.fi tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
DE 3.125.44.19:443 aa.agkn.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 34.111.129.221:443 cr.frontend.weborama.fr tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
NL 69.173.156.149:443 token.rubiconproject.com tcp
NL 185.64.189.116:443 ow.pubmatic.com tcp
IE 52.19.109.181:443 d.adroll.com tcp
US 104.26.10.209:443 ad4m.at tcp
IE 63.33.130.239:443 jadserve.postrelease.com tcp
IE 67.220.226.232:443 aax-eu.amazon-adsystem.com tcp
US 209.54.182.161:443 s.amazon-adsystem.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
IE 54.228.128.85:443 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com tcp
IE 67.220.226.232:443 aax-eu.amazon-adsystem.com tcp
US 34.111.129.221:443 cr.frontend.weborama.fr udp
US 34.111.113.62:443 pixel.tapad.com tcp
US 104.18.25.173:443 s.tribalfusion.com tcp
IE 67.220.226.232:443 aax-eu.amazon-adsystem.com tcp
US 34.111.131.239:443 idsync.frontend.weborama.fr tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 54.92.231.183:443 cs-server-s2s.yellowblue.io tcp
US 13.107.42.14:443 px.ads.linkedin.com tcp
US 35.244.174.68:443 id.rlcdn.com tcp
GB 18.245.143.58:443 tags.crwdcntrl.net tcp
US 192.132.33.69:443 bttrack.com tcp
US 34.111.113.62:443 pixel.tapad.com udp
US 8.8.8.8:53 239.131.111.34.in-addr.arpa udp
US 8.8.8.8:53 183.231.92.54.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 62.113.111.34.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 pubmatic-match.dotomi.com udp
NL 63.215.202.137:443 pubmatic-match.dotomi.com tcp
US 104.18.25.173:443 s.tribalfusion.com udp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
US 104.18.41.104:443 capi.connatix.com tcp
US 54.145.3.16:443 sync.ipredictive.com tcp
DE 23.88.86.2:443 matching.truffle.bid tcp
US 104.18.41.104:443 capi.connatix.com udp
FR 141.94.171.213:443 pixel.onaudience.com tcp
DK 77.243.51.122:443 uipglob.semasio.net tcp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
DK 77.243.51.122:443 uipglob.semasio.net tcp
GB 18.245.187.110:443 live.primis.tech tcp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
DK 77.243.51.122:443 uipglob.semasio.net tcp
DK 77.243.51.122:443 uipglob.semasio.net tcp
FR 141.94.171.213:443 pixel.onaudience.com tcp
NL 188.166.17.21:443 match.adsby.bidtheatre.com tcp
NL 198.47.127.20:443 simage4.pubmatic.com tcp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
NL 46.228.164.13:443 d.turn.com tcp
DE 52.57.150.20:443 ps.eyeota.net tcp
DE 57.129.18.121:443 ws.rqtrk.eu tcp
IE 3.248.97.99:443 pm.w55c.net tcp
IE 34.247.185.247:443 pm.w55c.net tcp
NL 193.3.178.4:443 ads.us.e-planning.net tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
FR 142.250.201.163:443 beacons.gcp.gvt2.com tcp
US 104.21.81.156:443 yuqucheats.com udp
FR 216.58.215.35:443 beacons5.gvt3.com tcp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
FR 216.58.215.35:443 beacons5.gvt3.com udp
FR 142.250.178.142:443 consent.google.com udp
FR 142.250.178.142:443 consent.google.com tcp
FR 13.39.145.251:443 g.ezoic.net tcp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
FR 142.250.178.132:443 www.google.com udp
FR 142.250.179.78:443 play.google.com udp
FR 142.250.178.142:443 consent.google.com tcp
FR 172.217.20.179:443 locate.measurementlab.net tcp
GB 195.89.146.11:443 ndt-mlab1-lhr04.mlab-oti.measurement-lab.org tcp
GB 195.89.146.11:443 ndt-mlab1-lhr04.mlab-oti.measurement-lab.org tcp
US 142.250.188.3:443 beacons2.gvt2.com tcp
US 142.250.188.3:443 beacons2.gvt2.com udp
RU 147.45.47.64:11837 tcp
RU 147.45.47.64:11837 tcp
GB 95.101.143.202:443 tcp
NL 23.62.61.129:443 r.bing.com tcp
NL 23.62.61.129:443 r.bing.com tcp
NL 23.62.61.129:443 r.bing.com tcp
NL 23.62.61.129:443 r.bing.com tcp
NL 23.62.61.129:443 r.bing.com tcp
NL 23.62.61.129:443 r.bing.com tcp
US 104.208.16.91:443 browser.pipe.aria.microsoft.com tcp
NL 23.62.61.72:443 r.bing.com tcp
BE 104.68.66.114:443 cxcs.microsoft.net tcp

Files

\??\pipe\crashpad_2764_UWEVCRQDJTPLHAOJ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 bb7e3a1e53479e4db9b5d088be1381e9
SHA1 4ecd663d17abd33fbe986344c59b5e958d7d0911
SHA256 b11450929de629573ec2ba33a14809c66f4c2b56cf32f6bc8f63afebe38252a8
SHA512 bbc8043f143d9ae4c257cab8c7fdc054b5d1d94c67d545ae6e89062cc0d4fcfb0f7527f2ca8c99f3938bc31000f37f68373f21f5d64cfa6340d7c3aece108875

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4bbd7b207c094ab3dbb315f39c153faa
SHA1 29fc1c4906ece2ebc50dc7d36c011f2a60ae8a49
SHA256 fbee73fe23f644da9d28a6bfab9d60f78aa75788e4e0380a8a459be86a90d577
SHA512 a6c1578e7b3a7f615324e8b41cc4ef5ba8a9df2c41ba4a3c59e5986378a3d4c36fc7c9506493f183c40c8704a3af0c0ac1e886a89ef0316c4980785e3ba275ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 aa82f4bfa342673cdcd80ccf9454e3b8
SHA1 ee3440c87660ebab2663369ab9eab67bed0a9a3e
SHA256 8fb20b9e0fdd79f0d209433b0ce7b9cd56b5061f1cd7bbe64f92fb683a59a9f9
SHA512 430bef8c199cb351a535016f81d0df7d1d8a222c4d76acd5f6945af8996ff7921194a9707041899ed3619e49bbad3f8bbe7c1fbe90a7edfbe8497868f6f89d61

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 67d9e6542884131bece846f0e867bd8c
SHA1 4e2bc23411a2dac7514ed4553ff38b30ab3925ce
SHA256 a1ca26750433e8603afd1edd20205b811e2f68fae6322119890fe3590767515a
SHA512 82bddaff911004f88c949cdcd06cd35a5c0a8052d0e39ca3e89c234c184a6d4383c730607d4f9e67ae3185d04eaa2f0771506b60a7d5b2cbd7d465bc4eba3987

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5d0d7ad18c814497b864809d0d7bf26c
SHA1 30ebca9bf99625c8dd65e670fb3019f5a6defd5d
SHA256 3657929b5b462df7caafc2562f0450ef21c35a07c11bdf7d47332a134785a997
SHA512 7bad261bba35c8775ded1ced0fd4f4eda3965ed72a351b7f501e3dec9ac17db05b77b657b9221eb70ddd89a7d6f50276aa8bed9a76bd0e3fdfaf0f003d787a85

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4db184dba8b2761cdec23fd9d20e58b3
SHA1 cd352b6e53fec407347e4c92ff096f2e86f6f81d
SHA256 ee1f6c0c69ea25cb8f424a5a817070504f55f595bb3d8bbae2ece96fad5413e2
SHA512 36613bd721b49481a6041708378cb363e9b5b949805f66b390bc6b23a7b0df1058bfaba085fe46ccac86ad98c86d300d53c75a5c2bef5276f32106c200478e22

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 130dce2fe610acc81f021c2ee544b0d5
SHA1 354d22bd8f26538649ad1a6457e19dff39b20fe0
SHA256 a40f2a3d690ae1d3d6151785060887c8442b95caa70655b0dcefb9c693baa7a8
SHA512 231ecb301826748e2bfc1b0a73d3be98f4c7f723dbe671962986faff8e3c2a90f5929c4db2005b265ad365de5050c9afbd5a9a449e6c29ce455c15e36c19fda4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e93ba2075197fd48dfdcbb470f385e81
SHA1 cdc7715417b6a9cf5a02e6967dd559ab2a6769fc
SHA256 e89c8c96d66b32dd45809b72dad8b8db863ac3f422639ba43a97c91d35353dee
SHA512 f7f4c6ec02b0f03f0453d80dbbbb6a93656b04cc83830c57c6365c0b70fc8a266f78c67037bbd937ef6f164721e3148db557eda6d2e8914fc37886db0be6e772

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58f9eb.TMP

MD5 b442bf1030891f760bdece96e63a7b19
SHA1 9dcb4f3885951f6e3f0eae59b7b6bac6d28552c5
SHA256 7bc1abcb6edee38d55ec231a2fc04cfd408150f041567d35eefb32d1f0c1f391
SHA512 6434528d7eb254e5b9aca1dae6146beee8f5f59706243ea0187539789845633f00e179c91fcbe8dc54f45d643f370cb334edfdde13aff04660db6db6307be610

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 fbffc7ccb04d807376a2f2fc2e0fb80d
SHA1 ce010e275a02e33fadf3d1da1762a0bf48329a60
SHA256 b733f84c925ad205cc100a6d9316a3e051406270bd2b3d9c60e0ad35c3552d79
SHA512 90c939fe3759f7dc76fc43ed51a0a9f5e3f66aaed1be406a877f7bdaf46bf35b92c12f4859c8b6495e4281a23d161a3c898867014edd621ed247b25ed88a191a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 98bcdb65d183de0fb78846372b59ade9
SHA1 82c8092cb3fc0ee412a67d02ae66d2a0cb5fe681
SHA256 2791c719ac14659b7b4fcafb87dd6ac352180d95f270f39d83bb1f20d97c5af5
SHA512 45cfec4fb94e15fe4f1a0711dbfaaa99960d3120a6e671545f26a3015a0b1c7f685a436a9f458840ed36bf52b0809e6f9fd857dc11de7238b4d573a16a8cd142

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 a38b2a845a8f9f401af9b64fe3a6e14a
SHA1 bc25d8c364676ed6d81c1c1fcbb51e4f9a3e0e1f
SHA256 ec4d3181ecf500896d0aa07bf95fc66cce532a7ffbfaa88408403ffbe55e1840
SHA512 14884b80bceea87d662ca46e8f8192370ada66c4ddb19c406d44733bf3c0e88ed7bf01109297083643c700090969cfb1b58220bc4804c0287906e81ab969b9f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 e322af56bb7679f8b19219948a53f8a4
SHA1 a2a33ec13791008325c1fb4c728ff9a8dac7da22
SHA256 8e19c13e75cc6e04c559bd3cc9f5bec5808d87ba5a95541d370e4619a5f69505
SHA512 9997818a27981a4896be95d08a39baf00f74ff1c435d95fe1d4a3683bf9510272919b14fa9a6ea4acd23844771acd4c2d8af992050275c3c727c761ba878f376

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 00c04248bd1ea9bc09ba10d9e0baadde
SHA1 f1142c41377abb96b03a1e01006aff88691d41ce
SHA256 0149bcf478c0407c861afc3051a14f62e11029d64f6f2a413542717acd9cb7c0
SHA512 127442bf2adb647fbb4066e818e04b98d437d9f2353abfd7c4beb79d2b3e941a768170076804b2bf76935c0cb336a03e319e6d881e877f0bb1fa226d42b26077

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 dbfeb5d9458c071a18e4092fd3fb1a03
SHA1 61cb277b28912bab8c53aab8162b39fa81f83da4
SHA256 98eb69fc51382c51bb28b1c6e2e2e51dce334db1ea423745071f57a3842a640b
SHA512 47bae7df4f1ac23241bd3981098d7745ec80634d3c76872ad9c1c03a7109f305860e887b1a762b032e28266d2dca56e169144b484ea3eae97529b14cafbb254f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8b355770717af86a559a58236400f21e
SHA1 25c4e082398fc903e9f083dc016131810ee0f055
SHA256 c867116fa91eed23a8e3c13c4fd566d37b23b5a2acbe790f76019ab9f103a15b
SHA512 5f99811d2f96bb6f449e52a3cf1834ebd958d8c3dfbbe9e1d4f7baa86510e7e3e6cc563875d1cfd1b247d7402c9b47be7c218eed48337ed74d5930c10c95c5b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c5f23c426ce4f2bbdf54f5fe1dd01cf8
SHA1 185f0edcde6a4e9d26c2407895ac8890295c9eed
SHA256 8b87211023339b2011ad40220bbcf17b8892b95b63b5e6316ffc479b852ff962
SHA512 b9b0730b82ba0cde332daa5541cd79455b214f5134b996c92d281795a334c0aa874c8ebda41ceeb2db34cc4e931bcafd004a7580f391305ca67ae80802b5f30b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 f659c5c05ec65f6b2138f05d32c91b7d
SHA1 3161955af788dbffe6bb93dadc03212c86a9f80f
SHA256 1a9b033723dcd8d0ba87fc32bc431a5f254365ba2c331946a4be3b4fee594b7c
SHA512 b5a13f022e86a37bc4ad11e7d5808b09c02a5cbd03370ba58cdfed151af4b984a3b498c718d0584199831479ca93abb7e69486479257e378183edcfe9cc04d53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 89e31d8b9f827c7110a2a83e525bbe68
SHA1 15885ed2124e1a1a29a6d5e4cb516af46e2a8852
SHA256 d3399c9ed3db649da4a3cde27ba86bae06ef54bea8f7460531c52e4cb5169bbd
SHA512 be3b935f2e071c3432a9afba536a457c5efa3d8c02ec111cbec7983057bab75fa298af575bd6de75aebff29b2569c43d0c6481beb9b568f08cc9d19ff9ee9648

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9afd92683b7c178af04d2d77a3151918
SHA1 62bee78212bb22643cd4690ab9a8323473e4e024
SHA256 c73253fa4e1bc4fc3b9311180c66dc4aab5ba2688ba4ee7bccc351406c0f2858
SHA512 9d05df596cb50ec9801f23e7459cb404d1a84ffca1d1569d6e3ee1599aef91a1a2825168f91b45a7fd553d782f6a3c8916da372e0c10940a4e9b01f91f45720b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2c2d02833ff281cea4dbbf0cdbb87c95
SHA1 c767f8f9a0dbfe00cda2ad303e85311f5020a3c2
SHA256 7a36cf4755efcb00489e6a95356aed18ed3f66915fc221a8ac3082420b2d1998
SHA512 1c2924f96078dc46e12a152032034f2ca0d9f5d3beb22cfbadefec82ac5039b39cdf30204be311f560ca5dd8ec4be31e119ffbdf7fbff95fc14b574277c0add0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 f966f662a99b12d1df3a5cffee02e1ec
SHA1 5c58e5b9b9622cfcd2f1b68773009aacdd873dda
SHA256 96852a596704e5b96ea553e631e52454f31b1bf3059d862001417a48fe76d2d9
SHA512 8f513e12dd6e024b597f17afd02879aa3f2b0a220707acc8a0382494a78a57e65071313a92639769f8f7dd34dfd5fd214d1d499bdfa701979f02625d26ebf847

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e7b09dcdb93461cf5c1667bf92ece7ed
SHA1 405bb80d138555af2bb2fd60dcc79fb3c62b9681
SHA256 a353d5bd8bc84286377d4a9258f3434a082c6793c4c278143b959e830fe099f6
SHA512 cf157c23f1e8e9b748887136f56a5bc616ec6bed49660bbb1b9cb6de0afecc691a5519926596b82939109498206bf672f8d041797cbbcb38f44597beaabde48b

memory/5512-670-0x0000000000570000-0x0000000000571000-memory.dmp

memory/5512-672-0x0000000000570000-0x0000000000571000-memory.dmp

memory/3688-671-0x0000000000400000-0x000000000044A000-memory.dmp

memory/3688-673-0x0000000005C30000-0x00000000061D6000-memory.dmp

memory/3688-674-0x0000000005720000-0x00000000057B2000-memory.dmp

memory/3688-675-0x00000000056C0000-0x00000000056CA000-memory.dmp

memory/3688-676-0x0000000006D00000-0x0000000007318000-memory.dmp

memory/3688-677-0x0000000006840000-0x000000000694A000-memory.dmp

memory/3688-678-0x0000000006770000-0x0000000006782000-memory.dmp

memory/3688-679-0x00000000067D0000-0x000000000680C000-memory.dmp

memory/3688-680-0x0000000006950000-0x000000000699C000-memory.dmp

memory/3688-681-0x0000000006AD0000-0x0000000006B36000-memory.dmp

memory/3688-682-0x0000000007420000-0x0000000007496000-memory.dmp

memory/3688-683-0x0000000006A30000-0x0000000006A4E000-memory.dmp

memory/3688-684-0x00000000087F0000-0x00000000089B2000-memory.dmp

memory/3688-685-0x0000000008EF0000-0x000000000941C000-memory.dmp

memory/3996-691-0x00000000007B0000-0x00000000007B1000-memory.dmp

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

MD5 2f23663111658be2ba0b273463ff5e60
SHA1 c2af77369b83a0177bfdb90c11fad4c5f897a983
SHA256 eab4709a1ad32b0b87a53d307893899eb3ee26c6a59a1b34fe83062c79817513
SHA512 e0fdfe555a47709cbf14c4c22498c89c3e8fd61c5b40806b9dd06aee20fbdcd3d9c4f7861d1183df15e9c64ed25828f97c8292bc6b4a700d3d4586433bf45bd8