Analysis Overview
SHA256
ff61a80e81df211aed7752b338d5efb8298ac047a4d6133cf0b60b0b03f87d16
Threat Level: Known bad
The file Yuqu v_7.98.zip was found to be: Known bad.
Malicious Activity Summary
RedLine payload
RedLine
Reads user/profile data of web browsers
Accesses cryptocurrency files/wallets, possible credential harvesting
Checks installed software on the system
Suspicious use of SetThreadContext
Suspicious use of FindShellTrayWindow
NTFS ADS
Enumerates system info in registry
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious use of SendNotifyMessage
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies registry class
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-15 21:35
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-15 21:35
Reported
2024-05-15 21:44
Platform
win11-20240426-en
Max time kernel
474s
Max time network
490s
Command Line
Signatures
RedLine
RedLine payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Reads user/profile data of web browsers
Accesses cryptocurrency files/wallets, possible credential harvesting
Checks installed software on the system
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 5512 set thread context of 3688 | N/A | C:\Users\Admin\Downloads\Yuqu v_7.98\Yuqu v_7.98.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
| PID 3996 set thread context of 2308 | N/A | C:\Users\Admin\Downloads\Yuqu v_7.98\Yuqu v_7.98.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133602826471456001" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1696768468-2170909707-4198977321-1000_Classes\Local Settings\MuiCache | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1696768468-2170909707-4198977321-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Yuqu v_7.98.zip:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,"C:\Users\Admin\AppData\Local\Temp\Yuqu v_7.98.zip"
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb21ccab58,0x7ffb21ccab68,0x7ffb21ccab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1528 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2216 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3036 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3172 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4144 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3832 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4516 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4464 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4692 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4852 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4740 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=1488 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1548 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3288 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3828 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4996 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5116 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=3184 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5424 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5656 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6000 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6328 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5840 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6604 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=6112 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5768 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=7044 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=6884 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=7236 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=7492 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=7708 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=7896 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=7844 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=8276 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=8404 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=7920 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=8732 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=8916 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=9008 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=9184 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=9188 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=8412 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=9000 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=5952 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=9600 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=9612 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=9652 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=9776 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=9780 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=9960 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=10084 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=10104 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=10252 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=10376 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=10548 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=10704 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=9968 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=9316 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=11352 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=9748 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=5668 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=10536 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=10972 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=10628 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=9648 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=8732 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=10532 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=10308 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=9960 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=9528 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=11496 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=10372 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --mojo-platform-channel-handle=12244 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=12084 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=11896 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=11764 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=12100 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=12140 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11836 --field-trial-handle=1768,i,1050404104220552562,11732224490045077146,131072 /prefetch:8
C:\Users\Admin\Downloads\Yuqu v_7.98\Yuqu v_7.98.exe
"C:\Users\Admin\Downloads\Yuqu v_7.98\Yuqu v_7.98.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\Yuqu v_7.98\README.txt
C:\Users\Admin\Downloads\Yuqu v_7.98\Yuqu v_7.98.exe
"C:\Users\Admin\Downloads\Yuqu v_7.98\Yuqu v_7.98.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
Network
| Country | Destination | Domain | Proto |
| FR | 142.250.178.132:443 | www.google.com | tcp |
| FR | 142.250.178.132:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 132.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.213.58.216.in-addr.arpa | udp |
| FR | 142.250.179.78:443 | play.google.com | tcp |
| FR | 142.250.178.142:443 | clients2.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| FR | 142.250.178.142:443 | clients2.google.com | tcp |
| US | 104.21.81.156:443 | yuqucheats.com | tcp |
| US | 104.21.81.156:443 | yuqucheats.com | tcp |
| US | 104.21.81.156:443 | yuqucheats.com | udp |
| US | 104.16.114.74:443 | www.mediafire.com | tcp |
| US | 104.16.114.74:443 | www.mediafire.com | tcp |
| US | 104.21.42.32:443 | the.gatekeeperconsent.com | tcp |
| US | 104.16.114.74:443 | www.mediafire.com | udp |
| US | 172.67.199.186:443 | the.gatekeeperconsent.com | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.21.63.106:443 | www.ezojs.com | tcp |
| FR | 142.250.201.174:443 | translate.google.com | tcp |
| GB | 18.154.84.60:443 | cdn.amplitude.com | tcp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.63.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.84.154.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 104.16.53.110:443 | cdn.otnolatrnup.com | tcp |
| US | 172.67.199.186:443 | the.gatekeeperconsent.com | udp |
| US | 104.21.42.32:443 | the.gatekeeperconsent.com | udp |
| FR | 142.250.179.74:443 | translate-pa.googleapis.com | tcp |
| US | 172.67.73.78:443 | www.mediafiredls.com | tcp |
| US | 54.184.119.250:443 | api.amplitude.com | tcp |
| FR | 15.188.219.54:443 | g.ezoic.net | tcp |
| US | 104.21.87.79:443 | g.ezodn.com | tcp |
| US | 104.21.87.79:443 | g.ezodn.com | tcp |
| US | 104.21.87.79:443 | g.ezodn.com | tcp |
| US | 104.21.42.32:443 | the.gatekeeperconsent.com | udp |
| US | 104.21.87.79:443 | g.ezodn.com | udp |
| BE | 64.233.167.157:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 250.119.184.54.in-addr.arpa | udp |
| FR | 216.58.214.162:443 | securepubads.g.doubleclick.net | tcp |
| FR | 142.250.178.132:443 | www.google.com | udp |
| FR | 142.250.179.74:443 | translate-pa.googleapis.com | udp |
| US | 172.67.142.121:443 | g.ezodn.com | tcp |
| FR | 142.250.179.66:443 | googleads.g.doubleclick.net | tcp |
| FR | 216.58.214.162:443 | securepubads.g.doubleclick.net | udp |
| US | 172.67.142.121:443 | g.ezodn.com | udp |
| BE | 64.233.167.157:443 | stats.g.doubleclick.net | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| IE | 52.30.206.92:443 | id.crwdcntrl.net | tcp |
| IE | 54.77.42.245:443 | id.crwdcntrl.net | tcp |
| GB | 18.245.143.58:443 | tags.crwdcntrl.net | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| FR | 142.250.201.174:443 | fundingchoicesmessages.google.com | udp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| FR | 15.188.219.54:443 | g.ezoic.net | tcp |
| US | 107.151.11.18:443 | ghb1.adtelligent.com | tcp |
| US | 178.128.135.204:443 | rt.marphezis.com | tcp |
| FR | 142.250.179.66:443 | googleads.g.doubleclick.net | tcp |
| US | 104.22.31.209:443 | static.smilewanted.com | tcp |
| US | 104.22.31.209:443 | static.smilewanted.com | tcp |
| US | 104.22.31.209:443 | static.smilewanted.com | tcp |
| US | 104.22.31.209:443 | static.smilewanted.com | tcp |
| DE | 51.89.9.253:443 | onetag-sys.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| NL | 145.40.97.66:443 | prebid.a-mo.net | tcp |
| GB | 108.138.217.61:443 | hb.yellowblue.io | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| US | 172.64.151.101:443 | ssum.casalemedia.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| IE | 52.31.212.184:443 | ap.lijit.com | tcp |
| FR | 142.250.179.66:443 | googleads.g.doubleclick.net | tcp |
| FR | 142.250.179.66:443 | googleads.g.doubleclick.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| GB | 18.245.254.89:443 | cdn.prod.uidapi.com | tcp |
| US | 178.128.135.204:443 | rt.marphezis.com | tcp |
| FR | 142.250.179.65:443 | 94d87ad2c3911eaa06aa079f36bfc70e.safeframe.googlesyndication.com | tcp |
| US | 172.64.151.101:443 | ssum.casalemedia.com | udp |
| DE | 51.89.9.253:443 | onetag-sys.com | udp |
| US | 23.227.151.242:443 | ghb1.adtelligent.com | tcp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| FR | 216.58.214.65:443 | tpc.googlesyndication.com | tcp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| US | 34.120.135.53:443 | oajs.openx.net | tcp |
| DE | 141.95.33.120:443 | id5-sync.com | tcp |
| FR | 216.58.214.65:443 | tpc.googlesyndication.com | udp |
| US | 34.120.135.53:443 | oajs.openx.net | udp |
| US | 8.8.8.8:53 | 253.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.212.31.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.11.151.107.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 204.135.128.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.254.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.35.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.53.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 242.151.227.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.23.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.33.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.135.120.34.in-addr.arpa | udp |
| US | 34.98.64.218:443 | us-u.openx.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 104.16.52.110:443 | cdn.otnolatrnup.com | udp |
| US | 199.91.155.76:443 | download2335.mediafire.com | tcp |
| US | 199.91.155.76:443 | download2335.mediafire.com | tcp |
| US | 104.16.52.110:80 | cdn.otnolatrnup.com | tcp |
| US | 104.16.52.110:80 | cdn.otnolatrnup.com | tcp |
| GB | 108.156.46.54:443 | woreppercomming.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| DE | 79.127.216.47:443 | c3.a-mo.net | tcp |
| US | 104.22.4.69:443 | id.hadron.ad.gt | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| DK | 37.157.6.237:443 | cm.adform.net | tcp |
| GB | 2.18.108.180:443 | acdn.adnxs.com | tcp |
| US | 172.67.174.4:443 | www.ovardu.com | tcp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| DE | 3.74.95.155:443 | www.opera.com | tcp |
| NL | 193.3.178.4:443 | ads.us.e-planning.net | tcp |
| US | 23.53.112.234:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| IE | 18.203.106.185:443 | ce.lijit.com | tcp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| US | 74.121.140.211:443 | sync.mathtag.com | tcp |
| US | 23.220.112.27:443 | hbx.media.net | tcp |
| DE | 3.121.157.160:443 | rtb.mfadsrvr.com | tcp |
| US | 69.173.146.5:443 | pixel-us-east.rubiconproject.com | tcp |
| US | 52.6.128.241:443 | aorta.clickagy.com | tcp |
| GB | 185.83.71.234:443 | sync.adtelligent.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| BE | 104.68.66.120:443 | cdn-production-opera-website.operacdn.com | tcp |
| BE | 104.68.66.120:443 | cdn-production-opera-website.operacdn.com | tcp |
| BE | 104.68.66.120:443 | cdn-production-opera-website.operacdn.com | tcp |
| BE | 104.68.66.120:443 | cdn-production-opera-website.operacdn.com | tcp |
| BE | 104.68.66.120:443 | cdn-production-opera-website.operacdn.com | tcp |
| BE | 104.68.66.120:443 | cdn-production-opera-website.operacdn.com | tcp |
| FR | 216.58.214.78:443 | www.googleoptimize.com | tcp |
| US | 8.8.8.8:53 | 234.71.83.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.128.6.52.in-addr.arpa | udp |
| US | 104.19.158.19:443 | assets.a-mo.net | tcp |
| NL | 193.3.178.2:443 | s.e-planning.net | tcp |
| BE | 104.68.66.120:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 104.22.51.98:443 | spl.zeotap.com | tcp |
| NL | 193.3.178.4:443 | ads.us.e-planning.net | tcp |
| US | 3.210.83.218:443 | cookies.nextmillmedia.com | tcp |
| FR | 142.250.178.130:443 | cm.g.doubleclick.net | tcp |
| DE | 3.74.95.155:443 | www.opera.com | tcp |
| FR | 154.54.250.81:443 | ads.stickyadstv.com | tcp |
| DE | 37.252.171.52:443 | secure.adnxs.com | tcp |
| DE | 37.252.171.52:443 | secure.adnxs.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| DE | 91.228.74.159:443 | cms.quantserve.com | tcp |
| DE | 91.228.74.159:443 | cms.quantserve.com | tcp |
| FR | 142.250.178.130:443 | cm.g.doubleclick.net | udp |
| US | 209.54.182.161:443 | s.amazon-adsystem.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 104.17.43.93:443 | gum.aidemsrv.com | tcp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| BE | 104.68.78.171:443 | secure-assets.rubiconproject.com | tcp |
| US | 67.202.105.24:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.43.17.104.in-addr.arpa | udp |
| NL | 89.149.192.197:443 | ssbsync.smartadserver.com | tcp |
| BE | 2.21.18.175:443 | eus.rubiconproject.com | tcp |
| US | 34.98.64.218:443 | us-u.openx.net | udp |
| US | 151.101.1.44:443 | trc.taboola.com | tcp |
| US | 204.236.219.255:443 | i.liadm.com | tcp |
| US | 3.144.50.154:443 | dmp.v.fwmrm.net | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| DK | 37.157.4.29:443 | c1.adform.net | tcp |
| NL | 79.127.227.46:443 | c3.a-mo.net | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| GB | 185.64.190.79:443 | image8.pubmatic.com | tcp |
| US | 8.2.110.134:443 | cs.krushmedia.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| NL | 89.149.192.74:443 | sync.smartadserver.com | tcp |
| US | 3.229.202.201:443 | pxl.iqm.com | tcp |
| IE | 54.76.221.56:443 | pr-bh.ybp.yahoo.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| DE | 162.19.138.117:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| IE | 54.220.209.169:443 | dpm.demdex.net | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 64.202.112.31:443 | b1sync.zemanta.com | tcp |
| NL | 198.47.127.205:443 | simage2.pubmatic.com | tcp |
| FR | 164.132.25.181:443 | ssbsync-global.smartadserver.com | tcp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | 11.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 255.219.236.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.4.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.50.144.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.226.220.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.110.2.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.221.76.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.202.229.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.112.202.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.209.220.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.25.132.164.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | sync.targeting.unrulymedia.com | udp |
| FR | 172.217.20.198:443 | s0.2mdn.net | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| GB | 18.164.68.91:443 | api-2-0.spot.im | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| DE | 85.114.159.118:443 | dsp.adfarm1.adition.com | tcp |
| GB | 185.64.190.81:443 | image4.pubmatic.com | tcp |
| DE | 85.114.159.118:443 | dsp.adfarm1.adition.com | tcp |
| US | 54.161.109.156:443 | sync.srv.stackadapt.com | tcp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| IE | 34.240.216.83:443 | match.prod.bidr.io | tcp |
| IE | 34.240.216.83:443 | match.prod.bidr.io | tcp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| FR | 141.95.172.216:443 | green.erne.co | tcp |
| IE | 54.217.19.5:443 | cm.adgrx.com | tcp |
| SE | 213.155.156.169:443 | d5p.de17a.com | tcp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| DE | 18.156.157.28:443 | sonata-notifications.taptapnetworks.com | tcp |
| NL | 35.214.147.109:443 | csync.loopme.me | tcp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | tcp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| SE | 213.155.156.169:443 | d5p.de17a.com | tcp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| FR | 141.94.171.214:443 | pixel-eu.onaudience.com | tcp |
| FR | 51.178.195.217:443 | rtb-csync.smartadserver.com | tcp |
| FR | 51.178.195.217:443 | rtb-csync.smartadserver.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| NL | 147.75.84.158:443 | pb-am.a-mo.net | tcp |
| NL | 193.3.178.3:443 | sync.e-planning.net | tcp |
| US | 8.8.8.8:53 | 173.193.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.147.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.157.156.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.165.5.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.171.94.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.195.178.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.84.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.156.155.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| IE | 34.248.105.183:443 | ice.360yield.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| NL | 147.75.84.158:443 | pb-am.a-mo.net | tcp |
| IE | 108.128.173.21:443 | ad.360yield.com | tcp |
| US | 8.2.110.33:443 | us.shb-sync.com | tcp |
| GB | 108.156.39.10:443 | s.ad.smaato.net | tcp |
| DE | 52.57.150.20:443 | ps.eyeota.net | tcp |
| NL | 147.75.84.158:443 | pb-am.a-mo.net | tcp |
| US | 64.202.112.31:443 | b1sync.zemanta.com | tcp |
| US | 64.202.112.31:443 | b1sync.zemanta.com | tcp |
| DE | 79.127.216.47:443 | c3.a-mo.net | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| NL | 35.204.74.118:443 | um.simpli.fi | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| DE | 3.125.44.19:443 | aa.agkn.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 185.64.189.116:443 | ow.pubmatic.com | tcp |
| IE | 52.19.109.181:443 | d.adroll.com | tcp |
| US | 104.26.10.209:443 | ad4m.at | tcp |
| IE | 63.33.130.239:443 | jadserve.postrelease.com | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 209.54.182.161:443 | s.amazon-adsystem.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| IE | 54.228.128.85:443 | obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | udp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| US | 104.18.25.173:443 | s.tribalfusion.com | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 34.111.131.239:443 | idsync.frontend.weborama.fr | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 54.92.231.183:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| GB | 18.245.143.58:443 | tags.crwdcntrl.net | tcp |
| US | 192.132.33.69:443 | bttrack.com | tcp |
| US | 34.111.113.62:443 | pixel.tapad.com | udp |
| US | 8.8.8.8:53 | 239.131.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.231.92.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.113.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pubmatic-match.dotomi.com | udp |
| NL | 63.215.202.137:443 | pubmatic-match.dotomi.com | tcp |
| US | 104.18.25.173:443 | s.tribalfusion.com | udp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 104.18.41.104:443 | capi.connatix.com | tcp |
| US | 54.145.3.16:443 | sync.ipredictive.com | tcp |
| DE | 23.88.86.2:443 | matching.truffle.bid | tcp |
| US | 104.18.41.104:443 | capi.connatix.com | udp |
| FR | 141.94.171.213:443 | pixel.onaudience.com | tcp |
| DK | 77.243.51.122:443 | uipglob.semasio.net | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| DK | 77.243.51.122:443 | uipglob.semasio.net | tcp |
| GB | 18.245.187.110:443 | live.primis.tech | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| DK | 77.243.51.122:443 | uipglob.semasio.net | tcp |
| DK | 77.243.51.122:443 | uipglob.semasio.net | tcp |
| FR | 141.94.171.213:443 | pixel.onaudience.com | tcp |
| NL | 188.166.17.21:443 | match.adsby.bidtheatre.com | tcp |
| NL | 198.47.127.20:443 | simage4.pubmatic.com | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| DE | 52.57.150.20:443 | ps.eyeota.net | tcp |
| DE | 57.129.18.121:443 | ws.rqtrk.eu | tcp |
| IE | 3.248.97.99:443 | pm.w55c.net | tcp |
| IE | 34.247.185.247:443 | pm.w55c.net | tcp |
| NL | 193.3.178.4:443 | ads.us.e-planning.net | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| FR | 142.250.201.163:443 | beacons.gcp.gvt2.com | tcp |
| US | 104.21.81.156:443 | yuqucheats.com | udp |
| FR | 216.58.215.35:443 | beacons5.gvt3.com | tcp |
| FR | 142.250.201.163:443 | beacons.gcp.gvt2.com | udp |
| FR | 216.58.215.35:443 | beacons5.gvt3.com | udp |
| FR | 142.250.178.142:443 | consent.google.com | udp |
| FR | 142.250.178.142:443 | consent.google.com | tcp |
| FR | 13.39.145.251:443 | g.ezoic.net | tcp |
| FR | 142.250.201.163:443 | beacons.gcp.gvt2.com | udp |
| FR | 142.250.178.132:443 | www.google.com | udp |
| FR | 142.250.179.78:443 | play.google.com | udp |
| FR | 142.250.178.142:443 | consent.google.com | tcp |
| FR | 172.217.20.179:443 | locate.measurementlab.net | tcp |
| GB | 195.89.146.11:443 | ndt-mlab1-lhr04.mlab-oti.measurement-lab.org | tcp |
| GB | 195.89.146.11:443 | ndt-mlab1-lhr04.mlab-oti.measurement-lab.org | tcp |
| US | 142.250.188.3:443 | beacons2.gvt2.com | tcp |
| US | 142.250.188.3:443 | beacons2.gvt2.com | udp |
| RU | 147.45.47.64:11837 | tcp | |
| RU | 147.45.47.64:11837 | tcp | |
| GB | 95.101.143.202:443 | tcp | |
| NL | 23.62.61.129:443 | r.bing.com | tcp |
| NL | 23.62.61.129:443 | r.bing.com | tcp |
| NL | 23.62.61.129:443 | r.bing.com | tcp |
| NL | 23.62.61.129:443 | r.bing.com | tcp |
| NL | 23.62.61.129:443 | r.bing.com | tcp |
| NL | 23.62.61.129:443 | r.bing.com | tcp |
| US | 104.208.16.91:443 | browser.pipe.aria.microsoft.com | tcp |
| NL | 23.62.61.72:443 | r.bing.com | tcp |
| BE | 104.68.66.114:443 | cxcs.microsoft.net | tcp |
Files
\??\pipe\crashpad_2764_UWEVCRQDJTPLHAOJ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | bb7e3a1e53479e4db9b5d088be1381e9 |
| SHA1 | 4ecd663d17abd33fbe986344c59b5e958d7d0911 |
| SHA256 | b11450929de629573ec2ba33a14809c66f4c2b56cf32f6bc8f63afebe38252a8 |
| SHA512 | bbc8043f143d9ae4c257cab8c7fdc054b5d1d94c67d545ae6e89062cc0d4fcfb0f7527f2ca8c99f3938bc31000f37f68373f21f5d64cfa6340d7c3aece108875 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4bbd7b207c094ab3dbb315f39c153faa |
| SHA1 | 29fc1c4906ece2ebc50dc7d36c011f2a60ae8a49 |
| SHA256 | fbee73fe23f644da9d28a6bfab9d60f78aa75788e4e0380a8a459be86a90d577 |
| SHA512 | a6c1578e7b3a7f615324e8b41cc4ef5ba8a9df2c41ba4a3c59e5986378a3d4c36fc7c9506493f183c40c8704a3af0c0ac1e886a89ef0316c4980785e3ba275ba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | aa82f4bfa342673cdcd80ccf9454e3b8 |
| SHA1 | ee3440c87660ebab2663369ab9eab67bed0a9a3e |
| SHA256 | 8fb20b9e0fdd79f0d209433b0ce7b9cd56b5061f1cd7bbe64f92fb683a59a9f9 |
| SHA512 | 430bef8c199cb351a535016f81d0df7d1d8a222c4d76acd5f6945af8996ff7921194a9707041899ed3619e49bbad3f8bbe7c1fbe90a7edfbe8497868f6f89d61 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 67d9e6542884131bece846f0e867bd8c |
| SHA1 | 4e2bc23411a2dac7514ed4553ff38b30ab3925ce |
| SHA256 | a1ca26750433e8603afd1edd20205b811e2f68fae6322119890fe3590767515a |
| SHA512 | 82bddaff911004f88c949cdcd06cd35a5c0a8052d0e39ca3e89c234c184a6d4383c730607d4f9e67ae3185d04eaa2f0771506b60a7d5b2cbd7d465bc4eba3987 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5d0d7ad18c814497b864809d0d7bf26c |
| SHA1 | 30ebca9bf99625c8dd65e670fb3019f5a6defd5d |
| SHA256 | 3657929b5b462df7caafc2562f0450ef21c35a07c11bdf7d47332a134785a997 |
| SHA512 | 7bad261bba35c8775ded1ced0fd4f4eda3965ed72a351b7f501e3dec9ac17db05b77b657b9221eb70ddd89a7d6f50276aa8bed9a76bd0e3fdfaf0f003d787a85 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 4db184dba8b2761cdec23fd9d20e58b3 |
| SHA1 | cd352b6e53fec407347e4c92ff096f2e86f6f81d |
| SHA256 | ee1f6c0c69ea25cb8f424a5a817070504f55f595bb3d8bbae2ece96fad5413e2 |
| SHA512 | 36613bd721b49481a6041708378cb363e9b5b949805f66b390bc6b23a7b0df1058bfaba085fe46ccac86ad98c86d300d53c75a5c2bef5276f32106c200478e22 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 130dce2fe610acc81f021c2ee544b0d5 |
| SHA1 | 354d22bd8f26538649ad1a6457e19dff39b20fe0 |
| SHA256 | a40f2a3d690ae1d3d6151785060887c8442b95caa70655b0dcefb9c693baa7a8 |
| SHA512 | 231ecb301826748e2bfc1b0a73d3be98f4c7f723dbe671962986faff8e3c2a90f5929c4db2005b265ad365de5050c9afbd5a9a449e6c29ce455c15e36c19fda4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e93ba2075197fd48dfdcbb470f385e81 |
| SHA1 | cdc7715417b6a9cf5a02e6967dd559ab2a6769fc |
| SHA256 | e89c8c96d66b32dd45809b72dad8b8db863ac3f422639ba43a97c91d35353dee |
| SHA512 | f7f4c6ec02b0f03f0453d80dbbbb6a93656b04cc83830c57c6365c0b70fc8a266f78c67037bbd937ef6f164721e3148db557eda6d2e8914fc37886db0be6e772 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58f9eb.TMP
| MD5 | b442bf1030891f760bdece96e63a7b19 |
| SHA1 | 9dcb4f3885951f6e3f0eae59b7b6bac6d28552c5 |
| SHA256 | 7bc1abcb6edee38d55ec231a2fc04cfd408150f041567d35eefb32d1f0c1f391 |
| SHA512 | 6434528d7eb254e5b9aca1dae6146beee8f5f59706243ea0187539789845633f00e179c91fcbe8dc54f45d643f370cb334edfdde13aff04660db6db6307be610 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | fbffc7ccb04d807376a2f2fc2e0fb80d |
| SHA1 | ce010e275a02e33fadf3d1da1762a0bf48329a60 |
| SHA256 | b733f84c925ad205cc100a6d9316a3e051406270bd2b3d9c60e0ad35c3552d79 |
| SHA512 | 90c939fe3759f7dc76fc43ed51a0a9f5e3f66aaed1be406a877f7bdaf46bf35b92c12f4859c8b6495e4281a23d161a3c898867014edd621ed247b25ed88a191a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 98bcdb65d183de0fb78846372b59ade9 |
| SHA1 | 82c8092cb3fc0ee412a67d02ae66d2a0cb5fe681 |
| SHA256 | 2791c719ac14659b7b4fcafb87dd6ac352180d95f270f39d83bb1f20d97c5af5 |
| SHA512 | 45cfec4fb94e15fe4f1a0711dbfaaa99960d3120a6e671545f26a3015a0b1c7f685a436a9f458840ed36bf52b0809e6f9fd857dc11de7238b4d573a16a8cd142 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | a38b2a845a8f9f401af9b64fe3a6e14a |
| SHA1 | bc25d8c364676ed6d81c1c1fcbb51e4f9a3e0e1f |
| SHA256 | ec4d3181ecf500896d0aa07bf95fc66cce532a7ffbfaa88408403ffbe55e1840 |
| SHA512 | 14884b80bceea87d662ca46e8f8192370ada66c4ddb19c406d44733bf3c0e88ed7bf01109297083643c700090969cfb1b58220bc4804c0287906e81ab969b9f1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | e322af56bb7679f8b19219948a53f8a4 |
| SHA1 | a2a33ec13791008325c1fb4c728ff9a8dac7da22 |
| SHA256 | 8e19c13e75cc6e04c559bd3cc9f5bec5808d87ba5a95541d370e4619a5f69505 |
| SHA512 | 9997818a27981a4896be95d08a39baf00f74ff1c435d95fe1d4a3683bf9510272919b14fa9a6ea4acd23844771acd4c2d8af992050275c3c727c761ba878f376 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 00c04248bd1ea9bc09ba10d9e0baadde |
| SHA1 | f1142c41377abb96b03a1e01006aff88691d41ce |
| SHA256 | 0149bcf478c0407c861afc3051a14f62e11029d64f6f2a413542717acd9cb7c0 |
| SHA512 | 127442bf2adb647fbb4066e818e04b98d437d9f2353abfd7c4beb79d2b3e941a768170076804b2bf76935c0cb336a03e319e6d881e877f0bb1fa226d42b26077 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | dbfeb5d9458c071a18e4092fd3fb1a03 |
| SHA1 | 61cb277b28912bab8c53aab8162b39fa81f83da4 |
| SHA256 | 98eb69fc51382c51bb28b1c6e2e2e51dce334db1ea423745071f57a3842a640b |
| SHA512 | 47bae7df4f1ac23241bd3981098d7745ec80634d3c76872ad9c1c03a7109f305860e887b1a762b032e28266d2dca56e169144b484ea3eae97529b14cafbb254f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8b355770717af86a559a58236400f21e |
| SHA1 | 25c4e082398fc903e9f083dc016131810ee0f055 |
| SHA256 | c867116fa91eed23a8e3c13c4fd566d37b23b5a2acbe790f76019ab9f103a15b |
| SHA512 | 5f99811d2f96bb6f449e52a3cf1834ebd958d8c3dfbbe9e1d4f7baa86510e7e3e6cc563875d1cfd1b247d7402c9b47be7c218eed48337ed74d5930c10c95c5b2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c5f23c426ce4f2bbdf54f5fe1dd01cf8 |
| SHA1 | 185f0edcde6a4e9d26c2407895ac8890295c9eed |
| SHA256 | 8b87211023339b2011ad40220bbcf17b8892b95b63b5e6316ffc479b852ff962 |
| SHA512 | b9b0730b82ba0cde332daa5541cd79455b214f5134b996c92d281795a334c0aa874c8ebda41ceeb2db34cc4e931bcafd004a7580f391305ca67ae80802b5f30b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f659c5c05ec65f6b2138f05d32c91b7d |
| SHA1 | 3161955af788dbffe6bb93dadc03212c86a9f80f |
| SHA256 | 1a9b033723dcd8d0ba87fc32bc431a5f254365ba2c331946a4be3b4fee594b7c |
| SHA512 | b5a13f022e86a37bc4ad11e7d5808b09c02a5cbd03370ba58cdfed151af4b984a3b498c718d0584199831479ca93abb7e69486479257e378183edcfe9cc04d53 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 89e31d8b9f827c7110a2a83e525bbe68 |
| SHA1 | 15885ed2124e1a1a29a6d5e4cb516af46e2a8852 |
| SHA256 | d3399c9ed3db649da4a3cde27ba86bae06ef54bea8f7460531c52e4cb5169bbd |
| SHA512 | be3b935f2e071c3432a9afba536a457c5efa3d8c02ec111cbec7983057bab75fa298af575bd6de75aebff29b2569c43d0c6481beb9b568f08cc9d19ff9ee9648 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9afd92683b7c178af04d2d77a3151918 |
| SHA1 | 62bee78212bb22643cd4690ab9a8323473e4e024 |
| SHA256 | c73253fa4e1bc4fc3b9311180c66dc4aab5ba2688ba4ee7bccc351406c0f2858 |
| SHA512 | 9d05df596cb50ec9801f23e7459cb404d1a84ffca1d1569d6e3ee1599aef91a1a2825168f91b45a7fd553d782f6a3c8916da372e0c10940a4e9b01f91f45720b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2c2d02833ff281cea4dbbf0cdbb87c95 |
| SHA1 | c767f8f9a0dbfe00cda2ad303e85311f5020a3c2 |
| SHA256 | 7a36cf4755efcb00489e6a95356aed18ed3f66915fc221a8ac3082420b2d1998 |
| SHA512 | 1c2924f96078dc46e12a152032034f2ca0d9f5d3beb22cfbadefec82ac5039b39cdf30204be311f560ca5dd8ec4be31e119ffbdf7fbff95fc14b574277c0add0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | f966f662a99b12d1df3a5cffee02e1ec |
| SHA1 | 5c58e5b9b9622cfcd2f1b68773009aacdd873dda |
| SHA256 | 96852a596704e5b96ea553e631e52454f31b1bf3059d862001417a48fe76d2d9 |
| SHA512 | 8f513e12dd6e024b597f17afd02879aa3f2b0a220707acc8a0382494a78a57e65071313a92639769f8f7dd34dfd5fd214d1d499bdfa701979f02625d26ebf847 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e7b09dcdb93461cf5c1667bf92ece7ed |
| SHA1 | 405bb80d138555af2bb2fd60dcc79fb3c62b9681 |
| SHA256 | a353d5bd8bc84286377d4a9258f3434a082c6793c4c278143b959e830fe099f6 |
| SHA512 | cf157c23f1e8e9b748887136f56a5bc616ec6bed49660bbb1b9cb6de0afecc691a5519926596b82939109498206bf672f8d041797cbbcb38f44597beaabde48b |
memory/5512-670-0x0000000000570000-0x0000000000571000-memory.dmp
memory/5512-672-0x0000000000570000-0x0000000000571000-memory.dmp
memory/3688-671-0x0000000000400000-0x000000000044A000-memory.dmp
memory/3688-673-0x0000000005C30000-0x00000000061D6000-memory.dmp
memory/3688-674-0x0000000005720000-0x00000000057B2000-memory.dmp
memory/3688-675-0x00000000056C0000-0x00000000056CA000-memory.dmp
memory/3688-676-0x0000000006D00000-0x0000000007318000-memory.dmp
memory/3688-677-0x0000000006840000-0x000000000694A000-memory.dmp
memory/3688-678-0x0000000006770000-0x0000000006782000-memory.dmp
memory/3688-679-0x00000000067D0000-0x000000000680C000-memory.dmp
memory/3688-680-0x0000000006950000-0x000000000699C000-memory.dmp
memory/3688-681-0x0000000006AD0000-0x0000000006B36000-memory.dmp
memory/3688-682-0x0000000007420000-0x0000000007496000-memory.dmp
memory/3688-683-0x0000000006A30000-0x0000000006A4E000-memory.dmp
memory/3688-684-0x00000000087F0000-0x00000000089B2000-memory.dmp
memory/3688-685-0x0000000008EF0000-0x000000000941C000-memory.dmp
memory/3996-691-0x00000000007B0000-0x00000000007B1000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | 2f23663111658be2ba0b273463ff5e60 |
| SHA1 | c2af77369b83a0177bfdb90c11fad4c5f897a983 |
| SHA256 | eab4709a1ad32b0b87a53d307893899eb3ee26c6a59a1b34fe83062c79817513 |
| SHA512 | e0fdfe555a47709cbf14c4c22498c89c3e8fd61c5b40806b9dd06aee20fbdcd3d9c4f7861d1183df15e9c64ed25828f97c8292bc6b4a700d3d4586433bf45bd8 |