Analysis Overview
Threat Level: Known bad
The file https://www.mediafire.com/folder/30zmqf6cg2lq0/DkksiovjfdprodjkfioepwkLkck2024 was found to be: Known bad.
Malicious Activity Summary
Lumma Stealer
Loads dropped DLL
Executes dropped EXE
Suspicious use of SetThreadContext
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Enumerates system info in registry
Suspicious behavior: GetForegroundWindowSpam
Modifies data under HKEY_USERS
Suspicious use of WriteProcessMemory
Modifies registry class
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-20 19:27
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-20 19:27
Reported
2024-05-20 19:33
Platform
win10v2004-20240426-en
Max time kernel
103s
Max time network
105s
Command Line
Signatures
Lumma Stealer
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\AkebiLauncher\a0fa32e0bc563ba4138614edd1111d19.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\AkebiLauncher\a0fa32e0bc563ba4138614edd1111d19.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\AkebiLauncher\a0fa32e0bc563ba4138614edd1111d19.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\AkebiLauncher\a0fa32e0bc563ba4138614edd1111d19.exe | N/A |
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 6168 set thread context of 6964 | N/A | C:\Users\Admin\Downloads\AkebiLauncher\a0fa32e0bc563ba4138614edd1111d19.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe |
| PID 2288 set thread context of 4108 | N/A | C:\Users\Admin\Downloads\AkebiLauncher\a0fa32e0bc563ba4138614edd1111d19.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133607070868346341" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a000000a000000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 0100000000000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Generic" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0000000001000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\KnownFolderDerivedFolderType = "{885A186E-A440-4ADA-812B-DB871B942259}" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1092616257" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 = 3a001f44471a0359723fa74489c55595fe6b30ee260001002600efbe1000000090bc7f32d697da0156d12e81e297da01da64f67becaada0114000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\SniffedFolderType = "Downloads" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\NodeSlot = "5" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByDirection = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\NodeSlot = "4" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.mediafire.com/folder/30zmqf6cg2lq0/DkksiovjfdprodjkfioepwkLkck2024
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc63f6ab58,0x7ffc63f6ab68,0x7ffc63f6ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1736 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2220 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2924 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2932 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4752 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4672 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5080 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4972 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4752 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4980 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5320 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5456 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5624 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5988 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=6320 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5676 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5536 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=6584 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=6600 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=6608 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6856 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=7120 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=7384 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=7404 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=7688 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=7864 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=8072 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=8100 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=8108 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=8116 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=8056 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=7084 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=7040 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=9624 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=9632 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=9708 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=9224 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=9532 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=9148 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=10204 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=9864 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=10340 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=9884 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=10372 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=9364 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=11020 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=11180 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=11276 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=10752 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=10368 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=11216 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=5864 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=11552 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=9828 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=9236 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=11576 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=9272 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=8936 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=10732 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=9304 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=9708 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=10004 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=9400 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=9448 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\AkebiLauncher\" -spe -an -ai#7zMap16297:88:7zEvent12417
C:\Users\Admin\Downloads\AkebiLauncher\a0fa32e0bc563ba4138614edd1111d19.exe
"C:\Users\Admin\Downloads\AkebiLauncher\a0fa32e0bc563ba4138614edd1111d19.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe"
C:\Users\Admin\Downloads\AkebiLauncher\a0fa32e0bc563ba4138614edd1111d19.exe
"C:\Users\Admin\Downloads\AkebiLauncher\a0fa32e0bc563ba4138614edd1111d19.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=12008 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=2408 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3996 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=11992 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=5556 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=8956 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=2420 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=11284 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10396 --field-trial-handle=1864,i,5179452428089433425,13899658828696722641,131072 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.16.113.74:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 216.58.213.10:443 | ajax.googleapis.com | tcp |
| US | 104.16.113.74:443 | static.mediafire.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.113.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| GB | 13.224.81.82:443 | cdn.amplitude.com | tcp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| GB | 142.250.187.238:443 | translate.google.com | tcp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 54.191.132.127:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 163.70.151.21:443 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| GB | 142.250.200.42:443 | translate.googleapis.com | tcp |
| US | 8.8.8.8:53 | 227.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.132.191.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| BE | 108.177.15.157:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| BE | 108.177.15.157:443 | stats.g.doubleclick.net | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.15.177.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 194.61.62.23.in-addr.arpa | udp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| GB | 142.250.200.42:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 172.67.199.186:443 | the.gatekeeperconsent.com | tcp |
| US | 104.21.63.106:443 | www.ezojs.com | tcp |
| GB | 142.250.187.238:443 | translate.google.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | tcp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 104.16.53.110:443 | cdn.otnolatrnup.com | tcp |
| FR | 35.181.89.222:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | www.mediafiredls.com | udp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| US | 104.26.2.173:443 | www.mediafiredls.com | tcp |
| US | 8.8.8.8:53 | 186.199.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.63.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.42.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.53.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 222.89.181.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 104.21.87.79:443 | g.ezodn.com | udp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| US | 104.21.87.79:443 | bshr.ezodn.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| IE | 52.48.217.227:443 | bcp.crwdcntrl.net | tcp |
| GB | 13.224.81.56:443 | tags.crwdcntrl.net | tcp |
| IE | 52.211.28.170:443 | bcp.crwdcntrl.net | tcp |
| US | 104.21.87.79:443 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 79.87.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.217.48.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.28.211.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | ghb.adtelligent.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | prebid.smilewanted.com | udp |
| US | 8.8.8.8:53 | prebid.cootlogix.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| FR | 35.181.89.222:443 | g.ezoic.net | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| GB | 185.239.172.170:443 | ghb.adtelligent.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 145.40.97.66:443 | prebid.a-mo.net | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 159.223.100.199:443 | prebid.cootlogix.com | tcp |
| US | 159.223.100.199:443 | prebid.cootlogix.com | tcp |
| US | 159.223.100.199:443 | prebid.cootlogix.com | tcp |
| US | 159.223.100.199:443 | prebid.cootlogix.com | tcp |
| US | 159.223.100.199:443 | prebid.cootlogix.com | tcp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 172.67.14.119:443 | prebid.smilewanted.com | tcp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 172.67.14.119:443 | prebid.smilewanted.com | tcp |
| US | 172.67.14.119:443 | prebid.smilewanted.com | tcp |
| US | 172.67.14.119:443 | prebid.smilewanted.com | tcp |
| US | 172.67.14.119:443 | prebid.smilewanted.com | tcp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| IE | 99.80.216.153:443 | ap.lijit.com | tcp |
| GB | 13.224.81.52:443 | hb.yellowblue.io | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| GB | 18.165.151.239:443 | cdn.prod.uidapi.com | tcp |
| US | 172.64.152.89:443 | cdn-ima.33across.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| US | 104.18.22.145:443 | cadmus.script.ac | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 34.120.107.143:443 | oajs.openx.net | tcp |
| US | 8.8.8.8:53 | 169.9.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.172.239.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.14.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.216.80.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.152.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.151.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 199.100.223.159.in-addr.arpa | udp |
| DE | 162.19.138.119:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | ghb1.adtelligent.com | udp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | udp |
| DE | 51.89.9.252:443 | onetag-sys.com | udp |
| GB | 185.239.172.170:443 | ghb1.adtelligent.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 2926ca2eb5df239bf8a271d9c09d52f0.safeframe.googlesyndication.com | udp |
| US | 34.120.107.143:443 | oajs.openx.net | udp |
| GB | 172.217.169.65:443 | 2926ca2eb5df239bf8a271d9c09d52f0.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 35.244.159.8:443 | google-bidout-d.openx.net | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.22.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.107.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 104.16.52.110:443 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | download2293.mediafire.com | udp |
| US | 199.91.155.34:443 | download2293.mediafire.com | tcp |
| US | 199.91.155.34:443 | download2293.mediafire.com | tcp |
| GB | 142.250.200.42:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.52.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.155.91.199.in-addr.arpa | udp |
| US | 104.16.52.110:80 | otnolatrnup.com | tcp |
| US | 104.16.52.110:80 | otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | woreppercomming.com | udp |
| GB | 18.172.89.78:443 | woreppercomming.com | tcp |
| US | 8.8.8.8:53 | www.ovardu.com | udp |
| US | 104.21.96.72:443 | www.ovardu.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | s.adtelligent.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| SE | 23.34.232.193:443 | ads.pubmatic.com | tcp |
| IE | 52.49.45.15:443 | id.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | s.console.adtarget.com.tr | udp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| DE | 49.12.126.50:443 | s.console.adtarget.com.tr | tcp |
| IE | 54.171.72.23:443 | ce.lijit.com | tcp |
| DE | 142.132.249.184:443 | s.console.adtarget.com.tr | tcp |
| DE | 142.132.249.184:443 | s.console.adtarget.com.tr | tcp |
| US | 8.8.8.8:53 | sync.cootlogix.com | udp |
| IE | 54.171.72.23:443 | ce.lijit.com | tcp |
| US | 159.223.96.127:443 | sync.cootlogix.com | tcp |
| US | 8.8.8.8:53 | c3.a-mo.net | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 79.127.227.46:443 | c3.a-mo.net | tcp |
| US | 8.8.8.8:53 | pixel-us-east.rubiconproject.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | ums.acuityplatform.com | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 154.59.122.79:443 | ums.acuityplatform.com | tcp |
| GB | 13.224.81.95:443 | s.ad.smaato.net | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| IE | 34.249.65.85:443 | match.prod.bidr.io | tcp |
| IE | 34.249.65.85:443 | match.prod.bidr.io | tcp |
| NL | 89.149.192.244:443 | ssbsync.smartadserver.com | tcp |
| NL | 89.149.192.244:443 | ssbsync.smartadserver.com | tcp |
| US | 69.173.151.100:443 | pixel-us-east.rubiconproject.com | tcp |
| DE | 91.228.74.200:443 | cms.quantserve.com | tcp |
| NL | 185.89.210.244:443 | secure.adnxs.com | tcp |
| NL | 185.89.210.244:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 50.31.142.31:443 | b1sync.zemanta.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 67.202.105.24:443 | ssc-cms.33across.com | tcp |
| FR | 154.54.250.81:443 | ads.stickyadstv.com | tcp |
| US | 172.67.40.173:443 | spl.zeotap.com | tcp |
| FR | 91.134.110.133:443 | ssbsync-global.smartadserver.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| US | 216.200.232.249:443 | sync.mathtag.com | tcp |
| DE | 3.69.205.38:443 | rtb.mfadsrvr.com | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| BE | 104.68.78.171:443 | secure-assets.rubiconproject.com | tcp |
| US | 104.17.43.93:443 | gum.aidemsrv.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 2.17.251.11:443 | player.aniview.com | tcp |
| US | 8.8.8.8:53 | 78.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.96.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.62.75.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.23.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.216.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.45.49.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.232.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.126.12.49.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.72.171.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.249.132.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.96.223.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.227.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.122.59.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 8.8.8.8:53 | data.adsrvr.org | udp |
| US | 8.8.8.8:53 | assets.a-mo.net | udp |
| US | 50.31.142.31:443 | b1sync.zemanta.com | tcp |
| US | 2.17.251.11:443 | player.aniview.com | tcp |
| US | 67.202.105.24:443 | ssc-cms.33across.com | tcp |
| US | 216.200.232.249:443 | sync.mathtag.com | tcp |
| US | 172.67.40.173:443 | spl.zeotap.com | tcp |
| IE | 52.95.115.255:443 | aax-eu.amazon-adsystem.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| GB | 18.172.89.43:443 | api-2-0.spot.im | tcp |
| US | 104.19.159.19:443 | assets.a-mo.net | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| BE | 2.21.18.175:443 | eus.rubiconproject.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | um.simpli.fi | udp |
| US | 8.8.8.8:53 | sync.serverbid.com | udp |
| US | 50.31.142.31:443 | b1sync.zemanta.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| NL | 35.204.74.118:443 | um.simpli.fi | tcp |
| GB | 3.162.20.129:443 | sync.serverbid.com | tcp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 54.167.137.47:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| DE | 3.69.205.38:443 | rtb.mfadsrvr.com | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 8.8.8.8:53 | sync.targeting.unrulymedia.com | udp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 23.21.235.121:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 8.8.8.8:53 | aorta.clickagy.com | udp |
| IE | 54.74.38.144:443 | jadserve.postrelease.com | tcp |
| US | 34.198.38.143:443 | aorta.clickagy.com | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 192.132.33.67:443 | bttrack.com | tcp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.65.249.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.151.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.250.54.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.110.134.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.43.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.205.69.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.78.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.142.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.232.200.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.40.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.159.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 255.115.95.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.18.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.74.204.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.137.167.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.38.74.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.235.21.23.in-addr.arpa | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 8.8.8.8:53 | static.smilewanted.com | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 35.244.159.8:443 | us-u.openx.net | udp |
| DK | 37.157.5.133:443 | c1.adform.net | tcp |
| IE | 52.95.115.255:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 52.95.115.255:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | simage2.pubmatic.com | udp |
| NL | 198.47.127.205:443 | simage2.pubmatic.com | tcp |
| NL | 198.47.127.205:443 | simage2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| US | 8.8.8.8:53 | ws.rqtrk.eu | udp |
| US | 8.8.8.8:53 | eu-u.openx.net | udp |
| US | 8.8.8.8:53 | dsp.adfarm1.adition.com | udp |
| DE | 57.129.18.105:443 | ws.rqtrk.eu | tcp |
| DE | 85.114.159.93:443 | dsp.adfarm1.adition.com | tcp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| US | 8.8.8.8:53 | 143.38.198.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.130.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.5.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.18.129.57.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.159.114.85.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | d5p.de17a.com | udp |
| SE | 213.155.156.181:443 | d5p.de17a.com | tcp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| NL | 35.214.224.184:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | ad.mrtnsvr.com | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 8.8.8.8:53 | ipac.ctnsnet.com | udp |
| NL | 81.17.55.172:443 | rtb-csync.smartadserver.com | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | tcp |
| US | 8.8.8.8:53 | cm-supply-web.gammaplatform.com | udp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| US | 8.8.8.8:53 | core.iprom.net | udp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| US | 104.18.24.173:443 | a.tribalfusion.com | tcp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 96.46.186.182:443 | sync.aniview.com | tcp |
| US | 8.8.8.8:53 | 184.224.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.156.155.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.163.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.193.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.165.5.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.24.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s.tribalfusion.com | udp |
| US | 8.8.8.8:53 | sync.search.spotxchange.com | udp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | cs.krushmedia.com | udp |
| IE | 52.211.45.143:443 | ad.360yield.com | tcp |
| NL | 81.17.55.172:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.2.110.134:443 | cs.krushmedia.com | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | cr.frontend.weborama.fr | udp |
| US | 8.8.8.8:53 | a.audrte.com | udp |
| US | 8.8.8.8:53 | mwzeom.zeotap.com | udp |
| GB | 216.58.204.70:443 | s0.2mdn.net | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| IE | 34.248.32.69:443 | a.audrte.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | tcp |
| US | 8.8.8.8:53 | ad.turn.com | udp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | sync.adotmob.com | udp |
| US | 8.8.8.8:53 | 182.186.46.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.45.211.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.110.2.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.129.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.32.248.34.in-addr.arpa | udp |
| FR | 45.137.176.88:443 | sync.adotmob.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | udp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| US | 8.8.8.8:53 | image4.pubmatic.com | udp |
| US | 8.8.8.8:53 | pm.w55c.net | udp |
| NL | 198.47.127.20:443 | image4.pubmatic.com | tcp |
| US | 8.8.8.8:53 | pb-am.a-mo.net | udp |
| US | 8.8.8.8:53 | idsync.frontend.weborama.fr | udp |
| US | 104.18.24.173:443 | s.tribalfusion.com | udp |
| IE | 34.247.185.247:443 | pm.w55c.net | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| NL | 147.75.84.158:443 | pb-am.a-mo.net | tcp |
| US | 34.111.131.239:443 | idsync.frontend.weborama.fr | tcp |
| FR | 5.196.111.72:443 | sync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| NL | 145.40.97.67:443 | sync.a-mo.net | tcp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| DE | 79.127.216.47:443 | c3.a-mo.net | tcp |
| NL | 145.40.97.67:443 | sync.a-mo.net | tcp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| IE | 54.76.221.56:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| US | 8.8.8.8:53 | 62.113.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.176.137.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 247.185.247.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.84.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.131.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.111.196.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| DK | 37.157.4.28:443 | cm.adform.net | tcp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| IE | 63.32.35.158:443 | ice.360yield.com | tcp |
| US | 8.8.8.8:53 | pubmatic-match.dotomi.com | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| NL | 89.207.16.140:443 | pubmatic-match.dotomi.com | tcp |
| US | 8.8.8.8:53 | cm.adgrx.com | udp |
| US | 8.8.8.8:53 | green.erne.co | udp |
| US | 8.8.8.8:53 | matching.truffle.bid | udp |
| US | 8.8.8.8:53 | uipglob.semasio.net | udp |
| US | 8.8.8.8:53 | pixel.onaudience.com | udp |
| US | 8.8.8.8:53 | match.adsby.bidtheatre.com | udp |
| US | 8.8.8.8:53 | us.shb-sync.com | udp |
| US | 8.8.8.8:53 | ssum.casalemedia.com | udp |
| IE | 54.217.19.5:443 | cm.adgrx.com | tcp |
| FR | 141.95.172.216:443 | green.erne.co | tcp |
| DE | 162.55.120.196:443 | matching.truffle.bid | tcp |
| CA | 15.235.15.221:443 | pixel.onaudience.com | tcp |
| NL | 134.122.57.34:443 | match.adsby.bidtheatre.com | tcp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| DK | 77.243.51.122:443 | uipglob.semasio.net | tcp |
| US | 8.2.110.33:443 | us.shb-sync.com | tcp |
| US | 8.8.8.8:53 | pixel-eu.onaudience.com | udp |
| FR | 146.59.148.16:443 | pixel-eu.onaudience.com | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| DK | 77.243.51.122:443 | uipglob.semasio.net | tcp |
| US | 8.2.110.33:443 | us.shb-sync.com | tcp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| GB | 185.64.190.84:443 | ow.pubmatic.com | tcp |
| US | 8.8.8.8:53 | prebid-server.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ps.eyeota.net | udp |
| US | 8.8.8.8:53 | simage4.pubmatic.com | udp |
| DE | 18.184.216.10:443 | ps.eyeota.net | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| DE | 18.184.216.10:443 | ps.eyeota.net | tcp |
| GB | 185.64.190.84:443 | ow.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 56.221.76.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.253.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.35.32.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.19.217.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.172.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.57.122.134.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.120.55.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.15.235.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.148.59.146.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.51.243.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.110.2.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| US | 52.73.82.193:443 | sync.ipredictive.com | tcp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| DE | 18.158.104.84:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | d.turn.com | udp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| US | 8.8.8.8:53 | capi.connatix.com | udp |
| US | 172.64.146.152:443 | capi.connatix.com | tcp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| US | 172.64.146.152:443 | capi.connatix.com | udp |
| US | 8.8.8.8:53 | 150.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.216.184.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.82.73.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.104.158.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.146.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.adtelligent.com | udp |
| GB | 185.83.71.234:443 | sync.adtelligent.com | tcp |
| US | 8.8.8.8:53 | live.primis.tech | udp |
| GB | 18.172.89.42:443 | live.primis.tech | tcp |
| US | 8.8.8.8:53 | 234.71.83.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sideindexfollowragelrew.pw | udp |
| US | 8.8.8.8:53 | museumtespaceorsp.shop | udp |
| US | 172.67.184.107:443 | museumtespaceorsp.shop | tcp |
| US | 8.8.8.8:53 | buttockdecarderwiso.shop | udp |
| US | 172.67.218.187:443 | buttockdecarderwiso.shop | tcp |
| US | 8.8.8.8:53 | 107.184.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | averageaattractiionsl.shop | udp |
| US | 172.67.220.163:443 | averageaattractiionsl.shop | tcp |
| US | 8.8.8.8:53 | femininiespywageg.shop | udp |
| US | 172.67.141.63:443 | femininiespywageg.shop | tcp |
| US | 8.8.8.8:53 | employhabragaomlsp.shop | udp |
| US | 104.21.85.81:443 | employhabragaomlsp.shop | tcp |
| US | 8.8.8.8:53 | 187.218.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.220.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.141.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | stalfbaclcalorieeis.shop | udp |
| US | 104.21.3.197:443 | stalfbaclcalorieeis.shop | tcp |
| US | 8.8.8.8:53 | civilianurinedtsraov.shop | udp |
| US | 172.67.197.146:443 | civilianurinedtsraov.shop | tcp |
| US | 8.8.8.8:53 | roomabolishsnifftwk.shop | udp |
| US | 172.67.146.92:443 | roomabolishsnifftwk.shop | tcp |
| US | 8.8.8.8:53 | 81.85.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.197.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.3.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.146.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sideindexfollowragelrew.pw | udp |
| US | 172.67.184.107:443 | museumtespaceorsp.shop | tcp |
| US | 172.67.218.187:443 | buttockdecarderwiso.shop | tcp |
| US | 172.67.220.163:443 | averageaattractiionsl.shop | tcp |
| US | 172.67.141.63:443 | femininiespywageg.shop | tcp |
| US | 104.21.85.81:443 | employhabragaomlsp.shop | tcp |
| US | 104.21.3.197:443 | stalfbaclcalorieeis.shop | tcp |
| US | 172.67.197.146:443 | civilianurinedtsraov.shop | tcp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 172.67.146.92:443 | roomabolishsnifftwk.shop | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| GB | 142.250.178.14:443 | encrypted-tbn1.gstatic.com | tcp |
| GB | 142.250.180.14:443 | encrypted-tbn2.gstatic.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | e2c49.gcp.gvt2.com | udp |
| US | 35.211.148.231:443 | e2c49.gcp.gvt2.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 195.49.178.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.148.211.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| GB | 172.217.169.3:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | www.virustotal.com | udp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 46.34.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | recaptcha.net | udp |
| GB | 142.250.187.227:443 | recaptcha.net | tcp |
| GB | 142.250.187.227:443 | recaptcha.net | udp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | udp |
Files
\??\pipe\crashpad_3404_VUYEYRHJTRHCWXKR
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\6319ddc7-cafb-40b1-95aa-b675aac43834.tmp
| MD5 | 6dbfc78e551fcaf079cc777f08a8c587 |
| SHA1 | 4b3aa1f4e983807a68d5f8ffab605aa9f24dd77a |
| SHA256 | 13f63def65656004a8100ebd763f10568732ad96dc8736df1c93bfac87745c36 |
| SHA512 | fb0fa8e99b4a35776cfda9109be26f9ff4e8e7b54eeeb29ba51a04486ea649205411373df63e6bbc99d7f0b7c7479c1f9c0ce0972af9e025af1c52144601215d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | be85a759c4645c0c333ea63ec836d6f7 |
| SHA1 | bb98509baa2dc9ffaeca678b23bf5b505fda5c50 |
| SHA256 | 6477c5a10abf0e59f29ca157ecab466577230b0df31a63a68f88499c50fa08e9 |
| SHA512 | 05c56efa99cd5441a1de73625aea6800a7597ec5cac5e87a70fe888139f9bdb43d8bd017ee94384cdca2a4501da875a65420c53323c092900922c7c2511f9c17 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 59be93a23ef5b7c89a9f063875a9556d |
| SHA1 | 35a38a6a09373e1e56916f30f2f75c0cc0dc0b95 |
| SHA256 | cc7296a5dcff1f33049523e7561efe15751d58ec0fcabfa9b7f689b11ccbe5e0 |
| SHA512 | ed0f21f92c10fa5b3f663b86b502c4c2e6461368e2f7a6b95bcb3018c863e004b2123b49749387cc7948527f60e8fa1887c5f306a19887b2993185ee15833968 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 90b8e3c077c7289cf4b7078243e26f76 |
| SHA1 | c8e3387c59c20fcff770b846e972a52f7f93591c |
| SHA256 | 001c51870a28710313d50d9037f261881517a384d3e502d9112b04ea2e8538a1 |
| SHA512 | 4461003ce00d03608509d7ab645b933ec95c398623a1d8c6440c8a5b069d32e73aff391a1d3954511dfca7da698c0820970017b66629e3647800e5cc3920f1cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 0fe36afd2c808eeb61380ec1500268e5 |
| SHA1 | 1c7541864b43b21ff8d2088837946535a5b6872c |
| SHA256 | 8b0484bbae96ca1dc5d990c09cd8a60d20b3cf5d7252d99393fdac9f21b29787 |
| SHA512 | 94b0b48fa98d40b57bbc8c5dd86abb48d0691c99be20de82ad6172716283a12aa709958cc5cc688a1aae3dc45c6c815f74f9e6dddbd4c6568c2eb0d53d156a64 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 245d47cd2cee3da5d3975cf65d03fa0c |
| SHA1 | 6ad0f78c79fe1522825fbddb1514a3487f7854fc |
| SHA256 | a5711c1860475c4cc28af9932d8dfce002541d2bb0699c9b6bc3bc86a6f96c16 |
| SHA512 | a8b969ad15fb7eb3eaea55d15d631a047966f43f6d13d116a68ffd37b563728ac4db6204ca05c65194de4a93aa02998c405bee8f7e45ad969f96bfa6449d6ea3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fcdcd23e4709e864a39e8084d9172f6d |
| SHA1 | 3f7ef36bfc6072a4f4679dae10e4bd10b70599bb |
| SHA256 | 7653c8d1620d4d785ab2a0386969bcdd9290d8137f79c14c8a39b8760c388376 |
| SHA512 | 94ebddf3aa32c5fca4f68dced544a34f1e09bce8ce05ce2de9026ec5ffafd5bf0d0e682f52f3ee41eaf74fce5b3cda513b29f661f919afbf59afd4cefb230ef4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 74104fe6d50507c2dabe5e11822b33f0 |
| SHA1 | 333bd3200aadffffedfef890378a9263c7c575f1 |
| SHA256 | cf7b5ac8023ee3f4f9864affc54659ec2c1701948218f45d8c5f46a1a571703a |
| SHA512 | 7933a7de47ca96d1eccfa9e23e46b6245a00f8450ef9cf23f445a9d0a31fc4ef14488d0514bd82fde7e75a521ba4cc69f286877964ad42d8be1dcec805322c4f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57b621.TMP
| MD5 | 4fdc1462d0681492db1090bf28949a8c |
| SHA1 | bc32bd77f071e0d880933328daee5bc253b2d06a |
| SHA256 | 0938dd87e7ae105d750a2986867c72302720d7c7dc33d8c089fe4b4fc08e6b83 |
| SHA512 | 1ff1cef00ee14a319d414e434eb57b3edf5e2927376f5d43ec83a5b2d8cf9d6a029f2aaea8941ea1e47f1566e721de6ff24414d8333547df7081e2b6156f0e38 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 4fd8a28721dd9f67500e65f7b56ad836 |
| SHA1 | 99cd2282a3fa062c07f24d8a29743cc622cd8704 |
| SHA256 | 9fe586854f5f8b2a662a4a108153a4bf3598bdfd07fd01d1c7c055936fbd22ea |
| SHA512 | dd2cbe7f67314a1741fe8d0140e249e3a4abe1c5b1341c2efee4334c953cc8274557746d2b4ec8c25d97ed269cd1014305b54064e8b01c4749989fd8a9a25a44 |
C:\Users\Admin\Downloads\AkebiLauncher.zip
| MD5 | d358359ec6b4fd5b021715f0b0ea8d43 |
| SHA1 | 4b0f8a0d4d22879914a79cfe674d70c977977a41 |
| SHA256 | 3e8f6f56cc9d0a2c6a57e725230db2ef00228e957fccd68856ec706f22ff051f |
| SHA512 | ed8e90593e111aa6bb22a7f6b1a2f33e9828e3809e31345c3b4da5a3d11369e5eed01c01a9ab865fe5ea06bf7f1707f8c504174916d36569e2091a23920df619 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c4bea36d4666c5370ffdb44e0c288ba7 |
| SHA1 | 8f286242e3771b0bd05adc69e99572c6741e6e44 |
| SHA256 | a9d934b6f23aa5107a58d0d66e88d398061ac4ee8fcfe78844939ce723e090bc |
| SHA512 | 1b40716fec2d4584fe668bb47eac3a51281e587f1026c6352efa9975a5d3d5a5cce5ab661dad8a7bdc8d1dd45830727f994822f793525ac8d8239d1fb583e93c |
C:\Users\Admin\Downloads\AkebiLauncher\a0fa32e0bc563ba4138614edd1111d19.exe
| MD5 | 50ac84a514e1b4da49e2d9d9fecc2173 |
| SHA1 | 9974121d07f108a92fd4edfbfd7e42e5b4b0bf9b |
| SHA256 | 4238c368cd35e81f99b9d48d058bab0b693faa50172d4466d1939881e0f75232 |
| SHA512 | 664e37c68cc0f509ebffc8f98149ea6c28b60dfb9f3ba99c5c643910b7be3fca2de77b049cc25638ad35e554807d16ead89a4016bdf9d21adca945aea5741da5 |
memory/6168-393-0x0000000074A6E000-0x0000000074A6F000-memory.dmp
memory/6168-394-0x00000000004E0000-0x0000000000560000-memory.dmp
memory/6964-400-0x0000000000400000-0x0000000000455000-memory.dmp
memory/6964-403-0x0000000000400000-0x0000000000455000-memory.dmp
memory/6168-404-0x0000000074A60000-0x0000000075210000-memory.dmp
memory/6964-405-0x0000000000400000-0x0000000000455000-memory.dmp
C:\Users\Admin\AppData\Roaming\d3d9.dll
| MD5 | f786837f40f799b8aecf8a76fac51782 |
| SHA1 | cc41f9fc56b348e52834c3bb8c6f8e7bfc190d50 |
| SHA256 | 9cd0e696a1090049824651dc3af23e6011bc29b04ca792a66794fa444be9e6b6 |
| SHA512 | d26cad86ea51160558c0431f7135171edba2984af7d1498694c7c063578d250a7ad175c4b6dc902c089f7da6eaa88bc49ec282cc57c9c07c9bb11f7120e351f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 867424763f30fd4a4571f93c63d24e25 |
| SHA1 | 87f9dc3dceedf4ce36b78815f5e7bd6c8c55bcf0 |
| SHA256 | eacbd3c3ec9a4f0fbe63e84090c6db90ac37495c1ed78edf745210bcb244a0ab |
| SHA512 | 32997654fac77bb3c17c0e3ce74cbd52a5ecca12d1eb3316d7ba932e0770bd19c3d4b47f46c46b447307a5c3de3ec4b9b468a08f44e25bebe145a2b99f319c25 |
memory/6168-446-0x0000000074A60000-0x0000000075210000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000036
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003c
| MD5 | 41785febb3bce5997812ab812909e7db |
| SHA1 | c2dae6cfbf5e28bb34562db75601fadd1f67eacb |
| SHA256 | 696a298fa617f26115168d70442c29f2d854f595497ea2034124a7e27b036483 |
| SHA512 | b82cfd843b13487c79dc5c7f07c84a236cf2065d69c9e0a79d36ac1afc78fa04fba30c31903f48d1d2d44f17fb951002e90fb4e92b9eae7677dbb6f023e68919 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 3ea639ef05b65053d99c735bdb77bff0 |
| SHA1 | 7f4f64d07bc749b4179bb3310d7a4263ed79f935 |
| SHA256 | 2a24afdd5fde803f7e1d8d1bbcd07a9446b545582ae4003c4648f96335a98192 |
| SHA512 | f2e9ee43c3580f8c62dbf5b03c03b01f3e44e9f77361fe1e4b3a0ac716f3d816d3ec26c01790d6eb2a4f157f672703d0adfd22fbae88b4ee384c10ac4704dd01 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 690c9becbd267c22714469e7c8b156df |
| SHA1 | bf64c11eda923155d1dd1fecd0f7330a5f3890dd |
| SHA256 | 36cd49835de1051cfed38bb9ec601da757695af3270c688197e3521362701dab |
| SHA512 | a5f316d58ab75af98302c100c59e0e1a4103102174d81315d1241f7a4b49cff6b94492dfab219b19e46737574396bb78bf8dcdafe813d753511ce9e24deab9f2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0651e3f9752787e977391a760ffb7111 |
| SHA1 | b91f0ad2e4febc9c779121fd5a346f34dfd5d2a2 |
| SHA256 | ef797704090067ddc002756a7ba2d53e54973d79f1bc4fda7c3b67eadc154bcb |
| SHA512 | cb0dcc01f9d5166d99cbe1503b1b56d2dbb595744a5888cb66653df108dd90c990b079997d4ab68f44aa74995a97a47b48637d12cb8395e188d079eb71cdbbac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 4813487d64eed71b1abbeec1be8282b4 |
| SHA1 | 05c81d875d089def2f030df54a4b21d993bade29 |
| SHA256 | f45210fdfaeb66986b500a31256e20d0fc6c0bb63684f61ef23bf98d98330f5d |
| SHA512 | 1f9847b96decf22dc0f21e1fc235575c916f8628e9d414bc63600903af4b1af9a30518bed03a0eb473555c06dd024d64ad32e87e981dab018a048cab235ab314 |