Analysis Overview
Threat Level: Known bad
The file https://github.com/Bhaggo/Bhaggos-Quick-Cleaner/releases/tag/v1.2 was found to be: Known bad.
Malicious Activity Summary
Lumma Stealer
Downloads MZ/PE file
Executes dropped EXE
Loads dropped DLL
Checks computer location settings
Legitimate hosting services abused for malware hosting/C2
Checks installed software on the system
Suspicious use of SetThreadContext
Drops file in Program Files directory
Command and Scripting Interpreter: PowerShell
Enumerates physical storage devices
Suspicious behavior: EnumeratesProcesses
Checks SCSI registry key(s)
Checks processor information in registry
Suspicious behavior: AddClipboardFormatListener
Uses Volume Shadow Copy service COM API
Suspicious use of WriteProcessMemory
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Enumerates system info in registry
Modifies data under HKEY_USERS
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-21 12:13
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-21 12:13
Reported
2024-05-21 12:21
Platform
win10v2004-20240426-en
Max time kernel
433s
Max time network
430s
Command Line
Signatures
Lumma Stealer
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3571316656-3665257725-2415531812-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\BhaggoQuickCleanerSetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| N/A | N/A | C:\Program Files\Bhaggo's Quick Cleaner\peformancebooster.exe | N/A |
Loads dropped DLL
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | mediafire.com | N/A | N/A |
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 6200 set thread context of 6740 | N/A | C:\Users\Admin\Downloads\Software\1227006289.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
| PID 5960 set thread context of 4928 | N/A | C:\Users\Admin\Downloads\Software\1227006289.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
| PID 1240 set thread context of 5624 | N/A | C:\Users\Admin\Downloads\Software\1227006289.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
| PID 4988 set thread context of 5936 | N/A | C:\Users\Admin\Downloads\Software\1227006289.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
| PID 5808 set thread context of 5072 | N/A | C:\Users\Admin\Downloads\Software\1227006289.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
| PID 4940 set thread context of 1232 | N/A | C:\Users\Admin\Downloads\Software\1227006289.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\translations\is-DBVOQ.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\translations\is-6S68Q.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File opened for modification | C:\Program Files\Bhaggo's Quick Cleaner\unins000.dat | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File opened for modification | C:\Program Files\Bhaggo's Quick Cleaner\Qt6Gui.dll | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File opened for modification | C:\Program Files\Bhaggo's Quick Cleaner\imageformats\qtga.dll | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\imageformats\is-TF6DO.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\translations\is-OBM4U.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\translations\is-GIU29.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\translations\is-CQ69J.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\translations\is-1RRAM.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File opened for modification | C:\Program Files\Bhaggo's Quick Cleaner\libwinpthread-1.dll | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File opened for modification | C:\Program Files\Bhaggo's Quick Cleaner\Qt6Widgets.dll | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File opened for modification | C:\Program Files\Bhaggo's Quick Cleaner\imageformats\qwebp.dll | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\is-J3V6U.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\is-J8P0S.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\is-8DCPJ.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\is-4BTOU.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\imageformats\is-KS5D4.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File opened for modification | C:\Program Files\Bhaggo's Quick Cleaner\peformancebooster.exe | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File opened for modification | C:\Program Files\Bhaggo's Quick Cleaner\libgcc_s_seh-1.dll | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File opened for modification | C:\Program Files\Bhaggo's Quick Cleaner\tls\qopensslbackend.dll | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File opened for modification | C:\Program Files\Bhaggo's Quick Cleaner\imageformats\qicns.dll | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File opened for modification | C:\Program Files\Bhaggo's Quick Cleaner\platforms\qwindows.dll | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\translations\is-LO02U.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\translations\is-KJ3R4.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\platforms\is-4B098.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\translations\is-ENP9S.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\translations\is-U4TPG.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File opened for modification | C:\Program Files\Bhaggo's Quick Cleaner\D3Dcompiler_47.dll | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File opened for modification | C:\Program Files\Bhaggo's Quick Cleaner\generic\qtuiotouchplugin.dll | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File opened for modification | C:\Program Files\Bhaggo's Quick Cleaner\imageformats\qico.dll | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\unins000.dat | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\imageformats\is-J2G51.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\translations\is-3NPQI.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File opened for modification | C:\Program Files\Bhaggo's Quick Cleaner\imageformats\qgif.dll | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\iconengines\is-1PQ0I.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\networkinformation\is-FQCUT.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\translations\is-G12KC.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\translations\is-P6JIO.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File opened for modification | C:\Program Files\Bhaggo's Quick Cleaner\styles\qwindowsvistastyle.dll | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\is-O4HUP.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File opened for modification | C:\Program Files\Bhaggo's Quick Cleaner\tls\qschannelbackend.dll | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\is-LQAHS.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\translations\is-7FANA.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\translations\is-D36C2.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\generic\is-I4JQA.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\translations\is-ARVS7.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\translations\is-2J7VA.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File opened for modification | C:\Program Files\Bhaggo's Quick Cleaner\iconengines\qsvgicon.dll | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File opened for modification | C:\Program Files\Bhaggo's Quick Cleaner\imageformats\qjpeg.dll | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\is-MKPQ1.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\is-6EIBM.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\imageformats\is-PC5A7.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\translations\is-TNKBH.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\translations\is-A7685.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File opened for modification | C:\Program Files\Bhaggo's Quick Cleaner\networkinformation\qnetworklistmanager.dll | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\is-FS49E.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\is-GO91M.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\is-QU1IR.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\imageformats\is-5HQIF.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File opened for modification | C:\Program Files\Bhaggo's Quick Cleaner\libstdc++-6.dll | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File opened for modification | C:\Program Files\Bhaggo's Quick Cleaner\imageformats\qtiff.dll | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\translations\is-9PDA7.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
| File created | C:\Program Files\Bhaggo's Quick Cleaner\translations\is-ART2Q.tmp | C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp | N/A |
Command and Scripting Interpreter: PowerShell
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters | C:\Windows\system32\vssvc.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters | C:\Windows\system32\vssvc.exe | N/A |
| Key created | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters\Partmgr | C:\Windows\system32\vssvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters\Partmgr\PartitionTableCache = 0000000004000000073c7eb973396fb40000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000c01200000000ffffffff000000002701010000080000073c7eb90000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d01200000000000020ed3a000000ffffffff000000000700010000680900073c7eb9000000000000d012000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0ff3a0000000000000005000000ffffffff000000000700010000f87f1d073c7eb9000000000000f0ff3a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000073c7eb900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\system32\vssvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters\Partmgr\SnapshotDataCache = 534e41505041525401000000700000008ec7416a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\system32\vssvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\system32\taskmgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133607672280841034" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3571316656-3665257725-2415531812-1000\{46C7E095-09F8-4D7E-B6AC-4F525871C014} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3571316656-3665257725-2415531812-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Bhaggo's Quick Cleaner\peformancebooster.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Bhaggo's Quick Cleaner\peformancebooster.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/Bhaggo/Bhaggos-Quick-Cleaner/releases/tag/v1.2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe1ce8ab58,0x7ffe1ce8ab68,0x7ffe1ce8ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1608 --field-trial-handle=1912,i,5554429880424973637,1720343083265752074,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1912,i,5554429880424973637,1720343083265752074,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2184 --field-trial-handle=1912,i,5554429880424973637,1720343083265752074,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3000 --field-trial-handle=1912,i,5554429880424973637,1720343083265752074,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3020 --field-trial-handle=1912,i,5554429880424973637,1720343083265752074,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4456 --field-trial-handle=1912,i,5554429880424973637,1720343083265752074,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4444 --field-trial-handle=1912,i,5554429880424973637,1720343083265752074,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5008 --field-trial-handle=1912,i,5554429880424973637,1720343083265752074,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4340 --field-trial-handle=1912,i,5554429880424973637,1720343083265752074,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5172 --field-trial-handle=1912,i,5554429880424973637,1720343083265752074,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5020 --field-trial-handle=1912,i,5554429880424973637,1720343083265752074,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5052 --field-trial-handle=1912,i,5554429880424973637,1720343083265752074,131072 /prefetch:8
C:\Users\Admin\Downloads\BhaggoQuickCleanerSetup.exe
"C:\Users\Admin\Downloads\BhaggoQuickCleanerSetup.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4232 --field-trial-handle=1912,i,5554429880424973637,1720343083265752074,131072 /prefetch:8
C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp
"C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp" /SL5="$E0044,20045463,1187328,C:\Users\Admin\Downloads\BhaggoQuickCleanerSetup.exe"
C:\Program Files\Bhaggo's Quick Cleaner\peformancebooster.exe
"C:\Program Files\Bhaggo's Quick Cleaner\peformancebooster.exe"
C:\Windows\SYSTEM32\cmd.exe
cmd.exe /C C:/Users/Admin/AppData/Local/Temp/peformancebooster-GLZxLN/RestorePointButton.bat
C:\Windows\system32\reg.exe
Reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore" /v "DisableConfig" /f
C:\Windows\system32\reg.exe
Reg.exe add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\SystemRestore" /v "SystemRestorePointCreationFrequency" /t REG_DWORD /d 0 /f
C:\Windows\system32\reg.exe
Reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore" /v "RPSessionInterval" /f
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell -ExecutionPolicy Unrestricted -NoProfile Enable-ComputerRestore -Drive 'C:\'
C:\Windows\System32\Wbem\WMIC.exe
wmic.exe /Namespace:\\root\default Path SystemRestore Call CreateRestorePoint "Bhaggo Restore Point", 100, 7
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell -ExecutionPolicy Unrestricted -NoProfile Enable-ComputerRestore -Drive 'C:\', 'D:\', 'E:\', 'F:\', 'G:\'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell -ExecutionPolicy Unrestricted -NoProfile Checkpoint-Computer -Description 'Bhaggo Restore Point'
C:\Windows\system32\srtasks.exe
C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xfc,0x128,0x7ffe1ce8ab58,0x7ffe1ce8ab68,0x7ffe1ce8ab78
C:\Windows\System32\SystemPropertiesProtection.exe
C:\Windows\System32\SystemPropertiesProtection.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1740 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2252 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2980 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2988 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4432 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4544 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4564 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4668 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4888 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4560 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2476 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4668 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5080 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3028 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3044 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x49c 0x46c
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3200 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5156 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4248 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=3016 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5448 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4352 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=4996 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5464 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=2748 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=5772 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5864 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=5712 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=6292 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=6524 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=7068 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=7268 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=7420 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=6844 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=7492 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=7488 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=6592 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=7292 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=7640 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=7812 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=7376 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=8040 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=6540 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=6584 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=7292 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=8528 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=8732 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=8468 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=8408 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=7620 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=6364 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=6592 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=7816 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=5408 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=8856 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=6368 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6532 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=5660 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=5672 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=5792 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7924 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=8424 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5708 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5152 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:8
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2980 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:8
C:\Users\Admin\Downloads\Software\1227006289.exe
"C:\Users\Admin\Downloads\Software\1227006289.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Users\Admin\Downloads\Software\1227006289.exe
"C:\Users\Admin\Downloads\Software\1227006289.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Users\Admin\Downloads\Software\1227006289.exe
"C:\Users\Admin\Downloads\Software\1227006289.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Users\Admin\Downloads\Software\1227006289.exe
"C:\Users\Admin\Downloads\Software\1227006289.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Users\Admin\Downloads\Software\1227006289.exe
"C:\Users\Admin\Downloads\Software\1227006289.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Users\Admin\Downloads\Software\1227006289.exe
"C:\Users\Admin\Downloads\Software\1227006289.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=876 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=1288 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5424 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3176 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2320 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5344 --field-trial-handle=1992,i,11865537311824245621,4821608214065698403,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe1ce8ab58,0x7ffe1ce8ab68,0x7ffe1ce8ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1916,i,7418018117384825651,10736251443387976064,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1916,i,7418018117384825651,10736251443387976064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2192 --field-trial-handle=1916,i,7418018117384825651,10736251443387976064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3064 --field-trial-handle=1916,i,7418018117384825651,10736251443387976064,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3080 --field-trial-handle=1916,i,7418018117384825651,10736251443387976064,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3636 --field-trial-handle=1916,i,7418018117384825651,10736251443387976064,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4560 --field-trial-handle=1916,i,7418018117384825651,10736251443387976064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4164 --field-trial-handle=1916,i,7418018117384825651,10736251443387976064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4792 --field-trial-handle=1916,i,7418018117384825651,10736251443387976064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4684 --field-trial-handle=1916,i,7418018117384825651,10736251443387976064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4980 --field-trial-handle=1916,i,7418018117384825651,10736251443387976064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --reenable-autoupdates --system-level
C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x238,0x23c,0x240,0x1f4,0x244,0x7ff717d9ae48,0x7ff717d9ae58,0x7ff717d9ae68
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4604 --field-trial-handle=1916,i,7418018117384825651,10736251443387976064,131072 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.111.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 172.217.169.42:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.113.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| NL | 23.62.61.113:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 113.61.62.23.in-addr.arpa | udp |
| NL | 23.62.61.113:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.94.73.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.187.238:443 | consent.google.com | tcp |
| GB | 172.217.169.42:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| BE | 64.233.166.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 86.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.166.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.187.234:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 234.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| GB | 216.58.212.206:443 | consent.youtube.com | tcp |
| GB | 216.58.204.86:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | 206.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | suggestqueries-clients6.youtube.com | udp |
| GB | 172.217.16.238:443 | suggestqueries-clients6.youtube.com | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 172.217.16.238:443 | suggestqueries-clients6.youtube.com | tcp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| GB | 172.217.16.238:443 | suggestqueries-clients6.youtube.com | udp |
| GB | 172.217.16.238:443 | suggestqueries-clients6.youtube.com | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.200.46:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | rr4---sn-5hneknee.googlevideo.com | udp |
| NL | 74.125.8.73:443 | rr4---sn-5hneknee.googlevideo.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | 73.8.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr3---sn-5hne6nsy.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr4---sn-5hnednsz.googlevideo.com | udp |
| NL | 74.125.8.233:443 | rr4---sn-5hnednsz.googlevideo.com | udp |
| NL | 172.217.132.104:443 | rr3---sn-5hne6nsy.googlevideo.com | udp |
| US | 8.8.8.8:53 | 233.8.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.132.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| GB | 172.217.16.225:443 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr1---sn-5hne6nz6.googlevideo.com | udp |
| NL | 74.125.100.198:443 | rr1---sn-5hne6nz6.googlevideo.com | udp |
| US | 8.8.8.8:53 | 198.100.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr4---sn-5hnednss.googlevideo.com | udp |
| NL | 172.217.132.201:443 | rr4---sn-5hnednss.googlevideo.com | udp |
| US | 8.8.8.8:53 | 201.132.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | hypixelmods.space | udp |
| US | 104.21.42.78:443 | hypixelmods.space | tcp |
| US | 104.21.42.78:443 | hypixelmods.space | tcp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.16.113.74:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | 78.42.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.113.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 172.67.199.186:443 | the.gatekeeperconsent.com | tcp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.113.74:443 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 172.67.170.144:443 | www.ezojs.com | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| GB | 18.154.84.84:443 | cdn.amplitude.com | tcp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 104.16.52.110:443 | cdn.otnolatrnup.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | www.mediafiredls.com | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 104.26.2.173:443 | www.mediafiredls.com | tcp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| GB | 172.217.169.74:443 | translate.googleapis.com | tcp |
| US | 52.43.101.88:443 | api.amplitude.com | tcp |
| FR | 13.39.145.251:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | 186.199.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.170.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.84.154.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.52.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 188.114.97.2:443 | go.ezodn.com | tcp |
| US | 188.114.97.2:443 | go.ezodn.com | tcp |
| US | 188.114.97.2:443 | go.ezodn.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| BE | 74.125.133.155:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 188.114.97.2:443 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| DE | 52.58.176.237:443 | btlr.sharethrough.com | tcp |
| DE | 52.58.176.237:443 | btlr.sharethrough.com | tcp |
| DE | 52.58.176.237:443 | btlr.sharethrough.com | tcp |
| DE | 52.58.176.237:443 | btlr.sharethrough.com | tcp |
| DE | 52.58.176.237:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| DE | 18.157.230.4:443 | tlx.3lift.com | tcp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| BE | 74.125.133.155:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| GB | 18.245.143.58:443 | tags.crwdcntrl.net | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | 251.145.39.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.101.43.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.97.114.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.133.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.176.58.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.230.157.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.143.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | udp |
| IE | 52.48.217.227:443 | bcp.crwdcntrl.net | tcp |
| IE | 34.255.81.198:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 227.217.48.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.81.255.34.in-addr.arpa | udp |
| FR | 13.39.145.251:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | 5078864dd438d21e0ffa36b285129155.safeframe.googlesyndication.com | udp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| GB | 18.245.254.89:443 | cdn.prod.uidapi.com | tcp |
| GB | 172.217.169.65:443 | 5078864dd438d21e0ffa36b285129155.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 34.120.135.53:443 | oajs.openx.net | tcp |
| DE | 162.19.138.117:443 | id5-sync.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| US | 34.120.135.53:443 | oajs.openx.net | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.254.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.135.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.35.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 34.98.64.218:443 | google-bidout-d.openx.net | tcp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| SE | 104.73.92.198:443 | ads.pubmatic.com | tcp |
| BE | 2.21.16.25:443 | contextual.media.net | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 104.16.52.110:443 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | download2293.mediafire.com | udp |
| US | 199.91.155.34:443 | download2293.mediafire.com | tcp |
| US | 199.91.155.34:443 | download2293.mediafire.com | tcp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.92.73.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.16.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| GB | 172.217.169.74:443 | translate-pa.googleapis.com | udp |
| US | 104.16.52.110:80 | otnolatrnup.com | tcp |
| US | 104.16.52.110:80 | otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| US | 8.8.8.8:53 | woreppercomming.com | udp |
| GB | 18.165.227.64:443 | woreppercomming.com | tcp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| IE | 67.220.228.201:443 | aax-eu.amazon-adsystem.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 185.89.210.90:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| GB | 142.250.180.2:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | www.ovardu.com | udp |
| US | 104.21.96.72:443 | www.ovardu.com | tcp |
| US | 8.8.8.8:53 | simage2.pubmatic.com | udp |
| US | 8.8.8.8:53 | cr.frontend.weborama.fr | udp |
| NL | 198.47.127.205:443 | simage2.pubmatic.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | tcp |
| NL | 198.47.127.205:443 | simage2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | mwzeom.zeotap.com | udp |
| US | 172.67.40.173:443 | mwzeom.zeotap.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | udp |
| US | 8.8.8.8:53 | www.opera.com | udp |
| DE | 52.57.140.112:443 | www.opera.com | tcp |
| US | 8.8.8.8:53 | idsync.frontend.weborama.fr | udp |
| GB | 142.250.180.2:443 | cm.g.doubleclick.net | udp |
| US | 34.111.131.239:443 | idsync.frontend.weborama.fr | tcp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| GB | 185.64.191.210:443 | image2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 19.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.227.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.228.220.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.96.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.129.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.40.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.131.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.140.57.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | um.simpli.fi | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| NL | 35.204.158.49:443 | um.simpli.fi | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | cdn-production-opera-website.operacdn.com | udp |
| US | 8.8.8.8:53 | www.googleoptimize.com | udp |
| BE | 104.68.66.120:443 | cdn-production-opera-website.operacdn.com | tcp |
| BE | 104.68.66.120:443 | cdn-production-opera-website.operacdn.com | tcp |
| BE | 104.68.66.120:443 | cdn-production-opera-website.operacdn.com | tcp |
| BE | 104.68.66.120:443 | cdn-production-opera-website.operacdn.com | tcp |
| BE | 104.68.66.120:443 | cdn-production-opera-website.operacdn.com | tcp |
| BE | 104.68.66.120:443 | cdn-production-opera-website.operacdn.com | tcp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| GB | 172.217.16.238:443 | www.googleoptimize.com | tcp |
| DK | 37.157.3.26:443 | c1.adform.net | tcp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| IE | 52.209.232.1:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 8.8.8.8:53 | www-static.operacdn.com | udp |
| BE | 104.68.66.120:443 | cdn-production-opera-website.operacdn.com | tcp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | 49.158.204.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.66.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.3.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.232.209.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.62.75.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | image4.pubmatic.com | udp |
| GB | 185.64.190.81:443 | image4.pubmatic.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | simage4.pubmatic.com | udp |
| DE | 52.57.140.112:443 | www.opera.com | tcp |
| US | 8.8.8.8:53 | 81.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| DE | 91.228.74.200:443 | cms.quantserve.com | tcp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | dsp.adfarm1.adition.com | udp |
| DE | 85.114.159.118:443 | dsp.adfarm1.adition.com | tcp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 54.161.109.156:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| US | 8.8.8.8:53 | sonata-notifications.taptapnetworks.com | udp |
| DE | 18.153.6.160:443 | sonata-notifications.taptapnetworks.com | tcp |
| US | 8.8.8.8:53 | 200.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.159.114.85.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.109.161.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 8.8.8.8:53 | uipglob.semasio.net | udp |
| US | 8.8.8.8:53 | pixel.onaudience.com | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | pubmatic-match.dotomi.com | udp |
| FR | 141.94.171.216:443 | pixel.onaudience.com | tcp |
| DK | 77.243.51.121:443 | uipglob.semasio.net | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| NL | 63.215.202.172:443 | pubmatic-match.dotomi.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | 160.6.153.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.171.94.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.51.243.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ps.eyeota.net | udp |
| DE | 3.120.214.218:443 | ps.eyeota.net | tcp |
| US | 8.8.8.8:53 | d.turn.com | udp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| US | 8.8.8.8:53 | 218.214.120.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| BE | 64.233.166.84:443 | accounts.google.com | udp |
| BE | 64.233.166.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | d5p.de17a.com | udp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| IE | 34.251.183.115:443 | match.prod.bidr.io | tcp |
| SE | 213.155.156.168:443 | d5p.de17a.com | tcp |
| NL | 35.214.132.111:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | ad.mrtnsvr.com | udp |
| US | 8.8.8.8:53 | ipac.ctnsnet.com | udp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | tcp |
| US | 8.8.8.8:53 | ad.turn.com | udp |
| US | 8.8.8.8:53 | match.adsby.bidtheatre.com | udp |
| US | 8.8.8.8:53 | a.tribalfusion.com | udp |
| US | 8.8.8.8:53 | core.iprom.net | udp |
| US | 8.8.8.8:53 | cm-supply-web.gammaplatform.com | udp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| NL | 64.227.64.62:443 | match.adsby.bidtheatre.com | tcp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 104.18.25.173:443 | a.tribalfusion.com | tcp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| NL | 81.17.55.97:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | s.tribalfusion.com | udp |
| US | 8.8.8.8:53 | 115.183.251.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.156.155.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.132.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.163.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.193.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.64.227.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.165.5.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.25.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cm.adgrx.com | udp |
| US | 8.8.8.8:53 | green.erne.co | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| IE | 54.217.19.5:443 | cm.adgrx.com | tcp |
| FR | 141.94.161.190:443 | green.erne.co | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | matching.truffle.bid | udp |
| DE | 23.88.86.2:443 | matching.truffle.bid | tcp |
| US | 8.8.8.8:53 | pixel-eu.onaudience.com | udp |
| FR | 141.94.170.64:443 | pixel-eu.onaudience.com | tcp |
| DE | 23.88.86.2:443 | matching.truffle.bid | tcp |
| US | 8.8.8.8:53 | sync.targeting.unrulymedia.com | udp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | 5.19.217.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.161.94.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.170.94.141.in-addr.arpa | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 104.16.114.74:443 | static.mediafire.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 74.114.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | beacons3.gvt2.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| GB | 142.250.178.14:443 | google.com | tcp |
| GB | 216.58.213.3:443 | beacons3.gvt2.com | tcp |
| GB | 216.58.213.3:443 | beacons3.gvt2.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| GB | 216.58.213.3:443 | beacons3.gvt2.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 3.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| DE | 162.55.120.196:443 | matching.truffle.bid | tcp |
| DE | 162.55.120.196:443 | matching.truffle.bid | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 196.120.55.162.in-addr.arpa | udp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | e2c41.gcp.gvt2.com | udp |
| GB | 35.214.42.68:443 | e2c41.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 68.42.214.35.in-addr.arpa | udp |
| US | 104.16.113.74:443 | static.mediafire.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| BE | 64.233.166.84:443 | accounts.google.com | udp |
| US | 192.178.49.163:443 | beacons.gvt2.com | tcp |
| BE | 74.125.133.155:443 | stats.g.doubleclick.net | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 172.217.169.74:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | turbodownload.mediafire.com | udp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | csm.nl3.eu.criteo.net | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | 163.49.178.192.in-addr.arpa | udp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | sessions.bugsnag.com | udp |
| US | 8.8.8.8:53 | mediafire.com | udp |
| DE | 3.78.200.244:443 | btlr.sharethrough.com | tcp |
| US | 35.190.88.7:443 | sessions.bugsnag.com | tcp |
| US | 35.190.88.7:443 | sessions.bugsnag.com | udp |
| US | 104.16.52.110:443 | otnolatrnup.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | f98f1ad4e1e4876c601554df12a5bd88.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.200.78.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.88.190.35.in-addr.arpa | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| GB | 172.217.169.74:443 | translate-pa.googleapis.com | udp |
| GB | 172.217.169.74:443 | translate-pa.googleapis.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.178.14:443 | google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | sideindexfollowragelrew.pw | udp |
| US | 8.8.8.8:53 | museumtespaceorsp.shop | udp |
| US | 172.67.184.107:443 | museumtespaceorsp.shop | tcp |
| US | 8.8.8.8:53 | buttockdecarderwiso.shop | udp |
| US | 188.114.96.2:443 | buttockdecarderwiso.shop | tcp |
| US | 8.8.8.8:53 | averageaattractiionsl.shop | udp |
| US | 188.114.96.2:443 | averageaattractiionsl.shop | tcp |
| US | 8.8.8.8:53 | 107.184.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.96.114.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | femininiespywageg.shop | udp |
| US | 172.67.141.63:443 | femininiespywageg.shop | tcp |
| US | 8.8.8.8:53 | employhabragaomlsp.shop | udp |
| US | 188.114.97.2:443 | employhabragaomlsp.shop | tcp |
| US | 8.8.8.8:53 | 63.141.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | stalfbaclcalorieeis.shop | udp |
| US | 104.21.3.197:443 | stalfbaclcalorieeis.shop | tcp |
| US | 8.8.8.8:53 | civilianurinedtsraov.shop | udp |
| US | 104.21.49.245:443 | civilianurinedtsraov.shop | tcp |
| US | 8.8.8.8:53 | roomabolishsnifftwk.shop | udp |
| US | 8.8.8.8:53 | 245.49.21.104.in-addr.arpa | udp |
| US | 104.21.55.87:443 | roomabolishsnifftwk.shop | tcp |
| US | 8.8.8.8:53 | 87.55.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.80.50.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sideindexfollowragelrew.pw | udp |
| US | 172.67.184.107:443 | museumtespaceorsp.shop | tcp |
| US | 188.114.96.2:443 | employhabragaomlsp.shop | tcp |
| US | 172.67.184.107:443 | museumtespaceorsp.shop | tcp |
| US | 188.114.96.2:443 | employhabragaomlsp.shop | tcp |
| US | 188.114.96.2:443 | employhabragaomlsp.shop | tcp |
| US | 172.67.141.63:443 | femininiespywageg.shop | tcp |
| US | 172.67.184.107:443 | museumtespaceorsp.shop | tcp |
| US | 188.114.96.2:443 | employhabragaomlsp.shop | tcp |
| US | 188.114.97.2:443 | employhabragaomlsp.shop | tcp |
| US | 188.114.96.2:443 | employhabragaomlsp.shop | tcp |
| US | 172.67.141.63:443 | femininiespywageg.shop | tcp |
| US | 172.67.184.107:443 | museumtespaceorsp.shop | tcp |
| US | 188.114.96.2:443 | employhabragaomlsp.shop | tcp |
| US | 172.67.184.107:443 | museumtespaceorsp.shop | tcp |
| US | 188.114.96.2:443 | employhabragaomlsp.shop | tcp |
| US | 188.114.97.2:443 | employhabragaomlsp.shop | tcp |
| US | 172.67.141.63:443 | femininiespywageg.shop | tcp |
| US | 188.114.96.2:443 | employhabragaomlsp.shop | tcp |
| US | 188.114.96.2:443 | employhabragaomlsp.shop | tcp |
| US | 104.21.3.197:443 | stalfbaclcalorieeis.shop | tcp |
| US | 104.21.3.197:443 | stalfbaclcalorieeis.shop | tcp |
| US | 188.114.96.2:443 | employhabragaomlsp.shop | tcp |
| US | 188.114.97.2:443 | employhabragaomlsp.shop | tcp |
| US | 104.21.49.245:443 | civilianurinedtsraov.shop | tcp |
| US | 172.67.141.63:443 | femininiespywageg.shop | tcp |
| US | 104.21.49.245:443 | civilianurinedtsraov.shop | tcp |
| US | 104.21.55.87:443 | roomabolishsnifftwk.shop | tcp |
| US | 188.114.97.2:443 | employhabragaomlsp.shop | tcp |
| US | 104.21.3.197:443 | stalfbaclcalorieeis.shop | tcp |
| US | 104.21.55.87:443 | roomabolishsnifftwk.shop | tcp |
| US | 104.21.49.245:443 | civilianurinedtsraov.shop | tcp |
| US | 172.67.141.63:443 | femininiespywageg.shop | tcp |
| US | 104.21.3.197:443 | stalfbaclcalorieeis.shop | tcp |
| US | 104.21.55.87:443 | roomabolishsnifftwk.shop | tcp |
| US | 188.114.97.2:443 | employhabragaomlsp.shop | tcp |
| US | 104.21.49.245:443 | civilianurinedtsraov.shop | tcp |
| US | 104.21.3.197:443 | stalfbaclcalorieeis.shop | tcp |
| US | 104.21.55.87:443 | roomabolishsnifftwk.shop | tcp |
| US | 104.21.49.245:443 | civilianurinedtsraov.shop | tcp |
| US | 104.21.55.87:443 | roomabolishsnifftwk.shop | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.178.14:443 | google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | ogs.google.com | udp |
| GB | 142.250.187.238:443 | ogs.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
Files
\??\pipe\crashpad_4448_NRAIKPZZPIHTKGKL
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 3089917ae8101a3a946b2ebfabd000df |
| SHA1 | 791b47e4926c8b9eb58c6c8494e19669d3fdb0c1 |
| SHA256 | 0d151b3cdf44091845596eda28e8fecd04af685c7c1bdf3ed2e26cedd4384703 |
| SHA512 | 9c35f2f57085b2c794866d8883b38e07b13bd764b45859fb1279de76dedbc64e5816148a15d3df2bb316985a05ceac295147661947ae7c8ea31d93f62b9c044b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 34c00e378b26cf54bd0004b5d843a522 |
| SHA1 | 6b76a416dcafb804021a6dba344bd9e5ac5eef7c |
| SHA256 | cf2db383169b14c5ed6dc278b719434c68f4dad1cd7a54371d237697a5ba52c5 |
| SHA512 | 37e5e0b7fbe1b613ef63d09c0f51c04056c31ccb54ff446310ec153c5a9b4308c72e66dcf0e214100d8c297b3b3a3b0b352451084db657a3f41169740527e126 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7b8117d0d91dbaeb4d76cba49a7b584a |
| SHA1 | 92dab295436123e5d312762fab8fe6b0f2e687ee |
| SHA256 | 33e543660b272016df2d79b6f20080e0b6f2a54438bb81dea5bdd052ba10e28e |
| SHA512 | f7a45cdff4443496114ae5780fb26fac83a7b171d930ac979480be5f1577358d4dd1f8496e1231172e42833d3fec7835ccbb7fee4caef1bdaad32c7442202d16 |
C:\Users\Admin\Downloads\Unconfirmed 716032.crdownload
| MD5 | 88370493f8ae3b4373d713fff1737ef4 |
| SHA1 | fcb57fb45e2d08e54521dcc622df6b3fa1180a4f |
| SHA256 | adc907859265c570547e9e7ee415c3ce59e4d4c7aad6697f9a6fbd7a58667cae |
| SHA512 | 8c6fcc0eb6bae1f8dbf1810d521c0135d11985aabda77dcdff47a063abbbbbf0712c1d25f0dc31a912e6d8eea2f559f732afd28e8f1dbe67762fb4bed8caf10d |
memory/2804-169-0x0000000000400000-0x000000000052F000-memory.dmp
memory/2804-172-0x0000000000401000-0x00000000004B7000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-G95DS.tmp\BhaggoQuickCleanerSetup.tmp
| MD5 | 96bf72cc1e5ceacc0b900289df3d72ef |
| SHA1 | 270c556a22902e58e94e58d837df3c4ef4d73dc9 |
| SHA256 | e1da68f9feb143337473cb4b45910c50f523edfc8809e3988095311fbf4a6555 |
| SHA512 | 855402a08c24273f4d3b3119bf59589bb37734f8ec9f7ad13ba3069c1ff2ff3e976a656bce1ca2addbb9d7e48604ee1782adda60bd5f8794199b0650e2407034 |
memory/3904-176-0x0000000000400000-0x000000000076B000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | afbe8567bef3a4a5a146e8fe2381cdaa |
| SHA1 | 31fc859b49cc8c7087afb0016f309d0aaca338e3 |
| SHA256 | 72b421a893d8cb0872189b21cd7d4e439b8ceca3697842284fe8aab229e2bb9f |
| SHA512 | ab8ecfc4f3bd756e1b6942f8e944f880f45f4732e520c1b2a0387e9b4837285a795dc00d2e7d6b0b0a829303b9ac5a622a0a14c87c86e00afd21babaae1914c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fc83ed19bc6fe066a36b7f06a53f8a2f |
| SHA1 | 4674c73d3c8dbf4a125911ce648e9e37a238531a |
| SHA256 | eaf50df025bfcd1931147a971c6b33fe7457637a26d90ea75a709d580e7b5566 |
| SHA512 | e3bc8534c60d09543913d799cc0b2a1666d95322a46497bba3f9d9e71c526fdc3375012c059ddd0bdfbce6c401b7d7bef6ae7bf87b41506b027a7995a35a21aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 990e46917cdd150da23da5abee78aaa0 |
| SHA1 | eacba29f0d43bfab515b09f92bbb8252264b555a |
| SHA256 | 0dc9a101479e2cd49d9d4a3082cf0070c4d88a32cf44425c3a4762edaf75a576 |
| SHA512 | 41a1d77b1c91a83b1de62f6573e1de99a63b24f658b291a3e05bb22356d54917ba9acb23a2bc32703cba6ddd78e76d3cae2ebd6c12a609682a9269c1654ed6aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 33151f0cf555dbed67d21673bee12631 |
| SHA1 | 1a7c19c73fb62918989dcfd856755b50205c701b |
| SHA256 | 8501b62af4d4d17fe1958e97bf04b61d33035b7ed4ece7f9279b9b6e109b17fc |
| SHA512 | f6d8a5f10047630e1c3345b5f578b345a69569345ae83a3ddce0365dad485da7ca73dcc9b715886fd123e1f3804953ffc26fbfabfe42cd6f49e93c8c33a71104 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5bb8b507b52bf23fe5ebfa35953d0e91 |
| SHA1 | 1ced51cc213ac7fa1b6b67f6a4ff053dd2b96911 |
| SHA256 | 7d75b7c5b122eacde4eef8e9dd7ea779d4a262615c9c84b69e8bd75ddae6ccb5 |
| SHA512 | cc806bef0d365b87ad0e4b0d15d382ddd84bfe7b8cad1a27c76cd6e62425ce4c924fee56ee157e50afa370beb00a4f258eecaa4c5e5a4111f575f06a3c869001 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
memory/2804-415-0x0000000000400000-0x000000000052F000-memory.dmp
memory/3904-416-0x0000000000400000-0x000000000076B000-memory.dmp
C:\Program Files\Bhaggo's Quick Cleaner\peformancebooster.exe
| MD5 | ce6c403d00e8527f427ae6ed41f53f6e |
| SHA1 | c3f7f0521cfc80e0ca25036267676ad672b642fb |
| SHA256 | ce8e8c7b1eab4aa1b2595c30428d0dadd56856e58ad238e9b8aef9761b1525a6 |
| SHA512 | dcd25d878b606ec81808de5905a612fbcbbc1f5a5e697e49c96f58cab28771e0011895d07f281421f525fb2d3dcf516d77b7181aba1669cb5225b7410f43dd8a |
C:\Program Files\Bhaggo's Quick Cleaner\libwinpthread-1.dll
| MD5 | 11e800f423c7fcc83afcf43ba30b3784 |
| SHA1 | 1b0c43e49f0e8a0adcf47ebafab0161c2a05c1ee |
| SHA256 | 48a1d7fb4f81671babb514a801946f49b7c4efc54aafe7caa81f9a582ac30690 |
| SHA512 | f71bb3c83a91fb9afba8eea186c74f9838ec157c6ceeb29c5892f3ae15adf29a03177775bf0b3aef75b2b30686ef79459b00902ff544c622d2fa44709ced7ff9 |
C:\Program Files\Bhaggo's Quick Cleaner\Qt6Widgets.dll
| MD5 | 6e31c9c15abb8ee9a267494c85ae4260 |
| SHA1 | 04445c6a459537dfb0defd0f37bda9b4f95d3182 |
| SHA256 | 4a2353808555a1b4cfefeb1c2cd81dd9e1cb0a44931e386a2049abf8081581ad |
| SHA512 | 4e4fb327c6a1ed8baa9e43cf7ccac4fcaea59a5f98995d4a14479f2027ab6a92ec38b383502df1bc3bef45ab177db15559c70bd54637d86d1329f6cca340935e |
C:\Program Files\Bhaggo's Quick Cleaner\Qt6Core.dll
| MD5 | ea87b9f7c2d7a298e7ec3a75c365e3cd |
| SHA1 | e874107427b7f57c8004e15021108e4423d393bb |
| SHA256 | ad7e2aefbc09fae1fc27c02810c7bbb2bca818a2ec53d049900b95bf2ed450eb |
| SHA512 | 26978d90a5b5327efb37077c1c74ffe3893373526c6e067d2f47767e55fc60d1dfca72aa284aee19b8f0aad9c9acde8138e128112e42bbf1bbab9d3365978219 |
C:\Program Files\Bhaggo's Quick Cleaner\libstdc++-6.dll
| MD5 | 44f0f8c88e813509aa1eecd3acdbe261 |
| SHA1 | 508fde8f55ef54e2a728c562f4e662a0e8b4cb92 |
| SHA256 | 715612765ea5b513c497958111e2fb4101a69198568b1226e7a4b5f9c6b3df35 |
| SHA512 | a9a15079207364118e37f591c82f3408eb738e2dc7faaa552531655dac2f07798e3fdf8b7311c2c0297aec8e7cd6e8e73db21dce00a06bb6aa32d1f05a381cf2 |
C:\Program Files\Bhaggo's Quick Cleaner\libgcc_s_seh-1.dll
| MD5 | a839c13c8fcd337a056d62a005a6aee7 |
| SHA1 | c9f8f6ca8becd7fad39017fd45c0b7835bedf173 |
| SHA256 | 8660371ef7b69772138ef71f9077ae5c742b4a9b768ccca59263d20e8dec1815 |
| SHA512 | 90751af770300c136245d0d5113a305876ab00ceb8968b14693082239ccacb091991e6b5d07599d9e3d9044a9ebfb92c3adfbf23f8754cc3024fde7cf17d81a1 |
C:\Program Files\Bhaggo's Quick Cleaner\Qt6Gui.dll
| MD5 | 873a4f02b3dfedc2bcd8e50468a183e8 |
| SHA1 | 0290df5c47f38d75f74e5d4c9431578f875b0f21 |
| SHA256 | e110467d488601c9e8394d9fc85583426afe24bfac2e83d53ef8c29dc9078135 |
| SHA512 | dd7f2b5b7727c9aac9107880ab374eef69d64e70096e333249c288f3c40aedc68bdd26f2de976b2ef8ab6455a42a3f2319c6219a6ba3ea8b9df18af8eb87b2ef |
C:\Program Files\Bhaggo's Quick Cleaner\platforms\qwindows.dll
| MD5 | 569c5edfc1d2a8607edc5ebc67625b0d |
| SHA1 | 3853fb6624b2e41d91fece9e84c9ab8aff60e3eb |
| SHA256 | dd4530c1bed736e4e71e2d12133f27a413df29d7c26d4e0047f10d221b552bd2 |
| SHA512 | f8d012ce7e3127bb64916e084f5c200e32d1cb2a10d086c41970adb8cb71dbd37ceb16d824f448eb549d16bd348dc03f9f1b5f40ccabddb153a4950bdbaccc28 |
C:\Program Files\Bhaggo's Quick Cleaner\styles\qwindowsvistastyle.dll
| MD5 | 5a297eae45c1985d9d187fbb91830c66 |
| SHA1 | 512ef254a348be4a22a12c0d2d6de133bf52c4d3 |
| SHA256 | b7a13dc946032b25325fc4c74a545b1f954d26f8f0646ea93dc8e0caa309a62d |
| SHA512 | d6e50b92987e550028ef7d9ac565dbcc95b636e424bc5d0da91d68d8579e8f9d86c16aa8d88c2eb89da9af6f59096cbda36dfe5f575e5450d0b8c54b8abba7a7 |
memory/3904-441-0x0000000000400000-0x000000000076B000-memory.dmp
memory/3924-455-0x00007FFE1C830000-0x00007FFE1C846000-memory.dmp
memory/3924-459-0x00007FFE1BC90000-0x00007FFE1BCA5000-memory.dmp
C:\Program Files\Bhaggo's Quick Cleaner\imageformats\qwebp.dll
| MD5 | bf3e8ffe00af65cf1b6a76fa06b4bfa0 |
| SHA1 | e00df1f75ebb750c3089caf20b2a046e336d9608 |
| SHA256 | e15de2419dc8ba3dcd026b8b88d13fe26b1822435783c70cd530cb6d0b11a9e6 |
| SHA512 | 3db2f100913728d677eec77c75bee1db0be97cbc16d8d176717d325ada0f8c7de411fa4676eca374fbd874e4aeff942a4d86b9ee140b5122d5bd6f24ab30317c |
memory/3924-470-0x00007FFE0CC60000-0x00007FFE0CC73000-memory.dmp
C:\Program Files\Bhaggo's Quick Cleaner\imageformats\qwbmp.dll
| MD5 | d8a3f571f2cdc42c312c85ee86e0f641 |
| SHA1 | b40cf28de5cdc6f0398a3221b77cbe67facaa6d5 |
| SHA256 | 02f56960807722401b52132d6fddf2d02108e45d36c8a3d45bb242e2afe75ea2 |
| SHA512 | 9c0e3003419988e2e711970338366fa33c8efab845e19e9e61cb079d3451a5f17b7ae7654d8056efc9e674a6d052a198cd2454d2756f2b0a6a6a4449dec50e75 |
memory/2804-468-0x0000000000400000-0x000000000052F000-memory.dmp
C:\Program Files\Bhaggo's Quick Cleaner\imageformats\qtiff.dll
| MD5 | 2d3770e00b5f29b4efcfb2536c246a06 |
| SHA1 | c1dad21c2ee368091106e254be46c51384c85913 |
| SHA256 | 3511cb474ddb5d76ea4bfbe6e219245758181d8994890177e55f6ea63874ca93 |
| SHA512 | 703a75f85e78948d391621e39e49f6a96aacd18c4eb342fd9d6f1e1c5747c05fb7cd3d22ec4665e541eee263d638b623180b8fbbf2e335935ca95cf99b9dd57a |
memory/3924-466-0x00007FFE14700000-0x00007FFE14713000-memory.dmp
C:\Program Files\Bhaggo's Quick Cleaner\imageformats\qtga.dll
| MD5 | 9cffa9391352463ce7f8c676a67bcfb9 |
| SHA1 | 8fd9dd1f07bf8d30f78b7911e2c7b54087d51863 |
| SHA256 | 97e6728be3fde72b01cb42bc9594275f32f95cda55840ee166c853280d61cdbb |
| SHA512 | 6d7fef5d380502c4f71d77330a4b1d65178dc0732306538fbb5d3881a013f215134bc5a9888c01e1e8bc2aafca0c97422ae58514589eb0e1f0afff4defb6bea4 |
memory/3924-464-0x00007FFE19690000-0x00007FFE196A3000-memory.dmp
C:\Program Files\Bhaggo's Quick Cleaner\Qt6Svg.dll
| MD5 | c1e3a26bec19280c763530a0aa774c84 |
| SHA1 | 97727b7b5e59b35f4eb4612473c2eebb2ad51b71 |
| SHA256 | 36002505bd1128771ab0b52881bad77b129c2534eae272edf20555ab576a16ce |
| SHA512 | 4b48989b274a8f17c84837fd378d04451fb1b0d8307b76c7e53bb97dfb353501217c403ca18ae73b6a61323213b621097f46ae320efb84c5a4b2892d5eba3f09 |
C:\Program Files\Bhaggo's Quick Cleaner\imageformats\qsvg.dll
| MD5 | 72dca45741f78a3ce0bb65138793f3a7 |
| SHA1 | 108928beec264c80a9d1cf6bd7aa5d432bb85680 |
| SHA256 | fcd81ee65b2c912e0b8695c3b9409263715085838878b3ecdafdc78f81b5c07d |
| SHA512 | 330977bf3ccf0db392d0100830eff623817bc936386b3dc6d2d75041293cb6ca78b1238b8c5ff50035d32fd7caa0484ef7ae90db951bbcf1c8c82dc997fb8eb9 |
C:\Program Files\Bhaggo's Quick Cleaner\imageformats\qjpeg.dll
| MD5 | a2598dc0afecc9179d4aa176ea306c0f |
| SHA1 | 8a9d382f884aa356c68c546ecc34096990017bac |
| SHA256 | 40e99d0fac21dda2c5196d7db56ce8a0fc578e66a6b27f98a4185fc143b815d0 |
| SHA512 | 08d2806fc4800d557e48e1841b410f12240bcba29583f781533a656980b2ddf48aa4a094280360656a16da5ae2467b2c289efcbffc180bf7f06d3d2f620f3ef1 |
C:\Program Files\Bhaggo's Quick Cleaner\imageformats\qico.dll
| MD5 | 685d2195c27877f9a4404b98cd1fc0e7 |
| SHA1 | ccfb5b1137eff3f288c9770301ee17593b4287a5 |
| SHA256 | 15549719d617179b57d9408288bfb5fd42679471a3cd0ee1c783ce5ef695cf8c |
| SHA512 | 9a22974b8bccb56b4d34db3d9fd564befbb13852a090b7e21224ccfbfba9bc3dbc6d6a4c89ee8b70f76cc25db62c37630613e3faa235a71677c24abc6b11ffd8 |
memory/3924-457-0x00007FFE1BD50000-0x00007FFE1BD68000-memory.dmp
C:\Program Files\Bhaggo's Quick Cleaner\imageformats\qicns.dll
| MD5 | 77bb0186a4f0a21774944f02669fc4f7 |
| SHA1 | ebaf323d84cae3d8b636baaa57871331ec59901e |
| SHA256 | 1f52feddce926e7061532daabb01bd6dcff42ed2b9c9ea5cdb24bf5bc1c37d31 |
| SHA512 | c8d237d4d1e619c1d9e8ab84f36c723f76ec1680d7bf941c61a2b8bb377e4d233d46ff3f871708829a21eadddfc6df10e517c9b2b58a8ecc3274137d94075b1d |
C:\Program Files\Bhaggo's Quick Cleaner\imageformats\qgif.dll
| MD5 | e334303ce65aa711ad8816e7e93497c4 |
| SHA1 | 894b8a6c21894eaff771a172a9cc2da9ef8e7cd4 |
| SHA256 | f909dd35b2a0ab905501e79658e492bb888b71ab99599eacaec0851e98b853a9 |
| SHA512 | 07b467eee52e5e34d25f2ba2c0da29f24315c101bacfd198fb201457838e22dbf7cfbc5d61dd49c20cef7def25814da7d69d61868e45d4e40a0ec187723c5c9b |
C:\Program Files\Bhaggo's Quick Cleaner\iconengines\qsvgicon.dll
| MD5 | 0e3214f0ba7ef00b469491a897e98287 |
| SHA1 | 0130872d8ce974a0a6cc1850af5e1b42d14cb3a0 |
| SHA256 | 1e66b6b555befbeca80fb80732b8c9c7a7b0fb01fd1527d94a437dc3b3963843 |
| SHA512 | ee759fa89812e53998ec671666c73d43848c52412f2a4162547a1ad412ede4525b0c20d21e6fb73b853f8873778c4c416ac075adf6e805db900c0487ec04114b |
C:\Users\Admin\AppData\Local\Temp\peformancebooster-GLZxLN\RestorePointButton.bat
| MD5 | accc17da2a942fde62ac18511cfd2d78 |
| SHA1 | 6498cf49193f1cb41c4864815f7123cb16560e7d |
| SHA256 | 1d3d0448fd91b5c04ea67b20c5652e626a34bde163c36dccd8ba4d664dabd74c |
| SHA512 | b689e6d0744bd797c9841ec082f772ad858c41e5268709fa4a8d032c243eb73f07ce17c1743917f2bc0e7cdd7665a68fccaef4c02a70ccf2f7ad3b8530af593e |
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_czezapyj.kuc.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/756-490-0x00000206C7A90000-0x00000206C7AB2000-memory.dmp
memory/3924-494-0x00007FF62B030000-0x00007FF62B353000-memory.dmp
memory/3924-497-0x0000000064940000-0x0000000064956000-memory.dmp
memory/3924-496-0x00007FFE0E5F0000-0x00007FFE0E7D4000-memory.dmp
memory/3924-498-0x00007FFE0DFB0000-0x00007FFE0E5EF000-memory.dmp
memory/3924-499-0x00007FFE0D950000-0x00007FFE0DFAC000-memory.dmp
memory/3924-509-0x00007FFE14700000-0x00007FFE14713000-memory.dmp
memory/3924-508-0x00007FFE0CD10000-0x00007FFE0CD70000-memory.dmp
memory/3924-500-0x00007FFE0CFF0000-0x00007FFE0D950000-memory.dmp
memory/3924-511-0x00007FFE0CC60000-0x00007FFE0CC73000-memory.dmp
memory/3924-510-0x00007FFE0CC80000-0x00007FFE0CD01000-memory.dmp
memory/3924-506-0x00007FFE0CD70000-0x00007FFE0CDEC000-memory.dmp
memory/3924-505-0x00007FFE1BC90000-0x00007FFE1BCA5000-memory.dmp
memory/3924-504-0x00007FFE1BD50000-0x00007FFE1BD68000-memory.dmp
memory/3924-503-0x00007FFE1C830000-0x00007FFE1C846000-memory.dmp
memory/3924-502-0x00007FFE0CDF0000-0x00007FFE0CE20000-memory.dmp
memory/3924-507-0x00007FFE19690000-0x00007FFE196A3000-memory.dmp
memory/3924-501-0x00007FFE1D790000-0x00007FFE1D897000-memory.dmp
memory/3924-495-0x00007FFE21820000-0x00007FFE2183A000-memory.dmp
memory/3924-518-0x00007FFE0CFF0000-0x00007FFE0D950000-memory.dmp
memory/3924-519-0x00007FFE1D790000-0x00007FFE1D897000-memory.dmp
memory/3924-517-0x00007FFE0D950000-0x00007FFE0DFAC000-memory.dmp
memory/3924-516-0x00007FFE0DFB0000-0x00007FFE0E5EF000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\powershell.exe.log
| MD5 | 6cf293cb4d80be23433eecf74ddb5503 |
| SHA1 | 24fe4752df102c2ef492954d6b046cb5512ad408 |
| SHA256 | b1f292b6199aa29c7fafbca007e5f9e3f68edcbbca1965bc828cc92dc0f18bb8 |
| SHA512 | 0f91e2da0da8794b9797c7b50eb5dfd27bde4546ceb6902a776664ce887dd6f12a0dd8773d612ccc76dfd029cd280778a0f0ae17ce679b3d2ffd968dd7e94a00 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
| MD5 | d8b9a260789a22d72263ef3bb119108c |
| SHA1 | 376a9bd48726f422679f2cd65003442c0b6f6dd5 |
| SHA256 | d69d47e428298f194850d14c3ce375e7926128a0bfb62c1e75940ab206f8fddc |
| SHA512 | 550314fab1e363851a7543c989996a440d95f7c9db9695cce5abaad64523f377f48790aa091d66368f50f941179440b1fa94448289ee514d5b5a2f4fe6225e9b |
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
| MD5 | e5ea61f668ad9fe64ff27dec34fe6d2f |
| SHA1 | 5d42aa122b1fa920028b9e9514bd3aeac8f7ff4b |
| SHA256 | 8f161e4c74eb4ca15c0601ce7a291f3ee1dc0aa46b788181bfe1d33f2b099466 |
| SHA512 | cb308188323699eaa2903424527bcb40585792f5152aa7ab02e32f94a0fcfe73cfca2c7b3cae73a9df3e307812dbd18d2d50acbbfeb75d87edf1eb83dd109f34 |
memory/3924-562-0x00007FFE0DFB0000-0x00007FFE0E5EF000-memory.dmp
memory/3924-564-0x00007FFE0CFF0000-0x00007FFE0D950000-memory.dmp
memory/3924-565-0x00007FFE1D790000-0x00007FFE1D897000-memory.dmp
memory/3924-563-0x00007FFE0D950000-0x00007FFE0DFAC000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | d0df793c4e281659228b2837846ace2d |
| SHA1 | ece0a5b1581f86b175ccbc7822483448ec728077 |
| SHA256 | 4e5ceefae11a45c397cde5c6b725c18d8c63d80d2ce851fa94df1644169eafc9 |
| SHA512 | 400a81d676e5c1e8e64655536b23dbae0a0dd47dc1e87e202e065903396e6a106770cec238093d748b9c71b5859edf097ffff2e088b5b79d6a449754140a52ad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 961e3604f228b0d10541ebf921500c86 |
| SHA1 | 6e00570d9f78d9cfebe67d4da5efe546543949a7 |
| SHA256 | f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed |
| SHA512 | 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 5635bf9afa5d3b98f8ff9ecc0df7def7 |
| SHA1 | c88539f5fc6a34482b70fb5ce1fd41e89d186f11 |
| SHA256 | 7413f8d0c7c74fd58badb036f6e04d407e156dac0c5bc3f2e36c4816e8fafc70 |
| SHA512 | 52d0d95245c9cbc5906b00fe204f09d62b2cda0226a381cdb3385066863b535d7fc581c336fa5f296717d303c6e1f626120be7ff924a7dafc51d48fd67c9cc16 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 69bd62133cb178fd31a1a0cb4509cc15 |
| SHA1 | 92404c9f012b18551faa779902925cc783a84e5f |
| SHA256 | 551f52b800d8bacdbea0171b37a5c25f18ab60c5ed96945d632458c9ecd33c6a |
| SHA512 | 51ea4529e7c106c9934858e2b883066bd19ee5eba56a326ec858cc6cee14ed15f9702c64745cb0c6e5a19dce8f79166e32bc13c4ca5f720b46342a680cbfbc2a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 70dc26c4ea2104a842a5338f1ad1a2f2 |
| SHA1 | b4950bcd292c117ee65b5a4263ab312a717c749c |
| SHA256 | dc869c27e570a5d7332e7618bcf3601b749d55003b063496c2215db70284e06d |
| SHA512 | 9b9b39aaa58006ac6c056a2add669317992f91437bb98607063578f21f8f21117dd54307d159f2d2cd626acf559896851b003e87f52512a14167d984407e1c62 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | bacad99f22cd4424bdae7e82bead285c |
| SHA1 | 31f505d3c8377e31a1fc8029a057fc132ab1fa80 |
| SHA256 | eef1d0605c988b32792765558449acf7ebfd7625c6bacd91ab0ee1508c78a8f6 |
| SHA512 | 9df0c11343a7433b0e936a3db98e6d78b85bd9c1d7dd333f6fc090da05c7c076ffd0b82005e091007d1524a2fd7177c4f247a9787018255297ba5bc020249564 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 482e82decfe800d9f55373a030411e09 |
| SHA1 | 2fe5fc157b23f7a57dee76ce1d892244019d5a65 |
| SHA256 | 4a9d0603c3ae9b597bca251c97acd2341b3a02da54cb8082ccf8c66bf5988eae |
| SHA512 | c111bf36f7a7ab1574b6e88a2d481c0cd11dba52749d0a19225685b2795384be71725376007081f837cbacd93028d0693f449b826d1d083557be6bc1285027f4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe58b06f.TMP
| MD5 | a082c0812634d602eb6e8ad0780f97e3 |
| SHA1 | 7b2944569dbbc96f1c0c068bf906696a6508fe45 |
| SHA256 | b46917a28af7bd1ecfa604bd92df43d82c14bb8018213a22262cc4d1d61062ef |
| SHA512 | 65ff37cf63268e7d19a1b3da95965b8c21879cfa288bb0d5ad3f35a05a3469db141d68c9f3bd4f27ccbd34ff3408705e20fd5f3b56d53ccd7174ab06cf6bbaeb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 567262e6f36c512845d663155abc4a5f |
| SHA1 | 7d66491fd9b720deec0164af872166f2d746ac25 |
| SHA256 | b7ec7fff962223081df219103fef87279ecaad42ae24a9756e25474bb605d63e |
| SHA512 | f9dc1964d6819df2ec28b781887fb9b87e2143a24e5731984abbf990c914dfb5ad56612bebef408f878685263c4d79940a55d70ebfd7b143673be4124550a1e4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4088_2090855945\Icons Monochrome\16.png
| MD5 | a4fd4f5953721f7f3a5b4bfd58922efe |
| SHA1 | f3abed41d764efbd26bacf84c42bd8098a14c5cb |
| SHA256 | c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3 |
| SHA512 | 7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4088_1654385838\Shortcuts Menu Icons\Monochrome\0\512.png
| MD5 | 12a429f9782bcff446dc1089b68d44ee |
| SHA1 | e41e5a1a4f2950a7f2da8be77ca26a66da7093b9 |
| SHA256 | e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37 |
| SHA512 | 1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4088_1654385838\Shortcuts Menu Icons\Monochrome\1\512.png
| MD5 | 7f57c509f12aaae2c269646db7fde6e8 |
| SHA1 | 969d8c0e3d9140f843f36ccf2974b112ad7afc07 |
| SHA256 | 1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f |
| SHA512 | 3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f141e99cc479fd268f6c3d918c94203b |
| SHA1 | a38bb5ea55442f170945dae4ec9b29ef931ab7ee |
| SHA256 | d9d3f860f16ce31085409a651817cee3baaba0d5e95334dba5ca3c42ba5c5a29 |
| SHA512 | 32c0a4e3e07b3539fffdb4428c6eaa4c5280a72a4528d0ba46386c7fc3cd3aaf445dc47eb879ae5be9a5a07c6fb73f35bb4d6968f7d9c427013a871d6b7742d0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c1ac9963cd36dcd619975dc756db6635 |
| SHA1 | 831cf314ba0dca0cc48b822139f2f95651345382 |
| SHA256 | 6d7e103a208285cf5c35d0c4f462811443c4a39e97e28da2b4cf6cc8fb12f3f3 |
| SHA512 | 03782945abdc5ac418991cff4cfd2bafe6e425679c44cf99b8e37e27451ffbaa6c68074282b571f9f774b7374406e062856190e6cafee8643c9bc3745f548bf6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7a038dddb5757f8c8d12ceaba76a22eb |
| SHA1 | 430f303c234fc229bce2625c473a00bc963f6138 |
| SHA256 | b78bddf6c8dfb54aa1367fcceee5e53cdf8a1fd36323f14fefd4f011fbc56035 |
| SHA512 | 3e8fedcc6668e9d7c3877a1dc89030c96a53d28d7dd4d8a745bb7fe1952c64087a3dc6cabf4cf42d40c940d8bb02aa768e0bdd3826a8fe49e47df996f02ac16a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\8eec1d80-76e2-4d39-9bd4-2d7504bcb949\index-dir\the-real-index
| MD5 | bd16468dbff7f159a9db92462459bb31 |
| SHA1 | baba8bd3c5c5b44d73d026f8d836372c0c45f1c0 |
| SHA256 | 38c00eb6b3efc33b8f8222f8c356b8fb7cd9bd798b67ae2f71bc4f6654958910 |
| SHA512 | 64887c37b824318b5769a727e9f3dc61250eebfb80a1f96b102425c352eb06e5787875be544a2097209836c0c6ef092e025b3ef9543b52b7e7caab66983ade18 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\8eec1d80-76e2-4d39-9bd4-2d7504bcb949\index-dir\the-real-index~RFe58c00f.TMP
| MD5 | d7fdca7d1b1cd40fefc87705ce0fd2f8 |
| SHA1 | f15ba86db186e767329ebba5b189cb852b515589 |
| SHA256 | 49f8b0e7d7e5bdc21295ef69243aaa96b4d4eb62282d5b05f76a115b2936668c |
| SHA512 | a5d79d73073b4b02e5cf241f8e2e9d823bc84a840f33aa278ab8ff14298b9a8719b80a44071e25ec8d68a173d32f311cb271c0598b680113b202d9af878cc2b7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | c3243b5bc42bb49288c661ecf4d27e63 |
| SHA1 | 23efdc878a1270bbe59ba7bd62aa7d28d898e7ed |
| SHA256 | f080482a77e9f1ce177e1a236d93969c52dd9da25e17252db2911d60fc89a668 |
| SHA512 | 984e761a71e55ef8b374843f566796eb2493c22013354d99d27a635edc46a464e2ba1f666cfd2b0e16fb162411d421fc212b52a7563041e652fc1c5bed92145e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 1b09f925ca114665b959a07a92f991a6 |
| SHA1 | ea3555d5e758a5ae3e2e31e1ad86a40f6a58a35a |
| SHA256 | 2203cb4c7bd6424299edd6e86709f0b7e8c2021cf22e5515a8a35af4d9c85bbc |
| SHA512 | 3decb1a8b463b859b27df7682c32953dc488088f868d378dc56de5ee8c297108730c7945b118fcf87c0065c202fd6b1fb8a46a976276672ba29c3aa0ebf95f75 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 004621b0bffd5235979eba6a617d3f58 |
| SHA1 | 58ff5627fce4f803c83c513641a4d73d995b1d1a |
| SHA256 | 44a5e085e950a8ef63aad83840f4260c3944e351d269419e97bf25cf0c9c3e08 |
| SHA512 | 601165b39c4dfe29ff2a1ee13c48e0477f1ff9cf95bfc3ef00914033cb6a5f5a24d8fe9be4366a84e98cc98cfaa57f8d1ecee5128b21db019c8e371f8111f91a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\d3ef72d4-3665-4508-aab1-e814ba5dfe6f\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c
| MD5 | d1b2842af90b94c55b27b30c6948702d |
| SHA1 | 86cd83c8edc70c4f402ab0ec747ddc194279ae05 |
| SHA256 | 652e9d06014b3d489ea1ccae091334529666c6ebd113b1cb552cd40ec7a22224 |
| SHA512 | 9ca5f02318b2d90d5feb90e85b2fd602aed1771d13d2245c74db467d90550825b851f245851778d3f764988c9ed3988c95e671c085d76e03bd4fb473d0590c5f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023
| MD5 | 0cfb67892105b9bf320af38afe0a7289 |
| SHA1 | 121ab021c0387005944acf7853071a714d578b72 |
| SHA256 | 8af04f334fcf75e8cb9fd7d152151e6b18e02d25903d6ee3092b2a3faa6d6f6e |
| SHA512 | db236b32d23618864a6ee49991f594908177b55d88a03593fc208971327115d5532b697c90ee561826a147e64cfa1137f295da410e79056badbc8bf642a13e7d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024
| MD5 | 01b7644a0c89401f39c0cd3d58196f3d |
| SHA1 | 7b58356b54014cd00373fd17f83c66adbe719c28 |
| SHA256 | 98ddfc4446c9e5e87a8a9aea39dc23d3180ca33a66072fb72b3e84fc4c9a809c |
| SHA512 | 0dd1122c2cdf6544635b8bd98d1487f4749b97140fc7879a1f052ff5ec5feaedefe773d785e4f794b90ee009e4ab79e9550ea38b8259475373b5bbff40c86c63 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021
| MD5 | f218c31d967d7d050e360b26b39df4c3 |
| SHA1 | 3a03e2ae75080ef0755bf1a1131640e3ed773d1d |
| SHA256 | 791410a89899725c497f590cb9138f238713dcf1b318340c18cf0682d52b63aa |
| SHA512 | f97d6fa798fbfa27b3578777d938c327a0b1ea1379c4e0d50d640e4682fdd88dc210d30432320140d5ebdfb6ef721f0b844801a81305c877cba1d3e05d0097c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022
| MD5 | f0d81b309d4441d6dc22bdcb9e9e7d01 |
| SHA1 | 77e7510fd01735991f8eb242a8a20acf5c7326d6 |
| SHA256 | 90b890766ed0dfc173b119f625e4bde7785d509a76d27354148bf0a80a09889c |
| SHA512 | 79d3758017eb11ff478e0c258405aeb66eeef77b6041689708667948c85c1ff27688491eb8fd7efba3e5d392e299c055b3ae54fd212a0f5caaca3d91c425829e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025
| MD5 | 2d59be438acc0826f9b6f0ed8c5475fc |
| SHA1 | c248569b512be765b38baba61d60df21b55628cc |
| SHA256 | 8969d1c9a3cf687d3cfef6268f61a41443b244530b63f4fb2582a87959caa044 |
| SHA512 | 75cb97e0b78d379fe8f8e96c90f898b26a72308507aa2c15caba0675609c03738e912c47145e8d6abb71f651b64f3d791046bfc1bcff56be5af35253b44d587c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 98471b235fd5e197586a4cf1106df8e6 |
| SHA1 | 8324bffc19ff251544b0e315de80d77bbd81abb2 |
| SHA256 | 506f630c7d11dd7bcb47da4ba8b66e7f58a613733f17ba90ccd704afd37c97e9 |
| SHA512 | 8881e55cda726aabf25967ac335c71aff51db8844459af2ae248509e648add42e8dab344064439f1d3d77dd7f56c5c4bc7ddc926cd7bc3c8841d3638aef746de |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 90c09cbff6464d961a088a79f871d63e |
| SHA1 | 41439fbf86d7e7ca404ae2b30ff7aff4e9d3de4b |
| SHA256 | 31b5f2db352220d1bb9cdf2712cf1199d133722f011334e6a58165609c05c404 |
| SHA512 | 54b7dce389a21e62e9793d43fba24e0ef62870c17b363fd528b6eb85eb3269907975721d90c59308d1329d52fd2ba7be9966757d877a9665f97697ffac368fdb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | e0a82606fa57eead25d64b2456adbfde |
| SHA1 | cb6fac888ae67ac6ed162517865af9c9516f4f1f |
| SHA256 | 71e84737b38e5816971491467378ffab67932f6e678d309debb7ec0a71a874f7 |
| SHA512 | ee870b71f57bb554a4e3ee5636ef5166e0f67847968ea88ece1131960f8c0596ec90407d19c019f0022e69e6463cd27a92284938be6dfb6493d6eb97c5d2d6e3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 55fc36a34db5b9f3f4bf11975a24653f |
| SHA1 | 2ea8c62c7e0a13a9c2ce10b65a47fcad39646a85 |
| SHA256 | 46ef72b23aede68bd6fd1512a070214367b1ff3233f1b234c7021fb15c2a6803 |
| SHA512 | 27b992a25cdfddd39581e09ba239b64b79af45c866afbd7af7467d4d8d79fc88db6ba8dcf203b22192c036e7f62ecb62e0b0daebc0cc02c3059e055a300798bb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\d3ef72d4-3665-4508-aab1-e814ba5dfe6f\index-dir\the-real-index~RFe591bbc.TMP
| MD5 | f386ebff8587832509b51a6e43fb8bdf |
| SHA1 | 6d18ab3cfdd82cedd92784ec0b621ca7c3c9c2cd |
| SHA256 | eb376915d21c97d3fdf3923a95da2912491b9ba0b640c5886715bce35d52653a |
| SHA512 | 45295ed7f6fb913defde66c2ac3e83d30c9c3a4e07939dd845bd4c0be1e92b084a499e106f5f557aeb47b0ea4f14d3eb4eb9ca56f9d4b079029c5ef6f7bbc500 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\d3ef72d4-3665-4508-aab1-e814ba5dfe6f\index-dir\the-real-index
| MD5 | d2191d0e38dad966995eac7b58df001c |
| SHA1 | 2bc3384d926da3b05ba5e3ddd60e617fc87baaf7 |
| SHA256 | 55b9658929dcbd0a8d5b58f3bda960198c2b7ef44064b02b8a6825ae3672ad05 |
| SHA512 | 46e8e9debbb8ba46cc3931ddef0006ce3e7cfcd83382a4bddc54bbb214f17c0205053fdbdd47034968454dead5d677ba28fcf6702321860ffa518b928dde8a3f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\d3ef72d4-3665-4508-aab1-e814ba5dfe6f\3d0fef3b9a86d718_0
| MD5 | 24d8e96d23538cc16141ef32077e2257 |
| SHA1 | 6ba098b2166e3ff8387aaea0fc22ac8938fc7dc9 |
| SHA256 | 85197408fc35810bcfc0486de65bc733d3fc8cf56dc144602bb54231f9830aa3 |
| SHA512 | 141c28a19fb7012ef1fe1aaf5382b8b57ee3f70aa5d5beb3f41b32a8ad97b58be49169ebd41cd59af670eac6ea45199843c8c38d2438581f696eaa03e7103426 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 89d42ebc28640ca0eb9e99db4dc6a2ad |
| SHA1 | 7cffb3db92dc2b64c55baef2398ac963f8d2431b |
| SHA256 | dfcba4248b300966ef960c4e763bd2731c3ab7604c63495585062cf225aa608e |
| SHA512 | e2c8e6104fe94a79560b214dea661c7ca39b212a23c33cab2d1289d9a05b5a1946b8a7796caa6f6165b1ba3db9fb725eb18e64ffcae6ec0efe2166885448db02 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 49e1a3d57bbba3a0aff7e96af468356d |
| SHA1 | 48b3c31495c40151bda3d0081c37ee9153fa21a5 |
| SHA256 | a56c01544691ef97290fde49e4f6e057c13afa508c35ed522fe42491f53782a0 |
| SHA512 | 169ecdde2cd8b77d2378371c594a9d6e1db31ce7a35301df37391e13001d5d1201c83e3330a016edd15a7fd0cd155e29dfdaf65c7d905629d7f173e23ea01ee4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e9b5be0c7b83be571833b2b0fe1148a3 |
| SHA1 | a255b5842b0e6ae917a8e63bd0b297aa24a5fd1e |
| SHA256 | 8708af9a15e484a90ca1af30a0d641afc830c8c28c8552b4f1c3957f5bce254c |
| SHA512 | 4b8cea477a5ca06e82b81a76911056fd1e2cc83110f4b9c639c0c87a874dc83c4cb633976e82d9095e782ebe84c40321542f370bb9e9b1bec3e376b4d12f764e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 4d9b203e20f5c80593eb9b84a3879cab |
| SHA1 | 1f76bae97b33dbebcd890e90e4a1f6529b3a896b |
| SHA256 | acfaad8fae2e7ce71190290c7be962afecd39ad3317c8e30a2ec68bc43e76f6a |
| SHA512 | e262f71f717bcd4ad19c0450be7da5ca9f50262152c15242831c52bf7f0859bd119fb445ec4445177276ec10811a7b788660961e56113346ff5ae03446573af3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\8eec1d80-76e2-4d39-9bd4-2d7504bcb949\index-dir\the-real-index
| MD5 | e14569ab9dc1f807e8fb3e62229ceb11 |
| SHA1 | 3bc853d465186d23087c475d880e6c2f4764f533 |
| SHA256 | ac3b96493ad49fd178f0914ba29fe2544891f85a900346dc5115f3a450ed0dd4 |
| SHA512 | d85d1d0623bf245fa3e6c85fb657adabdded1fb28297ffe2441e536201bced31ff3d126df8932cd67254458a0ef33a2e0fb802f3735ecdce1e8aa1f0f22b81b9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 78f9d8ede23c4324d94eb4028a8de3b6 |
| SHA1 | 671ab103a39427e00d2c3d0c907e95e47d0b2d73 |
| SHA256 | 1842e185a9d3c5adf410e3cca21b965a6273329c1bff55ffc3c57f706585206d |
| SHA512 | 1c45405471b79ae6455ce51b78514ee3225f6e048c2dfcaf0a083e9bd206c1a4b6e1cff19f2fbeff51a9c09af007e1f91c670da3c26ea548f92b7d1e684788d5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2d08fc28b704051d24dfb2d41cbd2a0e |
| SHA1 | c23960cb3a7fac37a550ad9368a642d06b90284d |
| SHA256 | d74fb494de4e10de72244a5505fd9d569e7863c361cdf0ec016264e528463381 |
| SHA512 | bdf5938ef3db05de75c3449b007000d10aab2ef18738e8cae64cbda0894c901a82f27103fde7110db2b631c8b1d0e48f45826d26fe347dda2cbb56e32866d5bf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5983fb.TMP
| MD5 | 293a76984a3ba03109035bfd3d1ef63c |
| SHA1 | 795a5070991bad5ee99ebd1c2d8bbe05fe67ad1e |
| SHA256 | c0bf5c7fa7d21c526c1f59e5462efef48fb25dfc6f7668c9657472e76f1f8913 |
| SHA512 | 327c9b3da4c47cb5bf4cce12c877edf71bd794ac02f8b56eb29df1fc315ca51f19c315067fede57fa79dde468e7a89614bf15a6de5f647a958cd14bdb4ef7ad9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\9ec1fd75-2149-4eab-88d3-81db9c535518.tmp
| MD5 | 97a4d41ac1b7f29b92420e893b0300c8 |
| SHA1 | 7fc653389493ef3c21483030cf0b73ab46ffa0fd |
| SHA256 | d350c83a9f7c1a2c45dff228be0dbacbc2d6cf558fb7328672eea9550c995c51 |
| SHA512 | 33a72bc35e256d5e60cfb25cd3498e55197d0e105d72ef013acfaaf7e8527f6e159e93aea7137faddd4cdcdaf0eb30847cc7488440f35b2bed18cce6e9099776 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2bc8c5aa67eb02a36d166a59c642d61f |
| SHA1 | 3fb93dba019270809f65dae907378b81de37fb4c |
| SHA256 | fd5110f106b465292f2f387b45660237237896d9b9abd34985140b8f4403c3f9 |
| SHA512 | 421ccf0f317868ca8726d15432dfbdc838535c016106ce537b861b34db340265088a4eb25593b653f1fe5735206c78862f5629e083b426beb3a23a5fea3469c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 5bc1549e22e065f893310ce974991a1d |
| SHA1 | fb3c3e2fce5219e80c670b4376d36f6a9cd9572d |
| SHA256 | 12dd72ec4a5e6b3b2eb5764bacbe51a3d670806c316776ad007d27c48170d3ed |
| SHA512 | 6ee4804e29f37e367dad78912a8446770d302d4596f190e4ec1c1c0534a19d48cc254fbde62839ea749dc078f181702def6386ad68e32f60fae0e6928c64f151 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 03b796924f9d40d44ec7acfed6bbe6b4 |
| SHA1 | e7e13ed7b5946c8cdd0a84d7cae28276c758bf68 |
| SHA256 | fed611433926c2c292beeb45bad33dd2bd0919683401bbe0bbe3f535e9ee6dd7 |
| SHA512 | 6e36e85ab232117ea8078f84a4b497bc4f6dce8e79a4e405d73d6a825b04029676cd21612590d3a35f3aed6611bfeb9ae9b109fece5cafa42780cbdd630658ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1366e0472bf081a9709286fe96307364 |
| SHA1 | e304f59f9c37aef0658693f8874541ec70b406aa |
| SHA256 | d8647f2bfb27b48f18d7b5251c735cacb8fd090a6c1b09077bc2e4a1b245e9fa |
| SHA512 | d09057a9e9c9b817e0873dd6843ef21c6a2b628d7be1b4781737abc4cdacb2e959baba6d7c8bf9e927ea4757424777e830f628542d44150269800af57fa3c881 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 8edd987b4823b7762cf40816064417db |
| SHA1 | c7d959b3628edc074bcc15a99f327b1461e03a91 |
| SHA256 | 6b3add87830aeb33e67de33396ce92b1872ca81e4841e1a62346be6d4c9139a7 |
| SHA512 | 598d42f660ef67cf3d5eec48e5dcbbe3b4116729c469cca33c5105c367a3bf67a08d92c3bf5c5bd3bbc65563c82375ce0a6d8bb3ff2bf3e8bef14aa3bde31f06 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d68d961786b56ddeaf2af8b939eeb8d6 |
| SHA1 | d0bf61c94358ba074069f54ed51a21e07b1070ab |
| SHA256 | 0d3bba1bdfdf33d602df95c94f5d75bd31a9b49b7e66f32dbbd21901adddfd10 |
| SHA512 | f673260da2adda463a422cc71eb5993346f1ce4d682b29fca4c32a5a4b814184f2bc291ec926b353abf062c06ffdcb16e58225619348c327bdf0e26ae265c189 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8c1e0f9c794c24e2c5ebe3b12c4084fd |
| SHA1 | 2f781328b285c4f4897045130a318ad0769cfdff |
| SHA256 | 967cd5a81d47c9c48893707d3cbda473fcb2219193947d20ff7b1f3e3f4e6a99 |
| SHA512 | e8fd6b59f96e66b29a2108f9c93095edb7df48498272e87832e78c505e221c5d37e94767c6f10a7a0b14b262c2bba6a643bd18d5d99b04611b3af630de668843 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004d
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9bfc9f36f54b656a293f19dd7ae6c687 |
| SHA1 | 3a424d418f0f0051400ee02e7eaa478a0fdc1058 |
| SHA256 | e0c6f89aa1907c6561c64ab80bd13ef946289fb4f39261fc75b30e9ae155d775 |
| SHA512 | d278cc871a62dc4ce2ac202980b479644205ad6d02ba9bea6f44905e1ac5ef94f96f493c7eb0e709920a56b3563d96a31c35a115e659feeb364d84c55ac9ba37 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 2fe53d05a7923961db782d8f80630b2e |
| SHA1 | f4dc87c721e0242b8492241c49e7e02a75bd62b0 |
| SHA256 | e69389abc2cada537ed30c2113d3a6021ba86751ae419320b878b21bb5c786a3 |
| SHA512 | f2358b6610c014035802eeb5d362ab24abeb9d1926377b91afdf937a98ca13ba22fefe5470272df46d1e56679d87e2c09687a8c0d939d3a58287ba02cc851f11 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 37357c1f21b97bab453dc6f79fa7ead5 |
| SHA1 | 2f11ef3f3124ede3e19fe1c197bc4cb2f8477a92 |
| SHA256 | ca513176e8d7eb05739f369c10de6b64d0ac10d8125649d7ea3cb371a1d48f38 |
| SHA512 | 1e2bf725a14282b641728ff6ac6c060b3b110a27d4465b6f112fa41d95feef6e5b318dc8a0a5ca7145a02a69f2658b8ebd339c6c906831e7c9b109d346d417cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 738e8beb32fb03b8a3e1f592e00b1182 |
| SHA1 | 3e8fe4cf19a9e603be4767573da18797ee20d174 |
| SHA256 | fda5e69cfc0e203912fe1d32603da25cd4ada854ac32d6531567d82a7489c04a |
| SHA512 | d574f87c5b3161a66969a007d9c6ead8312e142eb54bfefa02ed52f2f882f9af90ea10c86cb7849bbed949d11405a84a1a54e3973d24b0344b66692e7ad98236 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 1b5b336828b6894c8349e94000943afb |
| SHA1 | bfceddaf618b30deaa510a4e9c03462f2d9a2cfd |
| SHA256 | bd510d6872245a1ee5c8009174bbbd23286e47b92a501dbb39c67b513f334c98 |
| SHA512 | b56180958e2537fbe27c6fb31f9e06a45e115e4228f0232d1f568f0ed361d565836d000de6a8db01c9f1fc5e16a53bc178a1635f68f51c7a816840c695be8a4c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 64eb84931c9bf693c644fa7cdb407071 |
| SHA1 | 0121c0d6adb57606af162da48faeaccc6ce849ab |
| SHA256 | 73c35e3ee7520404a9c863b89bbc1567666e67294ec15f0d78d4743221ffa6ac |
| SHA512 | 330c8b915ecc58bbed98a2e1916d9bd42ff2e78a8fabd0aefc4ae52f01e9fcd29b6ef7868b03eac95b814eeec0bc65b2260a2bf68e1a0dbb6fdd850c114ecd7c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c26b60aeff58813d9364c48eaa945531 |
| SHA1 | 5a308bef0e66a733738f448225cd5e2b4db6ad65 |
| SHA256 | dcda560b5d350da19a02ef7099e21ce12787d3b896060865420e917061aebe4e |
| SHA512 | 8548916bec7b15f76ace37c44ecfa33caa824e40c834c28c06e9e856ea4a900d56b62815826aaf7c10f2c67de91202c08e7e293ff2d79c1919ec2a128e0d7f6b |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | c5b96cc088a9d26aa216b1d380bb7dcf |
| SHA1 | e3fed96b9d23cd2008577a3cae218dfa541e9580 |
| SHA256 | 8c4a125aa62e24eb6f196655d806e42fc55da68ddb1452760726deb64caf1b10 |
| SHA512 | 0f6abe98394a713e24f1e6b467baad1ea5fecff788568f312e078e46f79753ef9c2c92d788d3fd6290e2ddba6bf192b6b20821b738995a9eb90c2f859aeb60a7 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | d92ab14c12c0a2b0499343e1513f5001 |
| SHA1 | 61f1ce520c1e58869984088424235659cf2b7833 |
| SHA256 | b2a11daa9865f97af1768c440896f7d87f917911c3a4ce8d5706a610773f9abc |
| SHA512 | 465b88bc1b6e1fb86c083fcacd6e32e34cdaede49519ab204be8bb1f198ad33908295fc97bf44c126040687f87ef8f634421d42dcae27c711ec5f602a9935c9d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 07f157428bff524e1ec23179f30fa384 |
| SHA1 | 7faff4b83f93f38a8184c74464f6cb3ebf3750b5 |
| SHA256 | 2fede7abe4cfcfcf898115d69daa4c6dfab1f13d9e62c2533ee51b769856869b |
| SHA512 | 048b9748a4735aca3742edfb1e807999af0499567b24e6b01037fd895809045108425c5e4d74f8f59234c1a1539844822e3fec84a622182b215c553e24fef729 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 735552c8630d07e8fd1089b76d6b3c96 |
| SHA1 | e753847a9528901fe1e3ed96d4769faf10d70588 |
| SHA256 | 1cf7cfbd308a83f7586b64bae31d2576746daef7557b8df9f292dcc7974df774 |
| SHA512 | 42d9667825194105aa388d72fe6d09e9767301826522e3b80231f12a17d93a53f86c611c1b5fc5bcf5e42fb626c7912e4539af40e00c3e6bed80bf2534383437 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | f643e99bfe5e3a4ed64ea14c13dbb527 |
| SHA1 | 37b45f66a2f60958d4b1f9ce660813ea4bd38eab |
| SHA256 | 1474f68cce29884eb3e6f1977ad08f40d60629cc5da8486282cb58d039b003a8 |
| SHA512 | 2d3c630eb17036e34f9e956ae9a6bf67ebee5153790b10426ba33146ce76234bafdabb2bb564fd6bf613618d43e6418c4fc9ec79821e55120802b61a45662fe2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 7db2dfb87fbc8742d5de49a9191ad236 |
| SHA1 | a868e47fbb344a317de03f59140c1cb1656b0b7c |
| SHA256 | 364e6fabebe5c8490a01c2752391795746d08f84ea696ba7c9c2841210428f65 |
| SHA512 | cc678f1ea13403454fe84af75fb98811d4e6481405ff2ae6fbff889791d295bba6278c02f781950eef1d41f2beab9785ff78cfa3cfbf5b0c1670d642b690e36b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 55f4dca1080430bb050c3c23fd88bea9 |
| SHA1 | 2b74b15948c0598b667db86862b44d92223149f3 |
| SHA256 | 9e52f44b0b3a1623aa417e657ed0c44dfa9368589d5147d1a1dbec12a7113db1 |
| SHA512 | 80a3ac0a9bfe1d000eb547b6d2aaf2122b9f23cbe405899c557af60ba0aab35b72228ad6dfd63d443f09395b1cf3174e6e869e7fa15fa055bbc4d3281f536fa1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\08621d9c-5c88-41aa-b0ae-9d45e7d53db0.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c25c1bc6ef2eec0e829c2783f2258a62 |
| SHA1 | c3da3ef44bac0b9f0a3d3dc8b5e10b2e8d05898e |
| SHA256 | 2941a4cd80aa1597448e63ecaeb9e47fa01a50b3f311fc92505b83e138983290 |
| SHA512 | 62b27e640e2d09eeae17fb2794b796d2caaeac35e4d9f98ed28ecbed13899725867a3e75149064cdc9e22c5b20dc5c0b6e0121419d0202e211f303c9d049f878 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1d141eaa94be8f5295dc946385546ad4 |
| SHA1 | 2f9d52a02f393705f4542bbbd83847b2df5e2804 |
| SHA256 | 9966031403de826fdd844ae492de8e06ea3d2c61572d84a8a499a483306cd7a4 |
| SHA512 | edd9cac14bac4c586bc8e082835c2c2f0d3666f64c3c15ce3c738303f1e31efdb9a833229b369d4f83601fc0bc9091bc6b0b7a85124e564752c5334637a2a9a2 |