Analysis Overview
Threat Level: Known bad
The file https://tautarahack.pro/ was found to be: Known bad.
Malicious Activity Summary
RedLine
RedLine payload
Executes dropped EXE
Loads dropped DLL
Accesses cryptocurrency files/wallets, possible credential harvesting
Suspicious use of SetThreadContext
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Checks SCSI registry key(s)
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
Modifies data under HKEY_USERS
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-22 21:06
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-22 21:06
Reported
2024-05-22 21:09
Platform
win10v2004-20240426-en
Max time kernel
150s
Max time network
132s
Command Line
Signatures
RedLine
RedLine payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zOC0F30397\lnjector.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\lnjector.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zOC0F30397\lnjector.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\lnjector.exe | N/A |
Accesses cryptocurrency files/wallets, possible credential harvesting
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 8184 set thread context of 5956 | N/A | C:\Users\Admin\AppData\Local\Temp\7zOC0F30397\lnjector.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
| PID 7652 set thread context of 2124 | N/A | C:\Users\Admin\Desktop\lnjector.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133608857045539843" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Windows\system32\taskmgr.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://tautarahack.pro/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe413d46f8,0x7ffe413d4708,0x7ffe413d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1996 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2376 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2856 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5556 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5556 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7112 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7684 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7840 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=9436 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10492 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\Valorant Cheat.zip"
C:\Users\Admin\AppData\Local\Temp\7zOC0F30397\lnjector.exe
"C:\Users\Admin\AppData\Local\Temp\7zOC0F30397\lnjector.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10504 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,819588832743542566,27673053716142548,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10616 /prefetch:1
C:\Users\Admin\Desktop\lnjector.exe
"C:\Users\Admin\Desktop\lnjector.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Desktop\LockAdd.shtml
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffe413d46f8,0x7ffe413d4708,0x7ffe413d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,10704986065727608847,17741441088556017680,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,10704986065727608847,17741441088556017680,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2488 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2160,10704986065727608847,17741441088556017680,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2896 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,10704986065727608847,17741441088556017680,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,10704986065727608847,17741441088556017680,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --proxy-server="217.65.2.14:3333"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffe4108ab58,0x7ffe4108ab68,0x7ffe4108ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1788 --field-trial-handle=1948,i,3316205134162155102,2273806219300793754,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --proxy-server=217.65.2.14:3333 --mojo-platform-channel-handle=2196 --field-trial-handle=1948,i,3316205134162155102,2273806219300793754,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --proxy-server=217.65.2.14:3333 --mojo-platform-channel-handle=2304 --field-trial-handle=1948,i,3316205134162155102,2273806219300793754,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3244 --field-trial-handle=1948,i,3316205134162155102,2273806219300793754,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3276 --field-trial-handle=1948,i,3316205134162155102,2273806219300793754,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4388 --field-trial-handle=1948,i,3316205134162155102,2273806219300793754,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --proxy-server=217.65.2.14:3333 --mojo-platform-channel-handle=4696 --field-trial-handle=1948,i,3316205134162155102,2273806219300793754,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --proxy-server=217.65.2.14:3333 --mojo-platform-channel-handle=4868 --field-trial-handle=1948,i,3316205134162155102,2273806219300793754,131072 /prefetch:8
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\System32\7wv1lf.exe
"C:\Windows\System32\7wv1lf.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | tautarahack.pro | udp |
| RU | 31.31.196.163:443 | tautarahack.pro | tcp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | stackpath.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| GB | 142.250.187.234:443 | ajax.googleapis.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 151.101.66.137:443 | code.jquery.com | tcp |
| US | 8.8.8.8:53 | 163.196.31.31.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.10.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| NL | 23.62.61.123:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.61.62.23.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 23.62.61.123:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.16.114.74:443 | www.mediafire.com | tcp |
| US | 104.16.114.74:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 104.21.42.32:443 | the.gatekeeperconsent.com | tcp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 104.21.63.106:443 | www.ezojs.com | tcp |
| US | 8.8.8.8:53 | 74.114.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.42.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| GB | 142.250.187.238:443 | translate.google.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| FR | 18.161.111.112:443 | cdn.amplitude.com | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 104.16.52.110:443 | cdn.otnolatrnup.com | tcp |
| FR | 15.188.219.54:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | www.mediafiredls.com | udp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| GB | 172.217.16.234:443 | translate.googleapis.com | tcp |
| US | 104.26.2.173:443 | www.mediafiredls.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| BE | 74.125.71.156:443 | stats.g.doubleclick.net | tcp |
| US | 52.41.216.34:443 | api.amplitude.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| NL | 23.63.101.153:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 106.63.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| BE | 74.125.71.156:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| US | 8.8.8.8:53 | 186.199.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.111.161.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.97.161.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.52.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.219.188.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.142.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.71.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.101.63.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.216.41.52.in-addr.arpa | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| FR | 54.230.112.50:443 | tags.crwdcntrl.net | tcp |
| IE | 52.17.55.191:443 | ad.crwdcntrl.net | tcp |
| IE | 54.77.98.227:443 | ad.crwdcntrl.net | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| US | 104.21.87.79:443 | bshr.ezodn.com | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.112.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.55.17.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.98.77.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.87.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | udp |
| GB | 172.217.16.234:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| FR | 15.188.219.54:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | 2908e571d247df428324d819d25159e3.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | ghb.adtelligent.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | prebid.smilewanted.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| GB | 185.239.172.170:443 | ghb.adtelligent.com | tcp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| US | 172.67.14.119:443 | prebid.smilewanted.com | tcp |
| US | 172.67.14.119:443 | prebid.smilewanted.com | tcp |
| US | 172.67.14.119:443 | prebid.smilewanted.com | tcp |
| US | 172.67.14.119:443 | prebid.smilewanted.com | tcp |
| US | 172.67.14.119:443 | prebid.smilewanted.com | tcp |
| DE | 51.89.9.253:443 | onetag-sys.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| FR | 3.160.188.48:443 | hb.yellowblue.io | tcp |
| GB | 172.217.169.65:443 | 2908e571d247df428324d819d25159e3.safeframe.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| FR | 52.84.39.108:443 | cdn.prod.uidapi.com | tcp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| DE | 18.195.237.104:443 | btlr.sharethrough.com | tcp |
| DE | 18.195.237.104:443 | btlr.sharethrough.com | tcp |
| DE | 18.195.237.104:443 | btlr.sharethrough.com | tcp |
| DE | 18.195.237.104:443 | btlr.sharethrough.com | tcp |
| DE | 18.195.237.104:443 | btlr.sharethrough.com | tcp |
| NL | 145.40.97.66:443 | prebid.a-mo.net | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| IE | 52.51.36.235:443 | ap.lijit.com | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| DE | 51.89.9.253:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| US | 8.8.8.8:53 | ghb1.adtelligent.com | udp |
| US | 34.120.107.143:443 | oajs.openx.net | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 185.83.69.58:443 | ghb1.adtelligent.com | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 34.120.107.143:443 | oajs.openx.net | udp |
| DE | 162.19.138.117:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 35.244.159.8:443 | google-bidout-d.openx.net | tcp |
| US | 8.8.8.8:53 | 241.75.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.172.239.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.14.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.188.160.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.35.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 235.36.51.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.237.195.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.23.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.107.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.69.83.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.39.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| FR | 185.235.86.73:443 | ag.gbc.criteo.com | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| FR | 185.235.86.179:443 | gem.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | download2274.mediafire.com | udp |
| US | 199.91.155.15:443 | download2274.mediafire.com | tcp |
| US | 199.91.155.15:443 | download2274.mediafire.com | tcp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 179.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.jeroud.com | udp |
| US | 172.67.130.6:443 | www.jeroud.com | tcp |
| US | 172.67.130.6:443 | www.jeroud.com | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | ads.us.e-planning.net | udp |
| US | 8.8.8.8:53 | s.adtelligent.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | hbx.media.net | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| SE | 23.32.84.225:443 | ads.pubmatic.com | tcp |
| GB | 185.83.69.226:443 | s.adtelligent.com | tcp |
| NL | 79.127.227.46:443 | id.a-mx.com | tcp |
| NL | 193.3.178.4:443 | ads.us.e-planning.net | tcp |
| SE | 104.73.92.22:443 | hbx.media.net | tcp |
| US | 67.202.105.22:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | vda.afkjourney.com | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| GB | 172.217.169.66:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| DE | 91.228.74.244:443 | cms.quantserve.com | tcp |
| US | 104.22.5.69:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | assets.a-mo.net | udp |
| US | 8.8.8.8:53 | sync.adtelligent.com | udp |
| GB | 79.133.176.211:443 | vda.afkjourney.com | tcp |
| US | 104.19.158.19:443 | assets.a-mo.net | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| GB | 79.133.176.211:443 | vda.afkjourney.com | tcp |
| US | 8.8.8.8:53 | 6.130.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.155.91.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.69.83.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.84.32.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.227.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.92.73.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.178.3.193.in-addr.arpa | udp |
| IE | 54.75.221.163:443 | ce.lijit.com | tcp |
| GB | 185.83.71.234:443 | sync.adtelligent.com | tcp |
| US | 8.8.8.8:53 | static.smilewanted.com | udp |
| GB | 172.217.169.66:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| DE | 3.120.79.213:443 | match.sharethrough.com | tcp |
| DE | 3.120.79.213:443 | match.sharethrough.com | tcp |
| DE | 3.120.79.213:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | 180.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.62.75.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.158.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.176.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.221.75.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.71.83.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.79.120.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 74.121.140.211:443 | sync.mathtag.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| NL | 185.89.210.153:443 | ib.adnxs.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| DE | 18.157.153.25:443 | rtb.mfadsrvr.com | tcp |
| NL | 81.17.55.170:443 | ssbsync-global.smartadserver.com | tcp |
| FR | 154.54.250.80:443 | ads.stickyadstv.com | tcp |
| GB | 185.64.190.79:443 | image8.pubmatic.com | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 185.89.210.153:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 104.22.51.98:443 | spl.zeotap.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| FR | 178.32.197.57:443 | sync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| DE | 37.252.171.53:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | 170.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.250.54.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.153.157.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.140.121.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.130.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.51.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.197.32.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| IE | 52.214.85.178:443 | ice.360yield.com | tcp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 34.98.64.218:443 | u.openx.net | udp |
| NL | 79.127.227.46:443 | id.a-mx.com | tcp |
| US | 8.8.8.8:53 | ow.pubmatic.com | udp |
| US | 8.8.8.8:53 | prebid-server.rubiconproject.com | udp |
| GB | 185.64.190.84:443 | ow.pubmatic.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 8.8.8.8:53 | 178.85.214.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| DK | 37.157.3.20:443 | cm.adform.net | tcp |
| US | 8.2.110.33:443 | us.shb-sync.com | tcp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| FR | 216.137.52.109:443 | s.ad.smaato.net | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| US | 8.8.8.8:53 | 150.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.3.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.52.137.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.110.2.8.in-addr.arpa | udp |
| NL | 145.40.97.66:443 | sync.a-mo.net | tcp |
| NL | 145.40.97.66:443 | sync.a-mo.net | tcp |
| NL | 145.40.97.66:443 | sync.a-mo.net | tcp |
| US | 8.8.8.8:53 | 163.87.77.80.in-addr.arpa | udp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| NL | 194.26.232.43:20746 | tcp | |
| US | 8.8.8.8:53 | 43.232.26.194.in-addr.arpa | udp |
| NL | 194.26.232.43:20746 | tcp | |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
| RU | 217.65.2.14:3333 | tcp | |
| RU | 217.65.2.14:3333 | tcp | |
| RU | 217.65.2.14:3333 | tcp | |
| RU | 217.65.2.14:3333 | tcp | |
| RU | 217.65.2.14:3333 | tcp | |
| RU | 217.65.2.14:3333 | tcp | |
| RU | 217.65.2.14:3333 | tcp | |
| RU | 217.65.2.14:3333 | tcp | |
| RU | 217.65.2.14:3333 | tcp | |
| RU | 217.65.2.14:3333 | tcp | |
| RU | 217.65.2.14:3333 | tcp | |
| RU | 217.65.2.14:3333 | tcp | |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | b2a1398f937474c51a48b347387ee36a |
| SHA1 | 922a8567f09e68a04233e84e5919043034635949 |
| SHA256 | 2dc0bf08246ddd5a32288c895d676017578d792349ca437b1b36e7b2f0ade6d6 |
| SHA512 | 4a660c0549f7a850e07d8d36dab33121af02a7bd7e9b2f0137930b4c8cd89b6c5630e408f882684e6935dcb0d5cb5e01a854950eeda252a4881458cafcc7ef7c |
\??\pipe\LOCAL\crashpad_2220_YCLPCZKHNONWTCSP
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 1ac52e2503cc26baee4322f02f5b8d9c |
| SHA1 | 38e0cee911f5f2a24888a64780ffdf6fa72207c8 |
| SHA256 | f65058c6f1a745b37a64d4c97a8e8ee940210273130cec97a67f568088b5d4d4 |
| SHA512 | 7670d606bc5197ecb7db3ddaecd6f74a80e6decae92b94e0e8145a7f463fa099058e89f9dfa1c45b9197c36e5e21994698186a2ec970bbdb0937fe28ca46a834 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9f6b6975bd870b7c29cb2465710951fe |
| SHA1 | 6ed16a070ea6ee627237baabc68f19a295c34161 |
| SHA256 | fa83e59f89dde3b5efb147be011e811da4ad7574d893c3e51c84f0ce25d79648 |
| SHA512 | deb63607ff071220c1cba66fe2290c0b61be2cf2db4faf5ebd3b24cb078815d044b8de54a18cf0fb5afadd2fce508abf033db5517ffc40b4984ea5e84b0969ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | c2a569ccd8a52fc29b4bb7bfc38a7e5e |
| SHA1 | f0bdfe5c4164a0bab15d9ba1e4b62b7823a77299 |
| SHA256 | c897b12914a89e61b54fd21ca1dc595669db74be6cb06c77eb2249e516b103d5 |
| SHA512 | 311e79aea04f2753dcea0896cbbe78a9ee6b91ae7e15274ceeee269beaf27ae410928da5ea55f2b58288aa6c4ce12975b0b2cd0d9bad54987edb7bfb10e57a23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | debf3dba0d8a0f44922164f4c18ecc94 |
| SHA1 | 6e953facfd2d68232f97e1f272b1df4442714587 |
| SHA256 | 15054336c59174f3c8fdf448aac16c72bd909a44fdf5b71997225b92da173d4e |
| SHA512 | aff00c83e473144295d954521637fe68cbd3451e1a73c46db79f01f07f46de9b2903c7f7cdb4103fda21f376f1c19db16466aad2c8135731dcba805cbccbdc58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5b7f838028e6f7bc9288524354d8f150 |
| SHA1 | 6ac5bc0e1704d7c8c17768f55544cf4ebafb49b9 |
| SHA256 | c27eada32f2246bcc6e42131e3a0d643da1f494991c57f247845703aa0baf4b3 |
| SHA512 | e3d489b6ea449549adb461927daca240bc2089eafcfac11aa91b5782e865fb08e16f835cdcc96bb64c803c9b1ac440389124c0949f21c95ca30657de369a1279 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ef7045a43a00b4f7a65cf580ded560c9 |
| SHA1 | e83af8919ec44f9b0ef68138aa4216fc7c45526c |
| SHA256 | 628f60801791bbf2bff02bafaa6e7fa69e40df36fcac7e205a6ba63f04f38355 |
| SHA512 | e1885eb2a0065fc7cf5a0cc4c8a3a1ef3061c2ee9fec1ca05a22c04b80584f3ee13076e0dd49feec890b486eeedc34ddedeeedf9b09d3be08e7af61225a53f29 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f0ff8dec9fcc33d224ea47f0c6d444cf |
| SHA1 | 01564a4ff83d87273a0966913fc2459af57fbd90 |
| SHA256 | 47939498b73165c0f20e6687062c82663eba6b38842e796db96ec16475dac2c3 |
| SHA512 | 6969d317d5331fb30adf8201b54f9fac358db62b468b14d9a3ec333e8faa8550295d2bd95b9a5258dd16c95e27c638f0fe36de9b4b512bd689ea73bb1c0f4baa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57a374.TMP
| MD5 | cd2308ebe863d32907e61164f09fdf2e |
| SHA1 | 977e3887bf63fc380d737be9aeca12cb1ef8207c |
| SHA256 | 732832f80db69e9e01f5e0bfc14ec70548f2c3e0a46e6816ff532fedb7433fab |
| SHA512 | a16fdf26f1f4df763799422dff0989cb68c9b4c9e9b37252a806337b36da6055c72ef7004cbbfa2cfb957c5d79a386599b5d15d79200f09c7101047927f4e2b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\a404c843-f7ee-47d3-b91f-5e1170047312.tmp
| MD5 | 2406608d9a13fe94f6659a6cf0808f8f |
| SHA1 | 63ffeed8d93251dce31d3d2da5c11c7f8caa2e09 |
| SHA256 | 3036c31520384f78157c673d60a0bec6d5792062eacf459d572eaa2709f0a842 |
| SHA512 | 389615e6ceb04226b4cdcb0471b39b5efecb25107e9c9c31f761c7704e4941a40ef610de09f0a572c19d41bcfc06c3b885cc6d867d1ea37a3765c410f5285a0b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 51117df2cbfc2cb7ac5ec82d09a6bcff |
| SHA1 | a7d193c21bfe5ea636fbebc2c144cd9d53003e39 |
| SHA256 | 7c343f660107032c093c1423141552d3c30b82ef366deea79849bacf6a936e67 |
| SHA512 | 45f6ba6282116e4f88959a10e44eefaaf44e8fee551beab9ca53345cfff69620bb36d2bcb951bf1289eff17bac8c565d6701bcf4e7645427cae163eb8b641e70 |
C:\Users\Admin\Downloads\Valorant Cheat.zip
| MD5 | 7027635e4b2131164024bb2f9ab96137 |
| SHA1 | e633387ce946bed9c0e12ebb4de87782ecab3cc6 |
| SHA256 | 6897a79230b8f56c14f60320629d96e842fb24e8293de6973ad492f8a300dcd5 |
| SHA512 | 5241e918ace69d47b11d47b6fc860743c82746a64956a519a9b5e401a8ae487f918a1e8a61651fb612b1d709b24f31926c18fe842293908a92393e65c5d9a01f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 59825bcee7c2163b259178244e4e99f0 |
| SHA1 | edaa894f9dafc7a910e2b9911a267792d76ecf1b |
| SHA256 | 2946d5de501ab3087bd6cdbbecfe7997a954dc2c278293c77b59b4effab98b34 |
| SHA512 | 8f5e25f8c13ce1eeb99ae49dd872eb59182b4bdeffb12366c3992082548a19976faad6fea8d1d8ecd5382fc7aba2b1729a8e47fbabe02d0ee2b636fe3e4eef36 |
C:\Users\Admin\AppData\Local\Temp\7zOC0F30397\lnjector.exe
| MD5 | f7834acda50dc251c11764d345048e1e |
| SHA1 | e23e891da233566c62bfc2b74e2fbfb7ecafa071 |
| SHA256 | 04f2a7d5d1237151c7b5048d15d40e6652d2b16702589b2f2da4313cd5cd6a33 |
| SHA512 | 20f22b990aebbc61a44d912e70b6432ddb6f48fd27eeb0471c8872078985f2f335f1f0694d742ad39077d4f233775c654e3cb1f587982d8a0e016a2dfefd8b4f |
memory/8184-296-0x0000000000700000-0x0000000000772000-memory.dmp
C:\Users\Admin\AppData\Roaming\d3d9.dll
| MD5 | 51689d50003a035ef0babc8c3ae8d821 |
| SHA1 | 9ea056fbc2cdf6c19df193905ca7e7206dc07813 |
| SHA256 | 25ffd353a6e026423e6519071c076180fab54e15078f6adbfed4df208d0cc08b |
| SHA512 | 1d05df7a6cf88f641fb688a3c957488b339c8fb2eb07e91b8ec72940ebab5ce5b9ef6e8e88387fbf541515c79f7b8ecc9e03d6cd5ffafacf6859403f92e48393 |
memory/5956-303-0x0000000000400000-0x0000000000452000-memory.dmp
memory/5956-305-0x0000000005B60000-0x0000000006104000-memory.dmp
memory/5956-306-0x0000000005650000-0x00000000056E2000-memory.dmp
memory/5956-307-0x0000000005800000-0x000000000580A000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\TmpF4A1.tmp
| MD5 | 1420d30f964eac2c85b2ccfe968eebce |
| SHA1 | bdf9a6876578a3e38079c4f8cf5d6c79687ad750 |
| SHA256 | f3327793e3fd1f3f9a93f58d033ed89ce832443e2695beca9f2b04adba049ed9 |
| SHA512 | 6fcb6ce148e1e246d6805502d4914595957061946751656567a5013d96033dd1769a22a87c45821e7542cde533450e41182cee898cd2ccf911c91bc4822371a8 |
memory/5956-333-0x0000000006390000-0x0000000006406000-memory.dmp
memory/5956-334-0x0000000006C90000-0x0000000006CAE000-memory.dmp
memory/5956-337-0x00000000072D0000-0x00000000078E8000-memory.dmp
memory/5956-338-0x0000000006E20000-0x0000000006F2A000-memory.dmp
memory/5956-339-0x0000000006D60000-0x0000000006D72000-memory.dmp
memory/5956-340-0x0000000006DC0000-0x0000000006DFC000-memory.dmp
memory/5956-341-0x0000000006F30000-0x0000000006F7C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e71ef600b60710d6f94c5d830a5e0e2d |
| SHA1 | 9db03c91fa65df12c64836d1c9b705372818b18d |
| SHA256 | 88b408acd49b26022c45f61161a6c9023ecf3e54dc55b936e3a9f9a80ed10c3b |
| SHA512 | 3143cc28d48ca065bff9ffa38029ed4f10355ec3c447c083d299676f7bdf5b28cd194497582090aae90207a4a14033bf34868a4ca1228128a724126a1db415e9 |
memory/5956-359-0x0000000007070000-0x00000000070D6000-memory.dmp
memory/5956-362-0x0000000007DC0000-0x0000000007F82000-memory.dmp
memory/5956-363-0x00000000084C0000-0x00000000089EC000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies
| MD5 | 50a1b4880f4b53b2caf656a0417157cc |
| SHA1 | f680f21e218b5c9c1ce91c9a91fba05361cf9cf3 |
| SHA256 | 6c3a738a6486b450c4b786dafb41310ccf2f5943172d8337f2ff3869447cf83d |
| SHA512 | 240e3084ef5d14ecb6a9ef955a2dfdbdd95497c2e9bd885833bd07e8fec7d2883f92c71345ca7cd61a092ec0535b140d9ca1f8499d4937026d1d871c2ecf2db4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c0861a5e493fb91a47604d9c9fef6998 |
| SHA1 | 26ffbcdcd07cd88de32f2e7cb779939b020a3b4a |
| SHA256 | c2961650df291a7ce543218604761841ae5c4ab18538dff2367190c3f7554d78 |
| SHA512 | 1c9325156df66056b4b4d7d2c1fec7dd7ec9f092ad213c4f844b8bf2d516ae5daf7e9450f3cf5b480d18696f35e37a261dd6e2c6748a36e7b1c106d81df1b53c |
memory/5956-366-0x0000000007D30000-0x0000000007D80000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\lnjector.exe.log
| MD5 | 84cfdb4b995b1dbf543b26b86c863adc |
| SHA1 | d2f47764908bf30036cf8248b9ff5541e2711fa2 |
| SHA256 | d8988d672d6915b46946b28c06ad8066c50041f6152a91d37ffa5cf129cc146b |
| SHA512 | 485f0ed45e13f00a93762cbf15b4b8f996553baa021152fae5aba051e3736bcd3ca8f4328f0e6d9e3e1f910c96c4a9ae055331123ee08e3c2ce3a99ac2e177ce |
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MSBuild.exe.log
| MD5 | 54758638183b1f0e9b1310fb17c026c6 |
| SHA1 | f8ac3d78496f44bba9f68b40cc463964b7ad4eb9 |
| SHA256 | a77066557f80edcdb12a4c7588a3c88bbb282ee30f93dc6b4f7a71c0b93a342c |
| SHA512 | 86e7762c96643b55cd8fcf674aa85dd4ec11b2c6019d7e936461dc81a702b95136e7a352b63028b8e6d975b06c3edcbc62506e5ce8c3ae31801a14abc6460a6d |
C:\Users\Public\Desktop\Google Chrome.lnk
| MD5 | fe59138b890ef674183c0bc6d2e15935 |
| SHA1 | 6271a538000260da0a4c56ed5a2b6b82549c3a69 |
| SHA256 | 868dc232f7b220d4d97e13a46257cb3748fe2e36be39241b3a056d3bc7007768 |
| SHA512 | c5e35d0f52e60a566dc2cbde0ecdf66ac9f7b7b0e2bd764e57ab7023617adec3468c70e74182d5fa52baec2b29b70ee7b5af41be137509cbd1877c096bc22ec5 |
C:\Users\Public\Desktop\Microsoft Edge.lnk
| MD5 | 02100e52fb1d3764475c29fc25fcb59a |
| SHA1 | fe78c3ddb5d82a276e17e478dc473dbbca72fa0b |
| SHA256 | 809deb04be8c39ba233266e8b283398a891012fb89ecbdbc071d0ddcdbf764f4 |
| SHA512 | 72c96153eade1ec3fd47350d3cd56ffbaeaabc6b48fa9d66e4a7bfdcdc103a51ec08cb150e265c633657fb9a8313422310161b5ca3e22cf85f007ce8e233fdbf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4ae558d9a60b658bbaca0fea1f96e6ed |
| SHA1 | fc97b01845924cc27c43d658e6f068a1ef17bb31 |
| SHA256 | f76c65d0fb316e5e0245e4a320a352e85cb97ec168e742e6f95bf7b70cc89a83 |
| SHA512 | 450f406c52a3088e59923fc717222891a7f257b5b5864b4811de23e8ab7b06f9155111662052d5c4a92884a71b6043805190af2e1d1b3572e8507b4ba5851f3b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | 838a7b32aefb618130392bc7d006aa2e |
| SHA1 | 5159e0f18c9e68f0e75e2239875aa994847b8290 |
| SHA256 | ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa |
| SHA512 | 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | 0866648d3733f956b8c2ba1923556546 |
| SHA1 | 17604d30abcb8ead3e217d25fdb089188690ceac |
| SHA256 | 6f106c54393b78a5906b7f9261c2c3649ca987461cac776a0f744d50552f599a |
| SHA512 | fccc600eb54509556736b216695c22ab8c300378d4c09e19ba5a54dee23dbcff7b40b4b2dba0dfcebd7783a9f124519cf3825543ac79db2445da7c1f1384801c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | 267111823de53ef54d55388f1242ac85 |
| SHA1 | 6f8b60b7fbd39f083f3005a0cf9189744568a937 |
| SHA256 | ede8a82c15f43c332173f9eed74125bfa84a33c3e7c3a5ba5f65ac037ebe2b05 |
| SHA512 | 7064a14abcfc6aec251dd61cb02f7640d0f75bf9ae62067fe3730f610ffe9dd2d26f529c9cea17d498eccaa560fbaa1404c56b57ae5e6c07a0735e8e9baf84f6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
| MD5 | 187361655ce85f4aec5398fac0b05eda |
| SHA1 | d5f2bc8f3c871e3e99a537acc751cbb1fec8e3f5 |
| SHA256 | 8204e4b3250bffda3641310a3cd8c87e917878bbcd747e9f6b4524e300aad0ff |
| SHA512 | 21871b661ead76669c4b77356d9f2520746bdd45ff78b8a0320f3383612b4703b8825d088780751bd7a888c2d9d5cca889f59b9943abdadc33a91cd0212dcaa3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 5407a7f50983d27ec79e379e61834f33 |
| SHA1 | c56d198d6fdd25f7c1d2de783f97df44820cce84 |
| SHA256 | 1023f6411fbb083b3c165dbe30862c84de3748352ca140e1ecca48c2628de726 |
| SHA512 | 9b0f8c3bc2011ddadde3e4f552e6fc499be837259fde5606c774babe1d26e0ab3b125b93d856d76e92330f0a19a025467924726aaf896d893b53b328293625ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
| MD5 | 29cfb3a0b31aee06a0d2ecf9e0293432 |
| SHA1 | c28559bcccdaccaf88d1f942585ae866f5cc09a2 |
| SHA256 | 4ea89024157c3488703ed5c79de03a68314424cc4dea2b25ebd16ec955cfc038 |
| SHA512 | 077b7cb2cadf61e9bb005b5e6430e243066c6b3f7ef512846938c4de4384b82cc15e93f5d570d68dd6320f98335ea8d1cbbe5af70a0947478c48bd813affa2cd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13360885602385992
| MD5 | 5a9d3c0d4a40ed9adeeac2ad3e857a0e |
| SHA1 | f87f5fed7c88b592a66e2a1f7c42c7983d099166 |
| SHA256 | 6f7420998fd5d6db60a3d73b6cedbfcf27d09658c8eb8258ee074306d11b5c2c |
| SHA512 | 1957f6aad48b5dab9aa79d7c63d663affd4f0ef0d89aeb6a0174af59683562e07dd50947753086b666efd0bbe99e69a4892ad50538b6c7184c709bacda1008f2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13360885602654992
| MD5 | 523f460a880eb59d4ed3527842ecaa50 |
| SHA1 | f7dc69a673b3114b44b3f88af09987110255b3c7 |
| SHA256 | ae1653d230b41f0dbe7327d376cd2dab2e58da001fff673ed3217d0691690df0 |
| SHA512 | 9332696e1d7a083b36a433432920745322911327153835abcf0570d24025dfe6620c76de5195d9f66fcb8c5c021ed28cd3bd8baf98ec74290514464ae7e07bf5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | f345a055b63637a2070e5d80f4558d10 |
| SHA1 | ca4d09a1090cf4abe52cbde996f0849113d0a82d |
| SHA256 | 184d496618ca7cbc36a786ea6bd50eff2f4f7ba1fb18104540ec892665fc311e |
| SHA512 | 13c8b5cd04aa8fe3ab7d8a85cf77b53e8a2b4f290d2011f4f5b6633bdc10c6c8c1b7ebbc5db49988786f6aa812e5eb95c7fa167d7342b99e04ec9285384cf270 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e6da745aef3e456d6f5cd9325456ab38 |
| SHA1 | 4a861e0d810edac80672f2213dab73a0c68895c8 |
| SHA256 | 79ea26eeff36ca03c35cb9c125d7d7a0703173a7fd53c478d5009089008da641 |
| SHA512 | 56b8176f36ea099afddfa5ac7c4c686cb7a1cd331056b9cff1ab52f91f0d2e1663d3a97b17bcb25e7e9e8b246fd425df9cc38acf899f42c8cbdfa9c29d2559d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e345c0cdf8f747d5ab3766062131abf0 |
| SHA1 | ab21be6248a482ca611b7bb3f3b238e0164f3968 |
| SHA256 | b5e44979964f3ee4dfb7d37d04da935470162f39e886ab9234b455e1f07c1e39 |
| SHA512 | 5ec5c19a1a4bd2a13f2a3fd3119324a5b2451d1d1e8bb50bf779262749fdd2134131118be36587c70cf2acb01a0cfa4ccc681ba8161185f243f7d1305756f8b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e9567b6165066197f92c02a28f64b5ba |
| SHA1 | b8f87b8ea6000604706138bddd4e72fe458e097c |
| SHA256 | 6dd77f1a50d159b9e6f44677157ac8caed0f580ced62bf77dfc63061f64e5d03 |
| SHA512 | 62e5c523b0848d0c3c63fd1544332d2bbae99fa14cc74fafd9fb5baee64fcd07fe00af6e3d81a5d59e02eeb6d46072f09aa2d097605444cd980aad92d90da78b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\f202a5f7-44fa-4930-9fa8-7ca1c1de66d0.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 96beefb0f2f4e49061139ed842717a31 |
| SHA1 | 31b8327e28f4d582461d681331a4ade221e082e0 |
| SHA256 | d45e3292e42e453dc8efb6b38bdb6a1b998f88a937887b67b02de9befd2f380c |
| SHA512 | 346217d3c1e280139d08a1e1ee45a30a055c5b40e401c1e004b5d6fd31e4d8550a0a5a70797aa4b3cd19af0879589aa7dff78567a075180eaa7748f697683a50 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8e677cf4e9656ecadf94f6b1048a7992 |
| SHA1 | cb0030fc18d3ee2c95f7f9f7fb1656043bc1b5f9 |
| SHA256 | 982face42407b2b13afa4e547105c53ca856b8139b674ad241d71936d08e9273 |
| SHA512 | c2b90c5e1d6e29af08062e71666a80838c53ecd1b225c6b701413fd1e52282530ec8954a9a49f3f0c9830e251c574bd07926af9f164a0ab4604f492326136747 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 5d34d95685a94620629d4bf35c0d29c1 |
| SHA1 | 0551b4921dd2dc409ed3dd6f268e47e4666811af |
| SHA256 | 9d0a61f4fd6a214008c4fa529586916a5ae377913abf3e7c5cda22d8ae9a6b34 |
| SHA512 | c57ed7eb2fbf3328de7f6b0bc698f10b7cef2157e2c055d7dadf1794a739e9d18a7cc8518869bf9f1038a53e754a1820092659d43e944286a9b77ddf9b64bc97 |
memory/6544-604-0x0000017154A40000-0x0000017154A41000-memory.dmp
memory/6544-606-0x0000017154A40000-0x0000017154A41000-memory.dmp
memory/6544-605-0x0000017154A40000-0x0000017154A41000-memory.dmp
memory/6544-610-0x0000017154A40000-0x0000017154A41000-memory.dmp
memory/6544-616-0x0000017154A40000-0x0000017154A41000-memory.dmp
memory/6544-615-0x0000017154A40000-0x0000017154A41000-memory.dmp
memory/6544-614-0x0000017154A40000-0x0000017154A41000-memory.dmp
memory/6544-613-0x0000017154A40000-0x0000017154A41000-memory.dmp
memory/6544-612-0x0000017154A40000-0x0000017154A41000-memory.dmp
memory/6544-611-0x0000017154A40000-0x0000017154A41000-memory.dmp