Malware Analysis Report

2024-09-11 09:24

Sample ID 240523-r9n16afa2t
Target Client-built.exe
SHA256 712a42256cf7c2f28f3830dc2f75ee733da382fbe9d5aa16c6d725e893309e5a
Tags
discordrat persistence rat rootkit stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

712a42256cf7c2f28f3830dc2f75ee733da382fbe9d5aa16c6d725e893309e5a

Threat Level: Known bad

The file Client-built.exe was found to be: Known bad.

Malicious Activity Summary

discordrat persistence rat rootkit stealer

Discordrat family

Discord RAT

Legitimate hosting services abused for malware hosting/C2

Unsigned PE

Modifies registry class

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Suspicious use of AdjustPrivilegeToken

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

Modifies data under HKEY_USERS

MITRE ATT&CK Matrix V13

Initial Access
TA0001
Execution
TA0002
Persistence
TA0003
Privilege Escalation
TA0004
Defense Evasion
TA0005
Credential Access
TA0006
Discovery
TA0007
Query Registry
T1012
System Information Discovery
T1082
Lateral Movement
TA0008
Collection
TA0009
Exfiltration
TA0010
Command and Control
TA0011
Web Service
T1102
Impact
TA0040
Resource Development
TA0042
Reconnaissance
TA0043

Analysis: static1

Detonation Overview

Reported

2024-05-23 14:53

Signatures

Discordrat family

discordrat

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-23 14:53

Reported

2024-05-23 14:54

Platform

win7-20240419-en

Max time kernel

0s

Max time network

1s

Command Line

"C:\Users\Admin\AppData\Local\Temp\Client-built.exe"

Signatures

Discord RAT

stealer rootkit rat persistence discordrat

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2392 wrote to memory of 2320 N/A C:\Users\Admin\AppData\Local\Temp\Client-built.exe C:\Windows\system32\WerFault.exe
PID 2392 wrote to memory of 2320 N/A C:\Users\Admin\AppData\Local\Temp\Client-built.exe C:\Windows\system32\WerFault.exe
PID 2392 wrote to memory of 2320 N/A C:\Users\Admin\AppData\Local\Temp\Client-built.exe C:\Windows\system32\WerFault.exe

Processes

C:\Users\Admin\AppData\Local\Temp\Client-built.exe

"C:\Users\Admin\AppData\Local\Temp\Client-built.exe"

C:\Windows\system32\WerFault.exe

C:\Windows\system32\WerFault.exe -u -p 2392 -s 596

Network

N/A

Files

memory/2392-0-0x000007FEF5643000-0x000007FEF5644000-memory.dmp

memory/2392-1-0x000000013FE80000-0x000000013FE98000-memory.dmp

memory/2392-2-0x000007FEF5640000-0x000007FEF602C000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-23 14:53

Reported

2024-05-23 14:56

Platform

win10v2004-20240426-en

Max time kernel

150s

Max time network

153s

Command Line

"C:\Users\Admin\AppData\Local\Temp\Client-built.exe"

Signatures

Discord RAT

stealer rootkit rat persistence discordrat

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133609496628399447" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4018855536-2201274732-320770143-1000\{D2F59B68-D9D3-46F3-9847-4D6593A351B0} C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\Client-built.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4504 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4504 wrote to memory of 3952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Users\Admin\AppData\Local\Temp\Client-built.exe

"C:\Users\Admin\AppData\Local\Temp\Client-built.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe7141ab58,0x7ffe7141ab68,0x7ffe7141ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1680 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2236 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2976 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3080 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3592 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4460 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4508 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4796 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4484 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4872 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4560 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4932 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --reenable-autoupdates --system-level

C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x238,0x23c,0x240,0x214,0x244,0x7ff7f110ae48,0x7ff7f110ae58,0x7ff7f110ae68

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4140 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3384 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3260 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3952 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5036 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5408 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5460 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5548 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5672 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5824 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5996 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5992 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=5452 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=4528 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=3468 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=6628 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=6880 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=6948 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=7152 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=4796 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=5044 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=3436 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=6396 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=5444 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=6068 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=5632 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=2300 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=1856 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=7416 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=6380 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=7164 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=7724 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=4228 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x50c 0x508

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2684 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=8044 --field-trial-handle=1876,i,14580228442727107149,3660960791725469919,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 gateway.discord.gg udp
US 162.159.136.234:443 gateway.discord.gg tcp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 discord.com udp
US 162.159.138.232:443 discord.com tcp
US 8.8.8.8:53 g.bing.com udp
US 8.8.8.8:53 geolocation-db.com udp
US 8.8.8.8:53 234.136.159.162.in-addr.arpa udp
US 8.8.8.8:53 232.138.159.162.in-addr.arpa udp
US 8.8.8.8:53 249.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 140.32.126.40.in-addr.arpa udp
DE 159.89.102.253:443 geolocation-db.com tcp
US 204.79.197.237:443 g.bing.com tcp
US 162.159.138.232:443 discord.com tcp
BE 88.221.83.194:443 www.bing.com tcp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 253.102.89.159.in-addr.arpa udp
US 8.8.8.8:53 194.83.221.88.in-addr.arpa udp
BE 88.221.83.194:443 www.bing.com tcp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
GB 142.250.179.238:443 play.google.com tcp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.187.238:443 clients2.google.com udp
N/A 224.0.0.251:5353 udp
GB 142.250.187.238:443 clients2.google.com tcp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
GB 142.250.179.238:443 play.google.com udp
US 162.159.138.232:443 discord.com tcp
US 162.159.138.232:443 discord.com tcp
US 8.8.8.8:53 consent.google.com udp
GB 142.250.187.238:443 consent.google.com tcp
US 8.8.8.8:53 support.discord.com udp
US 162.159.136.232:443 support.discord.com tcp
US 162.159.136.232:443 support.discord.com tcp
US 8.8.8.8:53 static.zdassets.com udp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 104.18.72.113:443 static.zdassets.com tcp
US 104.19.177.52:443 cdn.cookielaw.org tcp
US 104.19.177.52:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 theme.zdassets.com udp
US 104.18.72.113:443 theme.zdassets.com tcp
US 104.18.72.113:443 theme.zdassets.com tcp
US 8.8.8.8:53 52.177.19.104.in-addr.arpa udp
US 8.8.8.8:53 232.136.159.162.in-addr.arpa udp
US 8.8.8.8:53 hammerandchisel.zendesk.com udp
US 8.8.8.8:53 lh5.googleusercontent.com udp
US 104.19.177.52:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 lh6.googleusercontent.com udp
US 8.8.8.8:53 lh4.googleusercontent.com udp
US 104.18.72.113:443 theme.zdassets.com tcp
GB 172.217.16.225:443 lh4.googleusercontent.com udp
US 8.8.8.8:53 status.discord.com udp
US 104.16.51.111:443 hammerandchisel.zendesk.com tcp
US 8.8.8.8:53 www.youtube-nocookie.com udp
GB 172.217.16.225:443 lh4.googleusercontent.com udp
GB 172.217.16.225:443 lh4.googleusercontent.com udp
US 162.159.136.232:443 status.discord.com tcp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 172.64.155.119:443 geolocation.onetrust.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
GB 142.250.179.246:443 i.ytimg.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
US 8.8.8.8:53 113.72.18.104.in-addr.arpa udp
GB 142.250.180.1:443 yt3.ggpht.com tcp
US 8.8.8.8:53 225.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 104.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 111.51.16.104.in-addr.arpa udp
US 8.8.8.8:53 119.155.64.172.in-addr.arpa udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 246.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 ekr.zdassets.com udp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
US 104.16.51.111:443 hammerandchisel.zendesk.com tcp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
US 8.8.8.8:53 temp-mail.org udp
US 104.26.7.95:443 temp-mail.org tcp
US 104.26.7.95:443 temp-mail.org tcp
US 8.8.8.8:53 web2.temp-mail.org udp
US 104.26.7.95:443 web2.temp-mail.org tcp
US 8.8.8.8:53 cdn.paddle.com udp
US 172.66.43.196:443 cdn.paddle.com tcp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 cdn4.buysellads.net udp
GB 159.65.211.77:443 cdn4.buysellads.net tcp
US 8.8.8.8:53 95.7.26.104.in-addr.arpa udp
US 8.8.8.8:53 196.43.66.172.in-addr.arpa udp
US 8.8.8.8:53 73.79.16.104.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 77.211.65.159.in-addr.arpa udp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 172.67.41.60:443 btloader.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 c.amazon-adsystem.com udp
PL 18.244.149.66:443 c.amazon-adsystem.com tcp
GB 142.250.179.238:443 www.youtube-nocookie.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 api.btloader.com udp
US 130.211.23.194:443 api.btloader.com tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 ad-delivery.net udp
PL 18.244.149.66:443 c.amazon-adsystem.com tcp
BE 74.125.71.155:443 stats.g.doubleclick.net tcp
US 104.26.2.70:443 ad-delivery.net tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 srv.buysellads.com udp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 prebid.media.net udp
US 152.42.150.143:443 srv.buysellads.com tcp
US 8.8.8.8:53 pbjs.e-planning.net udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 8.8.8.8:53 mp.4dex.io udp
US 8.8.8.8:53 bidder.criteo.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 34.120.63.153:443 prebid.media.net tcp
US 8.8.8.8:53 prg.smartadserver.com udp
DE 37.252.171.85:443 ib.adnxs.com tcp
US 8.8.8.8:53 rt.marphezis.com udp
NL 193.3.178.3:443 pbjs.e-planning.net tcp
PL 18.244.102.59:443 hb.yellowblue.io tcp
US 8.8.8.8:53 60.41.67.172.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 66.149.244.18.in-addr.arpa udp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 8.8.8.8:53 155.71.125.74.in-addr.arpa udp
US 8.8.8.8:53 194.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 70.2.26.104.in-addr.arpa udp
US 8.8.8.8:53 98.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 6.200.250.142.in-addr.arpa udp
DE 51.75.86.98:443 onetag-sys.com tcp
DE 18.157.230.4:443 tlx.3lift.com tcp
US 172.64.153.78:443 mp.4dex.io tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 178.128.135.204:443 rt.marphezis.com tcp
FR 178.32.197.48:443 prg.smartadserver.com tcp
FR 178.32.197.48:443 prg.smartadserver.com tcp
FR 178.32.197.48:443 prg.smartadserver.com tcp
FR 178.32.197.48:443 prg.smartadserver.com tcp
FR 178.32.197.48:443 prg.smartadserver.com tcp
FR 178.32.197.48:443 prg.smartadserver.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
PL 18.244.148.36:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
US 130.211.23.194:443 api.btloader.com udp
PL 18.66.233.117:443 config.aps.amazon-adsystem.com tcp
NL 23.218.48.210:443 secure.cdn.fastclick.net tcp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 178.128.135.204:443 rt.marphezis.com tcp
PL 18.244.146.21:443 tags.crwdcntrl.net tcp
US 8.8.8.8:53 cdn.hadronid.net udp
US 104.22.53.173:443 cdn.hadronid.net tcp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 104.22.52.86:443 cdn.id5-sync.com tcp
US 8.8.8.8:53 script.4dex.io udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 104.26.9.169:443 script.4dex.io tcp
IE 63.33.74.9:443 bcp.crwdcntrl.net tcp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 172.67.23.234:443 id.hadron.ad.gt tcp
US 8.8.8.8:53 c.4dex.io udp
US 35.241.34.106:443 c.4dex.io tcp
US 35.241.34.106:443 c.4dex.io tcp
US 35.241.34.106:443 c.4dex.io tcp
US 35.241.34.106:443 c.4dex.io tcp
US 35.241.34.106:443 c.4dex.io tcp
US 35.241.34.106:443 c.4dex.io tcp
US 8.8.8.8:53 cadmus.script.ac udp
US 104.26.9.169:443 script.4dex.io tcp
US 104.18.22.145:443 cadmus.script.ac tcp
US 8.8.8.8:53 143.150.42.152.in-addr.arpa udp
US 8.8.8.8:53 85.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 153.63.120.34.in-addr.arpa udp
US 8.8.8.8:53 139.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 3.178.3.193.in-addr.arpa udp
US 8.8.8.8:53 78.153.64.172.in-addr.arpa udp
US 8.8.8.8:53 59.102.244.18.in-addr.arpa udp
US 8.8.8.8:53 98.86.75.51.in-addr.arpa udp
US 8.8.8.8:53 151.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 8.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 4.230.157.18.in-addr.arpa udp
US 8.8.8.8:53 48.197.32.178.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 36.148.244.18.in-addr.arpa udp
US 8.8.8.8:53 117.233.66.18.in-addr.arpa udp
US 8.8.8.8:53 210.48.218.23.in-addr.arpa udp
US 8.8.8.8:53 173.53.22.104.in-addr.arpa udp
US 8.8.8.8:53 21.146.244.18.in-addr.arpa udp
US 8.8.8.8:53 86.52.22.104.in-addr.arpa udp
US 8.8.8.8:53 169.9.26.104.in-addr.arpa udp
US 8.8.8.8:53 9.74.33.63.in-addr.arpa udp
US 8.8.8.8:53 234.23.67.172.in-addr.arpa udp
US 8.8.8.8:53 106.34.241.35.in-addr.arpa udp
US 8.8.8.8:53 145.22.18.104.in-addr.arpa udp
US 8.8.8.8:53 discord.com udp
US 8.8.8.8:53 a.ad.gt udp
US 162.159.128.233:443 discord.com tcp
US 162.159.128.233:443 discord.com tcp
US 104.22.5.69:443 a.ad.gt tcp
US 8.8.8.8:53 assets-global.website-files.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 global.localizecdn.com udp
US 162.159.128.233:443 discord.com udp
GB 172.217.169.10:443 ajax.googleapis.com tcp
GB 172.217.169.10:443 ajax.googleapis.com tcp
PL 18.244.102.122:443 assets-global.website-files.com tcp
US 104.18.4.175:443 global.localizecdn.com tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 d3e54v103j8qbb.cloudfront.net udp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
PL 18.244.96.92:443 d3e54v103j8qbb.cloudfront.net tcp
US 178.128.135.204:443 rt.marphezis.com tcp
US 178.128.135.204:443 rt.marphezis.com tcp
US 8.8.8.8:53 25ae8b8993e2ecc32bf4e4ebde12989a.safeframe.googlesyndication.com udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
GB 172.217.169.65:443 25ae8b8993e2ecc32bf4e4ebde12989a.safeframe.googlesyndication.com tcp
DE 162.19.138.83:443 lb.eu-1-id5-sync.com tcp
US 35.241.34.106:443 c.4dex.io udp
US 178.128.135.204:443 rt.marphezis.com tcp
US 8.8.8.8:53 233.128.159.162.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 204.135.128.178.in-addr.arpa udp
US 8.8.8.8:53 10.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 175.4.18.104.in-addr.arpa udp
US 8.8.8.8:53 122.102.244.18.in-addr.arpa udp
US 8.8.8.8:53 92.96.244.18.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 82.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 65.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 83.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 secure.adnxs.com udp
NL 185.89.210.82:443 secure.adnxs.com tcp
US 8.8.8.8:53 gum.criteo.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 82.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 qsearch-a.akamaihd.net udp
US 8.8.8.8:53 warp.media.net udp
US 8.8.8.8:53 hblg.media.net udp
BE 2.21.16.25:443 contextual.media.net tcp
GB 2.21.188.27:443 hblg.media.net tcp
GB 2.21.188.27:443 hblg.media.net tcp
GB 2.21.188.27:443 hblg.media.net tcp
DE 23.48.23.169:443 qsearch-a.akamaihd.net tcp
DE 23.48.23.169:443 qsearch-a.akamaihd.net tcp
DE 23.48.23.169:443 qsearch-a.akamaihd.net tcp
GB 2.21.188.27:443 hblg.media.net tcp
GB 2.21.188.27:443 hblg.media.net tcp
DE 23.48.23.169:443 qsearch-a.akamaihd.net tcp
BE 2.21.16.25:443 contextual.media.net udp
US 8.8.8.8:53 lg3.media.net udp
US 8.8.8.8:53 media.net udp
US 8.8.8.8:53 mybestsearches.com udp
US 8.8.8.8:53 25.16.21.2.in-addr.arpa udp
US 8.8.8.8:53 27.188.21.2.in-addr.arpa udp
US 8.8.8.8:53 169.23.48.23.in-addr.arpa udp
GB 2.21.188.27:443 lg3.media.net udp
US 34.111.64.196:443 mybestsearches.com tcp
US 8.8.8.8:53 uploads-ssl.webflow.com udp
PL 18.244.102.127:443 uploads-ssl.webflow.com tcp
PL 18.244.102.127:443 uploads-ssl.webflow.com tcp
PL 18.244.102.127:443 uploads-ssl.webflow.com tcp
US 8.8.8.8:53 visitor.omnitagjs.com udp
DE 51.75.86.98:443 onetag-sys.com udp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 8.8.8.8:53 eb2.3lift.com udp
US 8.8.8.8:53 ads.pubmatic.com udp
BE 2.21.18.175:443 eus.rubiconproject.com tcp
US 151.101.1.108:443 acdn.adnxs.com tcp
US 13.248.245.213:443 eb2.3lift.com tcp
GB 2.21.188.239:443 ads.pubmatic.com tcp
FR 185.255.84.152:443 visitor.omnitagjs.com tcp
US 8.8.8.8:53 196.64.111.34.in-addr.arpa udp
US 8.8.8.8:53 127.102.244.18.in-addr.arpa udp
US 8.8.8.8:53 108.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 175.18.21.2.in-addr.arpa udp
US 8.8.8.8:53 213.245.248.13.in-addr.arpa udp
US 8.8.8.8:53 152.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 239.188.21.2.in-addr.arpa udp
US 8.8.8.8:53 dis.criteo.com udp
US 8.8.8.8:53 creativecdn.com udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 api-2-0.spot.im udp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 8.8.8.8:53 image8.pubmatic.com udp
IE 34.255.48.153:443 match.prod.bidr.io tcp
PL 18.244.102.46:443 api-2-0.spot.im tcp
NL 185.184.8.90:443 creativecdn.com tcp
US 52.223.40.198:443 match.adsrvr.org tcp
NL 46.228.174.117:443 sync.1rx.io tcp
NL 178.250.1.9:443 dis.criteo.com tcp
GB 185.64.190.79:443 image8.pubmatic.com tcp
US 64.74.236.255:443 b1sync.zemanta.com tcp
US 64.74.236.255:443 b1sync.zemanta.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.8.8.8:53 gum.aidemsrv.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 104.17.44.93:443 gum.aidemsrv.com tcp
US 8.8.8.8:53 cs.admanmedia.com udp
US 52.86.155.245:443 sync.srv.stackadapt.com tcp
IE 52.18.191.35:443 ap.lijit.com tcp
US 80.77.87.163:443 cs.admanmedia.com tcp
US 8.8.8.8:53 image6.pubmatic.com udp
GB 185.64.190.78:443 image6.pubmatic.com tcp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 54.208.222.196:443 cs-server-s2s.yellowblue.io tcp
US 8.8.8.8:53 jadserve.postrelease.com udp
US 67.202.105.23:443 ssc-cms.33across.com tcp
IE 54.74.38.144:443 jadserve.postrelease.com tcp
US 8.8.8.8:53 player.aniview.com udp
US 8.8.8.8:53 token.rubiconproject.com udp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
DE 23.50.131.82:443 player.aniview.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
BE 104.68.78.171:443 secure-assets.rubiconproject.com tcp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
NL 81.17.55.122:443 ssbsync.smartadserver.com tcp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
DE 3.123.208.101:443 rtb.mfadsrvr.com tcp
US 8.8.8.8:53 bttrack.com udp
US 8.8.8.8:53 id.rlcdn.com udp
US 192.132.33.67:443 bttrack.com tcp
US 35.244.174.68:443 id.rlcdn.com tcp
US 8.8.8.8:53 153.48.255.34.in-addr.arpa udp
US 8.8.8.8:53 198.40.223.52.in-addr.arpa udp
US 8.8.8.8:53 79.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 46.102.244.18.in-addr.arpa udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 255.236.74.64.in-addr.arpa udp
US 8.8.8.8:53 93.44.17.104.in-addr.arpa udp
US 8.8.8.8:53 35.191.18.52.in-addr.arpa udp
US 8.8.8.8:53 163.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 245.155.86.52.in-addr.arpa udp
US 8.8.8.8:53 78.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 196.222.208.54.in-addr.arpa udp
US 8.8.8.8:53 144.38.74.54.in-addr.arpa udp
US 8.8.8.8:53 23.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 82.131.50.23.in-addr.arpa udp
US 8.8.8.8:53 122.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 171.78.68.104.in-addr.arpa udp
US 8.8.8.8:53 101.208.123.3.in-addr.arpa udp
US 8.8.8.8:53 sync.aniview.com udp
US 96.46.186.182:443 sync.aniview.com tcp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 8.8.8.8:53 sync.crwdcntrl.net udp
US 8.8.8.8:53 pixel.tapad.com udp
US 34.111.113.62:443 pixel.tapad.com tcp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 67.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 182.186.46.96.in-addr.arpa udp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 62.113.111.34.in-addr.arpa udp
US 8.8.8.8:53 0.204.248.87.in-addr.arpa udp
US 8.8.8.8:53 hcaptcha.com udp
US 104.19.229.21:443 hcaptcha.com tcp
US 8.8.8.8:53 newassets.hcaptcha.com udp
US 104.19.229.21:443 newassets.hcaptcha.com udp
US 8.8.8.8:53 api.hcaptcha.com udp
US 8.8.8.8:53 21.229.19.104.in-addr.arpa udp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
US 8.8.8.8:53 imgs3.hcaptcha.com udp
US 104.19.229.21:443 imgs3.hcaptcha.com tcp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 192.178.49.195:443 beacons.gcp.gvt2.com tcp
US 104.19.229.21:443 imgs3.hcaptcha.com udp
US 8.8.8.8:53 195.49.178.192.in-addr.arpa udp
GB 172.217.169.10:443 ajax.googleapis.com udp
US 104.18.4.175:443 global.localizecdn.com udp
PL 18.244.102.127:443 uploads-ssl.webflow.com tcp
US 8.8.8.8:53 gateway.discord.gg udp
US 162.159.134.234:443 gateway.discord.gg tcp
US 8.8.8.8:53 234.134.159.162.in-addr.arpa udp
US 162.159.136.232:443 discord.com udp
US 8.8.8.8:53 cdn.discordapp.com udp
US 162.159.134.233:443 cdn.discordapp.com tcp
US 162.159.134.233:443 cdn.discordapp.com udp
US 8.8.8.8:53 233.134.159.162.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 192.178.49.195:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 uploads-ssl.webflow.com udp
US 8.8.8.8:53 d3e54v103j8qbb.cloudfront.net udp
PL 18.244.96.115:443 d3e54v103j8qbb.cloudfront.net tcp
US 162.159.134.234:443 gateway.discord.gg tcp
US 8.8.8.8:53 115.96.244.18.in-addr.arpa udp
US 8.8.8.8:53 remote-auth-gateway.discord.gg udp
US 162.159.135.234:443 remote-auth-gateway.discord.gg tcp
US 8.8.8.8:53 234.135.159.162.in-addr.arpa udp
US 8.8.8.8:53 13.173.189.20.in-addr.arpa udp

Files

memory/4956-0-0x00000262FFF60000-0x00000262FFF78000-memory.dmp

memory/4956-1-0x00007FFE778F3000-0x00007FFE778F5000-memory.dmp

memory/4956-2-0x00000263001D0000-0x0000026300392000-memory.dmp

memory/4956-3-0x00007FFE778F0000-0x00007FFE783B1000-memory.dmp

memory/4956-4-0x000002629ACA0000-0x000002629B1C8000-memory.dmp

memory/4956-5-0x00007FFE778F3000-0x00007FFE778F5000-memory.dmp

memory/4956-6-0x00007FFE778F0000-0x00007FFE783B1000-memory.dmp

\??\pipe\crashpad_4504_ALDOZSZJNLDYKAQH

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 fb300153f1d573d466b7b31eb4f8cc4a
SHA1 d975508acb7f1ddec292bb7eab1f6d932c897ddf
SHA256 45e6df5720e0a716c0f7a992410585c20e99b2794dbe0a32b7c51b9e657bd947
SHA512 3549f505c857083468238c97d1eb80b2b13bea063b1df86b9126bc8e70bdfabf0658680fe170fbaf07b67aefc8d7a80648188954c80da78930afae6ada5170e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4a8d8c09806f6ed6f47187388d37725b
SHA1 51c3fadeea61d96e2f6f033e864ef1e5dd704c7e
SHA256 4ed2226bc59ce5abb2f2e4cf8e9d1f1ec27f08ad7229a4e8b84c192cd7d152af
SHA512 0b6fb4af9606001d3df942080e54668fe9ebaef6650b396aab16eec5628b87231db47cf6c3c06230c940b2a625293ea649e8faafc401e51028f66181849b771e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 772c00c68e05fffc2e4189edcc8bd4fa
SHA1 35fa10f2ccefd84688ea500fbd24d40563230af5
SHA256 9f0c9d8e8f42cead4451813d1f2b328816960d6812ff9ca9996db28ea283bd95
SHA512 69913c95c91c1b742362edbe19247f6f3748484258456bb7c5eac01c3897f17493b23dabfba054e7ed209e9a2c24ccaf1884a7f5be038a952b0d1a5e3a4a571e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\73178285-e155-4e3f-842d-79f9e72180e7.tmp

MD5 c0a067ae4d059981818d99e29bc3716d
SHA1 0ae7d4378d2f8d9e95ece42c01259d7574c85673
SHA256 30acd247f574492d7adcabd63cf99120fcdb52e570031a6de053d673c0d611f1
SHA512 4fe9adcbf0b564ff0a2c903069017075451c7ddf2515ae9eebf7715fb13c636fdb5b05f17b1f0a81168b1e82f4dba3b8fa6ab34ff3c0de5270bdea81f845b58d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 64435100be6b5f9ede0091aefda66be0
SHA1 150fddffa8c861d2e5f517f152b2bd617ff28c51
SHA256 76ca16035176cd4edcc5924a794c56125fb6dadb527e1390aa6fa89e02d16060
SHA512 4cb3482dd3fd768f534c19b44936bb7b1349f830e6c0bfbd400832940f950c556b7c183c76e5c22071d41e47f1a9e1eabeb818852287d110a930eb1d3f05f9c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 91fa5886cb64e6553fed84e4883b3774
SHA1 53b7929bf9dfc20b7225c0be655a0cabe3b7d0bd
SHA256 60a3c79c8b1bf2429fee0d05d369095963da68e24c22c6139ab1c5875292dd55
SHA512 459c96fcc22caeb9d04f7831f0761f649c1e3407cd3993070f69573690c796a695047af502dbbc1a630f504a2ce899490c33448913508a4a7f46d806485ad2e1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\32cadb2b6d359d069dd3f3d132c212a43d223701\index.txt

MD5 87bd13eedc7b01a1f71192392a44a812
SHA1 b14c0dd59aceb96c9ba8f602df2bc489f60049f9
SHA256 bf94bfe69e25738996d13974073c7f1e5d0fb2959bd8a954eedf7a8a850c0542
SHA512 ced2d7bdb1b2eec86b8b0a9efef4f167d1789f85823f3407bd93535f34a5c38c1e781b1725b62c81f60b75cc5afa3e6fd38fe39defecbe0c45e42da164f1352f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\32cadb2b6d359d069dd3f3d132c212a43d223701\index.txt~RFe581bb1.TMP

MD5 5c2179b4ff936eab3d1bf7373e8499e6
SHA1 bca25b37e53a8152de9c5db85631fb5a75a32250
SHA256 ddcdd73a8f3373de6481ba0a590e7097a4b08425576cd03cca337776e6a18159
SHA512 c3cda6aeb8aa473aa72774be7145678b296e20ed8f531b65000caa25c173a7732b504ba27dfcd24cd19467ae6386262884e99f1fe3a388694aec20ce1af7a2e7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 86472f3dcbfac6a5b22b47e3b409ce6c
SHA1 7992a831206d6a75c0885ca2eef0a14b30488068
SHA256 b27e06a3bf0aa74a4c80285bdee9a31e8fe8900abc1be96ea7aadb42dec0c869
SHA512 1e761f02532581248e679b04fc778d0e4d43fa3bf7de83e5540e39a82a2f59c3dac5d80478b49b656e4f91cbe477d503ebfa6340a729f748a4550796f05c8c0e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 da3d3e19bda072b7c87a9d901381390d
SHA1 630964bfbb83c0f56b143d9f4515c2b6f3131730
SHA256 95ac718ca7a46fba20291416f0e88f22a46e5274b2a7ffe145dd9416fbb74eb5
SHA512 4ae9e051bc722c049e263d161a0f812b0256fb6caea2a23b7c1e78db8bd2f224b414d71756da61a39ac42316fabd776c3cfaf2aeeeb314ab5e46588fa14f8eb5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000051

MD5 d84862513956cbe61aeb4ebbfdd3355a
SHA1 14ab269df17cb0333b1556ce120d587324479f6b
SHA256 a18b26912ab9e034923cc64fbfdb59d682500f2c556456930e480b6bd69e33b5
SHA512 d04ca96d72595f1e291a6ce96f092c1707064800103cde733512a186c1b22e089b63690a0c53965c97248dd782731b22fa2d27b8ee3ae112647382f1c06d1a9d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ca3702436e65ee9a6a4d3fe839c79b0e
SHA1 11321b7f7faf9f9796a6e3df57df5bc57200fc25
SHA256 ea9493d8d8672a39311c7c760abd8b348cab329fcbb94a530b9d702bc5e17573
SHA512 7651b8ff416525f87f381d39c770a9e04e92d4a89467650e6a76110637172ceae346170f818c5626f74c66b2a6964ff8f83cb30cd4e291f1c4e5c7b04ae12cbb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe584716.TMP

MD5 2ef365b8f5dae097cc6ace37ac7d624a
SHA1 b56381be2e081ba6ee0a142f0a4ef02f77209eec
SHA256 897de9d739ed8f6a58acec9fa4ab51c3f6a4199bd8dc28fe859b953c577c1130
SHA512 3867a455f9bfb2268eb8df29edd73f953c420cdef1354307e1fd9bff36429e9a7ce3cc6149d84a941232160357028f6687de059d2519d2ab566e4073412077aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 d6c9e11797312ff854cdc1b330bb8319
SHA1 ccad8ef81e5c07c7386bb3d2e03013b65458fc44
SHA256 bce5e20c22b7f13c242bb0c8421e81240c57d450a417af92ff426018d85b6ffe
SHA512 585ae2ba2ecad0c3343b578235f78a33736d1c1fef1e638970f1e279d8205a534715b178c1ba43e0c76eb9a6827cac342ca3249f3adf02e03fe50329c4ee4e1b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 112395653089c4f5fbe23a25898b58a2
SHA1 de276b42e957ffc8217d68e85b696fcbb458630c
SHA256 af79f77c0d2aa6bd9e67fb642abad5d5f2e28936adceef8fa0485619e13e9a18
SHA512 50b0607c27ec02fd7dcff8c65c1254d8abd351d757490bfd9f9ef15c639658fe05d9832cb6f9edad75858d19662576df90b3cea47ab4dbfb12f5062ddbddf14c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 21efec7ee5782adee92bf37031124c4b
SHA1 85f6996a19be50d000870b8aabef3ec5278dd331
SHA256 e940bafcede3ffe1807d2367a9941510e576b4b8b0441c9b074058af8266d55b
SHA512 cb719d4947a64e987258ae7d6e996993917ee829718ead1be9c1feaa50d28d961306993418a7671f1eeb94c62f379a27d809743c39059af4265225f7dea995e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 61dfb5aad3582deedd11f543fe516100
SHA1 d4dd0a00b28cb5ceb3dbbdfaab2814a83eccc74e
SHA256 298097c5208c170963e060995c6e646bc19c6185e14e22681f4854f0bb963ce3
SHA512 2d460f7cadf25b4cd7903d7ac1ee79480ee8da45ad16e0a3d5ecd0c3501fd7ce2490ac62f7d7bcd6c4a42ec3fad2af32fc4e0689185021ff5664b6c0d1144c7d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9727a3f53afec304f78ec5b4057f70d1
SHA1 791e9d7f3243761405a0a5e724614ee7b817ae16
SHA256 d7665ee71d692d4ba40cfeb21a0b6ebe2626b9b82aa1808953220b7d006ed929
SHA512 797fe3913c0d12394da4759c0f3d65c9bb399812f43e1d94152612cdd968297b872db28cbae265747ffb5ab06470b7a97118282126376218759444f7e6aaa8e7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c5662f35f28528c76e94be876fd598cc
SHA1 8c3ae9490d43a357b042a7a341bc4907b16d4447
SHA256 61ee87d05e40d6c6ca75201cf4b5f5de8fba9edb5b85d70afb2b34e36e0a5c64
SHA512 194d0aacacc55738885fb29c6cd604bbeb8a1074ce8b044c2d538395ceacc54eb9f79b779989452daef8edd4d8fe65a48fc65cdcb89c7d775d17b57b01321e28

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9be31c19cc280db6ab11b723863ddc71
SHA1 a4e5f0331f85e1a1124dd83f448ecda30554f456
SHA256 b89ce583e7b212de84659eb2d2e391c493c96a3d901efa8e26426d60e9a13656
SHA512 798be880c825b42e38f96e2975fc3056495ca59cc4888d99834309d198526681d03aedcaa5f5ee752d5c017f3478058c97ba751bbd8cb68cc2b5d7b4d3118a4f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 da2b110366b91834718ea64cf4c9d89b
SHA1 87a6848539623ea12afe00791a25543db755c9e2
SHA256 48717d129997b01a2a08cfa7593a95093d1e8701e4e60d7938f8e6fb6dff4b5b
SHA512 6efa95407a2038d34443ddca38bf6b26ac05f095505028235bc71342bb6f45edfa28745301a50bfa3bb707a604545765c793bcdbd8e77623ad727bf06895d924

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e9a2b00a69e4150262f3d9d6047d65fb
SHA1 838a9aa9d7d4af7eab8f03b27720e64efc943c4a
SHA256 74b4ffc4c5530d566ee234dcea949407128772cd4ae6b4e26128fa2e91758138
SHA512 ea5f986a37b301b7b77b82ab7ca19571cabeda7cd58bfc676c7ea06d8cbedbf4ab61536114ef831d8c8d8174130a7203e1fe0926fcf9897800fc0777bcd508d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0c8a8e74b805ce55d32d0dac136bf6d9
SHA1 dc2c4fdd7404be2cb698c683955bada83e606043
SHA256 0df7403cfd4ff815b8e98d226585cba802980a279b24a9f035b5bdb9bd698c21
SHA512 594251ddbef20e54675de9c3883a79aac7912f4982be7fbf72fb7795bdb0462e7251beb9e10b371fe56931ed992333a0516a5a91a0cce8559180949b90b69093

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9010d82f0dbb17700fa567789dc3f9f6
SHA1 896789b03cbe08a7b267f421ca783b4ab7a91214
SHA256 84c3a24ec3b82127906698f1c7135c8ba312b0fbc8a50f3f36feab9f626de903
SHA512 f6b01a1c59bb490831ec16b316346b1e74071d70bf2f4d9e542922f8e2bc16b06bded9854ef1a0fd1b925a31175b5153ed428be32243af889a6f8b6318149d95

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 886250f258411f170c73ae9efa3c1397
SHA1 572471f66cb560bc69968b0892840e993118c281
SHA256 9511882f262a0429e04b838164afc11953e1c19cc8a7366f67d6d490c9edcbc4
SHA512 c998a5e5c880d225a8b06df742e375c91ae0b962712d554cc57199c5485e3405fb1e6bb21b1d2c353cbf69a5b2ee51effaa4ebff67cd3dd447826cee7d20e963

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 e1857c78de98797f1f1009aa11c5e616
SHA1 3857c214c514dd3cb4960c2bcc67e18a05998549
SHA256 7f21aa1fe4f54d607410d38758626ccb3e165cd838438aebf4cd8a27cbd53406
SHA512 78eb30e1c41bea56408a9618b356ac4e1607e9ed6e0d43029b0a1237d8fd698bfce0502d89f1b43e03c38973cf128fde003726f77ab46d6bde1f98d8781f852f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000073

MD5 852b0b2c2d8124eb0074ebcd068910b3
SHA1 d5725c2f174673a1a71d22d54e36c485cba702ba
SHA256 4bbe4f392079c9f4fea1a49a2fcfd9c67c2f55ed93e55db68ab050912855e06d
SHA512 5078fffab1191cd15220eb2d840cb7feb4bce697b11374a3a856f970496dffe3c01d1eccc8c06dafaae171274efbae052a89e4d57d9ff1149153269e31e71dfc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 89dff3e8aaf02f47bd308b8a6f83207a
SHA1 fc96ab0cbd9c064d9e4b7ce768131cd0962da195
SHA256 3c330a70a69c780d7598cffc8a8abfd6c3b67906b6859d216e389b00644de383
SHA512 77afd08a26d706ca6b5f4b02a87792bcec8bb73456c8f834332d369487a7abb0e25b12dc4a07760bf9206f04a6bd2a12e0b2f228b26f1ac00451255cdcd4c91b