Analysis Overview
Threat Level: Known bad
The file https://github.com/MalwareStudio was found to be: Known bad.
Malicious Activity Summary
Modifies WinLogon for persistence
Downloads MZ/PE file
Disables Task Manager via registry modification
Disables RegEdit via registry modification
Possible privilege escalation attempt
Checks computer location settings
Executes dropped EXE
Modifies file permissions
Legitimate hosting services abused for malware hosting/C2
Writes to the Master Boot Record (MBR)
Drops file in System32 directory
Drops file in Windows directory
Drops file in Program Files directory
Enumerates physical storage devices
Suspicious use of FindShellTrayWindow
Suspicious behavior: EnumeratesProcesses
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Modifies registry class
Modifies Internet Explorer settings
Suspicious behavior: MapViewOfSection
Uses Task Scheduler COM API
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SetWindowsHookEx
Modifies data under HKEY_USERS
Suspicious use of AdjustPrivilegeToken
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-05-23 16:18
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-23 16:18
Reported
2024-05-23 16:47
Platform
win10-20240404-en
Max time kernel
1298s
Max time network
1404s
Command Line
Signatures
Modifies WinLogon for persistence
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "satan" | C:\Users\Admin\Downloads\Clutt6.6.6.exe | N/A |
Disables RegEdit via registry modification
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools = "1" | C:\Users\Admin\Downloads\Clutt6.6.6.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools = "1" | C:\Users\Admin\Downloads\LogonFuck.exe | N/A |
Disables Task Manager via registry modification
Downloads MZ/PE file
Possible privilege escalation attempt
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
| N/A | N/A | C:\Windows\System32\takeown.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\LogonFuck.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\Clutt6.6.6.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\LogonFuck.exe | N/A |
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
| N/A | N/A | C:\Windows\System32\takeown.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\Downloads\Clutt6.6.6.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\System32\LogonUI.exe | C:\Users\Admin\Downloads\LogonFuck.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files\Temp\static_color.wav | C:\Users\Admin\Downloads\Clutt6.6.6.exe | N/A |
| File opened for modification | C:\Program Files\Temp\stretch.wav | C:\Users\Admin\Downloads\Clutt6.6.6.exe | N/A |
| File opened for modification | C:\Program Files\Temp\tunnel.wav | C:\Users\Admin\Downloads\Clutt6.6.6.exe | N/A |
| File opened for modification | C:\Program Files\Temp\wind_edit.wav | C:\Users\Admin\Downloads\Clutt6.6.6.exe | N/A |
| File opened for modification | C:\Program Files\Temp\mirror_snd.wav | C:\Users\Admin\Downloads\Clutt6.6.6.exe | N/A |
| File opened for modification | C:\Program Files\Temp\plg.wav | C:\Users\Admin\Downloads\Clutt6.6.6.exe | N/A |
| File opened for modification | C:\Program Files\Temp\wind_short.wav | C:\Users\Admin\Downloads\Clutt6.6.6.exe | N/A |
| File opened for modification | C:\Program Files\Temp\crossHD_small.ico | C:\Users\Admin\Downloads\Clutt6.6.6.exe | N/A |
| File opened for modification | C:\Program Files\Temp\clutterus_ico.ico | C:\Users\Admin\Downloads\Clutt6.6.6.exe | N/A |
| File opened for modification | C:\Program Files\Temp\invert_snd.wav | C:\Users\Admin\Downloads\Clutt6.6.6.exe | N/A |
| File opened for modification | C:\Program Files\Temp\rainbow_snd.wav | C:\Users\Admin\Downloads\Clutt6.6.6.exe | N/A |
| File opened for modification | C:\Program Files\Temp\wind_snd.wav | C:\Users\Admin\Downloads\Clutt6.6.6.exe | N/A |
| File opened for modification | C:\Program Files\Temp\crossHD_medium.ico | C:\Users\Admin\Downloads\Clutt6.6.6.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| File opened for modification | C:\Windows\Debug\ESE.TXT | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\system32\browser_broker.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133609550419682393" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionHigh = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\kaspersky.com\Total = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\SharedCookie_MRACMigrationDone = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DeviceId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DXFeatureLevel = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\ACGStatus\ACGPolicyState = "8" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus\DynamicCodePolicy = 05000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListDOSTime = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\SubSysId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionLow = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-DeviceId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\kaspersky.com\NumberOfSubdomai = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\Total\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 1d6cd59830adda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DomStorageState | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\SyncIEFirstTimeFullScan = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\AdapterInfo = "vendorId=\"0x1414\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.15063.0\"hypervisor=\"No Hypervisor (No SLAT)\"" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = ebe48c9930adda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Content\CachePrefix | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.kaspersky.com\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\Total\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI\IsSignedIn = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionLow = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DummyPath\dummySetting = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Revision = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\ACGStatus\DynamicCodePolicy = 05000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active\{1B38B42C-9CE4-4F38-A097-27133EB7AA77} = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\PrivacyAdvanced = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = a424049930adda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionHigh = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\JumpListInPrivateBrowsingAllowed = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus\ACGPolicyState = "8" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify. | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionHigh = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionLow = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DummyPath | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.kaspersky.com | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{A8A88C49-5EB2-4990-A1A2-0876022 = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VendorId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DomStorageState\EdpCleanupState = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\kaspersky.com\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\Total | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = c711a49e30adda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\History\CachePrefix = "Visited:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify. = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: MapViewOfSection
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/MalwareStudio
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffe434c9758,0x7ffe434c9768,0x7ffe434c9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1648 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1820 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2068 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2844 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2856 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5160 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5096 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5432 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5708 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4792 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3684 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2172 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6044 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6052 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4616 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5604 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=6036 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4592 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5748 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2044 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5596 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4784 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=4984 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6216 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6360 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=2588 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5048 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2348 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6608 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=5320 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=2880 --field-trial-handle=1840,i,1293911872547214075,7366854251523209064,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffe434c9758,0x7ffe434c9768,0x7ffe434c9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1608 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1996 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1352 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2972 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3112 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4444 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4436 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4756 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4668 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4992 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4960 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4576 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4924 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3680 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3764 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5132 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3c0
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5272 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5392 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5384 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5656 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5836 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5976 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5324 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=1992 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5496 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:2
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap3983:120:7zEvent5474
C:\Users\Admin\Downloads\Clutt6.6.6.exe
"C:\Users\Admin\Downloads\Clutt6.6.6.exe"
C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /k takeown /f C:\Windows\System32 && icacls C:\Windows\System32 /grant "%username%:F" && takeown /f C:\Windows\System32\drivers && icacls C:\Windows\System32\drivers /grant "%username%:F" && takeown /f C:\Windows\System32\Boot && icacls C:\Windows\System32\Boot /grant "%username%:F" && exit
C:\Windows\system32\takeown.exe
takeown /f C:\Windows\System32
C:\Windows\system32\icacls.exe
icacls C:\Windows\System32 /grant "Admin:F"
C:\Windows\system32\takeown.exe
takeown /f C:\Windows\System32\drivers
C:\Windows\system32\icacls.exe
icacls C:\Windows\System32\drivers /grant "Admin:F"
C:\Windows\system32\takeown.exe
takeown /f C:\Windows\System32\Boot
C:\Windows\system32\icacls.exe
icacls C:\Windows\System32\Boot /grant "Admin:F"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=5544 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5328 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=5188 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3028 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5092 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1460 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5752 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3916 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5096 --field-trial-handle=1768,i,14878858694603841200,4440465101029066297,131072 /prefetch:8
C:\Users\Admin\Downloads\LogonFuck.exe
"C:\Users\Admin\Downloads\LogonFuck.exe"
C:\Windows\System32\takeown.exe
"C:\Windows\System32\takeown.exe" /f C:\Windows\System32\LogonUI.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | 154.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.178.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.113.82.140.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.178.10:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 63.141.182.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.112.82.140.in-addr.arpa | udp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.187.238:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | tcp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.49.178.192.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | scratch.mit.edu | udp |
| US | 151.101.66.133:443 | scratch.mit.edu | tcp |
| US | 151.101.66.133:443 | scratch.mit.edu | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| BE | 2.17.107.235:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 133.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 235.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.scratch.mit.edu | udp |
| US | 151.101.2.133:443 | cdn.scratch.mit.edu | tcp |
| US | 151.101.2.133:443 | cdn.scratch.mit.edu | tcp |
| US | 151.101.2.133:443 | cdn.scratch.mit.edu | tcp |
| US | 151.101.2.133:443 | cdn.scratch.mit.edu | tcp |
| US | 151.101.2.133:443 | cdn.scratch.mit.edu | tcp |
| US | 151.101.2.133:443 | cdn.scratch.mit.edu | tcp |
| US | 8.8.8.8:53 | cdn2.scratch.mit.edu | udp |
| US | 8.8.8.8:53 | uploads.scratch.mit.edu | udp |
| US | 8.8.8.8:53 | 133.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 216.58.201.106:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | api.scratch.mit.edu | udp |
| US | 151.101.194.133:443 | api.scratch.mit.edu | tcp |
| US | 151.101.194.133:443 | api.scratch.mit.edu | tcp |
| US | 8.8.8.8:53 | 133.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | projects.scratch.mit.edu | udp |
| US | 8.8.8.8:53 | assets.scratch.mit.edu | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | udp |
| GB | 216.58.212.195:80 | www.gstatic.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | id.google.com | udp |
| IT | 142.251.209.3:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | 3.209.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 246.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 172.217.169.78:443 | www.youtube.com | tcp |
| GB | 216.58.212.246:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | 78.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | udp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 2.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | turbowarp.org | udp |
| US | 104.21.25.190:443 | turbowarp.org | tcp |
| US | 104.21.25.190:443 | turbowarp.org | tcp |
| US | 104.21.25.190:443 | turbowarp.org | udp |
| US | 8.8.8.8:53 | 190.25.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | trampoline.turbowarp.org | udp |
| US | 104.21.25.190:443 | trampoline.turbowarp.org | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 104.21.25.190:443 | trampoline.turbowarp.org | udp |
| US | 8.8.8.8:53 | ogs.google.com | udp |
| GB | 142.250.187.238:443 | ogs.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 151.101.66.133:443 | assets.scratch.mit.edu | tcp |
| US | 8.8.8.8:53 | cdn.scratch.mit.edu | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 151.101.194.133:443 | cdn.scratch.mit.edu | tcp |
| US | 8.8.8.8:53 | projects.scratch.mit.edu | udp |
| US | 8.8.8.8:53 | cdn2.scratch.mit.edu | udp |
| US | 151.101.2.133:443 | cdn2.scratch.mit.edu | tcp |
| US | 8.8.8.8:53 | uploads.scratch.mit.edu | udp |
| US | 8.8.8.8:53 | assets.scratch.mit.edu | udp |
| US | 104.21.25.190:443 | trampoline.turbowarp.org | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.178.14:443 | google.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons4.gvt2.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| US | 8.8.8.8:53 | 116.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.178.14:443 | google.com | udp |
| US | 8.8.8.8:53 | beacons2.gvt2.com | udp |
| US | 216.239.38.117:443 | beacons2.gvt2.com | tcp |
| US | 216.239.38.117:443 | beacons2.gvt2.com | udp |
| US | 8.8.8.8:53 | 117.38.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.212.246:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 21.114.82.140.in-addr.arpa | udp |
| US | 185.199.108.133:443 | user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | kaspersky.com | udp |
| DE | 185.85.15.34:443 | kaspersky.com | tcp |
| DE | 185.85.15.34:443 | kaspersky.com | tcp |
| US | 8.8.8.8:53 | www.kaspersky.com | udp |
| DE | 185.85.15.47:443 | www.kaspersky.com | tcp |
| DE | 185.85.15.47:443 | www.kaspersky.com | tcp |
| US | 8.8.8.8:53 | service.maxymiser.net | udp |
| BE | 88.221.83.218:443 | service.maxymiser.net | tcp |
| BE | 88.221.83.218:443 | service.maxymiser.net | tcp |
| US | 8.8.8.8:53 | sgtm.kaspersky.de | udp |
| US | 216.239.34.21:443 | sgtm.kaspersky.de | tcp |
| US | 216.239.34.21:443 | sgtm.kaspersky.de | tcp |
| US | 8.8.8.8:53 | 34.15.85.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.15.85.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content.kaspersky-labs.com | udp |
| US | 8.8.8.8:53 | media.kaspersky.com | udp |
| DE | 185.85.15.46:443 | content.kaspersky-labs.com | tcp |
| DE | 185.85.15.46:443 | content.kaspersky-labs.com | tcp |
| DE | 185.85.15.46:443 | content.kaspersky-labs.com | tcp |
| DE | 185.85.15.46:443 | content.kaspersky-labs.com | tcp |
| DE | 185.85.15.46:443 | content.kaspersky-labs.com | tcp |
| DE | 185.85.15.46:443 | content.kaspersky-labs.com | tcp |
| DE | 185.85.15.23:443 | media.kaspersky.com | tcp |
| DE | 185.85.15.23:443 | media.kaspersky.com | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| GB | 172.217.169.67:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| GB | 172.217.169.67:80 | o.pki.goog | tcp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| IE | 34.250.112.230:443 | dpm.demdex.net | tcp |
| IE | 34.250.112.230:443 | dpm.demdex.net | tcp |
| US | 8.8.8.8:53 | 46.15.85.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.15.85.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.112.250.34.in-addr.arpa | udp |
| DE | 185.85.15.47:443 | www.kaspersky.com | tcp |
| DE | 185.85.15.47:443 | www.kaspersky.com | tcp |
| US | 8.8.8.8:53 | api-router.kaspersky-labs.com | udp |
| DE | 185.85.15.46:443 | api-router.kaspersky-labs.com | tcp |
| DE | 185.85.15.46:443 | api-router.kaspersky-labs.com | tcp |
| US | 8.8.8.8:53 | kaspersky.demdex.net | udp |
| US | 8.8.8.8:53 | cm.everesttech.net | udp |
| US | 8.8.8.8:53 | otr.kaspersky.com | udp |
| IE | 66.235.152.221:443 | otr.kaspersky.com | tcp |
| IE | 66.235.152.221:443 | otr.kaspersky.com | tcp |
| IE | 52.18.219.127:443 | kaspersky.demdex.net | tcp |
| IE | 52.18.219.127:443 | kaspersky.demdex.net | tcp |
| IE | 63.34.17.39:443 | cm.everesttech.net | tcp |
| IE | 63.34.17.39:443 | cm.everesttech.net | tcp |
| US | 8.8.8.8:53 | 221.152.235.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.17.34.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.219.18.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ocsp.r2m03.amazontrust.com | udp |
| US | 8.8.8.8:53 | 211.19.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.15.225.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.159.165.18.in-addr.arpa | udp |
| PT | 13.225.9.161:80 | ocsp.r2m03.amazontrust.com | tcp |
| US | 8.8.8.8:53 | 161.9.225.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.norton.com | udp |
| GB | 2.21.188.35:443 | www.norton.com | tcp |
| GB | 2.21.188.35:443 | www.norton.com | tcp |
| US | 8.8.8.8:53 | 35.188.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | uk.norton.com | udp |
| CZ | 2.23.8.70:443 | uk.norton.com | tcp |
| CZ | 2.23.8.70:443 | uk.norton.com | tcp |
| US | 8.8.8.8:53 | assets.adobedtm.com | udp |
| US | 8.8.8.8:53 | ensighten.norton.com | udp |
| GB | 2.21.189.25:443 | assets.adobedtm.com | tcp |
| GB | 2.21.189.25:443 | assets.adobedtm.com | tcp |
| IE | 52.51.219.145:443 | ensighten.norton.com | tcp |
| IE | 52.51.219.145:443 | ensighten.norton.com | tcp |
| US | 8.8.8.8:53 | s.go-mpulse.net | udp |
| BE | 23.55.96.141:443 | s.go-mpulse.net | tcp |
| BE | 23.55.96.141:443 | s.go-mpulse.net | tcp |
| US | 8.8.8.8:53 | 70.8.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.219.51.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.96.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.nortonlifelock.com | udp |
| CZ | 2.23.8.70:443 | www.nortonlifelock.com | tcp |
| CZ | 2.23.8.70:443 | www.nortonlifelock.com | tcp |
| CZ | 2.23.8.70:443 | www.nortonlifelock.com | tcp |
| CZ | 2.23.8.70:443 | www.nortonlifelock.com | tcp |
| US | 8.8.8.8:53 | c.go-mpulse.net | udp |
| CZ | 2.23.8.155:443 | c.go-mpulse.net | tcp |
| CZ | 2.23.8.155:443 | c.go-mpulse.net | tcp |
| US | 8.8.8.8:53 | 155.8.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | symantec.tt.omtrdc.net | udp |
| IE | 66.235.152.225:443 | symantec.tt.omtrdc.net | tcp |
| IE | 66.235.152.225:443 | symantec.tt.omtrdc.net | tcp |
| US | 8.8.8.8:53 | 225.152.235.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | buy.norton.com | udp |
| CZ | 104.64.124.247:443 | buy.norton.com | tcp |
| CZ | 104.64.124.247:443 | buy.norton.com | tcp |
| US | 8.8.8.8:53 | trial-eum-clientnsv4-s.akamaihd.net | udp |
| US | 8.8.8.8:53 | trial-eum-clienttons-s.akamaihd.net | udp |
| BE | 2.17.107.194:443 | trial-eum-clientnsv4-s.akamaihd.net | tcp |
| BE | 2.17.107.194:443 | trial-eum-clientnsv4-s.akamaihd.net | tcp |
| BE | 2.17.107.16:443 | trial-eum-clienttons-s.akamaihd.net | tcp |
| BE | 2.17.107.16:443 | trial-eum-clienttons-s.akamaihd.net | tcp |
| US | 8.8.8.8:53 | x5s5cjyccfv4ezspok2q-p6kayk-c98bca341-clientnsv4-s.akamaihd.net | udp |
| US | 8.8.8.8:53 | 191-101-209-39_s-2-17-107-16_ts-1716482741-clienttons-s.akamaihd.net | udp |
| BE | 2.17.107.177:443 | x5s5cjyccfv4ezspok2q-p6kayk-c98bca341-clientnsv4-s.akamaihd.net | tcp |
| BE | 2.17.107.177:443 | x5s5cjyccfv4ezspok2q-p6kayk-c98bca341-clientnsv4-s.akamaihd.net | tcp |
| BE | 2.17.107.41:443 | 191-101-209-39_s-2-17-107-16_ts-1716482741-clienttons-s.akamaihd.net | tcp |
| BE | 2.17.107.41:443 | 191-101-209-39_s-2-17-107-16_ts-1716482741-clienttons-s.akamaihd.net | tcp |
| US | 8.8.8.8:53 | 247.124.64.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 177.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.avg.com | udp |
| CZ | 104.64.169.72:443 | www.avg.com | tcp |
| CZ | 104.64.169.72:443 | www.avg.com | tcp |
| US | 8.8.8.8:53 | 72.169.64.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.19.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | static2.avg.com | udp |
| CZ | 104.64.169.72:443 | static2.avg.com | tcp |
| CZ | 104.64.169.72:443 | static2.avg.com | tcp |
| US | 104.19.177.52:443 | cdn.cookielaw.org | tcp |
| US | 104.19.177.52:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | assets.adobedtm.com | udp |
| GB | 2.21.189.25:443 | assets.adobedtm.com | tcp |
| GB | 2.21.189.25:443 | assets.adobedtm.com | tcp |
| US | 8.8.8.8:53 | f.hubspotusercontent40.net | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | 52.177.19.104.in-addr.arpa | udp |
| US | 104.18.230.109:443 | f.hubspotusercontent40.net | tcp |
| US | 104.18.230.109:443 | f.hubspotusercontent40.net | tcp |
| GB | 172.217.169.67:80 | o.pki.goog | tcp |
| US | 104.18.230.109:443 | f.hubspotusercontent40.net | tcp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| IE | 54.76.80.14:443 | dpm.demdex.net | tcp |
| IE | 54.76.80.14:443 | dpm.demdex.net | tcp |
| US | 104.18.230.109:443 | f.hubspotusercontent40.net | tcp |
| GB | 172.217.169.67:80 | o.pki.goog | tcp |
| GB | 172.217.169.67:80 | o.pki.goog | tcp |
| GB | 172.217.169.67:80 | o.pki.goog | tcp |
| US | 104.18.230.109:443 | f.hubspotusercontent40.net | tcp |
| US | 8.8.8.8:53 | 4650993.fs1.hubspotusercontent-na1.net | udp |
| US | 104.18.41.124:443 | 4650993.fs1.hubspotusercontent-na1.net | tcp |
| US | 104.18.41.124:443 | 4650993.fs1.hubspotusercontent-na1.net | tcp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.230.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.80.76.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.41.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| US | 8.8.8.8:53 | static.hotjar.com | udp |
| GB | 13.224.245.87:443 | static.hotjar.com | tcp |
| GB | 13.224.245.87:443 | static.hotjar.com | tcp |
| IE | 63.34.17.39:443 | cm.everesttech.net | tcp |
| IE | 63.34.17.39:443 | cm.everesttech.net | tcp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.245.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ocsp.rootca3.amazontrust.com | udp |
| PT | 13.225.15.134:80 | ocsp.rootca3.amazontrust.com | tcp |
| US | 8.8.8.8:53 | oms.avg.com | udp |
| IE | 66.235.152.225:443 | oms.avg.com | tcp |
| IE | 66.235.152.225:443 | oms.avg.com | tcp |
| CZ | 104.64.169.72:443 | static2.avg.com | tcp |
| CZ | 104.64.169.72:443 | static2.avg.com | tcp |
| US | 8.8.8.8:53 | script.hotjar.com | udp |
| PT | 13.225.10.10:443 | script.hotjar.com | tcp |
| PT | 13.225.10.10:443 | script.hotjar.com | tcp |
| US | 8.8.8.8:53 | s.go-mpulse.net | udp |
| BE | 23.55.96.141:443 | s.go-mpulse.net | tcp |
| BE | 23.55.96.141:443 | s.go-mpulse.net | tcp |
| US | 8.8.8.8:53 | 10.10.225.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | symantec.demdex.net | udp |
| IE | 52.51.22.204:443 | symantec.demdex.net | tcp |
| IE | 52.51.22.204:443 | symantec.demdex.net | tcp |
| US | 8.8.8.8:53 | 204.22.51.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.malwarebytes.com | udp |
| US | 8.8.8.8:53 | mstatic.avg.com | udp |
| NL | 20.50.2.58:443 | mstatic.avg.com | tcp |
| NL | 20.50.2.58:443 | mstatic.avg.com | tcp |
| US | 192.0.66.233:443 | www.malwarebytes.com | tcp |
| US | 192.0.66.233:443 | www.malwarebytes.com | tcp |
| CZ | 104.64.169.72:443 | static2.avg.com | tcp |
| CZ | 104.64.169.72:443 | static2.avg.com | tcp |
| US | 8.8.8.8:53 | 58.2.50.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dev.visualwebsiteoptimizer.com | udp |
| US | 8.8.8.8:53 | 233.66.0.192.in-addr.arpa | udp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | tcp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | tcp |
| US | 8.8.8.8:53 | plausible.io | udp |
| GB | 143.244.38.136:443 | plausible.io | tcp |
| GB | 143.244.38.136:443 | plausible.io | tcp |
| US | 8.8.8.8:53 | ocsp.starfieldtech.com | udp |
| US | 192.124.249.36:80 | ocsp.starfieldtech.com | tcp |
| US | 8.8.8.8:53 | 137.102.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.38.244.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.249.124.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 8.8.8.8:53 | widget.trustpilot.com | udp |
| US | 192.0.76.3:443 | stats.wp.com | tcp |
| US | 192.0.76.3:443 | stats.wp.com | tcp |
| PT | 13.225.10.40:443 | widget.trustpilot.com | tcp |
| PT | 13.225.10.40:443 | widget.trustpilot.com | tcp |
| US | 8.8.8.8:53 | 3.76.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.97.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.10.225.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | genesis.malwarebytes.com | udp |
| US | 192.0.66.233:443 | www.malwarebytes.com | tcp |
| US | 192.0.66.233:443 | www.malwarebytes.com | tcp |
| US | 54.174.144.10:443 | genesis.malwarebytes.com | tcp |
| US | 54.174.144.10:443 | genesis.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 10.144.174.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ocsp.r2m02.amazontrust.com | udp |
| US | 8.8.8.8:53 | zn8ksx2qgjavxayw6-gendigital.siteintercept.qualtrics.com | udp |
| US | 104.17.208.240:443 | zn8ksx2qgjavxayw6-gendigital.siteintercept.qualtrics.com | tcp |
| US | 104.17.208.240:443 | zn8ksx2qgjavxayw6-gendigital.siteintercept.qualtrics.com | tcp |
| PT | 13.225.9.161:80 | ocsp.r2m02.amazontrust.com | tcp |
| US | 8.8.8.8:53 | analytics.ff.avast.com | udp |
| US | 34.117.223.223:443 | analytics.ff.avast.com | tcp |
| US | 34.117.223.223:443 | analytics.ff.avast.com | tcp |
| US | 8.8.8.8:53 | pixel.wp.com | udp |
| US | 192.0.76.3:443 | pixel.wp.com | tcp |
| US | 192.0.76.3:443 | pixel.wp.com | tcp |
| GB | 172.217.169.67:80 | o.pki.goog | tcp |
| US | 8.8.8.8:53 | 240.208.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.223.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | siteintercept.qualtrics.com | udp |
| US | 104.17.209.240:443 | siteintercept.qualtrics.com | tcp |
| US | 104.17.209.240:443 | siteintercept.qualtrics.com | tcp |
| US | 8.8.8.8:53 | c.go-mpulse.net | udp |
| CZ | 2.23.8.155:443 | c.go-mpulse.net | tcp |
| CZ | 2.23.8.155:443 | c.go-mpulse.net | tcp |
| US | 8.8.8.8:53 | 240.209.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0217991d.akstat.io | udp |
| BE | 23.55.96.141:443 | 0217991d.akstat.io | tcp |
| BE | 23.55.96.141:443 | 0217991d.akstat.io | tcp |
| US | 8.8.8.8:53 | www.avira.com | udp |
| BE | 2.17.107.147:443 | www.avira.com | tcp |
| BE | 2.17.107.147:443 | www.avira.com | tcp |
| US | 104.19.177.52:443 | cdn.cookielaw.org | tcp |
| US | 104.19.177.52:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | script.crazyegg.com | udp |
| US | 8.8.8.8:53 | www.webassetscdn.com | udp |
| US | 8.8.8.8:53 | assets.adobedtm.com | udp |
| GB | 2.21.189.25:443 | assets.adobedtm.com | tcp |
| GB | 2.21.189.25:443 | assets.adobedtm.com | tcp |
| BE | 2.17.107.225:443 | www.webassetscdn.com | tcp |
| BE | 2.17.107.225:443 | www.webassetscdn.com | tcp |
| BE | 2.17.107.225:443 | www.webassetscdn.com | tcp |
| BE | 2.17.107.225:443 | www.webassetscdn.com | tcp |
| BE | 2.17.107.225:443 | www.webassetscdn.com | tcp |
| BE | 2.17.107.225:443 | www.webassetscdn.com | tcp |
| US | 8.8.8.8:53 | 147.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.107.17.2.in-addr.arpa | udp |
| BE | 23.55.96.141:443 | 0217991d.akstat.io | tcp |
| BE | 23.55.96.141:443 | 0217991d.akstat.io | tcp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| BE | 2.17.107.147:443 | www.avira.com | tcp |
| BE | 2.17.107.147:443 | www.avira.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| BE | 74.125.71.155:443 | stats.g.doubleclick.net | tcp |
| BE | 74.125.71.155:443 | stats.g.doubleclick.net | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| GB | 172.217.169.67:80 | o.pki.goog | tcp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.71.125.74.in-addr.arpa | udp |
| CZ | 2.23.8.155:443 | c.go-mpulse.net | tcp |
| CZ | 2.23.8.155:443 | c.go-mpulse.net | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | 02179917.akstat.io | udp |
| BE | 23.55.96.141:443 | 02179917.akstat.io | tcp |
| BE | 23.55.96.141:443 | 02179917.akstat.io | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| BE | 88.221.83.179:443 | www.bing.com | tcp |
| BE | 88.221.83.179:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 218.9.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 179.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.mcafee.com | udp |
| CZ | 104.64.163.250:443 | www.mcafee.com | tcp |
| CZ | 104.64.163.250:443 | www.mcafee.com | tcp |
| US | 8.8.8.8:53 | 250.163.64.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tags.tiqcdn.com | udp |
| US | 8.8.8.8:53 | s.go-mpulse.net | udp |
| US | 8.8.8.8:53 | mcafeeinc.demdex.net | udp |
| US | 8.8.8.8:53 | mcafee12.tt.omtrdc.net | udp |
| US | 8.8.8.8:53 | assets.adobedtm.com | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | media.mcafeeassets.com | udp |
| US | 8.8.8.8:53 | images.scanalert.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| DE | 23.67.131.82:443 | media.mcafeeassets.com | tcp |
| DE | 23.67.131.82:443 | media.mcafeeassets.com | tcp |
| DE | 23.67.131.82:443 | media.mcafeeassets.com | tcp |
| DE | 23.67.131.82:443 | media.mcafeeassets.com | tcp |
| DE | 23.67.131.82:443 | media.mcafeeassets.com | tcp |
| DE | 23.67.131.82:443 | media.mcafeeassets.com | tcp |
| GB | 172.217.169.67:80 | o.pki.goog | tcp |
| IE | 54.76.80.14:443 | mcafeeinc.demdex.net | tcp |
| IE | 54.76.80.14:443 | mcafeeinc.demdex.net | tcp |
| US | 8.8.8.8:53 | 82.131.67.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| BE | 23.55.96.141:443 | s.go-mpulse.net | tcp |
| BE | 23.55.96.141:443 | s.go-mpulse.net | tcp |
| IE | 108.128.197.68:443 | mcafeeinc.demdex.net | tcp |
| IE | 108.128.197.68:443 | mcafeeinc.demdex.net | tcp |
| IE | 63.34.17.39:443 | cm.everesttech.net | tcp |
| IE | 63.34.17.39:443 | cm.everesttech.net | tcp |
| IE | 66.235.152.225:443 | mcafee12.tt.omtrdc.net | tcp |
| IE | 66.235.152.225:443 | mcafee12.tt.omtrdc.net | tcp |
| CZ | 104.64.163.250:443 | www.mcafee.com | tcp |
| CZ | 104.64.163.250:443 | www.mcafee.com | tcp |
| US | 8.8.8.8:53 | c.go-mpulse.net | udp |
| CZ | 2.23.8.155:443 | c.go-mpulse.net | tcp |
| CZ | 2.23.8.155:443 | c.go-mpulse.net | tcp |
| US | 35.244.174.68:443 | idsync.rlcdn.com | tcp |
| US | 35.244.174.68:443 | idsync.rlcdn.com | tcp |
| US | 8.8.8.8:53 | 0217991d.akstat.io | udp |
| BE | 23.55.96.141:443 | 0217991d.akstat.io | tcp |
| BE | 23.55.96.141:443 | 0217991d.akstat.io | tcp |
| US | 8.8.8.8:53 | 68.197.128.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.bitdefender.com | udp |
| US | 104.18.40.87:443 | www.bitdefender.com | tcp |
| US | 104.18.40.87:443 | www.bitdefender.com | tcp |
| US | 8.8.8.8:53 | 87.40.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assets.adobedtm.com | udp |
| GB | 2.21.189.25:443 | assets.adobedtm.com | tcp |
| GB | 2.21.189.25:443 | assets.adobedtm.com | tcp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| IE | 34.250.112.230:443 | dpm.demdex.net | tcp |
| IE | 34.250.112.230:443 | dpm.demdex.net | tcp |
| US | 104.19.177.52:443 | cdn.cookielaw.org | tcp |
| US | 104.19.177.52:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | bitdefender.demdex.net | udp |
| IE | 63.34.17.39:443 | cm.everesttech.net | tcp |
| IE | 63.34.17.39:443 | cm.everesttech.net | tcp |
| IE | 52.49.219.73:443 | bitdefender.demdex.net | tcp |
| IE | 52.49.219.73:443 | bitdefender.demdex.net | tcp |
| US | 8.8.8.8:53 | sstats.bitdefender.com | udp |
| US | 8.8.8.8:53 | starget.bitdefender.com | udp |
| IE | 66.235.152.156:443 | starget.bitdefender.com | tcp |
| IE | 66.235.152.156:443 | starget.bitdefender.com | tcp |
| US | 8.8.8.8:53 | cookies-data.onetrust.io | udp |
| IE | 66.235.152.221:443 | starget.bitdefender.com | tcp |
| IE | 66.235.152.221:443 | starget.bitdefender.com | tcp |
| US | 104.18.32.193:443 | cookies-data.onetrust.io | tcp |
| US | 104.18.32.193:443 | cookies-data.onetrust.io | tcp |
| US | 8.8.8.8:53 | 73.219.49.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.152.235.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.32.18.104.in-addr.arpa | udp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 104.18.40.87:443 | www.bitdefender.com | tcp |
| US | 104.18.40.87:443 | www.bitdefender.com | tcp |
| GB | 172.217.169.2:443 | cm.g.doubleclick.net | tcp |
| GB | 172.217.169.2:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | analytics.twitter.com | udp |
| US | 104.244.42.67:443 | analytics.twitter.com | tcp |
| US | 104.244.42.67:443 | analytics.twitter.com | tcp |
| US | 8.8.8.8:53 | mid.rkdms.com | udp |
| US | 3.232.174.86:443 | mid.rkdms.com | tcp |
| US | 3.232.174.86:443 | mid.rkdms.com | tcp |
| US | 8.8.8.8:53 | ocsp.r2m03.amazontrust.com | udp |
| US | 8.8.8.8:53 | 2.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.174.232.3.in-addr.arpa | udp |
| PT | 13.225.9.161:80 | ocsp.r2m03.amazontrust.com | tcp |
| US | 8.8.8.8:53 | assets.adobetarget.com | udp |
| CZ | 104.64.173.145:443 | assets.adobetarget.com | tcp |
| CZ | 104.64.173.145:443 | assets.adobetarget.com | tcp |
| US | 8.8.8.8:53 | 145.173.64.104.in-addr.arpa | udp |
Files
\??\pipe\crashpad_1276_XAEAIAFQYTXIYWCQ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 347316d87af8e4ce09834a9104fc32e0 |
| SHA1 | 48781d6280ef332cc596be1a2d38b08364a83fa2 |
| SHA256 | 061795e4f81dc3fee2ee47fcab5a2f839ab479e598fed22f4246c60c38864303 |
| SHA512 | 08880254588911e7bf9c2c18f1c290238360954ff83c66f832bc0947a183cc4ce7617d5916ca19da7a824850b7162dab91478db463183deca4ca66b42b1c82b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\69851941-8c57-4096-9ec9-5580316364f8.tmp
| MD5 | 0591a47b0d6fc63a698e2ce4019da6c1 |
| SHA1 | e077341bdaaf72485cf0fa1a1a7026d6c5332a3c |
| SHA256 | 7204471f75d6958c7dc989fbc4e78ccfddb488cb0fcae447a55411154161122c |
| SHA512 | 7aba76c0c618f6c218481fdebd225f7f3f668b7b31643dbea49dfa5fc8c9d28b324f23457eae9c0820b8737a691c2db5c179cb9298e7a6618c1e468b98acd11f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | baf1ffe38669cdc5596b0100330ecbdc |
| SHA1 | 974255051550812063c7339a5a4a2cf2053b6a30 |
| SHA256 | 7f995969b873d559dd275a4a0b0f482a1408fe940ae4843b3575adc9f8b9f11a |
| SHA512 | d99b98ebb0d6dcf14953f30a57a3a04ace889737bd773e5ff04cccfc14b12c84f51fdbbe9ba91bd901670a0c2d4b1280f8cec65907da12ffcdbf682da3b8d033 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8242a25c68993fcb63a2d31060e70799 |
| SHA1 | 2396553845a5c0aefd23cc72d7d7fd707d92ca57 |
| SHA256 | f41b2b85cbc43fe4b960f225044b8549a468320edef92077afbe1ab4cb70f63f |
| SHA512 | 6c2fd8570bf96d42ec23bea1328d16c4a02b82b37f341cbbc7556182d08f962e9bdc7dc9d61542e83dbd44c45968a2b958690f00a82e3dc348f55d4d8d91a3e6 |
C:\Users\Admin\Downloads\clutt6.6.6 - by CYBER SOLDIER.rar.crdownload
| MD5 | 60fda8c078bd2c6c8be5246d493afec6 |
| SHA1 | 339675682e1a9ac2008d5bafd9b49cd3167998dd |
| SHA256 | 72d36858e676360cd470943c3a22110324df8e4571c166dc823b09dbefb4017c |
| SHA512 | 87298877d1c4fadebd0bf40dd774619f9718eeba4b536dc9eee2abb5bc1809501798152139c47b3db204af119cc52904814c689484b400a00e1ad6e69a58aa00 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a14fbaa5faaba5f7b04271c9831de173 |
| SHA1 | 18e5d89d3abd48263ca2b5c1dde0d1d44404c356 |
| SHA256 | de5592e4c26fe19d95c436b4bbc813ccbd7f037e1102d9f58dcaf0f3b09f1235 |
| SHA512 | 2b56418fe11961a96980724fb8280ef17f24db86b8dce779077fbdffebc4778ddece553ed03596128c4140c7de59af26e4e1180923bbad06df4e8fccd2bf1dcf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3bd6ae03173c201d360028750a5903df |
| SHA1 | b2a5d861d82e040a55b093ed020d3955178b6ea0 |
| SHA256 | 35c2a35aae87c3f30d12df78e0f2a6e0a5d20026e7b3f2200533b86e329dcd67 |
| SHA512 | 564b4d3c057d08ab883a7a55a6ea83d309212b3572826be97d074dbecca6ca6e88a9d1f74e2898abb48b1e2778238b24b104d4d01847e961b0df10a70c2ab43a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6b64f2224fd621c1dd66812243a4b987 |
| SHA1 | 75269a09fc7e743001878bf0c0d737932de1f1cf |
| SHA256 | 1457ecfc687b6dcbe87af4f1123c0546ca1accc9162ff90e7e12d550df7896df |
| SHA512 | 9922299fd03f27624b0c214e2185dc51dcb3e49549687ba9447a5e5927169e8cb246cb842a6bfab9e47b0a7ded44811b768933f3d9bf17c29d7b7693fb29ef13 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4d07b20c0828cfd6c33061330c1251a4 |
| SHA1 | c0ff33f2bf96922a30b5645d04e685d47286c95e |
| SHA256 | 7920dd42144ec556e460ed9fd722bf8e149988a536694a2fb808190217688356 |
| SHA512 | 81d56a7c829c24749c78f939a08a7e0c0df9b9680c838e16b3c36dd00c36941bd7351c56a6d3f75e6da565d63ebbb285e0b629927579dafedc2aa2fd2c8f82c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | e8ee8c71b4be461929be13c0e94a842a |
| SHA1 | 7a8377feb7cf5ae3e4c0de9d3690fc1c12436a30 |
| SHA256 | e3bc7d991346e9cd0679e6ad1e3ae96892aafc87fe8f3eb853324d052eb451e5 |
| SHA512 | 0f0f6214b5146da59beaaf0c1c9da0b4b3e357fd91b6be57d40af687485ae9d0a02cbeebc1f17e28ecb5cfb9b96d583a1a5acc5ce45064900a0b5dd621b8106f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58998c.TMP
| MD5 | 7a92496f5ab0b33339b0a1c54c633fa4 |
| SHA1 | 265a8ed39f8e33b3fab4a979c126a5eb895f224f |
| SHA256 | a2bcc9dedfdf40b520f2a2e6d81b069b5c96add1808ee6e2997fad3791d3f121 |
| SHA512 | d84a8b51250ec3cf11ee7325b1d04ae0a4d6a2fa902afa66d03304c1470998e04a36880174cfb87670620aff2566c862feea078d25c431375688471063e771dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 98c7575874c94801033d805fa738eb16 |
| SHA1 | 1e07a56336dadbd4b6866cef9a5ae56f76702a25 |
| SHA256 | d18b2d0ae143dc3f257651d146eb4db9686f3c9d94d3b31ebd8e0ee204fdb664 |
| SHA512 | a6f33a9f586d53c29fbafda8b4a46a76dd83862e0d6de5abb2a0c1b7ab9debf0b5ec64cf4e1916d27bc6a7b95589b8854532e9a7b8d0d039c658f6cc81e58a5d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 79b1a0df16e0340f48699a016dbbdc9a |
| SHA1 | 3ca6ef3038f1cf7bc938ed09209a8e29193b1c35 |
| SHA256 | 7064a1243631b9a996946d347ca6031c2ae43d9b2334ac6f37a97589096efe8d |
| SHA512 | 814bea99dca31b655fd883c392829a22af121ac4bc95d381d977fb6434719d2af2233f1692525535720af6c43c2c965ea0757076625276faaab3a7afe973ab72 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 9202676bba3dcda0381547a2737bf120 |
| SHA1 | b0b748d93f6a9f7898ab89d95c18b0d3990aabdc |
| SHA256 | 610bed2ae8ca509e33cef1355ffda35d182ec44a62b1794d867790c86e30eca6 |
| SHA512 | 2083d7b9a1ae699277a8936d35db4de9895e9f7b9ac011062365ac839f52e865c80a09968416cf39047e575ea953b28375408ecd03125b9ff5ebc90fb3aa24ad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9c4cf91f0f5b47d1202f6b688fe9ce94 |
| SHA1 | ddbff5ad7d6914e95cd42fb44bd10960323e3407 |
| SHA256 | 12acc335d4044a37670a0211f00ba7391286500bfcd8c42ffb458fc94a584025 |
| SHA512 | 6697d697198e4ad84f7d87deb081f1e261957e6026cbc7be202c1e7df0ad8f4d2c814f1f5931f375af8162739d6c11e3240cfb424e121a34b89ffb12cd73a3a9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 7aa8de5c2ef3a676a55b849f0412808b |
| SHA1 | 4ee6289434f8d4cda4f30633ef0ed6a4f42bb455 |
| SHA256 | 3b59d44cc540451b46cd7673dcec34fd4b70cc0bc05afed9da45967425d01d48 |
| SHA512 | 5e6463c4cb2d342c2d59a23a7ee538a50f828850e97de1a92ada07ce2d85847c8b62c27c6679eea21da746d55f571787c64255b7c9ee269146eed36da257881c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 796c4a285ef5de68428fb6697a956821 |
| SHA1 | 6d64dca27c5c72af879eceb221e09978aff1de4d |
| SHA256 | fcf16bae40e694b4fb8a01ccd2552a9f531ff24811f41d6a17ca98001726d310 |
| SHA512 | ff5db793f93287a816c1b3439dd584733e09734a457fa840e41035d0ac92383272224bdbc4513376b157f1a19bd44de87af08a5d3a3fd766628de1d121d8a438 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c1940475fe55f56eb707c3d1b003db35 |
| SHA1 | 608bcc0d71cb1c3b0eae386e956445a49610ee9a |
| SHA256 | 7992dfaca2121ecbf0d9133a72045ff0c3970434549f72647565714625c0da28 |
| SHA512 | a4e84f424805b565a13b29a040ca2ef2df5b91c0ab25033111cbea48e6736760a06ce6b17c579bb8e1f66677467334705d8d5e07eb73959bc903a1b33698c318 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8d7b980e1266c28e5722a9d5047ccdeb |
| SHA1 | a08935b84bf50bae601e113bf87a0e0fd0fa2360 |
| SHA256 | 90188d318919667a6d1f393b67b30638072119551663aec45c07d97254661ae5 |
| SHA512 | 9e8eb4cd71ebe103d83a73d0d5009662f5bf3d14c0c25b5fd9e04f251d34b7ee4931829353e4b329999f72d34502e7a6f0a456c23af58ff4b1471bc85ad31a81 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4e7ef64ecf2f916ffbf3a7f7288558dd |
| SHA1 | 8b4e554e8f54b9c6da6676f0f54fe00037739c57 |
| SHA256 | 19056549f5b8b57b87e56bde12e193398be650aebf529d7a5ae344253311190d |
| SHA512 | 6683cc97aed6a9ab3085941327447aafa07c4573f907c6b103bfb9fceb944620d922777d558b1f3cbd03ad12cd7b29a24c3fc3c6d15b4a698c88c6ac7faf8711 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 3326664935bfa1fe228d3f82f0e75b82 |
| SHA1 | bf430d13456a958129810a25560f15d1e659160b |
| SHA256 | 368ddb71ed5a382e41fe9872ede7a315516a4f43cf223480f56ef7656f683aa1 |
| SHA512 | 8de10d8e8c4eb6035a3f289b96e26874ac85c18a5287b6b99bca5beca06ee9b36f663aea0c42125c04cc1fbba7ab4dc860bcda6fd4b2d84534e8876dd5ca1acb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4d6feb2682f984ff460cd0c85caf84d9 |
| SHA1 | 27749e739e2a71ee302c37faf180811a2a7b5eec |
| SHA256 | a9416c916fd6ad684b403c63191be006b6509a1e8e62a613f1a355466e496845 |
| SHA512 | e8a784963b05b6895f2567dbb227588c1f730369fa3eeb8f20e5e0118bf902d6f941c682953d4b9393cdc6d5ae7ef918baeda4efdda106699d29b73cf96013d7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ba50ea3caa9c5891f9127d7bb27d4b01 |
| SHA1 | 46d8b92bdc6958a51290b59be3395ffa820a66c9 |
| SHA256 | 833857560ea338a4d0315f13f4bde28eed8d09cca67e67f7504eb3f45f7cee21 |
| SHA512 | dc2609d1c8c88a976ea37baeacbdf1203e1b52b049ab48835e6390eee013b362a7e8ede5919bac928e15f0c11d9fa3a2d9603bb89e6eba1d106d8029f87dafc8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 77029acd45bff4b949702b31dd2dbbde |
| SHA1 | 509b6ff32d6b4b230b0f0b6d461322ecff6bd5b0 |
| SHA256 | c45c575601241418e91b50d20acf20746c495fb89155ae7dff8ab3a9918c91c9 |
| SHA512 | 06579501d5b233d5747daeda54dedd92166cc2f6e5c14c5b62bfcec3c8cf0894f8a7b5fa634c8ec8e97f368c660306fc9173c67257945f4e8fa470799eb817f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 05d937ae2320c49ff5e027d619ace059 |
| SHA1 | 2af787dfbdd2897420fd5b12e4b82ea4a63b364c |
| SHA256 | 2d7e85665255beea019b7b3f6fb082a11fb70a8dde873022c86dfb6aea5e486c |
| SHA512 | b21df3de4b707b043355aafcbc4de0890973a55fde19deb84df9fb5ce20781cf6879ed5c4906ea170647b829f8b79ccdf8faf1b425e18f3fb6cc3b0fa49c3fe2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5f29bc2ed7044fd3812e05aac58b0617 |
| SHA1 | 0f1382b846c693e632363af5b31a7dfadfed8b7e |
| SHA256 | 32f20e429610d2f1472b51e14bdd006cd22c1bfe03d1ab034451be7195caecbd |
| SHA512 | 9c7dfef34f661f15084e33ab3596def85182d8208a13b5e1e633d438b82f13a5346003b2d8df0cdbb3f6d5a6ef8bb0e13be77b7bf33b33ef31ba798d7633049a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 21a2c62ad1e43ac3fd02ba209dee3f3f |
| SHA1 | 47a64f1d0e4c85d4310610c39770dc5880f28432 |
| SHA256 | 5c5777f9201d5edd20785bd8001694e1f962faef4978ed92f64da56f9ffddbab |
| SHA512 | a407249a433ae536cfd04769274ffe820dc6b5f9bb524f44dd800a2dd8acf8d856f9ee07c6f714090cc870f853a4c4d92cd673951a42bba386310acfe47dcd8a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 615445c2ffb4a4b06ce7d7005f79233f |
| SHA1 | 4fd5533a88cd3b0b4fb84f7e09217693f5067403 |
| SHA256 | e239f1ae8e0a158195f1e14a40e8086c97a1c1f06999aaf74ae48b802cb92d28 |
| SHA512 | d010df3fd2edf9f20f0117f3c265a24921b69cd1f74527ed8b6d9534c2102afb4197ac04b53f18bceb65b2e0f6f55770c3e5ce2bc2561742fd41de0a883b866a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 975a0704182ab6389c147453dc87da4d |
| SHA1 | 663aedefa92df230a20bf4b85a8ad0e8b0d4beb7 |
| SHA256 | b6c7e47e6057712dbaf10ba12f493ceaed6ccac2865795ed2c41de836b642f02 |
| SHA512 | 588779c950e4b5c5fe4b4da038ad9049e8ddf3955da133595ef2e493c5b967e06226e08b20a3ddfa135badaf40bdea2e26ae02c2b8d7116e1ceb00d8f5e82303 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2e72feccf159435773bc66fa5b6b2749 |
| SHA1 | 2ef5c64f18d7af4d8327fde0a2446dc8ca19daeb |
| SHA256 | 623b26e4c03c2a8f323300d3db300b9b6b746b8e204f88fcebd67c37b4367f7e |
| SHA512 | b072b7544e3fe08ac56b8b263027af65ee98aaf9e5e0f063b11413aaf1d1d642f564435cf43fbb47363d489f7174c0f214c4b91b3fd68e1a1fe2fe596c1a21dd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d0ce2360955db268c8350ea0f38dfcf7 |
| SHA1 | feee2992996e5d902b9fab62809791ed15d4eca1 |
| SHA256 | 33c21f59419aa2c0714b9afd5fd626cfc150a1750a42601099890662ad164f48 |
| SHA512 | d16179edee9d68fdffc037a1cec84b052c417e9ec8383de269fc59ba92ab264a97856e4d5550f405a467ce68c5a2a844d253a40fa78e3b245bcfc77905a222a9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a197039c64a6bed89b48d5f2aba63a57 |
| SHA1 | 795c4bb92e6061863eecc66337f58e838660c97c |
| SHA256 | 09095c605088f37c432d22a38445ff94ee02b1232f8150bf61fbd56c80b5499e |
| SHA512 | 031724ac7d9cf796d3a2c67c431798c21f7799a4af692da86cd8ffb84657c66d336e6e234d0d17a4d299ca88af4576cc5b2a4bef31ef9d2a74af588d004bc986 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | de0832aa5f13f40b6189a87ad9bea7b1 |
| SHA1 | 426541672f04dff1f51cd515d8b9444230a12b0b |
| SHA256 | 0b85367fd1ed45a689c4784b50d4afe2a12e488af9b1fcc454df135b9078ce9d |
| SHA512 | f52c942ff8a9789bf51f9b888b16ef65a91cf60bdbfde444b2a653c1a7fdb13732c7073993cc6ebbcad1b1f95fb48ee93762bbcc9d9db412e1a3924c76733956 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | dd1077a891316f037eb153c63cfc0589 |
| SHA1 | 0020cf39ad6729077d3f2177394f7589fe499089 |
| SHA256 | 875a6c5d503084aec594164b56299a068d0dacded89970f8d1e53347e0dd0100 |
| SHA512 | bf61b2a6bafc9148aabf7464fc9f2ace469f26bb5d9c241b74c4c6dd1b057bfa62fdd8399ddcac2fbd19873b13cdc0c316036f3544de8a9397c65e0fb29d66d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a477182435b5c87ffa85c257f5dd7c72 |
| SHA1 | d86166beb4f2f11892618ea5f005ae19987a0b90 |
| SHA256 | 4d63b9e56c9c29002e8102b95106d8760316792660a82e8ab9f926b46d347e0e |
| SHA512 | 191e09c043320bd1feba1a3db7df3a235ffac8e44147b100907cd821f7746b2538431c0cc2f1a300fa50fd41cefc67986491ac5b53468d3ba300c77259ffb7b5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2a41bb80d810a330da524e5d22a1c4fa |
| SHA1 | 2818222a000818a8e23cfb5307d6b4ebfd9f99fe |
| SHA256 | 533834aacf622096f40016faa3d495b9f9fa8159377772949aa45e18794e2ce0 |
| SHA512 | 40ad179e4dca4c4c9602ae0dbf87ac9a427d675ce28d64a58a726f029b7eb5b8a698821b4c26e1f474e2bcdb962d59a92585e553d7716848e68a5399abcb7d5b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\9c709d64-9d81-435d-8fdc-a87866f28b6a.tmp
| MD5 | 7f8a9af6aac5d097af7dc03e54be0e01 |
| SHA1 | 54d1f77dbfedfd55c325f39a32cd6f46cb5b339d |
| SHA256 | 8ed5a5bb474587a82ce470e937a2bbd61e5d6d681685d633170334823373100f |
| SHA512 | 50b02bab419c187b9f7b00524bb3a7767be54d047f0328fb6b35c09312a9397a9303f23e19ac0003359c3f630ece9d0d6634460e45d0a06952dda0c7fae60779 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | cf35e79a10a3a8ccee0874c71576daa0 |
| SHA1 | 7db94f2123d1c162e44e8e58e8c5db6d876a5d15 |
| SHA256 | ef7fd973f963c1e8a50f60359edfa342a98e4fea0f8af1af0c8e85b35c625a0e |
| SHA512 | 3955eacf0b5a1eb1a76023ee71aecb76acfa8d298edbd63bd8a6fccaec2f825818afccb492d994aa96996277c6ea8004275ddc9244224efd13f6b8710280ff13 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cdf143228d5c31ee56c062f10c6e022e |
| SHA1 | 8b35cb2560367b4c6a18c4b907811220535320d2 |
| SHA256 | 9e7cf60f739ac0ba97a455859651904935ecb00fb5008e739eaa1a8ecb240890 |
| SHA512 | 393d506642296834618d5e1ba5d2c498b15033535516e8aa05673f1291c400827d6afde12f8b0ad85072364d129c9c06a87cfa02e2f6a94a3d897d3702d86940 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | dbe863d222eb2080aa87104437c7d050 |
| SHA1 | 7b8ff46e776b95f00bf92c818bc55a2a5de1399b |
| SHA256 | 9e0ee05b3ba314b620ec581b32ff293b62b9796ddc69d5433b526c51abd942a6 |
| SHA512 | 7be71aa4eedadd600f1cf897ff13c7cc61db7d89fa0af88e486ef3047e69ec0e948cb53b9cbe2bbbbbfcbd2f97e38353068f3562c9be4b7039da715f93c3bb93 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 82e4e1cdc36f10920d654d4fb9d8a19f |
| SHA1 | 1aaa49ababa6d3401209cb51a9d7b8f395b8dfb5 |
| SHA256 | 0cbc265f6e13efdf2b90b495d0ae4307a8353de05ae6499a126c39dcb1a91589 |
| SHA512 | 45c4ef9e905b86138924b3960bb4e5da7b62d1ae68237c59fb3a65cea42b98528249e1af12b9ce3d59edfb8e056bf056cdb5c8eb348124cfb6805499ea90a57d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2b9b919778463daeb14daad5db55ab75 |
| SHA1 | b22381feacf80064d69a37f5e0d69c9b67adb552 |
| SHA256 | 851a1c4e7bc9bc5bd93b4dd34b3f1293338dcec62e14ded4cf32c15cb3dc0a99 |
| SHA512 | 57a1dfa2a0fb7ff7c93b87c01595d06df87a8464f8d017ffa588ca1668e268ae9efef309881d9307af6e7928c2dd9ad61bd0e20fab70c82d9be737920e546b6a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 00afb03dc631c9a7c8e0c0e757bb86a8 |
| SHA1 | 5ad6e53191ed8ec3499c88041ad7ab02cb1d2c33 |
| SHA256 | 32a94f3a1765ad06ad906707d9b12e66767babde5cc5e839d15866b3fa44569c |
| SHA512 | e5a26380c4e2d973232c48f6e20042a84c50410c2d999c55e42210e9d01885d615b7f097058550827aa5e14d9391d8e3b16f41fd830c9ec7ee308084edca4a80 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | f9bf394f06c8e8baa85c146bb79a998a |
| SHA1 | 7726c3cf6403ecb701cee44b10cc9baf505280c5 |
| SHA256 | 25479677d32c0e9b14579862ac14b56cdd9f81db7ff0a207b8bbc7bb6348df12 |
| SHA512 | ec2ed0e0869be131cf3f6ff83994c048413f35675ec8d8843b99a6ac55287a032e461c2f78208fda4218a468a5be580db3b81e034cfa381e870b10c6c9bb6aa5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | daea621896c2c2004ff2817729ebaace |
| SHA1 | 6a785896a31a7305e8ed2fd3bc915ba786d213e9 |
| SHA256 | e2ed64eb3e49e903cface02732d5676b2ccb444f6846db1a5c86f78136de2db7 |
| SHA512 | 2c2d9e1a35dc1561cf10c5a6cd177f67f68c445f42cfcbf66bc138be4629fe65aa2fa82f5ff8c91f045900cad8683d568d82a2d067db6b075544296e09b2ace1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 2d9f034fe011a3626c641622da4e1fe2 |
| SHA1 | e79ffce5333c61d94a36ccaf9cf1a72e03268656 |
| SHA256 | 34b2d6b896be4a5c8771e65da5d9342ef5f69880e9948b6a9522c06ca50efc00 |
| SHA512 | 703dae4d2a4f7ece62ef72c964d232b229964ca84638c916804a983bab85c5da30a2af269359261c3044a56e362341f442e0137eeef6f82ddb4fc97b358fd580 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | bc6142469cd7dadf107be9ad87ea4753 |
| SHA1 | 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c |
| SHA256 | b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557 |
| SHA512 | 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History
| MD5 | 9c5830e71d95c0434dfedff5eb90637d |
| SHA1 | be2bb30db3d0da45b30ff288a825a43433925dd8 |
| SHA256 | f0cc277a4add877d45cc855b06f20fc8c983b65a81dd46b19e808be7f63126c7 |
| SHA512 | 4879856a743c9ef1c9c83808991d19ec791a48a08cf80b482e64c44d6fc52a99f2c686ec0af39232495bec23c9d0b3f77bb8878c4675aea417057f12f558582c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links
| MD5 | 8139f234a8677b4350a1211a9d340a0f |
| SHA1 | eab9b7b4a3a4ad9363e0ac9e2d53f2070ac89cdd |
| SHA256 | e3f6d2ca99141dc59e81836167b213d5f20088874e1caf2946547841a19cbb65 |
| SHA512 | 29b0e1136daa674696735ee7f9eb498ccec7291300cebeafe0d2d6cfd5cc5abd99a865ab046b63fbaf6965d072d6f6d75223472739274c4b40f382e745a8234d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
| MD5 | a93b6371f28454844ba9adff33ac7b66 |
| SHA1 | c94341415eb9fb238e66d2c59e1e6cbb7143042a |
| SHA256 | 794d0f1affae4eb7d2bf89f04688fdadbfaf561a4d42fb56ef6255b359f31d2c |
| SHA512 | d5279669476fb41a55993ff54fcf0ba1633dad65238fbbb83f29270fe22e3542a4ceb593705dc89e44c88079e9e4c929cce37cf9ba0aa2a33fb8b22356a8bae5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | 9c4cdcab4fd12fe5df6c0d16bbf7cc42 |
| SHA1 | e647f816049a3382957fcd7e881a50d42cf0acb8 |
| SHA256 | 94902c368cf2654f1460df4dd55530e9f4fc64a93ff676c24775cdfe1a69f477 |
| SHA512 | 01f3b8abefbc3ad43c03ca7b7a0d2b6932f0df6f6a07c078bde3b632707375ea31c178b74fdcc0e0799ab1557ae3270ebe75245ac72d66a20fcb50b4bc9ba8dd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data
| MD5 | 72dbd58b3ec4bf6cbdc0a41ac6a28645 |
| SHA1 | 57c356487a986cd04033977c5c0d46077fb21f95 |
| SHA256 | 14ea4865cfa26f87bf99d9114f8262f5f66fb4e3902e6cf0eb5f07ea90cc3440 |
| SHA512 | 9b0cb47a33d12f4aba51b652ac71b3e5692fb3654fe2ddeaea5ad9f6614ba9326bdc8e6d57096829216c74ea8d9b8d9d9ff085a9215a62b31797f2c6fe0b0102 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
| MD5 | 5518e47d5bb32d2c3ec72abd48c5cb7e |
| SHA1 | 84acfd56d1cd2f633f7f005b9c99d4bf86aa8026 |
| SHA256 | cec5bf5f50d6ed201923b6b6184e46dc65108b980f9c506014cd39ac66ba94ac |
| SHA512 | 12a2ac212b3f7e5363a66dcb4f7196fba9a5233d5bd023814ec57ee848859c2b91136cdf3eaa025b942da1347a3e48c771b83afcf175388fbe69a6fad81eb726 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
| MD5 | c343972dd8ec93c74938a1fe22219e5c |
| SHA1 | 38dbf5caed8a6f6371749d55a1a46ddcc822787c |
| SHA256 | 41c6e4e56daedb3c733dbedb5893eb442c3de818d0d19fba8eddac4166df58f5 |
| SHA512 | 3509aa38cb3bb91b4d68898503fae02b163158a528bade32965a7ff87ee64b91c76e35521bd14245860f9966755d17530f26840c3ec45df17bbb683dbc485802 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0
| MD5 | 8ac6442328dd192c66ead33bbbc40012 |
| SHA1 | 7b2d61bc259cadf0b084cdd3f64344c41188bcd2 |
| SHA256 | 23cea2c3321e0fe90286649307dc5db9aaa60a7b3a6995e8c3d4428dc4015b3f |
| SHA512 | 0b64ad9feba155e03c9e54c6dd5c51a32564757fa7ae2610d6c05141db8cfe47f1ae1f1931f0fff8f70c3a036252b5ddbe7ed8600a575e6ae9fc3986ac4ccfa8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2
| MD5 | 72e1e283ac7070a750fd60bcb8658b7e |
| SHA1 | a7b561e8d5c6c9c63cd0e9c9cec69104be7490fd |
| SHA256 | 6ace8535de3fb208fa9f14867982e0a11a9da43acf520e076024474652076c29 |
| SHA512 | 0a39c342610df016e033115e37f00a152c80c141ac40060d4c3db009f1dcaaecc1bae8d7688246e59f1a0de7733594357bebae4d399907938bace11b0be0756f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1
| MD5 | b463bb15f9aee6fc9f4a7e9e3ce24240 |
| SHA1 | f748495c7a3c68aace4eb63a3638c43a1958b545 |
| SHA256 | b16322cdf0fa8e0ecb6a46a2322c96a31299b95ad1a0bd08e4ad0adbe53028cd |
| SHA512 | 65169cb2a345cde3825ec753cc86d0af36cb513d2d5a346235f67ba8e0ee2baac9efcebaccd31579dc73903e4ee78c9f16a4bdc9cce2f922faedd91878901cc7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
| MD5 | b3bba4f8617cd4cfab0bc548afb1cd0c |
| SHA1 | 1556f7eac602b60ccceebcbba0f925bda1470bf9 |
| SHA256 | 72a7275258e11665d79db64bde31ab236f7a63bf3552f1a4dee54d97a976439c |
| SHA512 | 42913d870277187cb6283514a530339500a3ad95da18003b2afbd690fc8230d235499a3e9f9572b6ef6c6db0fd190e6e3fe93d61b0811c6f60f5e8c357aad82f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
| MD5 | 61dcc88e1abfaace058135dfdf694ecb |
| SHA1 | ffe3661a6764b7e778d8854f6f6a0034bbf81160 |
| SHA256 | b00982bdde9cd79fd93943c9cda0672fc7d7cbcb9441e54bd6ca8cd88e749262 |
| SHA512 | af626fb43b8a7a185e4cb50e003e81f982612707fcf87f17b0927c347c5d796df3e12279db3c899ff66a81bf958f219d6d868c8f2e9c0a7377ff3aadce62215d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3
| MD5 | 0506b981b0b093a10e0de802d0f0f593 |
| SHA1 | 338587ac60655f1a31c514bc5713b251c2a3501c |
| SHA256 | b9f7e917c62e51c8d57e0f7bddc44510954d7d2679a04962974e8f651d28176c |
| SHA512 | 87415cf238d3c60028ac27b439debc877c5b7360d87ed2eacc5a0a2253d9feb244219d24680cd0d8173053faef6a32b3876414683603349d4f56c0965d23e262 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
| MD5 | d2e4547232cbc6e42617ac26bd4de522 |
| SHA1 | dc12bd1dfed9cf902a94586137c1b4eb3c7ced75 |
| SHA256 | 11361c602b2bcf70bdefd15415f4ae9567de4487c7eb1959cf5f3a99cd3a31e4 |
| SHA512 | 45c4ec8308290c3ba199f4816acf2d680009e9d4c0c1342bc1cf7cad499f3a799b884b334166fc6210509cbbe8a6ce2df99c6385e4547dc2a83f7c5c23ae3e8a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1
| MD5 | 0b6f03c67bb761ba36a52c6dbc46be93 |
| SHA1 | 676639d9711b689f77e2a1d1ed11b7d4b88dc916 |
| SHA256 | b80f05390e773edd1d8ca22936a4ac641eff988d1c9e59bd9beca5c3832a021d |
| SHA512 | a341f9ec15e82264711c127d8a31e1bd42bdcf68fea4a54db507ed8d1727bd3ee42bbfca8a15e482dfa28aeecc93dd8fcbf684d7a15b1eae8db2bee5bd2c3a44 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log
| MD5 | 8c2be4ce146d3de5efc452fec59facce |
| SHA1 | 9dd5144389a827e602008a56ded07b1550c9b415 |
| SHA256 | d003c6682da4cd336895f0132d1af71e9c703eec1904b85cdbf3d7aca3882dc7 |
| SHA512 | 59acc6388bff9d502cd56c5092bbc4697e9ddc9d134a7cb27e07194574e62ec83f4209adc140d099e583024d826b84c7f5d470f5bb468e25e936d178cff9ce06 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG
| MD5 | f2e3047057a4ab843d70924daaa3308a |
| SHA1 | 63187502ed61c83b5d66b523963862b1ac912f6a |
| SHA256 | 668c3f1645363b0cd55d38e2d2e7478e347f9591b9274c1a5d572aecc860aac2 |
| SHA512 | b8d4cd97efeaba09e1a01d59ebb9213d2f3c98362151e8b1555b0b81b2127c1cc33e1b8f841a0b1c294c09ff785454f9a1241438ad7422924abc9891cf499a29 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log
| MD5 | a9790028cb8aa77b6dc8bb95a6c51bd4 |
| SHA1 | 15518f64c1bcad040c3cda2b19b994148b1ea3ae |
| SHA256 | 335c04c8eab42d213d24a71fcad2d288de5070598c2be0ae8089ea17988767cf |
| SHA512 | 49eb2aa17b37909f21f56c17e97b45411b929bd8638f092e2cb3e8fdd88f31022aba90e98ee870d6dd3dc63d52776f6c2b579f8a287b4db5f508f71734949ae0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
| MD5 | 4c02805be5ed0afd70ccd724245e1600 |
| SHA1 | 6d6be4eea7228358a72d19387ea1214ec545a44f |
| SHA256 | f8b0ff0491a230f5f9292932d639bad84583eb78bf26df11d303547219d63937 |
| SHA512 | c740c6c1ce486b3063b77c49fb87dbb02e0a10cb7d7ad6487277d743178814e8d71c9419077d681ac88edb03ed7f56c977f885483d0131f8a30958d2a70c97f9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0
| MD5 | c9ab827d9cc598736b5890bf77980166 |
| SHA1 | f3b680e2663d67ccace814978de15fafe58c65b2 |
| SHA256 | 45d85d9b0f03e587b1365be933e6eec8a8780cfdb954a8aa7688a6499ff2e196 |
| SHA512 | 8bcd8805f4ac9b392d34c3e9987efde3f95644effb820a5a62224c0b6cb1a1f6db5914b9fd086fae3c11475b40e233a0eaef0c5a87107274163f6e2dd4fb79b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13360955635863137
| MD5 | 3773bbc49eccd2d326541fa11cfc0f87 |
| SHA1 | 1b4f86cbc51ff1020aced0a093d27f3c02cb89f7 |
| SHA256 | 1b85b9d3737022f74ec05dae66d538088225143e6e4e5cac925eb230141097c9 |
| SHA512 | 8723a4c8df09a23be36c5ecb078bdc9beb20eb39bda1cb16786e7d3ce6f3ab41dfb39392399faec07afdfc2e9b20725cd6108eba94bf090000f92be5fa4fdd9f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | c7a002c153b7fbcedf6b1f58a96a16cc |
| SHA1 | 69643fa00ee4f9352f9ba6a71a135974b0e263a1 |
| SHA256 | da92644fce174152b63bce6ee68fab2d50564706c0ed94f6c302de821f6aa5f8 |
| SHA512 | 4524ef8cac9896d285172c172cabd5e82e3c59d581feab7e9c5d15d6b5a70473bbae37965a10e0e76e7de92fb302bde996f6965aaebe5a90a34d26f7285fd72c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log
| MD5 | bcb0311cdfeaea657d736643ee244df8 |
| SHA1 | db4a89a7470ac418e2c727e90482908e41e366ca |
| SHA256 | eff8b78193a31776e1ec1463d150bc75d4a49acfea9980bd63de454cc39af550 |
| SHA512 | d11193b07e509ebf291ed3d3dbc5af806af52484a619740f78984b22f74a1fba8204a436b5a8b97bd79093f036313f1c12bc199805c1357fd18d89a5708d519a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
| MD5 | 0e3a01bde9ab241816a40b441b1d31ac |
| SHA1 | 29a3ad2e460bf0bf926798f8581e5e11ade21d05 |
| SHA256 | 7371f784d8d1f937ba0733b078885b946eb03ef5853de2fd1eba687c9079541e |
| SHA512 | fd5aa934e20eebafe633959711a865ed561f970baf2713749c0d80ba18eacaf2e1d9b39bd4df3e8f105868491ea8f3db496d267cb81b7449456a1e289ec2d9ca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons
| MD5 | 00a9996588806dacac0a13f6fae33f6f |
| SHA1 | 3098e8bf80feebf5594decac71347f9d1fc11fd2 |
| SHA256 | a80927b5f110b50bb4f985cfd69eb70772f04a6d13df98fc2189a71229615fed |
| SHA512 | b45224deb2ce2de858e1fadb68a7a72d58225deacfd4a84e375c1580629ebb5d067de8e72692572e4aa9844c6577bce285f0f57663fad60bd09a3adc551921e1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version
| MD5 | 9eae63c7a967fc314dd311d9f46a45b7 |
| SHA1 | caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf |
| SHA256 | 4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d |
| SHA512 | bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 9b51ecc700c9c0d35d87b78deb8ba1d8 |
| SHA1 | 2697f051909409a448aebb550f8f3a4fbb7fee5c |
| SHA256 | 5e3b8581a806509cd0207a3f346238a37e6f0b4b34b1b046b5fc1685f7d96640 |
| SHA512 | 78fc16f0b217b77a4a14fece67d47ffbd8c4468a0d198250714b32b5f35912338cad244e31a30d80ed056b3cab47d3e2b42362ffcab435d7ac31d30d55b5a93b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 850e30e834cd7669bd32c5539f491899 |
| SHA1 | 895645619240cf570f4eafe2b8c35668fb9b1653 |
| SHA256 | 3995e6533d1ab25ece1d3f0acb17494f951aa21a8e0953215bf2fc2ac31d9460 |
| SHA512 | 8c00d50a76f2760d1a1a25b6eaedbd71b8a3aae1d790916b0b870945e3e375121fdd0cca2f19f1b0f81839b965d81d0269364dd9a8c4e5b8ac5626bef5b0dab8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 148b3bc617ca9d9aa80b676acc51416b |
| SHA1 | efd201f59b60c81013efaea685b51520eb3905ea |
| SHA256 | 6d0c5352ec801789ed15272e297c657a416f80d2602738dc3564fdd20cc74252 |
| SHA512 | 865966762b0c0867f834df540be769b179945ecc20b91c4e35882bca4a57bd3c461e02b22a9268f67a828dae569a2448971d4ca42c8c57982a16d23e2d75dad7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | ae1bccd6831ebfe5ad03b482ee266e4f |
| SHA1 | 01f4179f48f1af383b275d7ee338dd160b6f558a |
| SHA256 | 1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649 |
| SHA512 | baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe61eadc.TMP
| MD5 | 9cbd095933bba044a7372ba4e57215ea |
| SHA1 | c6d29205c62f135561102d3b6f02f02ff5f017e9 |
| SHA256 | dc6147583501bf4b9db37e38f7088bae066f89988be423bba6c2d3bdab2a578f |
| SHA512 | 73bf35d5d7bc53f1ec726ed874b40c109559fff8ab76b9f3be60258eea7e7fad65f965e8d8fe6edc0058557ebc42a29a99a59e7601e56ae8da943241e16aecc3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | f7f6aad71401d0f823609e4dc969ad32 |
| SHA1 | 1ddd75e53c92fc90cfd35a67a196400dcd7d4832 |
| SHA256 | b28b3c35a95f905db22cb484f3d3a1f729c4e66b305274962a5c659e1bdd3f13 |
| SHA512 | 74428676c1bf3a24356d6ec85b9c03d4cc41aed8cfaabe6e9f9775b106e074b1df730d465bb3e1281e58c0cd036ee0d6a2b85d260c9a492dd5ce1f9516f77f4d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b28751327d62ec64d848847828e5e637 |
| SHA1 | f43d45578e43f5d464d9c207ee6df480f1bd884a |
| SHA256 | a5696f6f4300bd9745aeeb723eb2fdaac13fbf946b22eaf6b6df031e84c12263 |
| SHA512 | f57ed425d719e2b2356efaf5cfc82d27c4effe9eb727e91443ba3e82f6c60b17be4a15002e1fcc5364f9f30f699d2befcdae64a815e5573533b1dade742887b2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\5e6e1a90-abe8-4c5b-8741-74a469c49f5a.tmp
| MD5 | bcd85c5cee86dce9457272117f3b0438 |
| SHA1 | c7b9ad75078a1c6143836d2baf71f5cb3e31eaf5 |
| SHA256 | 47ff16a9bd787e9d2b24e532ba3c3f1841f9ebccd1a518d765af97a1e585dbe0 |
| SHA512 | a5f6c4a6dfddc1b65f1929e40cd458409b76f08e2656194589cb2f3158f9e7b5ebf5f130249a3d7c6ab5d2eee446559f70a87afe76772b6d8b51392c454ae010 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_turbowarp.org_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 84a1d3d6ae9eff6e842b410be1c8567c |
| SHA1 | e2b0986a01735736bf476d5ae304aea4d3152fa9 |
| SHA256 | 1a9b651d118cd1bcb6f7c804f74fa5ae1130f166393f374ed8c9b7d559921219 |
| SHA512 | 8984204de6bb7ff54f1d5e82c770a039f9d6c9bf2d74ea700e5909ffa332f612e483ba5ec298309d8b975ad85dad08802f981c027acee21dd9be5d648759beab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 31f23c984b6f9a51b3639e2f10a4ed0c |
| SHA1 | ef8d378374f6e09d6c186637cbc6ff1e17cbbc5d |
| SHA256 | 7925078edd37a65608ed35178144b60c2824af2b2fcd5fe2b1c732161cbf9008 |
| SHA512 | 884893a9635fb9ab8dc96d6dd2b97d6478411b6ff10e79386e3775745ef63ed25f51bc6ecc5bdf00e3d752eaf512e0a0c6f094ef10879bb3a744b25051aef948 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 7cde3029c247bf01a768a261ee19dbd4 |
| SHA1 | 99948b6cc1a24aeef2e17eb1a5ef93728ad5dd5c |
| SHA256 | 2c4822a85a09ed9b10e2851801deb4288314564ef3b64ca6256a8ce57dabd83c |
| SHA512 | fc23a7b3dd01539281a76c2b5879f2af20b49399ab072d01b205557a378b81f68a3e78892d50092d73970de429b48fe02c8368022ae8a69866b7f0efdbd284c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\blob_storage\baa30fa2-fbc0-4330-b220-ffa846755e76\0
| MD5 | b36358e41d46f37a11c4fbf23b7fe7ba |
| SHA1 | 4a48d0d04c5ec8c3f1a9ca134a15a9e76288a8ad |
| SHA256 | 8d6b35190ff8a64034d12c38c40cddbc2b9690cebb717c67d483694c2c1709da |
| SHA512 | dbba2e8859266d049eff8dcd074c657b7046fd5ed2bd5db068a9022358bf6557b789c302de4720a69b7aa8dd7b4010edba2e89626da171978cac8faf99c0f3de |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | d4ecff245b057044b6a289fd188357eb |
| SHA1 | 7f4d9f2d85c5626d28e54d6d279af54a77028c95 |
| SHA256 | 7da7d8ea4284f002a6c5fd12ff24522e3d9b97334e448bb5823d8d74a5fe6627 |
| SHA512 | 157a5375156170ef806c012fb28373edc733f91e57fcaebedca88d6a2aa87ec90c324bda9506fe82d531928a3a64062491d2f12d5fbe016043ffd67f3cf63798 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe6262eb.TMP
| MD5 | a1caa0f130ed5a34cf684c1a67098753 |
| SHA1 | 9495ae8b502955a6170bf25700da0a576bec184e |
| SHA256 | 4af3e6a11eb8083a1db43d3f7b336a572b548ce2f8843ce702f46674b25d5f00 |
| SHA512 | bd45e4f955894ac013439d25eb39247f2882805401e2ce4a113eab9e0087fdc75e7a9e6cbb9abb1ce2edc30195dd9f07630b44755dd8e7853bd6255e0f2a10f9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a79fc49dbf5c02aac0e19b2ab26d055a |
| SHA1 | 9b363fb142dd8ea05239e6a388842ef028fdd221 |
| SHA256 | a9f71628892748c500ddb824ba1e24188707e13a174c6c20f4eb9e70f7cf32a2 |
| SHA512 | fa783ca685f90792b8d8a039d59bf64fe9cd1927c21ee51968d27bbcadeec8574c13f57ae86ea5ca5e2cb0535f88a12c2b42da93cfb448293665b49b9bb4a5d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d4fff3ccadb864d95fb8bedc507dd5c8 |
| SHA1 | 657d885485d9a0498b4525fa9fda2ff4f4b46e36 |
| SHA256 | 99d0b9988357faeeb40ab241d55f5abd90fb63ffcfb9bb595c8d5411cf700a5c |
| SHA512 | 33a561b396828f989c3afa8cbab87d6d8c5e69fe1dfd988700bc4c47712554f212d5433aa20bd287e1f5d59b782aaae131879dba5cc4b6175bf0ed636bd8bb6e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 96f866e7764e164194dcc46518a8c082 |
| SHA1 | 670ad56d5d393928691cc12e7396f49faa26cf35 |
| SHA256 | b5c66dd5a58d103e4d69c4c8825a28cf24245d70efa8eb5a168d9111dcd767d6 |
| SHA512 | 410bf2dad48cb9202b0eeab10f92b48396d67730b1a7837a21d66f8edbf1f937a10fe51672500b8cbce6ee1fca24d37269d56f14d8bc117efb81737a5d5162a7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 53811cb2189e0d186190c0c35f17153c |
| SHA1 | 588eb5febb55b59ee49b49e08341fade1feba792 |
| SHA256 | 85e4e2f4268e2d53f87d37eb0b615f1c13692fa237817c2b07997955d01b649e |
| SHA512 | ae25b8f1c717daecf6190b5f72098087443119e2ebe175f169605e2853d019511e54e1dc27ed03b2f514858118afd1ad21381dd461107bab4d7ad4badf0228cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 1e7cc45516f9fd9938837ab9b9339cd1 |
| SHA1 | 135b1e9e457bf8b797aec958cd356210b5825443 |
| SHA256 | 85e7853b476eddc345dd210b657fb29f3d438cf5e5894e3314616729485bc050 |
| SHA512 | 27c37976c55ea60ecff61a8bce445c733699b80df9c55737483ee04bd37b109d95556b767f0fd822fe2b4062e70194f85df61755efa059f3ee24d9127b8c6367 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 11cbaeace88b8a3d97d7e3cb7a1abceb |
| SHA1 | 2bc9e4bcb6c0cd938159c3f423d7482b1a38b13e |
| SHA256 | 862eb9c0f7746ce0bf1031801d0fb4ddd22fef0ea5d0e0fe716b9800bd582394 |
| SHA512 | 0fb6c1d0898a9ba8d0287e354a2e3ebe8fc184d6991664fc43190e377a911ba52c610c03ebcb3ef8486661fe815043b771dc49737c10f53464b710086a2f3652 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d0848fca889df7fa4d77e8d3865daa05 |
| SHA1 | 8dd96e66440e787728a2cff702b8075e143d4a97 |
| SHA256 | d9515be45cd5b3d35e85438fd906f91b730872255b47524955bba05386c3e3d9 |
| SHA512 | 7b171e301a75edd3fb143f5382f51360cc2722052e570684f64e3e759c905b71595f2da8621d04f0c4f315faa123c2c28fb8e17f4d96deb82862289866d77987 |
memory/4736-1568-0x00000000009F0000-0x0000000000E80000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00009d
| MD5 | 7c07c0d968f5e0ec736cef4bfd74e384 |
| SHA1 | 9f7c57fac42b04d06a13b2c1607182a2dcf8806d |
| SHA256 | 24fb42befa3f20ec0649b3d4b9af1a0766704c62cf1a99d9a20a2b78fc229ad9 |
| SHA512 | 5f1ccac01300a84002da5812de7df6d60c70059f95a84fe64ab432103bef86e741a8a3c7ced3a4111d9bea7841d92ebb7bb4bf3aadd853799c9453fd79723d48 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | f8d8da15db0c3a1d0b4d20603fa2e753 |
| SHA1 | 84605e399c1de51aa6eb246febf94fe24f5211eb |
| SHA256 | 487ad564050cf3283cc540e9e47cd3e552752fd2853ad9321d6dbc7c915be434 |
| SHA512 | de2293588ac767273493347f48f71cee0a7e248489c8c9deec706148954d480f0d6e1981121dc00dd42b41cc25113978233f3ed748493989d17f2d36f0835f47 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0f7918ae1fd28b2a0f1cf7dc5d1bcd24 |
| SHA1 | a1bbd26e0141176762d25e91f42a3976896b5088 |
| SHA256 | 55902de99338f28292c958732bc91a8ad40d7d1874da779f80532681a7fed89c |
| SHA512 | f96559160a986f4a58c76a444fc008a4cf3343d12f69aeb8eb4e173c7a29cf2a6790f993aea412488118d198322308b298f0f3f89d1d63e10d25a2b332055855 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8d3c51a0826631cdb635aa4d529927ad |
| SHA1 | 9cd837ab586ab22bc063a8d60ca464acec4305c8 |
| SHA256 | 3e4c0a7b46d2e06f0b654deb35b8be3f1d81f76e9cd6100ec1dd605f8963dc5f |
| SHA512 | 81f882bb917f571b151aba501e78d39d4a9769abfdf2637276bba3b119027c9c5b96247ef7091c54418f3d4da513737836e2b0ae4a0748060b6aad6a0c452283 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a68ac1e820663eff387e10de2d8225a9 |
| SHA1 | d5160747dda244867d338d2dd8a6645ad7f5b54d |
| SHA256 | 9e919367c401c1dc87b1ecb8d7096a81dc554c0c57237728a279ba2e73d8d592 |
| SHA512 | 90c539442bb4069c19e9908d1a0451adaffca0d3032f95cdfdc575187b90a57269c4e09b6fc38397896ab146f5f74ee869950fa386bdac94b324025bc5a05bb9 |
C:\Users\Admin\Downloads\LogonFuck.exe
| MD5 | 7ee3aeb93b0fa8dc34893e8b3c0f5510 |
| SHA1 | faedf76ced4d16de8832d084be985ed8b32cf20d |
| SHA256 | 78a7a05316929dddcba6788429eeec08b5428590b89b8d272bd79471f0b6a4d8 |
| SHA512 | fba2326c80a69841fa9c97198aa69b0b019fffa591a5f7bd8b38da99f8eb8baa0662c8a4dc751ec38dc7892097175f3b760a7d7e1116aaeeb4b2ffe04b821d29 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 980f68452de96a9416b26c0cafc19cf7 |
| SHA1 | bf5612c2539163f74850bb835db1e0ed54ed7411 |
| SHA256 | ac5ee165acf11213ab59c0430f3dc69d5a1af053a3eabe9a427ae2522747ca4d |
| SHA512 | 23c0999ec2941bcda2660075234eee68163951eeddf9ed0a185e4bc28d6c2e0215aa63d008727fe59c39bee6a74e3b7389c731d8d59e52ff3e347db2f45823f3 |
memory/1924-1848-0x000001DBCEF10000-0x000001DBCF72C000-memory.dmp
memory/1924-1849-0x000001DBE9DB0000-0x000001DBEA720000-memory.dmp
memory/2892-1871-0x0000019BB5A20000-0x0000019BB5A30000-memory.dmp
memory/2892-1855-0x0000019BB5920000-0x0000019BB5930000-memory.dmp
memory/2892-1890-0x0000019BB2E20000-0x0000019BB2E22000-memory.dmp
memory/3252-1898-0x000002401D440000-0x000002401D540000-memory.dmp
memory/3252-1900-0x000002401D440000-0x000002401D540000-memory.dmp
memory/4484-1910-0x0000021447F00000-0x0000021448000000-memory.dmp
memory/4484-1930-0x00000214587C0000-0x00000214587C2000-memory.dmp
memory/4484-1928-0x00000214587A0000-0x00000214587A2000-memory.dmp
memory/4484-1926-0x0000021458780000-0x0000021458782000-memory.dmp
memory/4484-1939-0x0000021458600000-0x0000021458700000-memory.dmp
memory/4484-2066-0x0000021459740000-0x0000021459760000-memory.dmp
memory/4484-2099-0x000002145C4F0000-0x000002145C5F0000-memory.dmp
memory/4484-2097-0x000002145C3F0000-0x000002145C4F0000-memory.dmp
memory/4484-2120-0x000002145CE90000-0x000002145CE92000-memory.dmp
memory/4484-2124-0x000002145CEF0000-0x000002145CEF2000-memory.dmp
memory/4484-2122-0x00000214599F0000-0x00000214599F2000-memory.dmp
memory/4484-2117-0x000002145CE70000-0x000002145CE72000-memory.dmp
memory/4484-2112-0x000002145C8C0000-0x000002145C8C2000-memory.dmp
memory/4484-2203-0x000002145D5D0000-0x000002145D5F0000-memory.dmp
memory/4484-2243-0x000002145D890000-0x000002145D8B0000-memory.dmp
memory/4484-2259-0x000002145C4F0000-0x000002145C5F0000-memory.dmp
memory/4484-2364-0x0000021458720000-0x0000021458730000-memory.dmp
memory/4484-2377-0x0000021458720000-0x0000021458730000-memory.dmp
memory/4484-2376-0x0000021458720000-0x0000021458730000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\5DUPJPJC\favicon[1].ico
| MD5 | b11333529f0518fa8bb42b4ec384f84f |
| SHA1 | 85b19efb5d99d3cc0947b82752358738f9b83e70 |
| SHA256 | ebefb9fcffacc72b520e93be5a0d928e635a9767819fd451fe8291f2dce092ae |
| SHA512 | 3ba8817367a32de00f71178335529c95954aebe1a07a841055df5280c069b190a249728874bf46e3d9a41ca157814d066ad7fdd433237eb6f51b5fdeea3875d7 |
memory/4484-2371-0x0000021458720000-0x0000021458730000-memory.dmp
memory/2892-2367-0x0000019BBC060000-0x0000019BBC061000-memory.dmp
memory/2892-2366-0x0000019BBC050000-0x0000019BBC051000-memory.dmp
memory/4484-2362-0x0000021458720000-0x0000021458730000-memory.dmp
memory/4484-2373-0x0000021458720000-0x0000021458730000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\Y8Q6UUY8\www.kaspersky[1].xml
| MD5 | aab709f23b05a9b67216699655be8885 |
| SHA1 | de8f0f65b6d67913556e0fc35a8b50ee8ee51bc5 |
| SHA256 | 4a4c13b80e5cb7445d62037aab6d603463c59cdf3a3ca7a87aa095c6f83186f3 |
| SHA512 | cb937b366677caf84df52811ffa94985da806958f5c222e24da7e651f68ba0656ff242cc69e59f95968940dcdc153c6efeea7e2cede831009175aa01afa60071 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\IMOZ3QWS\mmapi[1].js
| MD5 | 09870a1ec48f9cc2347e176bc55e5bcb |
| SHA1 | 803f92bc98b7fa3b60bdab395fe6d8d11cb8cc2e |
| SHA256 | 4ca148f077426846fa9bba24e9fa3461201c70f56dc779face0382e10eb56af1 |
| SHA512 | 71b3a5264abbb5b23711b841f1f8a500411720adf8e83e309b4211aa1a3419298e47f4baddbbb2926de5004f07c58137de0e801724b8a68baec28effe9a09625 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ET401MMC\inter-cyrillic-800[1].woff2
| MD5 | a72799186794b25ad25c1f60bfec9b97 |
| SHA1 | 4ab59e978a1ef848ec9e8c19e75dd999b9131953 |
| SHA256 | bd8c2e90f9f60a8b2c88cb32d469226e6e9067d639f5bf3314f81fff49b29c74 |
| SHA512 | 3f7f6336d4268637a84bf4f2646b2b4c0c7d68bc405f34e89a89cee3d7cafa4eda5d2e25e0cc61ee80e7d70a6fb52069857508f70e301d43f530568f63b4ce67 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\TCP3A4B1\inter-vietnamese-500[1].woff2
| MD5 | 08b27f5655dd43d719d223f1228d6aa5 |
| SHA1 | 161603708d78c28107a1ddcdd3f3c3e6b25a9424 |
| SHA256 | a203ebb13ec09e482cd64924f81a3250c30934433f703b2a8bcf22804faf39c6 |
| SHA512 | 29ce817fe770eb8d2f088159fa4cc233b82ae51f41d8e4e08790c66d8ad2694d10052be8ae2e7aea8c832c9662282e2b33876fc781c1ff9b6a987178654ab190 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ET401MMC\inter-latin-ext-400[1].woff2
| MD5 | a39cb244cc09161dab1c2036ab4a1605 |
| SHA1 | 5d1a8a0050d6adb43fde242e6f2d663df69a8e6f |
| SHA256 | 01bd76a63d1a3e8dce2d5e3b76da2618d166786afce754e0fcbf3bd356c2c5ec |
| SHA512 | dff091383ddc96e823d771f50981fae45342205f5f5a7b9cf9c0503a0c445731eaea291e376ad17ca3ba55a4cea564e705d5ffa2cabc61688bb95df3afb3d5bf |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ET401MMC\inter-cyrillic-ext-400[1].woff2
| MD5 | 6f763134b8340cdf06a43d522f43402c |
| SHA1 | b7f79e74aa25e69d5a31687d6c9efe802d20c92a |
| SHA256 | 505975951f7b4b1ec1143cb7dd230846b19a868be84a17e707e5e3c0f03ac25d |
| SHA512 | f5e7924437106764e3264bfc86e255994817891e0adefc45bc4c57afc2859c808fe13c45a1d40d18961706fd19c231d0d8288a514fa6698936b6e84f7cb3dc7a |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ET401MMC\inter-latin-500[1].woff2
| MD5 | 1014114a6803c83bc5a766c5551fd84f |
| SHA1 | 9bd943ddd5caf7d0543230dc37088f3d74d468a2 |
| SHA256 | 799c2b76f617ebe6cf5c90e376212faa5fd523abb39325cf4fbd848c3c9c930b |
| SHA512 | ade7442dcaa826f79ebfd8586426fb4f2ce998c47e14287b93c2a5bf55d4f079204a0166777cdfb62c045f96aa75c0c1df357bae28bf8b120a2ea009fe3b1a65 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ET401MMC\inter-greek-ext-400[1].woff2
| MD5 | 12542d76ee89ff31a27a3d2b1f65e105 |
| SHA1 | e09df3a58083fecf593a58c64e854ecd3ceb8983 |
| SHA256 | e057566d9b6fb8f019ff2d48c21091466f89bd2a8d04011c8af38fe56f8b6136 |
| SHA512 | bddcd503a4d648df956b504bf6c6c17db0bbf18f2775b4aace9a40ad92e3d2582be9796ce16938d8f76f0df88e8931e011f96d0095201eae28e3bfc588e908ca |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\J9R2LYZD\uk.norton[1].xml
| MD5 | db703af6e3b229f8d933246fef28fc7b |
| SHA1 | 6a7ca022b32884e1dc56ba380b85f48e52fb4e07 |
| SHA256 | 8b73839438ff19af1556769e9bd3c92a5f1617eec54257ffddfbd3005e6984c1 |
| SHA512 | 8151f9796837a9ad61cb8f47bcf703db77d07e71ea98a9d1eecb92c475f28f4d68580c3db9b79281a19ff6d5cdf5520edf0eb672c293cf24f245a75bd3597491 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ET401MMC\inter-greek-400[1].woff2
| MD5 | 2b048f5f97233e27ef89cc54a3675bc0 |
| SHA1 | aa3d1571cf0b161296ffdd06184bb8d79ccb5098 |
| SHA256 | 598e85c4fb1f9e5269de4955cc9d9e3b7301122eaba31a2b7885d3f784a1ab25 |
| SHA512 | c3cb6323990f55968fbe10cfc2c42053f9ebe4fa35657b1c4908271fcfb334229b8c3038ea48fb61d42b2f8e47b4fb580d704163e8418ef334b30139c8b4e932 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\7JA8PUWV\favicon[1].ico
| MD5 | 0ae4bee94d0375ecb7a146c5379a9ab0 |
| SHA1 | 58c0f9b476d405de4f803a4f8bfee75ab827ccb3 |
| SHA256 | 6ee846164b6808f3747ad3194706d5746b19354f29e275e8b310dde90cf00202 |
| SHA512 | c959e728976d652afa44d2a6035b526c92ceb787e548427f8c1a8a35f94beab34aa97764af4556cd8b88669d79d0511dd9101cb7ca9be6f071f8a3c71e168c75 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Q7BUKSPQ\edgecompatviewlist[1].xml
| MD5 | d4fc49dc14f63895d997fa4940f24378 |
| SHA1 | 3efb1437a7c5e46034147cbbc8db017c69d02c31 |
| SHA256 | 853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1 |
| SHA512 | cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AVZQWNFX\www.avg[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AVZQWNFX\www.avg[1].xml
| MD5 | 01532278026a54102b746efd6132443a |
| SHA1 | 9da26eb056ef29b0505b3827739a21358f5382a4 |
| SHA256 | 709a204e51acd5c5878de9b3d3cc5732378e14a8321f688af674da6cb208cec6 |
| SHA512 | 8f975a7bda00d4cf64b687b3b6f70546f3e8cfef70ee94c19b08a57c330e2203a292b1fb654903bce6ad0338e5020d93e4673003dee0f3dbf3474d811d0eb1a5 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AVZQWNFX\www.avg[1].xml
| MD5 | bf859345df7cb490b2213facf9946f91 |
| SHA1 | c155786a88823ac2aa4d16eb7b9f46845e1a0e4b |
| SHA256 | 8d97df114685af1f4786978db65420985a1eec56a3db2d51534c5192a102e6c7 |
| SHA512 | 001204782416e3bbb0d4a924e55f39c5942d505bc08f3db785122dd657f47142abe856e0d03fa87a64e178d0f92df401b159911409eeecf48e5d1cb74dc0d434 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\00JV2NUH\favicon[1].ico
| MD5 | 21c74fbcc3d208bce2bff4065ace2ae2 |
| SHA1 | 611aeed7c1a34b4999b7079b1cc5fc18ff99cbb9 |
| SHA256 | c4ffad9d3e71aa394b84039fe5204bfa85a3302dca6450e0bb3b66e5499c1cb2 |
| SHA512 | 0679a88e5cb3daa18dc8f12e50b6e88099bc39156d6362b1cf1d0ac5f6e53c998fa8160a9f24feb32a7c68a95dabce1b29a2f2709a15c1a44b521321196f4bd4 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ET401MMC\style.min[1].css
| MD5 | cadbd32c2fb5384ecdbc11c6f40f7354 |
| SHA1 | 105a2ff003b77aefd61ecfb419b4690caa4c47bc |
| SHA256 | 83a7ae658589063a7cc61e1a1403ffb16afc41084aa8b0f7cf0f1582601e67d6 |
| SHA512 | dfe49ff4960779ab61e336b838fa3d7afd316a0eb65c16b9624d52b5388de63f5c756137e3111b58441b3f3b872f0892d1ba72c77806d4d0f00ea60f68ab3cba |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\IMOZ3QWS\_static[1].css
| MD5 | 204b9bc8dc8a18b196d046e6414e7547 |
| SHA1 | c7eac74ca959f400f928ef3277b3252787a5bc7b |
| SHA256 | d8735c1531c3d44f6f22c0436dc5cc4d48d29e0bc50b6e9c207ea7aa46e612be |
| SHA512 | 2f916366cc6ab630732c081067d1879b7f85ad63c86b467ac61452ede92c37174928ae7cc8c02341431711552d412f16bf45a882b604dbdd860b1e927458a46c |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\IMOZ3QWS\_static[2].css
| MD5 | 69fe7c06036684fea171d5114984626e |
| SHA1 | 64f5af8fbd70d339a70c4fc0033f1ce648448a35 |
| SHA256 | 45f93ebe22f6444c4ccbf5574425c17c0e961e2023642486050dbede03508193 |
| SHA512 | 360ba3bf82ddd78a6ef90f86c82880aec875f0168d197aeea14c3df61c7c09d9624dde7ec0b6ff42e28f369e1376aed3084c5609ee03914ab7f0d4cc98bf8afe |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\TCP3A4B1\Graphik-Semibold.b023d334[1].woff2
| MD5 | f427534757749c1a8ef5a5713587c4ec |
| SHA1 | 526e5c6d6d9ac4e319094a4c5f80c9b5c318cf5a |
| SHA256 | 33441b6e44fb33343a5769858ca65653ce482e5e0c58c6eb1cee0e50aa06ddf6 |
| SHA512 | 5674df335aa1c27ec8671b8f99acb3427ad0d2269c82a6269afc781436cb73efeadef44a7f21274994e078a07c93b3a6e4bd274b096bd7837fe5c7c6edd277c1 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\8X9GCRA6\cropped-favicon-512x512-1-1[1].png
| MD5 | 311a928ad1210a491bf2ddc244e644fb |
| SHA1 | e236c8551176c4ecfda845b887b8dc28d99493dc |
| SHA256 | 952f93877fffd447f8e95a4dd76f10caea82d23e22319c3419f6702628647304 |
| SHA512 | e31a1cb9a0a41b28e644dd13d54abee0c6c7217e384b295eed85f094bab75a01946098ccbdddfdde1ac92792dff545dbfe3fa9af21fff83eae417bbf510bf9f3 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\IMOZ3QWS\js[1].js
| MD5 | 998109f9e94009b982091b6b43d45889 |
| SHA1 | a70b8e85177c3f4616fbb95c9bf3d32dba6c72dd |
| SHA256 | 558e462445fc576f09cfb6d9698df3c2a3604eb4864acdffbb50c63b8e96e93d |
| SHA512 | 16121a7373626958f9497afcb7173de4d8c0edaf556ab5072ae46156aeec927d2e3f7db6bfc287ce51ad3b11ca754254dff92e44d70f832a7432d91dd64e4228 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\5DUPJPJC\favicon-32x32[1].png
| MD5 | 13e4a579c3cfa586f665ecd794e0462c |
| SHA1 | b629b7170f76734c495630191e665b6a88024268 |
| SHA256 | a961b4999fbb3ea58527df10b36cfd5c6ac7cf9fd12a0ecede32a8f7f48fec30 |
| SHA512 | 813d424cb854ecda3bd1cb73e87af2e1072364e5e6345e2a7ff0c93cdac34628146786f1f5fbfa869b95d72ff0071414af13c4453545e76b3f627c1343cbdc8a |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\ImageStore\m28f0gh\imagestore.dat
| MD5 | 77bd75a9dfb9a95c0addd02bc22b4169 |
| SHA1 | 622fca8391ba801c4dac86205a2391252e448a7b |
| SHA256 | 6f8faaca81364237d0ba591ace72e41abbe07f7d7b309e4cdceeae031d065e04 |
| SHA512 | 4410811fadb6a587ca861b4ad5d95ef7e19551b73b4024cadd442441c6021c102876acdaea039c863e5c20c82471f610f2deee17d8c7c0451a3471ab648b2f39 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\Y8Q6UUY8\www.avira[1].xml
| MD5 | fefafa5fef367eefb25f526f8ebf4aa2 |
| SHA1 | 746adf61dfc053b021a96057b404517d47193460 |
| SHA256 | 4bd0cdc65849046dabeba21ab82ec7a6c04eb778a4f1cace931f710fc7075a17 |
| SHA512 | 5b5bd6a2cbe9a2bfeecce7260698b5ffff8c0c8241732eaf96e3d79ad185c4d02a5462de24178046909cde957b5570bc252a7d2c46f746d6d9adbcfad10f7910 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\TCP3A4B1\js[2].js
| MD5 | 4add7e19c35840a7eadfa020a488908f |
| SHA1 | ba8c3ea2b0fc0d44ea9b4e01898026b2de42d02a |
| SHA256 | ec6efabbbedb14a665091078e4f61096ea010e6c89f2451bb12579b714eb1bab |
| SHA512 | 3430bc290e967f5fa08b448852a51789a2a8d664679ded12e86402a692d77623b975226583738eb277d43fb52b8a37f21f773bcc01649ec1f38abd0eb516840f |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\7JA8PUWV\suggestions[1].en-US
| MD5 | 5a34cb996293fde2cb7a4ac89587393a |
| SHA1 | 3c96c993500690d1a77873cd62bc639b3a10653f |
| SHA256 | c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad |
| SHA512 | e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\J9R2LYZD\www.mcafee[1].xml
| MD5 | e2417cc46361d10bde2264e08b1da8e8 |
| SHA1 | 3aaff15820ddeaef84d0c7f4a21da507f6b57072 |
| SHA256 | d722ed11e5b627c9b35176af806800a9d23ba5803b347f63f2b2550c9f51d617 |
| SHA512 | 4377991c6d67158870d4339bf424f20e90c4d1ccc0307d496151059e7e377b2c75e005d38893424b3214ec5852146d4eec17e6a053688ec8cb798045d9c766f3 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\5DUPJPJC\favicon[2].ico
| MD5 | ebb7784f41e283b042af365dc54e9a0d |
| SHA1 | 099bd47831572b8c90cacf67e20940b72c8f4fd4 |
| SHA256 | d38db89d5e998b9f21899a985f3b1366a3610dc13213a93cf4e96620bbc64b0e |
| SHA512 | 522a147b1f67f8eb54d824573d1003fec7a32e630e39fdafaceed50ff64c3bfc8f6c54f43ff4ce9c68cf58ad45d3f74542e1bf65386f7d0875f71eba9eb6978f |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AVZQWNFX\www.bitdefender[1].xml
| MD5 | 3779dd8153530b9397044119a762fa46 |
| SHA1 | 9bbc4f1f83cc76915d7bbe787655e998a39c1894 |
| SHA256 | 8b32be1245cd7a24ba216e3d119a8b029d57be34b09dba7e76f5bfc13ecf950e |
| SHA512 | 538c0cee02c9ed6db32f7abe041eccb04ff430b3b803d670d817bdb43a7b70c8193ee9e14c90141fb9e65e799f55df737981945f7f522ae095271c78feb06de1 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\7JA8PUWV\android-icon-192x192[1].png
| MD5 | b1083af6fa734dd85df15d0ca8cfa2d8 |
| SHA1 | 6150e7b5264f31e1f137b35d9a69f2520d72b599 |
| SHA256 | 5ba248f5ef4a738e049143c7d7d3e54b53eba56fba8bc7e8e644dbc58be24321 |
| SHA512 | d4d27d5a764b0656e44e0cfe907416aa431b123cd123e1152c37492d115a6334431228eafe932ab068f875935548fbbdd50595f99ba7b99e9e5ea9f53c2995b3 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\IMOZ3QWS\rules[1].json
| MD5 | d3e405e2482bbdbaaef5621913875c90 |
| SHA1 | d11a17dabbc535b256be1339b7dc5f940750fd6b |
| SHA256 | d5ef48ff4c733de06e9c553de579d17ecddd07eef9a13b4c9e219b9ab7481b4a |
| SHA512 | 67b905ffaeeb136833296292c2df8545098608b386d0a269b9485c169df3f1636404525ac98313570c839d0392c131ee87ff273fa44cf419a083042b0d3cb366 |