Malware Analysis Report

2025-03-14 23:46

Sample ID 240603-gad2ssee57
Target slinkyhook.dll
SHA256 7c4234fac3b6b3e96dace1e71c7a952ec67e3839f90f7a88a9ea283bf88d25b8
Tags
persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

7c4234fac3b6b3e96dace1e71c7a952ec67e3839f90f7a88a9ea283bf88d25b8

Threat Level: Likely malicious

The file slinkyhook.dll was found to be: Likely malicious.

Malicious Activity Summary

persistence

Modifies Installed Components in the registry

Enumerates connected drives

Unsigned PE

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

Modifies Internet Explorer settings

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Uses Task Scheduler COM API

Suspicious use of AdjustPrivilegeToken

Checks processor information in registry

Enumerates system info in registry

Modifies registry class

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-03 05:35

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-03 05:35

Reported

2024-06-03 05:41

Platform

win7-20240220-en

Max time kernel

122s

Max time network

304s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\slinkyhook.dll,#1

Signatures

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Active Setup\Installed Components C:\Windows\explorer.exe N/A

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\F: C:\Windows\System32\perfmon.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\System32\perfmon.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\System32\perfmon.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TypedURLs C:\Windows\system32\taskmgr.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_Classes\Local Settings C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202 C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0000000001000000ffffffff C:\Windows\explorer.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\System32\perfmon.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\System32\perfmon.exe N/A
N/A N/A C:\Windows\System32\perfmon.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\System32\perfmon.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\System32\perfmon.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\System32\perfmon.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\explorer.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\explorer.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\explorer.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\explorer.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\explorer.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\explorer.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\explorer.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\explorer.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\explorer.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\explorer.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\explorer.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\explorer.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\explorer.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\explorer.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\perfmon.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\System32\perfmon.exe N/A
Token: SeCreateGlobalPrivilege N/A C:\Windows\System32\perfmon.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\explorer.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\explorer.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\explorer.exe N/A
Token: 33 N/A C:\Windows\System32\perfmon.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\System32\perfmon.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\explorer.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\explorer.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\explorer.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2204 wrote to memory of 1908 N/A C:\Windows\system32\rundll32.exe C:\Windows\system32\WerFault.exe
PID 2204 wrote to memory of 1908 N/A C:\Windows\system32\rundll32.exe C:\Windows\system32\WerFault.exe
PID 2204 wrote to memory of 1908 N/A C:\Windows\system32\rundll32.exe C:\Windows\system32\WerFault.exe
PID 1196 wrote to memory of 1608 N/A C:\Windows\system32\taskmgr.exe C:\Windows\explorer.exe
PID 1196 wrote to memory of 1608 N/A C:\Windows\system32\taskmgr.exe C:\Windows\explorer.exe
PID 1196 wrote to memory of 1608 N/A C:\Windows\system32\taskmgr.exe C:\Windows\explorer.exe
PID 1196 wrote to memory of 2776 N/A C:\Windows\system32\taskmgr.exe C:\Windows\System32\perfmon.exe
PID 1196 wrote to memory of 2776 N/A C:\Windows\system32\taskmgr.exe C:\Windows\System32\perfmon.exe
PID 1196 wrote to memory of 2776 N/A C:\Windows\system32\taskmgr.exe C:\Windows\System32\perfmon.exe
PID 1608 wrote to memory of 1972 N/A C:\Windows\explorer.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 1972 N/A C:\Windows\explorer.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 1972 N/A C:\Windows\explorer.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 1544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 1544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 1544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1972 wrote to memory of 924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\slinkyhook.dll,#1

C:\Windows\system32\WerFault.exe

C:\Windows\system32\WerFault.exe -u -p 2204 -s 152

C:\Windows\explorer.exe

"C:\Windows\explorer.exe"

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Windows\explorer.exe

"C:\Windows\explorer.exe"

C:\Windows\System32\perfmon.exe

"C:\Windows\System32\perfmon.exe" /res

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef4499758,0x7fef4499768,0x7fef4499778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1200 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1540 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1668 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2340 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2356 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1496 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1388 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3476 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3488 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3636 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3768 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2472 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2384 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2396 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4484 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4564 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4580 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4824 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=4924 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4920 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5136 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5292 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5400 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5428 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5448 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=5464 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5168 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=6176 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6356 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5188 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=6672 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=1232 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=2080 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=6196 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4276 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6168 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=4984 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4616 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5324 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4700 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=1932 --field-trial-handle=1212,i,14756954003813807040,5613769696388354585,131072 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 1.0.127.10.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 apis.google.com udp
GB 172.217.16.238:443 apis.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 sandbox.moomoo.io udp
US 104.26.0.37:443 sandbox.moomoo.io tcp
US 104.26.0.37:443 sandbox.moomoo.io tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 23.63.101.153:80 apps.identrust.com tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 104.17.2.184:443 challenges.cloudflare.com tcp
US 104.17.2.184:443 challenges.cloudflare.com udp
US 8.8.8.8:53 cookie-cdn.cookiepro.com udp
US 8.8.8.8:53 fran-cdn.frvr.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 104.18.40.148:443 cookie-cdn.cookiepro.com tcp
US 104.18.24.202:443 fran-cdn.frvr.com tcp
GB 216.58.201.106:443 content-autofill.googleapis.com tcp
US 104.18.24.202:443 fran-cdn.frvr.com tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 imasdk.googleapis.com udp
US 8.8.8.8:53 api-sandbox.moomoo.io udp
GB 142.250.200.10:443 imasdk.googleapis.com tcp
US 104.26.1.37:443 api-sandbox.moomoo.io tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
US 18.245.194.122:443 c.amazon-adsystem.com tcp
GB 216.58.201.106:443 content-autofill.googleapis.com udp
US 104.18.40.148:443 cookie-cdn.cookiepro.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 id5-sync.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
DE 141.95.98.65:443 id5-sync.com tcp
DE 141.95.98.65:443 id5-sync.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 id.crwdcntrl.net udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
IE 34.246.197.125:443 id.crwdcntrl.net tcp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 sgs-l89pz-n6rmv.us-east.moomoo.io udp
US 8.8.8.8:53 sgs-4k4d5-988ss.eu-west.moomoo.io udp
US 8.8.8.8:53 sgs-q6zg6-7jwbh.gb.moomoo.io udp
US 8.8.8.8:53 sgs-xz4t6-qcsl6.au.moomoo.io udp
US 8.8.8.8:53 sgs-rxmhg-r9pps.us-west.moomoo.io udp
US 8.8.8.8:53 sgs-xq8sz-lf9ds.sg.moomoo.io udp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 fran.frvr.com udp
US 8.8.8.8:53 btlr.sharethrough.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
DE 3.69.42.189:443 btlr.sharethrough.com tcp
DE 3.69.42.189:443 btlr.sharethrough.com tcp
DE 3.69.42.189:443 btlr.sharethrough.com tcp
DE 3.69.42.189:443 btlr.sharethrough.com tcp
DE 3.69.42.189:443 btlr.sharethrough.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
US 8.8.8.8:53 ads-246u6.iionads.com udp
US 8.8.8.8:53 server.cpmstar.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 onetag-sys.com udp
US 34.149.188.141:443 fran.frvr.com tcp
US 34.149.188.141:443 fran.frvr.com tcp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 bidder.criteo.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 privacyportal.cookiepro.com udp
US 131.153.151.98:443 server.cpmstar.com tcp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 8.8.8.8:53 pbjs.e-planning.net udp
US 8.8.8.8:53 d.vidoomy.com udp
DE 51.89.9.253:443 onetag-sys.com tcp
NL 185.89.210.46:443 ib.adnxs.com tcp
US 38.107.226.211:443 ads-246u6.iionads.com tcp
US 35.186.253.211:443 rtb.openx.net tcp
US 8.8.8.8:53 g2.gumgum.com udp
US 8.8.8.8:53 brightcombid.marphezis.com udp
DE 18.157.230.4:443 tlx.3lift.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 104.18.36.155:443 htlb.casalemedia.com tcp
US 178.128.135.204:443 brightcombid.marphezis.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
ES 212.36.83.245:443 d.vidoomy.com tcp
IE 63.33.33.194:443 g2.gumgum.com tcp
NL 193.3.178.4:443 pbjs.e-planning.net tcp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
FR 52.84.174.40:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 18.245.194.122:443 c.amazon-adsystem.com tcp
US 18.245.175.156:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 sync.inmobi.com udp
US 20.253.0.30:443 sync.inmobi.com tcp
US 34.149.188.141:443 fran.frvr.com udp
US 8.8.8.8:53 sgs-rxmhg-wxnxf.us-west.moomoo.io udp
US 172.67.72.56:443 sgs-rxmhg-wxnxf.us-west.moomoo.io tcp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
DE 3.75.62.37:443 ups.analytics.yahoo.com tcp
US 8.8.8.8:53 et-nd43.itdsmr.com udp
US 8.2.110.123:443 et-nd43.itdsmr.com tcp
US 8.2.110.123:443 et-nd43.itdsmr.com tcp
US 8.8.8.8:53 15e0bebe32bdfa61af287a4928619f21.safeframe.googlesyndication.com udp
US 8.8.8.8:53 static.criteo.net udp
GB 172.217.169.65:443 15e0bebe32bdfa61af287a4928619f21.safeframe.googlesyndication.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
US 8.8.8.8:53 coeus.frvr.com udp
US 34.36.67.2:443 coeus.frvr.com tcp
US 34.36.67.2:443 coeus.frvr.com tcp
US 34.36.67.2:443 coeus.frvr.com tcp
US 34.36.67.2:443 coeus.frvr.com tcp
US 34.36.67.2:443 coeus.frvr.com tcp
US 34.36.67.2:443 coeus.frvr.com tcp
US 8.8.8.8:53 rtb.gumgum.com udp
US 34.36.67.2:443 coeus.frvr.com tcp
IE 52.215.82.168:443 rtb.gumgum.com tcp
US 34.36.67.2:443 coeus.frvr.com udp
US 8.8.8.8:53 eb2.3lift.com udp
US 76.223.111.18:443 eb2.3lift.com tcp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 pr-bh.ybp.yahoo.com udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 px.ads.linkedin.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 52.223.40.198:443 match.adsrvr.org tcp
IE 34.250.199.34:443 pr-bh.ybp.yahoo.com tcp
US 13.107.42.14:443 px.ads.linkedin.com tcp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
GB 142.250.179.226:443 cm.g.doubleclick.net tcp
GB 142.250.179.226:443 cm.g.doubleclick.net tcp
GB 142.250.179.226:443 cm.g.doubleclick.net tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 52.223.40.198:443 match.adsrvr.org tcp
US 13.107.42.14:443 px.ads.linkedin.com tcp
IE 34.250.199.34:443 pr-bh.ybp.yahoo.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
US 8.8.8.8:53 ads.us.e-planning.net udp
NL 193.3.178.4:443 ads.us.e-planning.net tcp
US 8.8.8.8:53 s.e-planning.net udp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.8.8.8:53 cookies.nextmillmedia.com udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 54.87.96.158:443 cookies.nextmillmedia.com tcp
US 8.8.8.8:53 ssum.casalemedia.com udp
NL 193.3.178.2:443 s.e-planning.net tcp
NL 145.40.97.66:443 prebid.a-mo.net tcp
NL 46.228.174.117:443 sync.1rx.io tcp
DE 51.89.9.253:443 onetag-sys.com tcp
US 8.8.8.8:53 spl.zeotap.com udp
US 172.67.40.173:443 spl.zeotap.com tcp
US 8.8.8.8:53 as.ck-ie.com udp
US 8.8.8.8:53 u.openx.net udp
US 8.2.110.113:443 as.ck-ie.com tcp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 35.244.159.8:443 u.openx.net tcp
DE 51.89.9.253:443 onetag-sys.com tcp
US 172.64.149.180:443 js-sec.indexww.com tcp
GB 2.21.188.221:443 acdn.adnxs.com tcp
BE 23.55.98.169:443 eus.rubiconproject.com tcp
GB 2.21.188.239:443 ads.pubmatic.com tcp
GB 2.21.188.239:443 ads.pubmatic.com tcp
US 172.64.149.180:443 js-sec.indexww.com tcp
US 76.223.111.18:443 eb2.3lift.com tcp
BE 23.55.98.169:443 eus.rubiconproject.com tcp
DE 51.89.9.253:443 onetag-sys.com tcp
US 35.186.253.211:443 rtb.openx.net tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
US 52.223.40.198:443 match.adsrvr.org tcp
US 172.64.151.101:443 ssum.casalemedia.com udp
US 8.8.8.8:53 cm.adform.net udp
US 8.8.8.8:53 bttrack.com udp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 192.132.33.67:443 bttrack.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 50.31.142.95:443 b1sync.zemanta.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
DK 37.157.5.132:443 cm.adform.net tcp
DK 37.157.5.132:443 cm.adform.net tcp
US 192.132.33.67:443 bttrack.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 50.31.142.95:443 b1sync.zemanta.com tcp
US 8.8.8.8:53 dis.criteo.com udp
NL 185.89.210.46:443 ib.adnxs.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
GB 142.250.179.226:443 cm.g.doubleclick.net udp
NL 46.228.174.117:443 sync.1rx.io tcp
NL 145.40.97.66:443 prebid.a-mo.net tcp
US 8.8.8.8:53 u-ams03.e-planning.net udp
NL 193.3.178.4:443 u-ams03.e-planning.net tcp
NL 193.3.178.4:443 u-ams03.e-planning.net tcp
US 8.8.8.8:53 dsum-sec.casalemedia.com udp
US 35.244.159.8:443 u.openx.net tcp
US 8.8.8.8:53 dmp.adform.net udp
US 104.18.36.155:443 dsum-sec.casalemedia.com tcp
DK 37.157.4.29:443 dmp.adform.net tcp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 104.18.36.155:443 ssum-sec.casalemedia.com tcp
US 52.223.40.198:443 match.adsrvr.org tcp
US 52.223.40.198:443 match.adsrvr.org tcp
US 50.31.142.95:443 b1sync.zemanta.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
DE 3.75.62.37:443 ups.analytics.yahoo.com tcp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 i.liadm.com udp
US 8.8.8.8:53 ums.acuityplatform.com udp
US 8.8.8.8:53 dmp.v.fwmrm.net udp
US 8.8.8.8:53 trc.taboola.com udp
US 8.8.8.8:53 match.adsby.bidtheatre.com udp
US 8.8.8.8:53 image6.pubmatic.com udp
US 8.8.8.8:53 rtb.adentifi.com udp
US 8.8.8.8:53 dsp.adfarm1.adition.com udp
US 8.8.8.8:53 sync.smartadserver.com udp
US 8.8.8.8:53 dpm.demdex.net udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 8.8.8.8:53 um.simpli.fi udp
US 44.195.167.64:443 i.liadm.com tcp
US 151.101.1.44:443 trc.taboola.com tcp
US 8.8.8.8:53 triplelift-match.dotomi.com udp
NL 64.227.64.62:443 match.adsby.bidtheatre.com tcp
NL 154.59.122.79:443 ums.acuityplatform.com tcp
US 3.144.50.131:443 dmp.v.fwmrm.net tcp
US 54.210.223.235:443 rtb.adentifi.com tcp
DE 85.114.159.118:443 dsp.adfarm1.adition.com tcp
GB 185.64.190.78:443 image6.pubmatic.com tcp
NL 89.149.192.200:443 sync.smartadserver.com tcp
IE 52.210.242.228:443 match.prod.bidr.io tcp
NL 64.158.223.140:443 triplelift-match.dotomi.com tcp
NL 34.91.62.186:443 um.simpli.fi tcp
US 52.46.155.104:443 s.amazon-adsystem.com tcp
IE 52.17.32.208:443 dpm.demdex.net tcp
IE 34.253.110.95:443 bcp.crwdcntrl.net tcp
US 52.46.155.104:443 s.amazon-adsystem.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
US 8.8.8.8:53 aa.agkn.com udp
US 50.31.142.95:443 b1sync.zemanta.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
DE 35.158.230.254:443 aa.agkn.com tcp
US 8.8.8.8:53 a.vidoomy.com udp
US 8.8.8.8:53 match.sharethrough.com udp
US 8.8.8.8:53 ad.turn.com udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 beacon.krxd.net udp
ES 212.36.83.245:443 a.vidoomy.com tcp
NL 46.228.164.11:443 ad.turn.com tcp
DE 52.57.182.118:443 match.sharethrough.com tcp
FR 18.155.129.34:443 tags.crwdcntrl.net tcp
ES 212.36.83.245:443 a.vidoomy.com tcp
DE 52.57.182.118:443 match.sharethrough.com tcp
NL 46.228.164.11:443 ad.turn.com tcp
FR 18.155.129.34:443 tags.crwdcntrl.net tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 8.8.8.8:53 mwzeom.zeotap.com udp
US 104.22.51.98:443 mwzeom.zeotap.com tcp
US 8.8.8.8:53 sync-tm.everesttech.net udp
US 151.101.2.49:443 sync-tm.everesttech.net tcp
IE 52.210.242.228:443 match.prod.bidr.io tcp
US 8.8.8.8:53 usermatch.krxd.net udp
NL 64.158.223.140:443 triplelift-match.dotomi.com tcp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com udp
NL 34.91.62.186:443 um.simpli.fi tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.8.8.8:53 cms.quantserve.com udp
IE 67.220.228.200:443 aax-eu.amazon-adsystem.com tcp
IE 52.211.244.101:443 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com tcp
GB 185.64.190.78:443 image6.pubmatic.com tcp
DE 91.228.74.244:443 cms.quantserve.com tcp
US 8.8.8.8:53 sync.targeting.unrulymedia.com udp
US 8.8.8.8:53 token.rubiconproject.com udp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 52.46.155.104:443 s.amazon-adsystem.com tcp
US 52.223.40.198:443 match.adsrvr.org tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 52.46.155.104:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 live.primis.tech udp
US 8.8.8.8:53 pixel.tapad.com udp
FR 52.222.201.51:443 live.primis.tech tcp
US 34.111.113.62:443 pixel.tapad.com tcp
US 8.8.8.8:53 ce.lijit.com udp
IE 18.203.106.185:443 ce.lijit.com tcp
GB 142.250.179.238:443 play.google.com udp
US 8.8.8.8:53 csync.loopme.me udp
US 50.31.142.95:443 b1sync.zemanta.com tcp
US 8.8.8.8:53 sync.adotmob.com udp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 8.8.8.8:53 cdn.indexww.com udp
DE 37.252.171.85:443 secure.adnxs.com tcp
US 8.8.8.8:53 uipglob.semasio.net udp
NL 35.214.185.183:443 csync.loopme.me tcp
FR 45.137.176.88:443 sync.adotmob.com tcp
FR 5.196.111.69:443 ssbsync.smartadserver.com tcp
DK 77.243.51.122:443 uipglob.semasio.net tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.200.46:443 youtube.com tcp
GB 142.250.200.46:443 youtube.com tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.169.86:443 i.ytimg.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 216.58.213.2:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 rr1---sn-q4flrnee.googlevideo.com udp
US 209.85.165.198:443 rr1---sn-q4flrnee.googlevideo.com tcp
US 209.85.165.198:443 rr1---sn-q4flrnee.googlevideo.com tcp
US 209.85.165.198:443 rr1---sn-q4flrnee.googlevideo.com tcp
US 209.85.165.198:443 rr1---sn-q4flrnee.googlevideo.com tcp
US 209.85.165.198:443 rr1---sn-q4flrnee.googlevideo.com tcp
US 209.85.165.198:443 rr1---sn-q4flrnee.googlevideo.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 216.58.201.106:443 jnn-pa.googleapis.com tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 142.250.179.238:443 www.youtube.com udp
GB 142.250.200.46:443 www.youtube.com udp
US 8.8.8.8:53 suggestqueries-clients6.youtube.com udp
GB 172.217.16.238:443 suggestqueries-clients6.youtube.com tcp
GB 172.217.16.238:443 suggestqueries-clients6.youtube.com udp
GB 172.217.16.238:443 suggestqueries-clients6.youtube.com udp
GB 142.250.179.238:443 www.youtube.com udp
GB 172.217.169.86:443 i.ytimg.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.180.1:443 yt3.ggpht.com udp
US 8.8.8.8:53 rr4---sn-aigl6nzk.googlevideo.com udp
GB 74.125.175.105:443 rr4---sn-aigl6nzk.googlevideo.com tcp
US 8.8.8.8:53 rr3---sn-aigl6ns6.googlevideo.com udp
GB 74.125.105.8:443 rr3---sn-aigl6ns6.googlevideo.com tcp
US 8.8.8.8:53 rr1---sn-aigl6ner.googlevideo.com udp
GB 173.194.183.134:443 rr1---sn-aigl6ner.googlevideo.com tcp
US 8.8.8.8:53 rr5---sn-aigl6ns6.googlevideo.com udp
GB 74.125.105.10:443 rr5---sn-aigl6ns6.googlevideo.com udp
US 8.8.8.8:53 rr2---sn-aigl6nzs.googlevideo.com udp
GB 74.125.175.71:443 rr2---sn-aigl6nzs.googlevideo.com udp
GB 142.250.179.238:443 www.youtube.com udp
GB 216.58.213.2:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 192.178.49.195:443 beacons.gcp.gvt2.com tcp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 192.178.49.195:443 beacons.gcp.gvt2.com udp
US 192.178.49.195:443 beacons.gcp.gvt2.com tcp
GB 142.250.180.1:443 yt3.ggpht.com udp
US 192.178.49.195:443 beacons.gcp.gvt2.com udp
GB 172.217.16.238:443 suggestqueries-clients6.youtube.com udp
US 8.8.8.8:53 yt3.googleusercontent.com udp
GB 142.250.179.225:443 yt3.googleusercontent.com tcp
US 8.8.8.8:53 www.mediafire.com udp
US 104.16.114.74:443 www.mediafire.com tcp
US 8.8.8.8:53 static.mediafire.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 www.google.com udp
GB 216.58.204.74:443 ajax.googleapis.com tcp
GB 142.250.187.196:443 www.google.com udp
US 104.16.114.74:443 static.mediafire.com udp
US 104.16.114.74:443 static.mediafire.com udp
US 8.8.8.8:53 cdn.amplitude.com udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 translate.google.com udp
GB 163.70.151.21:443 connect.facebook.net tcp
GB 216.58.201.106:443 jnn-pa.googleapis.com udp
GB 142.250.187.238:443 translate.google.com tcp
FR 18.244.28.6:443 cdn.amplitude.com tcp
GB 142.250.187.238:443 translate.google.com tcp
GB 163.70.151.21:443 connect.facebook.net udp
US 8.8.8.8:53 translate.googleapis.com udp
GB 172.217.169.74:443 translate.googleapis.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 translate-pa.googleapis.com udp
US 8.8.8.8:53 api.amplitude.com udp
US 35.155.146.40:443 api.amplitude.com tcp
US 8.8.8.8:53 analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 216.239.38.181:443 analytics.google.com tcp
BE 74.125.71.154:443 stats.g.doubleclick.net tcp
BE 74.125.71.154:443 stats.g.doubleclick.net tcp
GB 142.250.179.238:443 www.youtube.com udp
US 216.239.38.181:443 analytics.google.com udp
US 8.8.8.8:53 beacons2.gvt2.com udp
IN 216.58.200.131:443 beacons2.gvt2.com tcp
IN 216.58.200.131:443 beacons2.gvt2.com tcp
GB 172.217.169.74:443 translate-pa.googleapis.com udp
IN 216.58.200.131:443 beacons2.gvt2.com udp
GB 172.217.169.74:443 translate-pa.googleapis.com tcp
GB 216.58.204.74:443 translate-pa.googleapis.com udp
US 192.178.49.195:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
GB 142.250.187.238:443 translate.google.com udp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
GB 172.217.169.74:443 translate-pa.googleapis.com udp
GB 74.125.105.10:443 rr5---sn-aigl6ns6.googlevideo.com udp
GB 216.58.213.2:443 googleads.g.doubleclick.net udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.16.238:443 suggestqueries-clients6.youtube.com udp
GB 74.125.105.10:443 rr5---sn-aigl6ns6.googlevideo.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 74.125.175.105:443 rr4---sn-aigl6nzk.googlevideo.com udp
US 192.178.49.195:443 beacons.gcp.gvt2.com udp
US 192.178.49.195:443 beacons.gcp.gvt2.com tcp
GB 74.125.175.105:443 rr4---sn-aigl6nzk.googlevideo.com udp
GB 74.125.175.105:443 rr4---sn-aigl6nzk.googlevideo.com udp
GB 142.250.180.1:443 yt3.ggpht.com udp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 172.217.169.86:443 i.ytimg.com udp
US 8.8.8.8:53 rr4---sn-aigl6nzs.googlevideo.com udp
GB 74.125.175.73:443 rr4---sn-aigl6nzs.googlevideo.com udp
GB 173.194.183.134:443 rr1---sn-aigl6ner.googlevideo.com udp
US 8.8.8.8:53 rr5---sn-aigl6nzk.googlevideo.com udp
GB 74.125.175.106:443 rr5---sn-aigl6nzk.googlevideo.com udp
GB 173.194.183.134:443 rr1---sn-aigl6ner.googlevideo.com udp
GB 142.250.179.238:443 www.youtube.com udp

Files

memory/1196-0-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/1196-1-0x0000000001F50000-0x0000000001F51000-memory.dmp

memory/1196-2-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/1196-3-0x0000000001F50000-0x0000000001F51000-memory.dmp

memory/2776-4-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/2776-5-0x0000000140000000-0x00000001405E8000-memory.dmp

\??\pipe\crashpad_1972_GTVCXBTRZJCPBOGE

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

memory/1196-74-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/1196-75-0x0000000140000000-0x00000001405E8000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\Cab5765.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 34be39caf6a75bbd9025d8e123ed0c84
SHA1 d177c8116babd977d6873b9b9a30b7180f990f73
SHA256 e403ec33e9125e653c58888a3a3f015be9895c25195dbf3d12be2c920bd7732f
SHA512 a0cef943f9299f9cf3202ce239f03a4e43b89b4b9c707c728ed0365ec7545cbec87c6242a8b6efd63c4588da8d01740bd7012e0f33f358410abc953293bb957e

C:\Users\Admin\AppData\Local\Temp\Tar5885.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT~RFf775f40.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

memory/1196-282-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/1196-283-0x0000000140000000-0x00000001405E8000-memory.dmp

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 29e9109e0b1d2cac007756774ae19857
SHA1 4a893a453dfcc6ad7592eb8745cfd106509f65fa
SHA256 47a2eabc72dbe1f1b2c84c833ece65edf32b91c59555ada7a9be14937d63ff07
SHA512 a4ece514940ecb6c41deaa6e6b0ddb391322adeb77e9aa703c50c171befaba9134c201b335e060d650f1baea7216f43c55decfc8c50bf45b5818419eb1c0bc35

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 30c70e468c6416c36c671e94560a5c25
SHA1 e338e9091da73c0d1a449a5a5d61676d7008abc8
SHA256 d894396e5e6b14b1323b7549cb7fe6e868b6f4dc92f5285436a1acff9f5e71bb
SHA512 d58f2fbf2fa68d7991d0250d3c8eccf5918db6c9f8fb6ec2c94a05a15f8e5747635f370c6aa4ce100724760412643bb15649d6c845e6ae9925da5eda464fc221

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c2d71e8add762f34071e03260d1c80d6
SHA1 703cc287eaceb87cad1099fbc4abb998819fc1ce
SHA256 9fa2e5de888e86a796944785df0e02a0444a3f22ec5be418bda52bd1d175ff8d
SHA512 e93af7399e03d59383b8fb393a0f411701f6e4dcbbc2defa11e1b4b68740038e780390aa1f43ab45241ef7821e1b5558f0f0a98e571774a13630199a6b3b284e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

MD5 047c87954730939a8221c09eb07699ca
SHA1 b57fa9e3a1b6f90cc69002038d80674ada2c0f8b
SHA256 5a6112e60116cc968020ba3a4bdf1389963d0d7cdd41badb144ff3bdc3ae489f
SHA512 7f938f7adeee1f5c4435ab233d111051eae9b9050ef6cef91aac574f6d46e93c7f314d4c196d97044082cae0dc97ec1474928a7408a1aef35ea56ad53f8eb39e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

MD5 55540a230bdab55187a841cfe1aa1545
SHA1 363e4734f757bdeb89868efe94907774a327695e
SHA256 d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512 c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0916933055d500cfe84f88a9606e7ac6
SHA1 74007d21aa4b68ef57f1771a0ea3c94d0866a1e7
SHA256 76c555f23213a25a98170983af9aa6ddf13982b60c6329b6fb351a6598b00c31
SHA512 af4378c7de25bb634cc7c6e95bb4949a448b12d83a06936fa6f18095a0b59c85f2f9b5b4223e5ad4f6b3ffa010711357c9befd5f16144c8ad712fa8e3f3d2965

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f3c4742fd426fe7c02ee1adfcf18074a
SHA1 417c65184cf1a2d17c7183566f9df30456c6cd05
SHA256 3d2d88253cdfd8d20429cb8d9d4d67a134e72d219c9df56017ab9d22cf958e70
SHA512 1b4889e781d3ddd137d06f601c63015e21e4ba15bfb2a0795f3969f015b0678b0a1c6ff37cb400b0239943b0249ff56b06498c04314ec8b8dcac720c301a1d7b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2292e71a99c49a0bb9550bc8eb954ef6
SHA1 50dbda38349863b93656a502e8bc4f8bc7ab585d
SHA256 fe7797dffd1c94a13974bd12db1a30afdc71bb2e06c0af72ad662d24fe4cc986
SHA512 86223bc7fd24b34646a4f65fa281d9eb02da49e4cebfefa5707a4b2cd467e12a38690e2cee193e283dab9730ac53f48d2ef3368020356d8f6700a65000823a5b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6bd809d989c6d4969bf3c9835da6a8a2
SHA1 b3add66d7640dfe2787bfdd3e253ec044582872a
SHA256 cd4f70500a4e39335f046f26f7b93db1a912bb005cf935846cb2c548490b977e
SHA512 3b06464ca23e47b9fd67f508c99c26ebf6704a46d032dc92896061cbac3e9bb1d096a1532eb91cf5d49c0bfd6090aa8c94423f7a6ffd6d1afa35ce21ad23a372

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e2283c4e0acd16696d321223e177c599
SHA1 684c52a5f905f6d86184635d73a696c4b48c4c3d
SHA256 6df6c1f19058928b1c5a517397411cabef3cd3b49414b1cbdda98fd7e75c38f5
SHA512 529c27d6fdae845e29cfe939c9b4f436c512abe9aeeb36b5e814d7e1e0fe005a2b3c2ba77a6ce7d2241c0da901b71ad7f388da714df834aeafa3181bcb5ce5f5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b5336917a7648c6c8b2fae609a0c8c7b
SHA1 26c36c943427bf17335d44e12b22bea7cc5fc619
SHA256 5fc23f7bde46991aa0cc5f67a43faa25210d1dfb22e50fd6fdab7ee3930709c4
SHA512 04bc05dd605b92b46c386708a1e657d5846da6c0bf004a28f50805c1e058ddf7f22fcb7be7b2fcf12c741c95c7b9dac4c921be4aaac69e0fd65abe24204ac127

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0b83d132cb7ccff3e9fbeb78d6a9af25
SHA1 ea8645caf46a90edcee41cf7ae3b26ef4c3605f1
SHA256 c639b5a89451cb5944874a6228fdeff7561ccb3040d8d0694940843d17504009
SHA512 90602cbfb8da090cc9701febfa51b69643bc33c1f3e3e8fe6102eb59cc95914f68a8c924860657a26a6817a1487581536d0e5e1e036d53b9457886b4c16c5c55

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F59A01A8B782D93EA6991BC172CEFFB1

MD5 80497aa351141afa9631ce3071c04176
SHA1 84a8454feb90e73ec1fca7ed5eb602248a11ecf1
SHA256 afc4705765fe5cfe3fd7a797fa7b08084cbde65ba1f7c2082aceae258c407313
SHA512 41d523db4aed1a17ebb19610fbe9e4bb866ad63e3743158db8d4d5183ad457ed5f28a338be01fd36c919c546b1ea22900393dceed7e0831f144af03b35a6aa28

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F59A01A8B782D93EA6991BC172CEFFB1

MD5 c5dfb849ca051355ee2dba1ac33eb028
SHA1 d69b561148f01c77c54578c10926df5b856976ad
SHA256 cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b
SHA512 88289cdd2c2dd1f5f4c13ab2cf9bc601fc634b5945309bedf9fc5b96bf21697b4cd6da2f383497825e02272816befbac4f44955282ffbbd4dd0ddc52281082da

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

MD5 f998b8f6765b4c57936ada0bb2eb4a5a
SHA1 13fb29dc0968838653b8414a125c124023c001df
SHA256 374db366966d7b48782f352c78a0b3670ffec33ed046d931415034d6f93dcfef
SHA512 d340ae61467332f99e4606ef022ff71c9495b9d138a40cc7c58b3206be0d080b25f4e877a811a55f4320db9a7f52e39f88f1aa426ba79fc5e78fc73dacf8c716

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cd8db9cb4cdfd2977b886ea0abd928c0
SHA1 2c774a2fcc51f7939296003dcaa01ebed7c989b3
SHA256 3a6bb44366d999389a316bc56ca82c81b9621d88187d7ee9a3b281faebf07d20
SHA512 d4942b60eec0c497a323da672f6d449c935d246cf26c5acea2f1cf1445ad5ef42b84666439558c306a390afdea1399fa007e56acd3e6dc1a7cb223c69ccdbf9b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cb95d85d6c220b85a77c6c1b8439cf23
SHA1 5559fe1a04a6989a20a198017f1e62785cc38465
SHA256 e0f81236720c7b046719e8f9784840989f224ec71be4f535eb37220702634a28
SHA512 cb94480dab0f3401ec06f13d0a470447f01512c51e6f18b48500492172c487eb21d86b26910d20c437377239236f84a392eb3b947db8de6d56ecc43531a93241

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9f5b631342d670c0cc485103015a25ef
SHA1 16bdd7e56aaf0ba7e0b067d1113c4de89a8c64ac
SHA256 da671cc578639d30bab43e10c54a836ce26db54230647abdb47649c77fb4e454
SHA512 1bf8afbdeb542ccedbb33352cefc46a38f3d1c6d1affb5e2854e9d076ce72a18f5396521b22760886c00191d46e8a4ccf536c00b912f817c4a2dbd9109708159

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 84c3131399ffa5b202435c4e0e695ace
SHA1 b78398f6a5c709f0a99ee4852f39872236d5420a
SHA256 ee4dc5cdb15a26b0419827b2af4a8e512599bf9cae893a3796ec2625d428730d
SHA512 58b422935687dce566fcd41b0d830de3f9aa51c8aaea56e5b9043297bd8f65ee9543ea7f431acf31c646c4b1eb41e6ab0a1e2f35cd1d8f1a75ca6f1696724a03

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 155fcfe2d7c8c32c6231be89dc0248b4
SHA1 2f93bfe1a5043c79afb1bf749e62ef48eb5f599b
SHA256 7fef7b52bff95d6470be5e337fb557a1cefe6b814f0bbae07705008f11e4bb86
SHA512 af4f2d7133694e7ea10917adc687d9fe7300910af531bd3cc84f75a6fb9063b6c8cf4741d2e6310fc6fbfb024bc4ad345ff64c15ee3713702cb122358dcb9044

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ddc6ea8b08f974b28bd8c472b1e3622b
SHA1 b2a6ed48f2e0960c69e4bb77528a576ab7e089cf
SHA256 ae3232bc3a46fa82790328d668d5323ce7aa48818775083f127ed2ab332cb606
SHA512 d77d4a668c24165a7d83c0ba3ac0eafe10db39d5063a5c1f5bafe5dfc0578357cc388cb50b9d3b385d4d434feb9bdf69f806c61900eda5936b5770f60b3c292f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f618a97417524b8fa0965a3d1a655729
SHA1 f9f1d8d70bf1c52e0cdeebc98f2ba776a6ac905e
SHA256 e6b11343645096944e6765626b7b02fd11718cab4f5e5e9dadc1fbe3af464a73
SHA512 6f95a4bede0ad94b54e9b51b0937fb67edba6e3dd37da5fc88faec975fca603eb3f43a6889a913d80b5f5f3349c818ce3983c87524c9f9df291402423a1b5563

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0d6b4a4e0f4a63f522cc44d13f2ee3cb
SHA1 77b5576d003185ea49740c36318b3c8d0082af77
SHA256 55111fa43533844de466bfe8632396805e0d1e1472e19456fead66d2ac8de778
SHA512 2aebc6d059d67c2e3fdf9f1ecb79cbacd9bba411572592a6cc5015d496e38649042dadf22eda8f127ee14d441d0081c4427ed9c5896d570afeb67d01610d20e3

memory/1196-1496-0x0000000140000000-0x00000001405E8000-memory.dmp

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ea7d92b978a25f42a497247839364d64
SHA1 3d25a7b23ea4d995ccf2cc12332372ab835603b3
SHA256 e4982e083d6c3822d56e68fd87be3a9a1785b6529231dfa50f5057685da8c157
SHA512 13e473d389bf17116b6f7b5767753bde66f514c418bf90ff94b1d982537eb1a941eb5dd5cb55283b08c990b1c0a26ee63447c8af9fa6e1374b4ccb7b151a5813

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6B2043001D270792DFFD725518EAFE2C

MD5 b9b67cb1c0013cab28890a5631ecdd17
SHA1 375f489aa60aaed10640329a24ce953c12dd0998
SHA256 aebe2321255f47303fff22c0ed8a7ed442aeaa380938c3e585a5fa27b6f63c3c
SHA512 d060f660cc6b0310f93452ec2ac749c491e8e5652a56742dc76835d039814c5742ef07d1a4f416e4ff5718acc765444293dfa1febaf5c6ba0a6d533730e4189d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6B2043001D270792DFFD725518EAFE2C

MD5 f55da450a5fb287e1e0f0dcc965756ca
SHA1 7e04de896a3e666d00e687d33ffad93be83d349e
SHA256 31ad6648f8104138c738f39ea4320133393e3a18cc02296ef97c2ac9ef6731d0
SHA512 19bd9a319dfdaad7c13a6b085e51c67c0f9cb1eb4babc4c2b5cdf921c13002ca324e62dfa05f344e340d0d100aa4d6fac0683552162ccc7c0321a8d146da0630

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 85a2611b36375ade0c6de73b1543cb2e
SHA1 9d47a4ff51ebc0a92ae502d043e00c0327c0bea8
SHA256 cccea19e98d74b229ca0c154b607677ee87a0b6318e0a11d3ff94255f22bea33
SHA512 a5d3ca082308fa4674586bac7a328e70741e920ad8da4c49bb5a3d541b8a10c00d206d50e062dbffd176bff649bbdec120ff41f02858251b08063b7eede199d2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 911d6335144d5c34b49ef759709219b9
SHA1 6091013785809756484f37554702248b8c73ced1
SHA256 641de316363e57f9137f083b602374a6e9c120eb2915843613c084999b8f6492
SHA512 5585cb147793c22c1f101b8cc0c635875809884bd284d30b666525ae6af9be1f3004cf9d094c58bf8809db825a95ad273cf552f58eb9298b8bf6c35c19bb9c32

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1c98ab36df2c944d89df35b96b33e8fa
SHA1 a4d98a3be6551d623ff4cc170719624d4e5d5bec
SHA256 605ee860af72739bc32f7b99d503187b2dd9abe209c0444fd1e7161764b63ce9
SHA512 94c010012f1a8824171a41cb82c6d350116963f20955ad01d0009498e0e85ee8233f5997393910f9a382e7fe9a0c7cb9de3cd29f8e158534198b9a974a7719a7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0b8f876c8e35a5086d2d255888cf2c74
SHA1 0266eb7374288a1872a3f8921c415eb67e3e6b16
SHA256 2bebf0932964fb4f5e63d5b77bf990507ed7d5b071f71a15ea51690deedb246c
SHA512 c6464d28c66d42f1ef9faf468c5e7467c4c7c8fc64bc020afe39c679b89c6590935db127f0112ed0b861126f6a5c6335a1043032f2544e2c21efa1c6c8f6dd26

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 320308f3db6274f820cd358bd4ea890e
SHA1 6c6d67b9094aa1d1ef7f7ba40a53d9491e1ab200
SHA256 30730ca4a1e0a967da2d3de32eb2f451055aef3bfa1f4234344c275a514fdfe1
SHA512 a9001f3104cde409c892b4f20d2fa47716a10d00e147f66c643e501e090e21a7d8ece880b41d9d0acbaaed79f5c6960b29355375e56fbb8768fe208e4ed42c60

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f51065988ef70ea5960bd1714922ff07
SHA1 a8878a2f83e62188fd68c507ad549beec9c2fed5
SHA256 0a38e3335be0df78c8396e71150333bb4a258f5183c328608196632f008b97cf
SHA512 43961be09f1f43077a7a652fda2f63e5b81f204175a9471515e7bd8df6e72035f446fdf2f1bdd8826bb8e1a91d3a90589749f9687a63516020df7ac2f0b33e3e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 75cefdf282a96ffab58bfaf70ca04e44
SHA1 c96fcbeaa293265006b7eb516ade26d0726053ca
SHA256 f464b669a9d98eb31723323e413cd4c7b7771cc9634c47e6b0b715dee022f046
SHA512 162c6c03e2bfc2071d51d48ca2f7f8e77fc446d9961c2e9a813d66a1bfa305cc919a67701a4f50a0aa390ee84e1d33eb86a8a788cadc58e90715a766317c466b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e4df21cbf30085ea5f2cd2598db94a50
SHA1 925cac37b22d5ed1e1fd210c088b217c601b86ee
SHA256 264f79e148552437ab9821a84044ad312c1afd84abd7e14fe72793c2b8747999
SHA512 93ceea3e4f9703d9cd39c08941145fee1eb7b21c994f082b1bcd5d4e0ea9d2bf3bbfcd29fd896a922b218f6d46f1a246ae0bd8671c2ce043dc99313902bc029d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 41d15fcd9a17e8a1288bf846dab6d7b3
SHA1 9b413ffce774f1cf121a4ee87b7c0c34aeb9275d
SHA256 323329d76746a62101f39c246bab3f9ce32d41d1f247e2c94d6f987ef34dc2d1
SHA512 309ea4eae4fa02453b6976b6d9972a5e20ae8b0e6a7dd3c14516bab8335a2a5370a08af450bae3c301346b2f5f24e552ff1981108bc8f61973bbd0f7aaaf71a3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2d511c45e23a14c6dd656e2d377c1970
SHA1 3e675dc25a9f9b4c3cddf9704f63aace164428ef
SHA256 e413590dc10eb05e24d861bf0e99d354c56120e4048b0079ec610ad989b9da8d
SHA512 8aed23df06dd63aee49c43c9754aad09ef9b8d7c556b5a52f7d30ad3105cf3ca211f9cecc706e9115c9779f11d7e9d55ddd0ca529a259a929c6924b7b1c296c8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8170ddc0e0be2b3e0ffec2a2120151d4
SHA1 efa8e2bbcc497946b6bb5f05eebdb43bde8de02a
SHA256 963259b45f6ad24810a6225c708b5728891c9d7a52ce63641e2e63bccebf7837
SHA512 15bf2bc37b5558d5f7a7b9bd753e01c124bf572803fbbde95b29e3a1b0a95417515e729cdfd690c5ee05c371af7b54f71cc2fcc89fe55b5f24a2e99ca6cea863

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a68b1c5414a54807c19c1a64f325d8e0
SHA1 06ad3fceed162da4f7cc782302fc500e1dc69ca4
SHA256 43c299e07192778773a5e1c474f43db83a19c5965bd1d5a5479248c82e5d68eb
SHA512 ff39aa156c4503f246669e3210b7b2c76a95614c682c7e8330ab217909b1bcb942853e2ba341d5e5c4c1b2d5c3d8c6ca2887097cf741e07f3b54d98894a04578

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 16a9831e51a2b18cc80b77b69393ac04
SHA1 1c8d356439fb0ee9bb83087edbbb634ea9db13df
SHA256 6c83a7df5051a643c4b3ce6820f04033961c7f1f16ad20401e6e5e1b4b59d56c
SHA512 5fd46d942a940997ea79947958823c5ba2e1459acd28f217fdd37691fad4367fbc4a4d3ce13632aff4f86c4566ce122ee5eeb3117aae6c9c34a3a89a2d8fe7fe

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 31c250f0748750bf50800599e33abf14
SHA1 f11f1e74d9ea9529f3993847de84fe0974272bb6
SHA256 cef1518a2dccc855f0ec8cffd33b4fde6558b7ccb955a9b904b12d3b35981620
SHA512 256c490cc92a175963791ab45ddee42726d4c5f1f0184889e766892584cede9ae9afbe2bc2f74babab5c36a2a333744b3a346dfff3a57b50dcbca04622687b79

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8909ff56d080d7304bd93b709c5dade7
SHA1 d399b8a6a4907c9a6de7b9c75cf8b1e0811ba8c1
SHA256 573bf8ed64beba8845fcb34dda9a7c32e9287bcc411fc0ccf45e67899ba561fe
SHA512 0ecaf80daec41cfaa94753bd856ad1587fdc4f6cced7d2e7043af97f7989f3ae835db7c7c95b44e2c14c4a4098627bf422ae135a9a35408c5ba8bbbdb6443d6f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e328dd62a238db0a14989fe3dfd07704
SHA1 b3fdaca051e551c3b968210632619d0bedecc585
SHA256 808f6fca20a94dc6aa3965c725b73420f1d6d33408fba88f61306925ce6f8737
SHA512 4302164387af64e666f799ca7d94c2e13752dbd491e358f01b3d85b7abc2edcd3ac09c7167a7e747c070c003a02eab396de7da02be70a159416de13daa1562b5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8715b16396932f2a808f4893ac7ec96d
SHA1 a72953084ae25b0bdb3f59a5cf9f708c2f8c20b7
SHA256 c213751ded0e4314a3207f46b65686f2d15edb3970074f6924d2e4b7c387bb8d
SHA512 33aaeece5bf9ab1adca2619cf2f964a5e6141c81980669566d5b2732130aa224ef8144f10910b7b960ce079101097f8ed27d04692447cf88881f59daad854c7d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0be9ed5dfe69beaafc26b470ebaf4c0e
SHA1 6ed92d336c9a0b8836b31dfccc7dcc678c0cffe4
SHA256 75b18a21b2f79ffce49d7a5718e71e5b28a326580235964d464576a6e4d77d3c
SHA512 43774be2f134a7771dbc4937c7e144ab98fd292789bf3c8e737872e5ef19b1e6ddf13337f734a23fc43a3f9d34d7b1f617d945039c23b69a8ccb7eff3a989204

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e5b24281752c81b299e3f8225896bd01
SHA1 761926a75833892bc48e6f558ba6adc530a04595
SHA256 7c00b231a55dc643b956d666ca3db32cfcc18f91d2d3d8cbd59a79c306b7ea75
SHA512 95d6be7ab6f3e7879825c1b19ec28726c4b1502875895d83d87287be2568010375ad1d92760a906320c84599a0786f458021d94079f094949a1cc520cd468b5e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d90d34e0b4a34428fb6ad0588a5c2471
SHA1 007be9c0c015eabf3352e101a51801d267f33573
SHA256 8ad939298414c1764a362e873ad6f604a597e6416891d9984cee5e8779fbd12f
SHA512 185efc8077f5bc33e8a1777d1ee82d0263845852fc7cca90bb22054a3e80f479225c1354927f19d3188b1a899ccb04f3f5906eef1fcc755891560a7d6c9bb7aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3f5e6e4f10b5843824440b8e29bab505
SHA1 c3bf2bd3e9655e14841144ca0f316065bd55d66a
SHA256 14565f802a3de7bc766284ab3ca9ffa73c861b5b4d7dcf24042fec2975ed3d9d
SHA512 d25ce4daaf5ef0ecf99bc7fbb89220ae769fa41b51ffb88401c4ff4f026fce98ea144d7fc67d75acd506c21a1614bc6eca602c01926b112091c8fe82b1a96c26

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ad957ae8b1dde68d6b8ba40610edc62e
SHA1 c88f0adc6f80e892791ccf93f9bbeddfdd8423a1
SHA256 3fa1c5d79b745035f57fe937e1bd52ff51f1f521b6762bda01cfa241e02fa312
SHA512 937b77c5f9b0278665f5a8c2823dac60b537942c7be4134715aa12c95889acbc3843f7e892192057358a5b926485f1feb8eae313f6bcdd62e23f16d151b7a5aa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a7ced906bf5cf5ee9061b20fb9547869
SHA1 200a736c949577f01cce74dabedff6fc7e4bac6e
SHA256 6b718b1235a74c50ffd4fca353a021c73f97d8bedd8f113302ad04ac8263394d
SHA512 385b543f48fb36b049a4d274c6d908eaeb14b8da247848e0bc916991d0e6bb53a4a14cfb29af18e5dd0b0b2d2d3ee53db25ad84aafdea4703aee840fbd34cfff

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5833f61dceec5bd760b2ab2f9e27c803
SHA1 f6118b751225b1652a43cac3505790fe5e74873b
SHA256 3cf1f09b0c232a852d68c253aa387c656678ada5c1cdadcdaa1f94621a01bf2b
SHA512 a3a37d8571f9bc50799a4aa351a4f287c8a9e5c99c8ac409b6031748ae1272b4dc08605e82313eb0b5bcf0665138ad927e5ca9c7dd0e5e16a549cebfa440d37e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 87b41ad7ef8200b435c627fdfbfcd6a7
SHA1 68b95c42d06f330f9b87c649c3d5783235b8f0e2
SHA256 339d27ea0097ba4f5cbcfb860f6be9ce361a0f8b05c1473654b74b5d9fe02731
SHA512 44af4bdd191f70df1bc639b120d32f9ccb675e8bcc93cebb5ef2bec402402155d86f26b1cc3bf79b88c065ed4baa020b1833100c9dddfe72dd795143da880b82

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ac280f0bcb76a43ada63205850e59c3f
SHA1 5da2be83caa58db0506a6244ea63d71047ad06f1
SHA256 1a8f1a3148b4fdd03902fe54806ae3f3b327a472141a246a07a5942ce6205bc9
SHA512 a05e34313689b675eb22178d32a5eee66c4b185906f287d94d0eaa774d65c4fce890cdc19478bc6ca2986477a12777d78c8097724f46b7e24994d00068c5dbf0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e14ea33be2c428fbd7730c225e9dab62
SHA1 f43ffa3070e1b40dc6d58c7085df50aab7b5b803
SHA256 fa829789732de5ee2a9a27d0bc356da4c1c4653625f2cbdb788000ba6f7cbda6
SHA512 a8d1f6280957f3d31793da0a9a41793a1752e791ce46d952d283c57d6fff5433bbb1177aa8ccec6fd903aa925eaa5ecef316a9aac2944c77ba4853222288c5fd

memory/1196-2970-0x0000000140000000-0x00000001405E8000-memory.dmp

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 78ac15e9debd083e90d5c8209afb51d5
SHA1 b0a2e85ac4853b28548e583188bac38dcc63d240
SHA256 2244bd2f8ee880f73887a4629d5f25706e15a5f03e5cfc2591200496e995372f
SHA512 26c3e757593e27554bd97fb56bd9cb744bd2a729d3c3b2f5f0f37e84581acaf6baaf18bedfe9026856d9e7855454b587a660f1ce9358c506dbc8392f330ac6a8

memory/1196-3096-0x0000000140000000-0x00000001405E8000-memory.dmp

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d5cdb13b482ab887f9f41a1fa1e836d5
SHA1 f573d3c30391e6f965927dd036a5944637e8eb4e
SHA256 51ab48f76fe0f5989662c70202a9421177103228a7721d9334a2899ef46aa19c
SHA512 1c1174dbb8d1b0c950acdc6944a33f4ee66e7c19f91727ab46a2d28c0786232b0f07827c3c8de38521c2a784cc5e725f59cf5a15db07126c101dba5dc8f0e94c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 97c884b319a517553ab8242355e1b20a
SHA1 e8687ce7233f73f1795c3545feee01a16c93f110
SHA256 1fffc539514caccaf48fade8a61673dd612f1c82001e7bbebadb0242ab5b4791
SHA512 ae79a2191fc25a0eef32bd4ef4916c9f4c089e27e7f94ed68a532bed7428b0959ae830029127ae5855cb9900ba95907b58dd6fd5b719a0e42c6a7da6fe79d0ca

memory/1196-3160-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/1196-3159-0x0000000140000000-0x00000001405E8000-memory.dmp

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 08647a5d2663c85a69e356551930f52b
SHA1 1b884ddcff2551eaec4351df97e6960c94f696ed
SHA256 7df66a930529a8c8ea42ca7c86e326926e73ad7ef8a948baf76e52ee6df9078c
SHA512 7e770ae764abe610010eed25b38f0370f53dc33a3ccf3cc2a69d3119368487c6520aa9e5e056107109d1c211e80b686ffe336c2de7cb2ee75e04be56b35eb08a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 28c53648f31d7b25da3874ab91edcafc
SHA1 4b2b6db98b0c822454ae068061bea7746da592df
SHA256 f65f7ab8f9b036c077084333130f44af9530b1307bf0ffb515b237c276698369
SHA512 3dc9f254e27337209dd68ebf29d004dfdfb40fad46434d6fa1cb96da8c6d9aa138ee00bfd1d97f44f0c7662552a42af388dff5bb47035ad46160c0ac4d5cbff9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d358093dc08176e1067a840bd34b17a1
SHA1 8aaf61b7819ca2ebe28de2624ec371b14d03ae49
SHA256 919f68dd1691f3ae4fb84e8089007f2a7e7d0e71100fc822d5a0e47379400761
SHA512 6c71c558690901a338c6e4ac57d0cf4cf4dbcb17e619d6744b09949627f7d22fd5355cfd880110aad5b02ab604e3acbe9a955f998089d7a860712cd06292abbf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 04f08ffd5ef1407a15c63991f5532197
SHA1 b7b57a0ef84dbea6774f9892510a7853ae3f5dba
SHA256 66fb243ccede33217bade5ddde1b9a8ed70f4522e824667fe29648db79a68759
SHA512 013c0841b0de89bb956d763278f40c3e751d7b5e0b9ced088765d5246e760bb1bba3c24750fa059e946b52c4a2c0c5b859ebaeccfe2d8b6d4a933c80a3c51e42

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 060df0b7992c4725eda26ea9c4f21a29
SHA1 f888ba544d797264f328b57288f7dc448bde9047
SHA256 3128e7201f5211eb7837db33f5422271e330970ff67f10c14432418c562e9489
SHA512 28073c30c8f50edfe01094351bb8a34cd184b79a26266ff828badd11481295f0c6a2b47397080433f21dd0fdbb762f57bb8510159e302e44f7f8bd6d88e71626

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ad652f96ab24afe0bad1c185dd2030a3
SHA1 0e40ad7e224947ab34b6975570fcb08c361f3ddb
SHA256 3908d0e18084be3dbdd3594fe7556be38f97d10d9a67ab45feb827b9d52ae9f8
SHA512 3fcd9e2c0436ef28019b408f3dedae1d7d26988c4489052485d1ed470749cecd56cdd4d350f16fa14624b01ae9f7620d2d1fafffe2338746e998fa3936061916

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cd5104f642703ca334d37b6c5c6fff2d
SHA1 5addb9071f047511b9ed5aedd3d1a18ba140fd92
SHA256 4293edbd883360be3af42e09460ff5b6696231df9488f19255a3f5c228d30812
SHA512 a3acb3302cd1a6a5a815557aeea600aeb69e168dfc3073b838ef6105c43ceadf13bad7c8f7400eae36aaa176388614bc02ae3bee8842f2ea10d070e912dbf314

memory/1196-3918-0x0000000140000000-0x00000001405E8000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aebf96dce7165c2aa02ca5f74e7796fc
SHA1 dcc6af9dea50ded96609ab9e01056f6b05a2ce95
SHA256 f0a36a7fc10c07d37c9a14fc521e2a49c795072ad0db337a63a2b285e42d9984
SHA512 789d555b5f2c2615ae492e6cee0bb8f48edc13f874d42eed0b28721ea6b8cacc471553e7be1072366e575d688bb5231b0ee181079e82edcdb479b948e9d083ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b6a5ea20a1a8f2bbebd3987e04c2faaf
SHA1 3c37f13e6de248b42bab372c448f943ab373a5b6
SHA256 edb8d3c8c48b89207e69ab1372bfa599b6f8bb18a943350b7b8960c5f71e29e1
SHA512 431ebf2682b97374b7aefeb495d309fb44ee5b2aec427beb6421bcf9cf78519babc6cb153318ef306285c563aae903e4cf575c8571792a7624f1cddf8cbfe7ac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e86c6e8b1bf487132c7d246056c8ff7a
SHA1 7340b969ceaca19d896c42adac233621d29e146e
SHA256 6b6009d305a8b02ee9d7975b97eaf927e7061a6f7882a0009a2d01ea874c0377
SHA512 7f10430354163b32fa5df1ce2e4886c2adee5542fa36ca02f18dd2ba4a94678c0b907b23bd7048100bbd13f20462f0f6aba815ffa9a5bef50f09c7377a7a79b2

memory/1196-3940-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/1196-3949-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/1196-3948-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/1196-3952-0x0000000140000000-0x00000001405E8000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 a3342b430b07c3f42fcc4247d5dea8c0
SHA1 8b13411ad288cde361cd587a23f39f1a5ab1e094
SHA256 004aacaaadbadb7099a478ae8c750c0ccc96de9f090369ddafcb5ae4497de9f4
SHA512 21de1f8d1f9b103e58515efe1f480630bbcab8e49a7c8eb0cb1bed753b79264e85b97f66826fa61cc0db2d72b25dedcae14d7462607546c607aa66d9307f9d4d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 5e08b34211ff52a2d8428aa467a15d06
SHA1 6b31c2b1ddce2c3531b0840b43fdfb638c7b04f0
SHA256 98f14596dbb5faa8226e5aaebfb35e38325f5855e3684e5515d198f7448b96fb
SHA512 1e29976a5caa95358f92e1197c2d7672e303b62e65318a70ef8c9f7e39f73da3c90a24994f2c2b2bbcca547ece8fbe8d6093548c53221478a4de0f1d00c2115c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

MD5 33d2dcc9ccf87d6ed728ab0c46235369
SHA1 249e080a07601d8537b242546067229f49a4aca1
SHA256 a455f1cebb519dc1861af1646224fb2cff08843469c0f346d93efb6745615c4c
SHA512 754e230d5ed0a578559702f43312b2cb2b282676a95218ec3213efb566fed6ca02034bc6dc7ba124afee6f9b766a0680a8e51ea377b998eb2a10d0b7de67f7cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003

MD5 aa12ea792026e66caab5841d4d0b9bab
SHA1 47beeba1239050999e8c98ded40f02ce82a78d3f
SHA256 65fe153a832452e97f5d484440a7047e314d3a83cb61ad2508fed48a820e1de1
SHA512 0b2b1bb8851c60c9d4ab1d039b990a4de5799c97c50b45f64e36a21849c14e785f69196f674ac225b1419d7f501338054074cab6203d041361a4fa1ed8802b27

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir1972_1910058163\Shortcuts Menu Icons\0\512.png

MD5 12a429f9782bcff446dc1089b68d44ee
SHA1 e41e5a1a4f2950a7f2da8be77ca26a66da7093b9
SHA256 e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37
SHA512 1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png

MD5 7f57c509f12aaae2c269646db7fde6e8
SHA1 969d8c0e3d9140f843f36ccf2974b112ad7afc07
SHA256 1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f
SHA512 3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1495fa6d8f5723104e84bf6d1e146c07
SHA1 a7e2d4cb094d0df96680716a4c2b4985c39d8a9a
SHA256 b2f0d0d4a03c2a4b0da0ddea42aefe20a1e190f49cbd4f58b54eb188256c3e80
SHA512 f149e748c6a81a9665cc28a56887ffa65b572d05cc14889b92818338f748e405dd093c1295e104a7d385f98bbaad52e90a8fcc08762894712aa67d40ea389e72

memory/1196-4318-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/1196-4322-0x0000000140000000-0x00000001405E8000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5537b75e6238f3fd8c6e4543607d2a24
SHA1 2cb7bde0353705cc2965b7995758a9a44b031130
SHA256 cb748484716fff44766e636087421c40f6ac39bb90acf21da4582020f030729e
SHA512 16b87fd4ef0806fe4e9981de683dec60082ad2afd4b07f0917d1748aed909faf06f0b02551ab1b34dd673585a5991fa550fd33a344b04349b26d9b5ef55d3b5b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 41966a8ae680de9a956b830173df2679
SHA1 580305bbc81c347eca1f101be1eed32a758fa008
SHA256 eec98c7f6ee829537ba2ee05e64f584b3fcf9bc53fa20e5a036b46a3bdd272b0
SHA512 b719bb3d566a5799ba69b10ac604a30acb5c2a73a3be43a014f929c75d318b02a97d247fd320a30b50fd6071487d7f7c49e445b03c5b613271a16aca5c517174

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 5a3baef3ca00ecd84115e0d90e87446d
SHA1 4a1d305c2d7f46d135337dca2b09a268d65c594e
SHA256 e691be34986badff905f68c8ba216584c3d0709bdb890b4e56e3fcc088d52fda
SHA512 6b60b3507dd919a039bef21bf2a004e9b3f6d275175ac886f00b57600cf072d0090148b7c5b8f8850be021cbec8b3210a592b5acab0d01c6d8d271f1abd6d267

memory/1196-4403-0x0000000140000000-0x00000001405E8000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\17272eb8-a888-446e-a50f-a7d43fcb0931.tmp

MD5 c737ac3cf0dc665425400ca4344062f5
SHA1 83285019160645515d04c7932b1c0d386b9135a9
SHA256 7539214ceb8f080e994148e5f410e5950803cbdf480c2d93259d44dd615fda09
SHA512 e8435cc11b0bf26a6b21a9a3597b6b08f3d377fbf81fa9cc9391bd170364820ef8f7c9949f6986b59c0da6807e7146c962fed5148af820caa87f1a0893cfebd2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\abe76289-4a34-4a90-a633-c2d19125cf4f\6bd454dee9654456_0

MD5 fb3e1b6f0412c70ab251b76760d07c4d
SHA1 f931276939c2c79819f4086f9abd7abd7bf4d847
SHA256 a1c4a174a409ce6943469cc089dadedd74724c241d9e1b276bc20191dfcd123f
SHA512 fc05e181d65c2ac2084aa9a0b9dff9fa65587e2c275b0b8f82eab0cede01ab71396a6777ea87a4107d6b66e60c7e93a6c56e0e9a1a4d4f76ac829e0c690a029f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 cb1f88854da9bc18724bb00bfb5c9b72
SHA1 5f1670199d858561444734c7a0bae49faaf46fe9
SHA256 42f36ed7d8cae2d22bfa775ae08007d82e679fabd013731706a1199b3f1f8522
SHA512 6660e0f3f84e4bef247ba8501e49195e625870734c82ed930f30882aafb8e94e747883dd2468fedcf9ff8fc569666dbdc61f40e72184ab21a5d1dbb633e8d969

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003d

MD5 feb694eed0173ddeb67f863b8836630b
SHA1 7f4240400b1f69d0aeee03680f874ec64917b8d6
SHA256 d34c39d85e0bbf6787e0fe6dc75aab3e1d5c24b89e892952e322391b0d9d1e60
SHA512 1d50fcd88e5d9214c8726991f23ad052419a98b1e908628a9aaaff2b18518db9133bee67144c1fe35f7d28f4f1ff00feb073bd5f3bdb252f821f59ce8a57d046

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003a

MD5 44557172a33aab964595937c5c01b6b6
SHA1 b2edf4807e6bdc2dd63f26c9c4ee4277cabe39d7
SHA256 ddbdb42773519607753274a6086ef30b828d97d458257151237d564d0523d6b5
SHA512 36152fc6bc5c081ea5e281d31ef4677575ba259200c02ffb2643fc8cb1d9fb9253e786638d578e7b9e9eb3d3282d8ea3d8e9d7842c35a349f84f1ce98589265b

memory/1608-4488-0x0000000002750000-0x0000000002760000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 775f4ba18474f3af9b760e4fc2e3fdc3
SHA1 067ea5bad2238bb90be60830e310ba6d1cdd044b
SHA256 0e60b3e965ffeb49331ef5a152b158c76b1517a9845d366dc211efc8b6e4054f
SHA512 ecb7fb1824ad6439668b3b20e286eaf0e2d0d994661658af648a4d9611557073c22deb60d6e9183641f95e7222ec6ed617aa84c9b97ffad3483bab1206261da7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\442f96d9-a3be-4e56-aca0-9d8fd2c8042f.tmp

MD5 ae13b578ff04b3eb91cb9f3e7387d7e3
SHA1 28653ce1cd482176e61ba90ba346655d489bc824
SHA256 e0a7b612a22169af5c21587b7f593eb8af33bbdbc72519a3de5e849133c3fef1
SHA512 7260caa29fc9b9be223faf8be9cfc8a9813f0aeb8b9e05f5c6e7bee17477dedab96bc8e1d09dbb0be4d24d39b6c177048013cf3be7d50f1366265d89d9735da2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 944ad198fc2a4f1329590b53b70c1437
SHA1 cc78a93608d2872462a965da43825570788b6268
SHA256 2a1ad29b04467eded3155250cd4dd5ee3b11b5abcea718f83ad617981bba6f7c
SHA512 f219de84b8a86b1f4f635ece78f11ee7afefc69aae5a02609c3a8e571081a998890de3ea0e25cccfa1396ad5cfabf11a2b7f7437d5fdd62c571716242c86b300

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8a8484299bde6981b3d14c469c9bca57
SHA1 5ce2efa4ecd3495a23aa91550970c10d13c52aa0
SHA256 68e813d617ad1276295eca48bcc4da25db6559e91d4c63596776b3f5f7f12976
SHA512 a9db60f57b7e5bc559707fd7dd7487b953c9e12a98937fa3332f5d46579fc3f232bfc5aeb24dcad59aac257e27735c4ab07fdc213fbb11a01f8670ead0338de1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\2afdc0d9-3466-47df-9e9f-3cb7c1619863.tmp

MD5 0a336749c95ab43e2e492ab7a5e9a6a7
SHA1 e113f8f0e833f09c7b145992d037f798a3841697
SHA256 ec7d688aec121bb662fc5dd512c4778b8ab8636a77db2d9a8a39db3af80879a6
SHA512 ebf458b20e85fbe43a1aa7a35c491846509123e003ce9b0f342172a1f855acefba58e9dab410363b0a1cd2995984903df9166b9907d1613a2d4be7dcf32656c5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 3bcacfac7c28c00ea39f69c27a112bfd
SHA1 b2d7a34bab69ff4f4ab11a17d8d99ab66103748c
SHA256 d7d8695b7dc650c3f7a6d12dde348f53d735ab216a704a189363a2ed419d1d94
SHA512 414516fd09c55314c8352ff0286f29227e0862f9f6fa19287a9fc62875cfa10e82ee03f3f8bc1c54333f02c833696fa2c20e1883396ff01896bff24ea727d805

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d4eb674f68efeef675ba279237d8df84
SHA1 899d3d6bd9e21f7c11c25fd94e926a3fcb11794c
SHA256 62cad7c9f8c6d1bba2f21255e340773960ba9a063400dc1cc92fcd6072a78ff8
SHA512 713cae99d2b6984da4acf7da6e95524a4ccf2f1e662be6903d56c40b956a0b2879fb4a45ccb55974801fccb1741a16d3b389c5a306468a9b2b8b7b3827b921fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 76e53e3db1ce5886f4d5766ae6504b1d
SHA1 c0e0a4ee75dc10e257fac9cf795144700f97e321
SHA256 bc4824e8fd144975da4a25b2347cb388a14e0b202246758bfc33adf423c7d4f1
SHA512 7f7280d379724cc4296052a1c6b113a67c0b8e7fee4d468f8e9b5db20aab528a15aae25c6c9519067c14e7ac130f59aa9868d9f590bc179499d742fa05f4387d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\f50ba900-a5dc-4f7c-a489-db025d56194a\index-dir\the-real-index

MD5 1487a516e066e9dbca0e4f4520ba2900
SHA1 4dce98050c8be1be2e64742910bdda134146527f
SHA256 803a06a43a5e9672c5190f509e64d61cca5decfd155715a13722475b73307e5c
SHA512 cf079a2dacfd55046b4127648ac02725868d76e6f851d25afd4c3b0a37d23f7b7868fd7343d82379a2a03a26fe3952b7fb1321f5a31155f1e45b9f09cb1ad4bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 888b4e366b7d4186e9c8da90e8a777c9
SHA1 17b0b6e70f682bbc39cddacdefab1317562757e9
SHA256 4fbb1814d92cb14cc0b1134a578bfb0b0d437f034ce0b21629f10e46563729f8
SHA512 50d26cb656b6fdda8240eded46102a8ab3f499ec3b7050ff1e0afc5762b515de973889692ab96281dcf870292e0fdd0b0999a18b5287773296b0ef6fd5384e59

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-03 05:35

Reported

2024-06-03 05:38

Platform

win10v2004-20240508-en

Max time kernel

93s

Max time network

94s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\slinkyhook.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\slinkyhook.dll,#1

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 144.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 134.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 30.243.111.52.in-addr.arpa udp

Files

N/A