Analysis Overview
Threat Level: No (potentially) malicious behavior was detected
The file https://setup.roblox.com/ was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-08 09:05
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-08 09:05
Reported
2024-06-08 09:06
Platform
win10v2004-20240508-en
Max time kernel
70s
Max time network
73s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133623111558267136" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://setup.roblox.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=4156,i,13879737908471496610,15335851594401413307,262144 --variations-seed-version --mojo-platform-channel-handle=3828 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4160,i,13879737908471496610,15335851594401413307,262144 --variations-seed-version --mojo-platform-channel-handle=3848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=4344,i,13879737908471496610,15335851594401413307,262144 --variations-seed-version --mojo-platform-channel-handle=5316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5452,i,13879737908471496610,15335851594401413307,262144 --variations-seed-version --mojo-platform-channel-handle=5472 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5480,i,13879737908471496610,15335851594401413307,262144 --variations-seed-version --mojo-platform-channel-handle=3580 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5920,i,13879737908471496610,15335851594401413307,262144 --variations-seed-version --mojo-platform-channel-handle=5924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=6080,i,13879737908471496610,15335851594401413307,262144 --variations-seed-version --mojo-platform-channel-handle=5832 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff84308ab58,0x7ff84308ab68,0x7ff84308ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1756 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1996 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2220 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3044 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3080 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4268 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4420 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4568 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4120 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4472 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3176 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3040 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4260 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4556 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4100 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4316 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4880 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5024 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=4508 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=3320 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=3096 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3132 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5216 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=6452,i,13879737908471496610,15335851594401413307,262144 --variations-seed-version --mojo-platform-channel-handle=6324 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=4992 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5064 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x444 0x4a8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=5320 --field-trial-handle=1948,i,2029039391669581751,6229217330538225264,131072 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | setup.roblox.com | udp |
| US | 8.8.8.8:53 | setup.roblox.com | udp |
| IE | 94.245.104.56:443 | api.edgeoffer.microsoft.com | tcp |
| US | 8.8.8.8:53 | setup.roblox.com | udp |
| US | 52.217.48.110:443 | setup.roblox.com | tcp |
| US | 52.217.48.110:443 | setup.roblox.com | tcp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 8.8.8.8:53 | edge-http.microsoft.com | udp |
| US | 8.8.8.8:53 | edge-http.microsoft.com | udp |
| US | 13.107.6.158:80 | edge-http.microsoft.com | tcp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 2.17.251.4:443 | bzib.nelreports.net | tcp |
| BE | 23.55.97.181:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.104.245.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.48.217.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 51.11.108.188:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.11.108.188:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | 4.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.97.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| NL | 23.62.61.129:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 129.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| FR | 172.217.20.196:443 | www.google.com | tcp |
| FR | 172.217.20.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| FR | 142.250.178.142:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | 131.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | setup.roblox.com | udp |
| US | 54.231.233.72:443 | setup.roblox.com | tcp |
| US | 54.231.233.72:443 | setup.roblox.com | tcp |
| FR | 216.58.214.163:80 | www.gstatic.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| FR | 172.217.20.174:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 174.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.233.231.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| FR | 216.58.213.78:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 78.213.58.216.in-addr.arpa | udp |
| US | 54.231.233.72:443 | setup.roblox.com | tcp |
| US | 54.231.233.72:443 | setup.roblox.com | tcp |
| US | 54.231.233.72:443 | setup.roblox.com | tcp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| FR | 172.217.20.174:443 | play.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 8.8.8.8:53 | 67.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| FR | 142.250.179.110:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | 110.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| FR | 142.250.179.106:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 106.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | classic.minecraft.net | udp |
| FR | 18.164.52.69:443 | classic.minecraft.net | tcp |
| FR | 18.164.52.69:443 | classic.minecraft.net | tcp |
| US | 8.8.8.8:53 | 9p1bb7fwdf.execute-api.us-east-1.amazonaws.com | udp |
| FR | 142.250.179.106:443 | content-autofill.googleapis.com | udp |
| US | 3.165.113.90:443 | 9p1bb7fwdf.execute-api.us-east-1.amazonaws.com | tcp |
| US | 8.8.8.8:53 | 69.52.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.113.165.3.in-addr.arpa | udp |
Files
\??\pipe\crashpad_4844_DRBXCWQEDPVQHGWF
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e401f9c57d4ec00c957d0036c21815d4 |
| SHA1 | dbc0093bef74c28716feb398d084b6a9f1db2940 |
| SHA256 | 61a3139a0ebbf5430f1c222207fcaa15bcd61fc13edce83504e212046432746c |
| SHA512 | b646991b86765eeddb8d21dea5814e35ffe1eb0c61ebed0cffed1d4c771a257a1e02152355d111c999021a1470316f25c09353859c84ebb3e43d09e6c4aea0ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\cdde15d9-dec9-40e5-ae35-7f690b096a16.tmp
| MD5 | 601890083b19f9c9892627cea6c7b2dd |
| SHA1 | 9aa3a9c4816e95f3acbab22ac1f0f78d902fd90c |
| SHA256 | d2e823109bc42490e617d9ae1759842753865f3adad5f6a2250249989b017466 |
| SHA512 | 1e6b53b1030301c03dff4e5e2d336ecc701b580dfac57987cfffa82d199ae0c04cce6f53080cc5d20ac858906278cd54b0270b64dd2b9a793ce10749f490b36a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ee1c94e1bc37fbafe461c6863237e46b |
| SHA1 | c67cb671f1dd9cf58c414167ec71a52ff7c88f1a |
| SHA256 | d429a95aa22a75006ef7f17c48aa0015ae8b3c77844f5a176441471185df5946 |
| SHA512 | 80e7686b647c12e8f483f9f52452aec316685a25988cd6b0b8c094aa44bdc771e547ac8eff07168477b211b5204889926c8288412084141af5d666f02e02d4d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 317fc53470ecab8440451d1caa61c148 |
| SHA1 | 20a63abb6784a889a10d6014e1a36b96b7358bc4 |
| SHA256 | 36c6976b15facefceca9791a3a5c5cd34914860085cfee4c8c44e269f364c712 |
| SHA512 | cbb83c4651a68e0559b5eca5dbd34aad461aff3b9fc1b2b9799e0a7c55f32606256c21bc5cde58b6e0da9a472220c2458b4355486dd4cd5870786439f6bf5a6a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
| MD5 | 6f19acc3a8715d595c647673a4fb0d62 |
| SHA1 | 0e2f19967aa60bfe7392f432aa391a6ba90edc21 |
| SHA256 | 44183ab5b1b22bc5c31fdfbc3b4fbeede4927309d47f160f0de12830f8bc7fa4 |
| SHA512 | b2567dc1651ea1aa0c8e63131da719663f204bf26abdeb3798733c3cf05229b9bcf54cdbf4c014ddf28df182a16a99cc6fc66e795d66950de77a94459352845f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d
| MD5 | 05855fe1a2c408b86d50794f6cd302bb |
| SHA1 | ac7a1e0debc00f857d1818f740c9f4c2a1d0c0fd |
| SHA256 | c451ace14159b321c688abdb09dd8f86c100be8a7e9214717fbeddfd3759ea10 |
| SHA512 | a27e0306f7e7be3a4a5dbffb136443f67f57b5478d4b312d54e7c3fe8488afb11f64980aa59cef37485222431057b9c9397820c92af85d0d94c89049e2853805 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\351244b3-6957-458a-a326-b53ce7d03052.tmp
| MD5 | a31676d73fd2671c27d9895774ad6e08 |
| SHA1 | 9278176832afdf90693d3c635dfedd909351b1f3 |
| SHA256 | fdbbd8964ffdabf1f4e2c4135fe29d36b7666b7077f18727f23c92e2d0a8f29d |
| SHA512 | 457db5d69713b132a26414d9ba60b8cd470c6c0e9699595eb7d353248b3dfcfb5b7866768a9b22b8eab29d3208c8226efed901f051a2053ff05b9b60657cad46 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 21d4f63dffcbf09005b9fdd7be6a39a2 |
| SHA1 | d5eb9b36eea1902171c4f1a1cd62b470a73c06ac |
| SHA256 | e313c4658fd053fb3da9e091cfdf6d23985ad745f1bca65704784b9a618df988 |
| SHA512 | a0542ae95be4c656fb1dc803e48f06ad1041b81830f82c25af53dbcc8258fc6937869fcf7e755b446508837fcb3798944643a60f22533fc1e8a6fac8acb7440a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 40eef23b51c2e5f184e984d960fac5a2 |
| SHA1 | 28c82fa3a5b5888c4c5f892021c93c5c8d74f699 |
| SHA256 | ed720959f72bd2d9080e3767bef491c282cf05689c6c8bdcdfefadbcc6c215eb |
| SHA512 | 7f60fc3968648c23b27350e336048458d03d9f75bb93a18f8ee762655d5a0a68173d2c33d5b00fc6b4610798b0e902ebadf21c3cdcaddf217d9cb98745e2cf8a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | fac49e161e404a2a94033d91245077d8 |
| SHA1 | fcdd095a60d94e7fedb86bf29c784007b4d7e9c7 |
| SHA256 | 782fae8642551618ba67e354c7335e274ffeb931ca0c02698e5cd8ca5931a349 |
| SHA512 | 0a3e34ab9bc45b40f7c2b2c26896ced8869a78992e1a8fae4d0dffd7815216a0168c19661de536b6174f168f88563185ed87929c04a7d8238250960bcf562bb2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | aa12ea792026e66caab5841d4d0b9bab |
| SHA1 | 47beeba1239050999e8c98ded40f02ce82a78d3f |
| SHA256 | 65fe153a832452e97f5d484440a7047e314d3a83cb61ad2508fed48a820e1de1 |
| SHA512 | 0b2b1bb8851c60c9d4ab1d039b990a4de5799c97c50b45f64e36a21849c14e785f69196f674ac225b1419d7f501338054074cab6203d041361a4fa1ed8802b27 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
| MD5 | 4f9d58547367f284c0fa5c840c00b329 |
| SHA1 | afdf5a998830ad8bea4d57ad8cb3882ac911b43f |
| SHA256 | 3104d7911ad5190e95f4bcc647740dcc286325ca7a57f46510cd7970aeced0cd |
| SHA512 | 7d21bdf059b4cbb5a1203c8c7333ea91118bab3b6d935f59e7e89637eb31d2a28d69033ce8501431dfbcccdb6df1f05d86cc4d99af01c68270a5577b795eb350 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6022d0527597c970454764e116ce2292 |
| SHA1 | 1ee581ecc522425a31bdc5b9dbf5ef23807298ae |
| SHA256 | 607380f0f154a29aafb68ee54f06a3e2b351b99db4672c8cc6bbecf88bbe593d |
| SHA512 | 1c1793ba809d2b2d7c6a5c8981ae47a85b65ed1226d0eb501f3e9704af37d2b50ba0ea87e32ab1307cdce5031121d5bbd22192223e3dcdddb4b441433463c10b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b2845817ffbb1d3b316c71ffe635093c |
| SHA1 | bddfea7023d10d43024e84204b742ecbc59414fe |
| SHA256 | 77fe864ad4787cfb85fadfa863197b6164a0a0f5612a0110930bb387892254a6 |
| SHA512 | 96e0d7389b6b785626b93ec312916b6181e4cf51dfa5ea67164723a78000ac6476ff4a450a7a1dc20194b7f88d711033a6ea4fd3c5512a48794724929d4c7157 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c48bb5d5a6e2a06aa5932a24bc6ab7bf |
| SHA1 | f43558af7b6e2feabf595283add734bf56ed0101 |
| SHA256 | 5ae748af0f8f1859a0e281fe0972aa6d1c208c40d79ac21b53ec92697e391a34 |
| SHA512 | 417549c20c4b5d841b2a16ba50e3feb8a3f12337a70948184cd7ae0bf7051a67aadd5f8531f573c70f378aeb2eb4bade892b4f8e5741b57976d4086866fb29cb |