Malware Analysis Report

2024-10-16 07:02

Sample ID 240610-ycm6xsycnm
Target download_v1.0.0.zip
SHA256 75a3295f8c688359fcb7555b80e3f71ee42c5ac1d4525a39b2571107acf06a45
Tags
themida evasion trojan
score
9/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
9/10

SHA256

75a3295f8c688359fcb7555b80e3f71ee42c5ac1d4525a39b2571107acf06a45

Threat Level: Likely malicious

The file download_v1.0.0.zip was found to be: Likely malicious.

Malicious Activity Summary

themida evasion trojan

Identifies VirtualBox via ACPI registry values (likely anti-VM)

Themida packer

Checks BIOS information in registry

Checks whether UAC is enabled

Suspicious use of NtSetInformationThreadHideFromDebugger

Unsigned PE

Suspicious use of WriteProcessMemory

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-10 19:38

Signatures

Themida packer

themida
Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-10 19:38

Reported

2024-06-10 19:41

Platform

win7-20240215-en

Max time kernel

57s

Max time network

140s

Command Line

"C:\Users\Admin\AppData\Local\Temp\modest-menu.exe"

Signatures

Identifies VirtualBox via ACPI registry values (likely anti-VM)

evasion
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A

Checks BIOS information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A

Themida packer

themida
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2744 wrote to memory of 1904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2520 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2520 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2520 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Users\Admin\AppData\Local\Temp\modest-menu.exe

"C:\Users\Admin\AppData\Local\Temp\modest-menu.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef67d9758,0x7fef67d9768,0x7fef67d9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1132 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1528 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1624 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2264 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2272 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1300 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3180 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3200 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3548 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3568 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3444 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3724 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=1936 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2540 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=1968 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=780 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3548 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=840 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=3656 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4144 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=3756 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=3948 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1096 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=3584 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=3860 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=3908 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=4240 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
N/A 224.0.0.251:5353 udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 id.google.com udp
NL 142.250.179.195:443 id.google.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.179.246:443 i.ytimg.com tcp
GB 142.250.179.246:443 i.ytimg.com tcp
GB 142.250.179.246:443 i.ytimg.com tcp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.212.206:443 www.youtube.com tcp
GB 216.58.212.206:443 www.youtube.com udp
GB 142.250.179.246:443 i.ytimg.com udp
US 8.8.8.8:53 waa-pa.clients6.google.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 172.217.169.42:443 waa-pa.clients6.google.com tcp
GB 216.58.204.66:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 142.250.180.10:443 jnn-pa.googleapis.com tcp
GB 172.217.169.42:443 waa-pa.clients6.google.com udp
GB 142.250.180.10:443 jnn-pa.googleapis.com udp
GB 216.58.204.66:443 googleads.g.doubleclick.net udp
GB 172.217.169.46:443 play.google.com udp
NL 142.250.179.195:443 id.google.com udp
US 8.8.8.8:53 superuser.com udp
US 172.64.144.177:443 superuser.com tcp
US 172.64.144.177:443 superuser.com tcp
US 8.8.8.8:53 apps.identrust.com udp
IE 2.18.24.9:80 apps.identrust.com tcp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 cdn.sstatic.net udp
GB 142.250.200.10:443 ajax.googleapis.com tcp
US 172.64.147.34:443 cdn.sstatic.net tcp
US 172.64.147.34:443 cdn.sstatic.net tcp
US 172.64.147.34:443 cdn.sstatic.net tcp
US 172.64.147.34:443 cdn.sstatic.net tcp
US 172.64.147.34:443 cdn.sstatic.net tcp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 104.19.178.52:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 www.gravatar.com udp
US 192.0.73.2:443 www.gravatar.com tcp
US 192.0.73.2:443 www.gravatar.com tcp
US 192.0.73.2:443 www.gravatar.com tcp
US 192.0.73.2:443 www.gravatar.com tcp
US 192.0.73.2:443 www.gravatar.com tcp
US 8.8.8.8:53 pub.doubleverify.com udp
US 104.18.166.224:443 pub.doubleverify.com tcp
US 104.19.178.52:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 qa.sockets.stackexchange.com udp
US 172.64.152.233:443 qa.sockets.stackexchange.com tcp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 104.18.32.137:443 geolocation.onetrust.com tcp
US 104.18.166.224:443 pub.doubleverify.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 104.18.166.224:443 pub.doubleverify.com tcp
US 104.18.166.224:443 pub.doubleverify.com udp
US 8.8.8.8:53 stackoverflow-privacy.my.onetrust.com udp
US 172.64.155.119:443 stackoverflow-privacy.my.onetrust.com tcp
US 8.8.8.8:53 4fc8b8c58d6d40b01492b9e0c4ca11e6.safeframe.googlesyndication.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
GB 172.217.169.65:443 4fc8b8c58d6d40b01492b9e0c4ca11e6.safeframe.googlesyndication.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 community.spiceworks.com udp
US 45.60.13.212:443 community.spiceworks.com tcp
US 45.60.13.212:443 community.spiceworks.com tcp
GB 216.58.212.195:80 www.gstatic.com tcp
US 45.60.13.212:443 community.spiceworks.com tcp
US 45.60.13.212:443 community.spiceworks.com tcp
US 45.60.13.212:443 community.spiceworks.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 global.discourse-cdn.com udp
US 8.8.8.8:53 cdn.ziffstatic.com udp
US 8.8.8.8:53 cdn.static.zdbb.net udp
US 8.8.8.8:53 sea1.discourse-cdn.com udp
DE 143.204.98.70:443 global.discourse-cdn.com tcp
DE 143.204.98.70:443 global.discourse-cdn.com tcp
DE 143.204.98.70:443 global.discourse-cdn.com tcp
DE 143.204.98.70:443 global.discourse-cdn.com tcp
DE 143.204.98.70:443 global.discourse-cdn.com tcp
DE 143.204.98.70:443 global.discourse-cdn.com tcp
SE 92.123.135.82:443 cdn.static.zdbb.net tcp
BE 2.17.196.144:443 cdn.ziffstatic.com tcp
BE 2.17.196.144:443 cdn.ziffstatic.com tcp
BE 2.17.196.144:443 cdn.ziffstatic.com tcp
BE 2.17.196.144:443 cdn.ziffstatic.com tcp
DE 18.245.86.42:443 sea1.discourse-cdn.com tcp
DE 18.245.86.42:443 sea1.discourse-cdn.com tcp
DE 18.245.86.42:443 sea1.discourse-cdn.com tcp
DE 18.245.86.42:443 sea1.discourse-cdn.com tcp
DE 18.245.86.42:443 sea1.discourse-cdn.com tcp
DE 18.245.86.42:443 sea1.discourse-cdn.com tcp
BE 2.17.196.144:443 cdn.ziffstatic.com udp
US 104.19.178.52:443 cdn.cookielaw.org tcp
US 104.18.32.137:443 stackoverflow-privacy.my.onetrust.com tcp
US 104.19.178.52:443 cdn.cookielaw.org tcp
DE 143.204.98.70:443 global.discourse-cdn.com udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
DE 13.224.186.120:443 c.amazon-adsystem.com tcp
DE 18.245.86.42:443 sea1.discourse-cdn.com udp
DE 13.224.186.120:443 c.amazon-adsystem.com tcp
DE 143.204.98.70:443 global.discourse-cdn.com udp
US 45.60.13.212:443 community.spiceworks.com tcp
US 45.60.13.212:443 community.spiceworks.com tcp
US 8.8.8.8:53 avatars.discourse-cdn.com udp
US 8.8.8.8:53 emoji.discourse-cdn.com udp
NL 185.172.149.104:443 emoji.discourse-cdn.com tcp
NL 185.172.149.104:443 emoji.discourse-cdn.com tcp
US 104.18.166.224:443 pub.doubleverify.com udp
US 8.8.8.8:53 privacyportal.onetrust.com udp
US 8.8.8.8:53 zdbb.net udp
US 104.18.32.137:443 privacyportal.onetrust.com tcp
US 8.8.8.8:53 gurgle.spiceworks.com udp
IE 63.34.2.42:443 zdbb.net tcp
US 44.205.212.213:443 gurgle.spiceworks.com tcp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 api.rlcdn.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
DE 13.224.186.120:443 c.amazon-adsystem.com tcp
DE 162.19.138.82:443 id5-sync.com tcp
US 34.120.133.55:443 api.rlcdn.com tcp
DE 18.245.31.65:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
DE 108.138.8.164:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
FR 2.23.118.34:443 secure.cdn.fastclick.net tcp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 hb.minutemedia-prebid.com udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 104.18.36.155:443 htlb.casalemedia.com tcp
NL 185.64.189.112:443 hbopenbid.pubmatic.com tcp
DE 3.124.64.248:443 tlx.3lift.com tcp
IE 52.19.15.175:443 hb.minutemedia-prebid.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 8.8.8.8:53 gurgle.zdbb.net udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 44.205.212.213:443 gurgle.zdbb.net tcp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
NL 185.64.189.112:443 hbopenbid.pubmatic.com tcp
US 104.18.36.155:443 htlb.casalemedia.com tcp
US 8.8.8.8:53 cm.g.doubleclick.net udp
GB 216.58.213.2:443 cm.g.doubleclick.net tcp
US 8.8.8.8:53 aa.agkn.com udp
DE 3.127.112.86:443 aa.agkn.com tcp
US 8.8.8.8:53 stags.bluekai.com udp
BE 23.55.96.210:443 stags.bluekai.com tcp
US 8.8.8.8:53 d2697e31d19ae15a3a0bf53ccbf7ec22.safeframe.googlesyndication.com udp
GB 172.217.169.65:443 d2697e31d19ae15a3a0bf53ccbf7ec22.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 jogger.zdbb.net udp
SE 92.123.135.82:443 cdn.static.zdbb.net tcp
US 8.8.8.8:53 tags.bkrtx.com udp
US 8.8.8.8:53 idsync.rlcdn.com udp
US 3.212.181.63:443 jogger.zdbb.net tcp
FR 23.217.254.57:443 tags.bkrtx.com tcp
US 35.244.174.68:443 idsync.rlcdn.com tcp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 cdn.ampproject.org udp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 142.250.69.3:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 dsum.casalemedia.com udp
US 8.8.8.8:53 eb2.3lift.com udp
US 8.8.8.8:53 image8.pubmatic.com udp
US 76.223.111.18:443 eb2.3lift.com tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
US 104.18.36.155:443 dsum.casalemedia.com udp
US 8.8.8.8:53 match.adsrvr.org udp
US 52.223.40.198:443 match.adsrvr.org tcp
US 8.8.8.8:53 sync-tm.everesttech.net udp
US 151.101.2.49:443 sync-tm.everesttech.net tcp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
US 142.250.69.3:443 beacons.gcp.gvt2.com tcp
NL 185.172.149.104:443 emoji.discourse-cdn.com tcp

Files

memory/3012-0-0x000000013FB50000-0x000000014255F000-memory.dmp

memory/3012-1-0x0000000076FB0000-0x0000000076FB2000-memory.dmp

memory/3012-4-0x000000013FB50000-0x000000014255F000-memory.dmp

memory/3012-3-0x000000013FB50000-0x000000014255F000-memory.dmp

memory/3012-2-0x000000013FB50000-0x000000014255F000-memory.dmp

memory/3012-6-0x000000013FB50000-0x000000014255F000-memory.dmp

memory/3012-7-0x000000013FB50000-0x000000014255F000-memory.dmp

memory/3012-5-0x000000013FB50000-0x000000014255F000-memory.dmp

memory/3012-8-0x000000013FB50000-0x000000014255F000-memory.dmp

\??\pipe\crashpad_2744_OKSBXQQXYYIRCQME

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a9881d06cdc8ef4316a683d28f73df0b
SHA1 f2924029ef9d3ff87790cd334d17a3a82020bbd4
SHA256 dad1054f4c5ee62316ae37b00fb88e4db6e7941eb782af2f4da134b940c0e578
SHA512 4956e9ee1e66f57768d87e4145900695def4d192c1daed8399c1d53fa65cc5f1c7e99375997867a89f97009504b0dd9dedb659cdd5087c8184693ed491f4da71

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf770196.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8b441696b8938b90916dbfea2688f952
SHA1 1bff6ba2e055a604a081de94d0436ec5cabbcb9b
SHA256 58fe8b872f317c1ca2cf6a50ac82fc51a8ba29f2046b9cbe857c7cd223318987
SHA512 283f0c9f7bb70320b86a9c96d88a7a207fcbc1f06828859edeafdcdb2f7fe28401e36638762517d25136a33c5d8d2a41fb3b24a6bf151b0f291bda0f66eb7470

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 144bd20e19ef5b025015a870bd890ef5
SHA1 9e16b2bf9feea2fd6ebe0c498a92797e086c219d
SHA256 9dfd5553c6984f2f1607f5602f8ff383dc14e3ca6f130c3ca0f55aba8cde083f
SHA512 1cb38c7c799909bd1ccb11610d96b2db0136aacb41c85f5255f3d56e6b5907b603388a7fad3b78fbdf4e78b53a3e3e87dc5c602ba101b94d53a8606a2fa9ce0e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ae1bccd6831ebfe5ad03b482ee266e4f
SHA1 01f4179f48f1af383b275d7ee338dd160b6f558a
SHA256 1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649
SHA512 baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 fcf95336898aed942ab0d0c08742163d
SHA1 d7159e1226c78fb656c38fb5a107439e44e04ddf
SHA256 a8d8f81ebf633426752db4905195e1c5a148e596a3ca5b3655e9434db5bea8e7
SHA512 db850f2b204e20ab86d07dd0138af148d87f7f27ad436ab80c8525554023f40035409a355dbc5ecd1f8d343cea7ccc935fb3c1dccb388bd3f89a9f2f09851c2f

C:\Users\Admin\AppData\Local\Temp\Cab2DD6.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar2F63.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4cb8c2f84dd0f0e032d54da0a7922643
SHA1 65108de69db2da633520c91909dd1caaf1aeb2f5
SHA256 24e41025054b1b033b9c8bf8dde147eb5392a9b253266c70aefae787b446e066
SHA512 e2407da248fa0bc694620ab3143ec4be3f0b7164dc286c4d07b4a37570dbf275cf8a1a6ed4634c33169377749b9b7d78d303109eaf69f776eff00c83cfd2ee5d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 551be7d793b9e6b89d39d73d2d5a7587
SHA1 b683b08a968ff99186f86fb1646d44d6558366c9
SHA256 d3d519238dd847fac083f32de278f167745e9695346591d6b111b601151c802b
SHA512 a2d39fa701d39169fbc1e9d9f916df298cbafc6739f6329a48ccff0cf45533ca62dc44a5d3cbe4dcb6f30db30dc4de674411906477a48c715e3ebdee595d2754

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 44b56c1079d87eca159fc30e4734e53b
SHA1 ea0b115ee4b5974ba888a676442396339d303d9a
SHA256 6a9a2f6866e05e106d95b5587abdb73526eb4d441974b0a38d03475ef23db974
SHA512 7cf7eb0daaf666fc4c758280576a88eadc6421665d6af519c5007c68776fedc9dc582f24f2f6ef41a7ca9dd78873f945aefc5557fe7d49f129a65552eefa0977

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a9b71a39f1b378eb6e9a4bd44c8cd880
SHA1 53fcd64bff1a145e276271e29b578cf5ba0509dd
SHA256 9a0d4cb76c824d9d9a3ac263b59e4ade6a58b5c34a0cca4c5b2dbfa175fce501
SHA512 4242e7f497a194580e0a0c6f6bf9ad20c665efd2ff89b15ba73b5aec6dfc7a42397c1513332850ecd40d7e7f93a188a978a1543efd09f3d374238c6648de911b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 61211dbc386d2eb846f99a875181fbbf
SHA1 ff3047b36c49f28e6f383397b043dcbf92377b5e
SHA256 a045fed34695181bd726b80daad5ecb49a78089ec106a8e3ea41ceefdf3e7aaf
SHA512 5f85d0971bc3197c00529a9677500a18e7ea6a195d6cbe528ff34ad262f04ee77f6116b7ecadefbe5ea1baae3b5708893aefab915c0c81e22b876728c85f311a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bb88ca6888f8babab7238f2915685736
SHA1 3c369b355cfefe3b26baf5be89363d9ce325bde7
SHA256 068502b190bd3bc9a59ee28594349b8197d113a421c5f28bd944ce430eba8151
SHA512 d1419d7e4acc613adfc622a241b9bdc4d9b4ca09cfd06c0fdbf9cd0615ceb7b34db4f9f401c9abcdafcba4d419eac4a4c6992a0f52469672435d758e1d2dcbbf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 957597d9b358be40278645fba25c711b
SHA1 0f023203d4df081a5bf104f9d949a4bb4145ad74
SHA256 d6c87402bcaea48f0b49a5613681062e921e973aa595b5c2abf062f5d74774a4
SHA512 104f51cfc29c0a128474b3cdb02fa20e20c339dffb3080f5910c961acfdada822b50ee4eb1e967a07c46d3ce42dda825465936a026d4bef6fc0dec1f69446de5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 548daf7f22b54858e279b703e0e8f52c
SHA1 abef14fd79ab38d3090a0c84013e845247df036c
SHA256 03ecb33dafbb2d366bd741f17447a7be4b5548e337710a0f36b81ebd4052ce37
SHA512 be39de673cccbfa5d67fe11f33189bf8875517b950a43db9be0da10351e3e3bf153dbce1135bcd6fc1975c91c3af40da1375723d78cf698dfaf7877522afe424

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 dc674c50494c6502f00a819b89633338
SHA1 8dcf77eedafe8d8292ae73bb70f0b8409d2471bc
SHA256 b109e45a8ddb8936a009ae045fc0039795e16584e7de45d039c5a40f61606fbe
SHA512 0dfc242fde3e687156ef25dec2306c0ca279ee01e0306062d0a4fd70189861b65924c0e1b165a2a5bd50728c37012279fdb1a48eaa7d9788e89aa463148162b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 60d4d9463ec89c07f911cee55a85475f
SHA1 3fabfb72aae7537824d2647ea94b75e61da43262
SHA256 c5713190cb5c0e8aa140c0e71f719e8183f3b70d061b52f0225f61f52ee2fdea
SHA512 ef4b5bb7fba601671e1785ca27781a6688f06d2e24dd851a4ae6e8324c0c314c950d733758019e83638c768f48091ae863d2c6cb7ee7a284f7780c76626b9ada

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 68f7e5b60b125664263d7344afad0d59
SHA1 980d21135aaf02d61674b1f056adb5cdd3ac78f3
SHA256 3187fa3a5fa555dc2ed7502a87cb837cd286d0ef9261a9d54cd57fbc8ed69f03
SHA512 e77db5bb42cffa2f5d3aa9faa642e3cb120505a88ee7c7229f507992aca5a3de91cc5c324600d6844a5e8d82447b6cbd8d4d81f65e1b966a6f3d0c1d57696b56

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0c48b8cf333629a7c03b4d9fb871f2d5
SHA1 b11e3ea8a93642f12ac8b96409671d0849fcd592
SHA256 49fe4f183d2788eca0d63e5a1ddb9128c13fd14848e2046ba2733f1087ded291
SHA512 89bb7f1a81953cfb25eaade6c9251dd9145553aa3f420d4ac290e113b05c1b345e259a0fcd365df5e9892ba90f17c375c28fcbe3056a97ed5a831fd45fd9078d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 4f9d58547367f284c0fa5c840c00b329
SHA1 afdf5a998830ad8bea4d57ad8cb3882ac911b43f
SHA256 3104d7911ad5190e95f4bcc647740dcc286325ca7a57f46510cd7970aeced0cd
SHA512 7d21bdf059b4cbb5a1203c8c7333ea91118bab3b6d935f59e7e89637eb31d2a28d69033ce8501431dfbcccdb6df1f05d86cc4d99af01c68270a5577b795eb350

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 c0a9ea2eae24b63270f8d9d520265eb6
SHA1 431881fefbca79ed838d8ca7b203d127969ff938
SHA256 834be103b06246087719777d344de665a3a7ec7ded8167f6a70fa6602066ee6f
SHA512 f81f21b671fa150a8ec36f1cb499db74d0043d9ace273cf6ab4078d8a427e55310b5e5e78899bd805b7f63fac9a877a5ef976398fcd5603631924aa0585d9b35

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 3c74232a93d7721bd3319ad15af6a2d6
SHA1 c05fcf6c55261c12906ece903132cfbe9fd93f8e
SHA256 8e8b9617d11ad0b0ee99918551e0533d68b498e52ed56df2142a996b033fe283
SHA512 ef5741af4d0804a1c7756e25c4cdbc028b5c34a9f154f0f15fdca943af9ef3429bba80f0e100d2927fe392f5acd35b6e4448dfec4b0388650d5a88730de2bf78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 d19f357145a2ee96291ea0f34504aa36
SHA1 26ffce889eacbee5c4e96fd8b61c2ebd84cd1730
SHA256 f085d23e60e753705381c1861cb512e90305651e4107b9a3db6529367e7ccce6
SHA512 25987b8c3d8c56b26039c6f1e46eba6161739c93b81434822b0c85282310b63387e9c2f9af5de6dd7812ddf1eaf1491b10467c8fb1f1c285783ffac2f3496efc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

MD5 52c11498c7b62200b2eaad6e044a3a9c
SHA1 053e3c71de096a11aa3403ec3747ae21be8026b4
SHA256 19fefaa1afb5eabbca7e26bf75082224c4343acc80d295eb1f8b637cc94f0c75
SHA512 245f3bb8d4c340ca4db5e2c17b67273ebdffe4525e454d415415d2e7f4c95418508679cdb28762825556046a32be4b6ade933010c60bfa2117497c3c3548c3f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 b22571ee44ef2080016c1e6c6648845a
SHA1 115d6df805a78462f7c750a861922b0e2abd0de7
SHA256 adf2381b1e610d05bcb0c9e03798e4dfcfe77d10d136ff5a4d8226fec19334bb
SHA512 4015ffa6a08e42d85157cb216e995d6cd6a7fbf408dd13abc2a18f15e46dd3e0f1ee2d2b5676770ff23a1db0a5b2a1b74b6c6104299575e076ea0a31a3f10750

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

MD5 f5c51a791c3385a1d6365385d41587b5
SHA1 510a673c9479e26b9b9f1933782c8a14a848b04e
SHA256 f387f3a4730972f5113754c6ca6a500fc74b07c2127870655f49a82e58e83f93
SHA512 aa46539dfc1679189195bd320a9b3c8076517f8f3f5df684ce16152c22d6fd9f0efd74c01898d3b6a6e7aaba4d63152078cbaec2df3754a8037bb0aa054ac60e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

MD5 0bd999c2c81bf947c534fbfc130b85e1
SHA1 73e080f025b01ae0450a041552743ab1cf452cbc
SHA256 7bef6271860d665d878fed0e709398a6026940a3a7408d9137e4f9f54af469c0
SHA512 7e1e0e37e6ca88d56a36b4858a7d1c8b0a550f0a0211802c956f4351053f3ce0d36cc06e0413d838c89510421ff4907682424217f1356f9b66ae567a3730c27f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 bcc4b91575004b43a8d8784b3ce12385
SHA1 d3248f3bdaea64ee97ba0196051000c31abffa38
SHA256 ccaebf2f7e94b54ccd54438896cc4c3867be5dc986527cc71f57a9404d07af41
SHA512 a1c3dc049ca0252a442cd9fcd7ca4786c43b9d0086b6a1273c224c476e613c53f4966c88b6c5350e026da1e27ec977e3ee6a9b53d33eea9995480d4b41e7e98e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c091f907bf0978ddfedd2b6ec9d0fe34
SHA1 ab01af0b09350fca9d25ff69bbd73e4e9596ef42
SHA256 63826eec94288376516b0f771033a7097cac78d2e23383fd66316832bb5c2b77
SHA512 ab3a69c66941feba1b4cb7cff3fe363db420983e0ee0804bceb24f4f1360c5199c585f02b3d9591f79f62e7513c2328bc5d1b1df051f2bdd28f3bcb1923bcd18

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e70a2e797fe3503387b2216240a40c2a
SHA1 b17eee5b12545d7eb734452954a94451fa035cdb
SHA256 d0d6b2ff27d847f6adbfb8ecd89e2c071561fe2e6295841dca5a92f3638386a4
SHA512 ce28dc6d7d3d9a22e0c01354d48c76c1c2b6b0394e700407b5d57d43e29e477513702f553ac51f6efd4edcca4cadfb73d05adea31672f250034ce85b9745881a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9b333baa3342f6d3a7acd5102852f672
SHA1 a865f2dd5e2bf1fd4a1276aa773a09075a6b1121
SHA256 0608bd82ac9153451acce0c38d9fff90ef13a2cda2a344091437254c731c9381
SHA512 2b72f5d47700c0281def1bd6cc4ba8896a5315206decef7e644f55eba2fd88f3fdda7d4d8ce1ff9e9f9854476aa2f8e5b33b637dc266059c3defd94e28d87d7d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7db5928e0f7e7f9a22671b345ef4bd67
SHA1 db156be6b68d5eb1cfd9aedf319cbb28cb4541ab
SHA256 e293e39f100596ff6d7e0fe968015ed768b98f7cc2fbe7c81f32403ba352cb62
SHA512 058bf3a818b9890fe7dc703b46372ea94e439843cdbe001a0b4d68caa53941c4664fa3b01bf2adf74306d28024822a9f6182a7ea0d78d49b1b44934cf9a3e936

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 74d026323bcff87157c4fa67f60e76d9
SHA1 0ac03941267696a1480b6272bf44d342d4a6cfc2
SHA256 1bd42d78f2e31bf80295e54850f330f3dde1a2c8cfe90f8c3135312016529a15
SHA512 c0bfaaf742cf625d8a5fa5e1f5a5fe3d6b7cf7b2cd62bc35d3d3dd5def0fba4557ee141a5bdcaea0f2df3e4ce2b90b91f88a1a9355e404e42d9a9caccac76c9b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

MD5 55540a230bdab55187a841cfe1aa1545
SHA1 363e4734f757bdeb89868efe94907774a327695e
SHA256 d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512 c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5d37a2685db2a31e04898a60882099c5
SHA1 0922d58525f3b38cfbb118c0bf934a9fcdbcb8be
SHA256 9e21c7e2063a6541f532118ae4dff6e6ed94c16069a449efc01e2901acd6d7ac
SHA512 00f8d342d3a1c7f82b07d927f5a633d6e4ef8bf8bb4abd2c6aae14c5178515c0c1adeeae4a62fc808830bc978a8d42d6f0b40495fbc8a0b4f01e8d3441b458d5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

MD5 8b3f1038cac254922c24af41879b35aa
SHA1 2f4b32c6fe73dd1a5c3fa7cf34d484fdd820cf5e
SHA256 0f083ee865952e6814a5b568b2f7df5dcebf96c8f807012e1d743665e1dc91e0
SHA512 2d9e04b15aae20bfc82aa4260f648ada004bea21ce4bad0ff02b8a0f0f74b1ad88350a32a836f5e8b7f09131c2f53ae88c281e8ca8e75a5805e75a7a4e62f7a0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8406c46c7c6daa09f80a39f30ac7c9d8
SHA1 00149b372dd5c434c78d5d61d8bafa25c57ece71
SHA256 2cbf6c25d612befd8eca0a22d54bef8f8f15a7ad575de29476fd64487e84fe12
SHA512 1ca2f76fbe58974621e72d3e42c748ffecdf88e31702c38c30ad1c2cc1773ea39ed07fab4ef9d34d0e02858c61e884dc7c31310a55538cd5a3462f5335ae8f46

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 de3140fc20fb94747c57f50f3ae9e98e
SHA1 cd10f8dff9dc39f5114d822864f4d2ec2b470c86
SHA256 e2e4c0acb1010490a9c6c97906f4199a4935da105ee6abea172b7ab83c563454
SHA512 06652de3a41d124a22d8d6e9584a8ab455a4db27a4db4ba4a84e9d2a705176e3f56a208d45fae27fd8ce2b096a631869ca5fefefbe11b19e57e6fa3994e5ab2f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 4bd85b719e1a640d79199a1f4cf3af96
SHA1 b809e587502737fe03f1200295fbab4008e452bd
SHA256 d6e59aeb1f0a8a3a777444e9d376c8effcaf4dca8d41b99f94904e44536dc29b
SHA512 6a869953f1d38cefeb5a9bec8de4d3f8adda00210d558a4694c60f8252f2aa4b71b7776d20a676241751916452253f965f5e2f36a8e8b0a6765e11094bb4ad24

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9186aa35d93462f422dae3f11c321ec4
SHA1 cb6a0510cb9541dc8edf492aeaa5ea3da9efa7db
SHA256 7aa0f8b1bdad1b60c985787f624b4407a1e84bd8a353251a919e2ebf305df4bb
SHA512 2907ab48a67537d67cb1d6e8746b5525e633dda83a9e7b2844d815697619530ad01f73efb8db908caaa689ce6fafd2dd49e684178c630c2244c99d0cbc33791c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 48b749d19edb08f51b39efb328194656
SHA1 b61b594c87b799a9a881d37ca0ca195bf9b5cb1c
SHA256 f2af6f9326b2a68eb5213c3823bf83e5b59624143424c9d90b06eb175fd395b7
SHA512 c6ba980057da211afbb13af3bc632c2f67a53ec67293058e7d66e0796b49b6fc110d1ceb5804763f3d4216639479484a1454a2992f2b91a270d388d09e5ef7b8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 17f43cd668d75d42880ef2a8e30eeaae
SHA1 ca98eecbf4bdb1313d23a7a83745d0f44d4ee206
SHA256 89eeb60e7e3958787fc25e6e925af5b313b729bd9eb693139dd0ba864f102a21
SHA512 ec8c515de86e080adde21ba8bf12c50bc4c29d6ef3835a4cb2630f060564534e779c3271d8433be6f7406bc0eeee2900a3cf0761c39bf8f0b94f0a9dc5a7687e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ad7e04d9e59b3159a067bbbb93ec643b
SHA1 803e0fce4ffc8811db5a583e4e52923acbc02e89
SHA256 8edf267eb17217a0e07b41ee6653939c41f1e6bc40a97b554771d937be11387c
SHA512 ccfc9e00e1712fead1714bc30627ca7ddcd9365a8346e3c0511f3a5b42095bbab5b4d6ba440f89b35343f4f18925de13ff5045a381e7cbe0ab9da8fa9a38d587

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 aba544062cee2a3bb8c56ac8383d6c33
SHA1 7a72252a6039f4a4e8f109d848c0bf696e88bcc7
SHA256 685a59a21707556a3cfe3f40cde862b1266474bafd9f9dc618274ea50a7daaad
SHA512 18cdcec94f9a0d195eed32066a5cc617f72ffa055567e3b18f074f3f41185c6df8793c03be81f8dc59df582656b75480d709646b62774ebd16b794e5207f06aa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c31ba8543131635468fd5ec23260131f
SHA1 3a0913399841a0e464e197eec05d9322301bfbe3
SHA256 7239c13fcc7fec165897e20594d085f1836659a1965d91361c266e0e4a3d38c2
SHA512 c0824f9bb0156ee780931f7e28bcaab43d55c3f6c27b8f9e08a512a9e699b2e73c25befe4a16bfb2e1efec0409e1b6deba8a9bab9ae0f5b0574483563cee01b1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8e0cfd78aae9bc652d9fa131835e6906
SHA1 19fd71f69cd61f936b8ab1c9d3d0e3ae6d6cf4e3
SHA256 3a13e63bbcd7a8e1775c16d0094fe66a10417a151a4b0be7dd3006d74d28cdce
SHA512 3d900897470378a7e03772f05ae66d8972a78a5c9a5a6be066912f5a1b1e8ec0a9a719e2a7bb934c88dfd36e44a1dbd1c5fde7dffa9511539ac6607a01ee5c75

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a5f3afe89ce7b1a20726ca568df6760f
SHA1 e6aa38139516e591ee1bbc74ab6d2e704ab2de5d
SHA256 4e120aa859875cc380aa6ba259cbd99e8954d8da45473b40f4aa03d5b3087b38
SHA512 90e7ce8b054463ebac59e80d2abdeb2e20d6fd0bcf4ee71a2865cba1615d23a27e8bf57d552eb03c5950a5c76b1e90b923c47537d40d29aea6616be40cfd7ebc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2187cf8c00ab6b1d964040329a3bd18a
SHA1 30ea8a34085de4e8f92cf0db11f1c4f8b5e9125b
SHA256 e314582fca4bc1554aefa27cd6ba9fff6893e4b494480533c83e642036131479
SHA512 30e76c86f24254b29ab6a3a684a9b857ff750404cadd4755b580590ba399f7f047c1018b32bd5b58bbf610fc9f450541b782897c752ec5ad3a3df6426490a989

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0e51918954b0b90538d924fd3f15ccc8
SHA1 11b64b5fd38e2ce09441cf1ff2c27fb23f2ad9c5
SHA256 9199217a470aa0870d70ae0c01e5a1aa991ac0d3c3d3ba7eab6af5377480cab3
SHA512 ba4cf597c2a3a5ceca5d73886ea42f57037f450d6fec063e89ce3fcb49c445a7a72abfe313d3f03ce42dd26f47f6b0aaccb2c6e24af1d7fed9be7e0a02feb72a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 305ece427544a4f91b6564b7dcca97c6
SHA1 37d15b3a8312a6eced8cfef82f7811fef13a28eb
SHA256 765f3fd016c0ee6563044569bfe9f00538560baf0415b51516a3635f8e07e00e
SHA512 0d9a7493850e48530d4146dc2c81076ee490391d8ee2ec58e2084c3fe85e62a50b5458450f422e3e8cabddb6ce45766e8126f5e3dbaf9a5c627d5537ee0b00e1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e10b26e3072d9d811f1dddb1d7247f2d
SHA1 ab7400160b04ca89fed1e2618ca87ddd956992f7
SHA256 1b7f18da6d9260a743b73a13bbfdf6b9ea0c0d457c33456dee07445ee3e2067d
SHA512 e838008266e40390b60754e5d264a8dcd7ad33c6db3b214a42565ab0afa84bbf69e3024b00136bb3e9ca0f460953b7f5d8cf02ab992c92961453cf6ab8f1b1bf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f0e0bfab83d1bf8f5bbd214193b0706f
SHA1 ff741a29ce601a1806021781b6fa5c45a88d511f
SHA256 e9b9fd37df6c99334a8de883dc5f44a6aba2548262c668d31fd0031c4ba0a6da
SHA512 49cde3b5ca42aa7c2a3b6eb1b1efa61ecb2b7f460819455f316b8c21e6c4292e563cce8116976c999c8b3fe1b7977ca30ec248116b41bc9256bbbe85108fd912

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ac23fc0da610c79fe05c4be090b7233c
SHA1 1a1bec1fa1f1692c6185b54d2bf863ad7c92b181
SHA256 d7df7875851b653c41ba0dc36f36bd9d6c77000dacce0c0e8afe4a462f2ce6f4
SHA512 3f8455aa67f96c1600cf6ba91713b0a607934916acb3d3a1ef45c8f541158e237341557491f0893c7be195d7044eaecd363e764c2233c107f85379c06d1c679f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d47760f40e450c087e58cec817c28a5c
SHA1 17a405a3ef8eec4f221136e229cf9c2a1288b21e
SHA256 d07443fdc2fe5464baddaefbec840f4a0b15675ba28983331ae9191eb0406ffa
SHA512 d7d5fe1069d71bb640b9a64f757e29e66a4f3a48828ab16e2494527013f69a2886e4ec2ee15f7042a96f349136cc007060823e3bb3cb03469ed8747bbbace82a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d4c4d156b402873e549954e6cf35d76e
SHA1 72eea28390e99cce727288b7594636201466c9e6
SHA256 7ddec67b87a6152e9ac3eb6d50afc37ddd3080fd2360971f83a655359e5d6388
SHA512 6145a7cfb646bcfec6f892c01a305ebef4e7600494661a949a892d87404fee06e4d70e4d49d9406cf30dc107bbe45bc2ee0d2d7b24a281c4d52d7a539a2b1f20

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bbf176f4018a8604a3b04d3a1f3eddaf
SHA1 bf704cd69b0b187ebccc64de7357ae83d60fae8f
SHA256 8cc5ece162be4712d9ed48d5af7d8f7c2e635a8960b300249b3d94c6b52eadff
SHA512 996ef8293d1afcd00402ad479213deb9daafc191f9a48feda8a58e73fdcb33006cf3abfa57d0eb504b79cb8d11c1f507dcbecda1da7113dc041520825ab563a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 82d60294a31baf78c98e6f35762617d7
SHA1 8aa50d9916a5af7470d55a2de7b0b04c554ef11a
SHA256 9b2e2f17ba529108720c8d3fc981a1e3c08bfb2e98954f7b3edf0ab2bf1e5063
SHA512 85ce7380b3f6e1f9ab84b36e0dd38cefb1c544bcea09cd25df90aee3e1fab02406b5be2497e52129a84c42eab00c07f697487708d08db7dda39803a9e46e05a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 96a92d44fa98c40d9482dffcbbc5f01c
SHA1 95aa57576d776da5b0764d37902937c9c896f0fa
SHA256 ba0e4e14ec00540afb7c664020a4b5cf0ed12ea0ee1c32677a2584e30c4b872c
SHA512 87bc7a8731b84efcc522e5dab4315a8525615b5c44c8b767ce29e83fb38152d405fe43ac1d17e01735198702f824b63fdf34c6e8816d36b9e665d219b1b73d3d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\45c3e5c0-d461-4ece-9f7e-8f68ae0432fa.tmp

MD5 8e9e3640e8bcd70f71ad678fca2bcfac
SHA1 39cb4e081d2a057f5b976099bb5e0b46727f469a
SHA256 29fab1b9ce90a7fc4a7c63ac4d78e983a71977bc68a24bd38291cbff6da3b920
SHA512 e1d331a1cd850a355078f05ae481e29b8508ce85921c662a5005f0caf6f8717d0773fa5ec801afaba7937615af5a1c74a407494bd3377eb3e71fb1869b3f643c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 3e161eb8b6341a9b1c369e504299efe0
SHA1 d8f2da7ba98695167c76e0cc29fe6b9714581b7c
SHA256 e8aecb13554ac557c19172b64f76d3347400c645f9127d93527a38506727286f
SHA512 91447f0f9c25818d4ae3fb36eec37d882a73fc5cc8ffd0936b26c3e5729cf910826ec597f9d364d1664ed18f21599b7fcc12291236465ac418f2ab27b77a34bd

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-10 19:38

Reported

2024-06-10 19:41

Platform

win10v2004-20240508-en

Max time kernel

51s

Max time network

54s

Command Line

"C:\Users\Admin\AppData\Local\Temp\modest-menu.exe"

Signatures

Identifies VirtualBox via ACPI registry values (likely anti-VM)

evasion
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A

Checks BIOS information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A

Themida packer

themida
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A

Processes

C:\Users\Admin\AppData\Local\Temp\modest-menu.exe

"C:\Users\Admin\AppData\Local\Temp\modest-menu.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp

Files

memory/840-0-0x00007FF701300000-0x00007FF703D0F000-memory.dmp

memory/840-1-0x00007FFDA3C10000-0x00007FFDA3C12000-memory.dmp

memory/840-2-0x00007FF701300000-0x00007FF703D0F000-memory.dmp

memory/840-3-0x00007FF701300000-0x00007FF703D0F000-memory.dmp

memory/840-4-0x00007FF701300000-0x00007FF703D0F000-memory.dmp

memory/840-5-0x00007FF701300000-0x00007FF703D0F000-memory.dmp

memory/840-6-0x00007FF701300000-0x00007FF703D0F000-memory.dmp

memory/840-7-0x00007FF701300000-0x00007FF703D0F000-memory.dmp

memory/840-8-0x00007FF701300000-0x00007FF703D0F000-memory.dmp