Malware Analysis Report

2024-10-10 08:10

Sample ID 240610-ycm6xsycnm
Target download_v1.0.0.zip
SHA256 75a3295f8c688359fcb7555b80e3f71ee42c5ac1d4525a39b2571107acf06a45
Tags
themida evasion trojan
score
9/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
9/10

SHA256

75a3295f8c688359fcb7555b80e3f71ee42c5ac1d4525a39b2571107acf06a45

Threat Level: Likely malicious

The file download_v1.0.0.zip was found to be: Likely malicious.

Malicious Activity Summary

themida evasion trojan

Identifies VirtualBox via ACPI registry values (likely anti-VM)

Checks BIOS information in registry

Themida packer

Checks whether UAC is enabled

Suspicious use of NtSetInformationThreadHideFromDebugger

Unsigned PE

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-10 19:38

Signatures

Themida packer

themida
Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-10 19:38

Reported

2024-06-10 19:41

Platform

win7-20240215-en

Max time kernel

57s

Max time network

140s

Command Line

"C:\Users\Admin\AppData\Local\Temp\modest-menu.exe"

Signatures

Identifies VirtualBox via ACPI registry values (likely anti-VM)

evasion
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A

Checks BIOS information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A

Themida packer

themida
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2744 wrote to memory of 1904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2520 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2520 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2520 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Users\Admin\AppData\Local\Temp\modest-menu.exe

"C:\Users\Admin\AppData\Local\Temp\modest-menu.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef67d9758,0x7fef67d9768,0x7fef67d9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1132 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1528 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1624 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2264 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2272 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1300 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3180 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3200 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3548 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3568 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3444 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3724 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=1936 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2540 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=1968 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=780 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3548 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=840 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=3656 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4144 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=3756 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=3948 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1096 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=3584 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=3860 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=3908 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=4240 --field-trial-handle=1336,i,501354045266461341,12909156021211767685,131072 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
N/A 224.0.0.251:5353 udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 id.google.com udp
NL 142.250.179.195:443 id.google.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.179.246:443 i.ytimg.com tcp
GB 142.250.179.246:443 i.ytimg.com tcp
GB 142.250.179.246:443 i.ytimg.com tcp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.212.206:443 www.youtube.com tcp
GB 216.58.212.206:443 www.youtube.com udp
GB 142.250.179.246:443 i.ytimg.com udp
US 8.8.8.8:53 waa-pa.clients6.google.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 172.217.169.42:443 waa-pa.clients6.google.com tcp
GB 216.58.204.66:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 142.250.180.10:443 jnn-pa.googleapis.com tcp
GB 172.217.169.42:443 waa-pa.clients6.google.com udp
GB 142.250.180.10:443 jnn-pa.googleapis.com udp
GB 216.58.204.66:443 googleads.g.doubleclick.net udp
GB 172.217.169.46:443 play.google.com udp
NL 142.250.179.195:443 id.google.com udp
US 8.8.8.8:53 superuser.com udp
US 172.64.144.177:443 superuser.com tcp
US 172.64.144.177:443 superuser.com tcp
US 8.8.8.8:53 apps.identrust.com udp
IE 2.18.24.9:80 apps.identrust.com tcp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 cdn.sstatic.net udp
GB 142.250.200.10:443 ajax.googleapis.com tcp
US 172.64.147.34:443 cdn.sstatic.net tcp
US 172.64.147.34:443 cdn.sstatic.net tcp
US 172.64.147.34:443 cdn.sstatic.net tcp
US 172.64.147.34:443 cdn.sstatic.net tcp
US 172.64.147.34:443 cdn.sstatic.net tcp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 104.19.178.52:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 www.gravatar.com udp
US 192.0.73.2:443 www.gravatar.com tcp
US 192.0.73.2:443 www.gravatar.com tcp
US 192.0.73.2:443 www.gravatar.com tcp
US 192.0.73.2:443 www.gravatar.com tcp
US 192.0.73.2:443 www.gravatar.com tcp
US 8.8.8.8:53 pub.doubleverify.com udp
US 104.18.166.224:443 pub.doubleverify.com tcp
US 104.19.178.52:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 qa.sockets.stackexchange.com udp
US 172.64.152.233:443 qa.sockets.stackexchange.com tcp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 104.18.32.137:443 geolocation.onetrust.com tcp
US 104.18.166.224:443 pub.doubleverify.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 104.18.166.224:443 pub.doubleverify.com tcp
US 104.18.166.224:443 pub.doubleverify.com udp
US 8.8.8.8:53 stackoverflow-privacy.my.onetrust.com udp
US 172.64.155.119:443 stackoverflow-privacy.my.onetrust.com tcp
US 8.8.8.8:53 4fc8b8c58d6d40b01492b9e0c4ca11e6.safeframe.googlesyndication.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
GB 172.217.169.65:443 4fc8b8c58d6d40b01492b9e0c4ca11e6.safeframe.googlesyndication.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 community.spiceworks.com udp
US 45.60.13.212:443 community.spiceworks.com tcp
US 45.60.13.212:443 community.spiceworks.com tcp
GB 216.58.212.195:80 www.gstatic.com tcp
US 45.60.13.212:443 community.spiceworks.com tcp
US 45.60.13.212:443 community.spiceworks.com tcp
US 45.60.13.212:443 community.spiceworks.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 global.discourse-cdn.com udp
US 8.8.8.8:53 cdn.ziffstatic.com udp
US 8.8.8.8:53 cdn.static.zdbb.net udp
US 8.8.8.8:53 sea1.discourse-cdn.com udp
DE 143.204.98.70:443 global.discourse-cdn.com tcp
DE 143.204.98.70:443 global.discourse-cdn.com tcp
DE 143.204.98.70:443 global.discourse-cdn.com tcp
DE 143.204.98.70:443 global.discourse-cdn.com tcp
DE 143.204.98.70:443 global.discourse-cdn.com tcp
DE 143.204.98.70:443 global.discourse-cdn.com tcp
SE 92.123.135.82:443 cdn.static.zdbb.net tcp
BE 2.17.196.144:443 cdn.ziffstatic.com tcp
BE 2.17.196.144:443 cdn.ziffstatic.com tcp
BE 2.17.196.144:443 cdn.ziffstatic.com tcp
BE 2.17.196.144:443 cdn.ziffstatic.com tcp
DE 18.245.86.42:443 sea1.discourse-cdn.com tcp
DE 18.245.86.42:443 sea1.discourse-cdn.com tcp
DE 18.245.86.42:443 sea1.discourse-cdn.com tcp
DE 18.245.86.42:443 sea1.discourse-cdn.com tcp
DE 18.245.86.42:443 sea1.discourse-cdn.com tcp
DE 18.245.86.42:443 sea1.discourse-cdn.com tcp
BE 2.17.196.144:443 cdn.ziffstatic.com udp
US 104.19.178.52:443 cdn.cookielaw.org tcp
US 104.18.32.137:443 stackoverflow-privacy.my.onetrust.com tcp
US 104.19.178.52:443 cdn.cookielaw.org tcp
DE 143.204.98.70:443 global.discourse-cdn.com udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
DE 13.224.186.120:443 c.amazon-adsystem.com tcp
DE 18.245.86.42:443 sea1.discourse-cdn.com udp
DE 13.224.186.120:443 c.amazon-adsystem.com tcp
DE 143.204.98.70:443 global.discourse-cdn.com udp
US 45.60.13.212:443 community.spiceworks.com tcp
US 45.60.13.212:443 community.spiceworks.com tcp
US 8.8.8.8:53 avatars.discourse-cdn.com udp
US 8.8.8.8:53 emoji.discourse-cdn.com udp
NL 185.172.149.104:443 emoji.discourse-cdn.com tcp
NL 185.172.149.104:443 emoji.discourse-cdn.com tcp
US 104.18.166.224:443 pub.doubleverify.com udp
US 8.8.8.8:53 privacyportal.onetrust.com udp
US 8.8.8.8:53 zdbb.net udp
US 104.18.32.137:443 privacyportal.onetrust.com tcp
US 8.8.8.8:53 gurgle.spiceworks.com udp
IE 63.34.2.42:443 zdbb.net tcp
US 44.205.212.213:443 gurgle.spiceworks.com tcp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 api.rlcdn.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
DE 13.224.186.120:443 c.amazon-adsystem.com tcp
DE 162.19.138.82:443 id5-sync.com tcp
US 34.120.133.55:443 api.rlcdn.com tcp
DE 18.245.31.65:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
DE 108.138.8.164:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
FR 2.23.118.34:443 secure.cdn.fastclick.net tcp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 hb.minutemedia-prebid.com udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 104.18.36.155:443 htlb.casalemedia.com tcp
NL 185.64.189.112:443 hbopenbid.pubmatic.com tcp
DE 3.124.64.248:443 tlx.3lift.com tcp
IE 52.19.15.175:443 hb.minutemedia-prebid.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 8.8.8.8:53 gurgle.zdbb.net udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 44.205.212.213:443 gurgle.zdbb.net tcp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
NL 185.64.189.112:443 hbopenbid.pubmatic.com tcp
US 104.18.36.155:443 htlb.casalemedia.com tcp
US 8.8.8.8:53 cm.g.doubleclick.net udp
GB 216.58.213.2:443 cm.g.doubleclick.net tcp
US 8.8.8.8:53 aa.agkn.com udp
DE 3.127.112.86:443 aa.agkn.com tcp
US 8.8.8.8:53 stags.bluekai.com udp
BE 23.55.96.210:443 stags.bluekai.com tcp
US 8.8.8.8:53 d2697e31d19ae15a3a0bf53ccbf7ec22.safeframe.googlesyndication.com udp
GB 172.217.169.65:443 d2697e31d19ae15a3a0bf53ccbf7ec22.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 jogger.zdbb.net udp
SE 92.123.135.82:443 cdn.static.zdbb.net tcp
US 8.8.8.8:53 tags.bkrtx.com udp
US 8.8.8.8:53 idsync.rlcdn.com udp
US 3.212.181.63:443 jogger.zdbb.net tcp
FR 23.217.254.57:443 tags.bkrtx.com tcp
US 35.244.174.68:443 idsync.rlcdn.com tcp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 cdn.ampproject.org udp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 142.250.69.3:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 dsum.casalemedia.com udp
US 8.8.8.8:53 eb2.3lift.com udp
US 8.8.8.8:53 image8.pubmatic.com udp
US 76.223.111.18:443 eb2.3lift.com tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
US 104.18.36.155:443 dsum.casalemedia.com udp
US 8.8.8.8:53 match.adsrvr.org udp
US 52.223.40.198:443 match.adsrvr.org tcp
US 8.8.8.8:53 sync-tm.everesttech.net udp
US 151.101.2.49:443 sync-tm.everesttech.net tcp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
US 142.250.69.3:443 beacons.gcp.gvt2.com tcp
NL 185.172.149.104:443 emoji.discourse-cdn.com tcp

Files

memory/3012-0-0x000000013FB50000-0x000000014255F000-memory.dmp

memory/3012-1-0x0000000076FB0000-0x0000000076FB2000-memory.dmp

memory/3012-4-0x000000013FB50000-0x000000014255F000-memory.dmp

memory/3012-3-0x000000013FB50000-0x000000014255F000-memory.dmp

memory/3012-2-0x000000013FB50000-0x000000014255F000-memory.dmp

memory/3012-6-0x000000013FB50000-0x000000014255F000-memory.dmp

memory/3012-7-0x000000013FB50000-0x000000014255F000-memory.dmp

memory/3012-5-0x000000013FB50000-0x000000014255F000-memory.dmp

memory/3012-8-0x000000013FB50000-0x000000014255F000-memory.dmp

\??\pipe\crashpad_2744_OKSBXQQXYYIRCQME

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a9881d06cdc8ef4316a683d28f73df0b
SHA1 f2924029ef9d3ff87790cd334d17a3a82020bbd4
SHA256 dad1054f4c5ee62316ae37b00fb88e4db6e7941eb782af2f4da134b940c0e578
SHA512 4956e9ee1e66f57768d87e4145900695def4d192c1daed8399c1d53fa65cc5f1c7e99375997867a89f97009504b0dd9dedb659cdd5087c8184693ed491f4da71

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf770196.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8b441696b8938b90916dbfea2688f952
SHA1 1bff6ba2e055a604a081de94d0436ec5cabbcb9b
SHA256 58fe8b872f317c1ca2cf6a50ac82fc51a8ba29f2046b9cbe857c7cd223318987
SHA512 283f0c9f7bb70320b86a9c96d88a7a207fcbc1f06828859edeafdcdb2f7fe28401e36638762517d25136a33c5d8d2a41fb3b24a6bf151b0f291bda0f66eb7470

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 144bd20e19ef5b025015a870bd890ef5
SHA1 9e16b2bf9feea2fd6ebe0c498a92797e086c219d
SHA256 9dfd5553c6984f2f1607f5602f8ff383dc14e3ca6f130c3ca0f55aba8cde083f
SHA512 1cb38c7c799909bd1ccb11610d96b2db0136aacb41c85f5255f3d56e6b5907b603388a7fad3b78fbdf4e78b53a3e3e87dc5c602ba101b94d53a8606a2fa9ce0e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ae1bccd6831ebfe5ad03b482ee266e4f
SHA1 01f4179f48f1af383b275d7ee338dd160b6f558a
SHA256 1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649
SHA512 baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 fcf95336898aed942ab0d0c08742163d
SHA1 d7159e1226c78fb656c38fb5a107439e44e04ddf
SHA256 a8d8f81ebf633426752db4905195e1c5a148e596a3ca5b3655e9434db5bea8e7
SHA512 db850f2b204e20ab86d07dd0138af148d87f7f27ad436ab80c8525554023f40035409a355dbc5ecd1f8d343cea7ccc935fb3c1dccb388bd3f89a9f2f09851c2f

C:\Users\Admin\AppData\Local\Temp\Cab2DD6.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar2F63.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4cb8c2f84dd0f0e032d54da0a7922643
SHA1 65108de69db2da633520c91909dd1caaf1aeb2f5
SHA256 24e41025054b1b033b9c8bf8dde147eb5392a9b253266c70aefae787b446e066
SHA512 e2407da248fa0bc694620ab3143ec4be3f0b7164dc286c4d07b4a37570dbf275cf8a1a6ed4634c33169377749b9b7d78d303109eaf69f776eff00c83cfd2ee5d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 551be7d793b9e6b89d39d73d2d5a7587
SHA1 b683b08a968ff99186f86fb1646d44d6558366c9
SHA256 d3d519238dd847fac083f32de278f167745e9695346591d6b111b601151c802b
SHA512 a2d39fa701d39169fbc1e9d9f916df298cbafc6739f6329a48ccff0cf45533ca62dc44a5d3cbe4dcb6f30db30dc4de674411906477a48c715e3ebdee595d2754

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 44b56c1079d87eca159fc30e4734e53b
SHA1 ea0b115ee4b5974ba888a676442396339d303d9a
SHA256 6a9a2f6866e05e106d95b5587abdb73526eb4d441974b0a38d03475ef23db974
SHA512 7cf7eb0daaf666fc4c758280576a88eadc6421665d6af519c5007c68776fedc9dc582f24f2f6ef41a7ca9dd78873f945aefc5557fe7d49f129a65552eefa0977

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a9b71a39f1b378eb6e9a4bd44c8cd880
SHA1 53fcd64bff1a145e276271e29b578cf5ba0509dd
SHA256 9a0d4cb76c824d9d9a3ac263b59e4ade6a58b5c34a0cca4c5b2dbfa175fce501
SHA512 4242e7f497a194580e0a0c6f6bf9ad20c665efd2ff89b15ba73b5aec6dfc7a42397c1513332850ecd40d7e7f93a188a978a1543efd09f3d374238c6648de911b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 61211dbc386d2eb846f99a875181fbbf
SHA1 ff3047b36c49f28e6f383397b043dcbf92377b5e
SHA256 a045fed34695181bd726b80daad5ecb49a78089ec106a8e3ea41ceefdf3e7aaf
SHA512 5f85d0971bc3197c00529a9677500a18e7ea6a195d6cbe528ff34ad262f04ee77f6116b7ecadefbe5ea1baae3b5708893aefab915c0c81e22b876728c85f311a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bb88ca6888f8babab7238f2915685736
SHA1 3c369b355cfefe3b26baf5be89363d9ce325bde7
SHA256 068502b190bd3bc9a59ee28594349b8197d113a421c5f28bd944ce430eba8151
SHA512 d1419d7e4acc613adfc622a241b9bdc4d9b4ca09cfd06c0fdbf9cd0615ceb7b34db4f9f401c9abcdafcba4d419eac4a4c6992a0f52469672435d758e1d2dcbbf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 957597d9b358be40278645fba25c711b
SHA1 0f023203d4df081a5bf104f9d949a4bb4145ad74
SHA256 d6c87402bcaea48f0b49a5613681062e921e973aa595b5c2abf062f5d74774a4
SHA512 104f51cfc29c0a128474b3cdb02fa20e20c339dffb3080f5910c961acfdada822b50ee4eb1e967a07c46d3ce42dda825465936a026d4bef6fc0dec1f69446de5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 548daf7f22b54858e279b703e0e8f52c
SHA1 abef14fd79ab38d3090a0c84013e845247df036c
SHA256 03ecb33dafbb2d366bd741f17447a7be4b5548e337710a0f36b81ebd4052ce37
SHA512 be39de673cccbfa5d67fe11f33189bf8875517b950a43db9be0da10351e3e3bf153dbce1135bcd6fc1975c91c3af40da1375723d78cf698dfaf7877522afe424

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 dc674c50494c6502f00a819b89633338
SHA1 8dcf77eedafe8d8292ae73bb70f0b8409d2471bc
SHA256 b109e45a8ddb8936a009ae045fc0039795e16584e7de45d039c5a40f61606fbe
SHA512 0dfc242fde3e687156ef25dec2306c0ca279ee01e0306062d0a4fd70189861b65924c0e1b165a2a5bd50728c37012279fdb1a48eaa7d9788e89aa463148162b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 60d4d9463ec89c07f911cee55a85475f
SHA1 3fabfb72aae7537824d2647ea94b75e61da43262
SHA256 c5713190cb5c0e8aa140c0e71f719e8183f3b70d061b52f0225f61f52ee2fdea
SHA512 ef4b5bb7fba601671e1785ca27781a6688f06d2e24dd851a4ae6e8324c0c314c950d733758019e83638c768f48091ae863d2c6cb7ee7a284f7780c76626b9ada

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 68f7e5b60b125664263d7344afad0d59
SHA1 980d21135aaf02d61674b1f056adb5cdd3ac78f3
SHA256 3187fa3a5fa555dc2ed7502a87cb837cd286d0ef9261a9d54cd57fbc8ed69f03
SHA512 e77db5bb42cffa2f5d3aa9faa642e3cb120505a88ee7c7229f507992aca5a3de91cc5c324600d6844a5e8d82447b6cbd8d4d81f65e1b966a6f3d0c1d57696b56

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0c48b8cf333629a7c03b4d9fb871f2d5
SHA1 b11e3ea8a93642f12ac8b96409671d0849fcd592
SHA256 49fe4f183d2788eca0d63e5a1ddb9128c13fd14848e2046ba2733f1087ded291
SHA512 89bb7f1a81953cfb25eaade6c9251dd9145553aa3f420d4ac290e113b05c1b345e259a0fcd365df5e9892ba90f17c375c28fcbe3056a97ed5a831fd45fd9078d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 4f9d58547367f284c0fa5c840c00b329
SHA1 afdf5a998830ad8bea4d57ad8cb3882ac911b43f
SHA256 3104d7911ad5190e95f4bcc647740dcc286325ca7a57f46510cd7970aeced0cd
SHA512 7d21bdf059b4cbb5a1203c8c7333ea91118bab3b6d935f59e7e89637eb31d2a28d69033ce8501431dfbcccdb6df1f05d86cc4d99af01c68270a5577b795eb350

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 c0a9ea2eae24b63270f8d9d520265eb6
SHA1 431881fefbca79ed838d8ca7b203d127969ff938
SHA256 834be103b06246087719777d344de665a3a7ec7ded8167f6a70fa6602066ee6f
SHA512 f81f21b671fa150a8ec36f1cb499db74d0043d9ace273cf6ab4078d8a427e55310b5e5e78899bd805b7f63fac9a877a5ef976398fcd5603631924aa0585d9b35

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 3c74232a93d7721bd3319ad15af6a2d6
SHA1 c05fcf6c55261c12906ece903132cfbe9fd93f8e
SHA256 8e8b9617d11ad0b0ee99918551e0533d68b498e52ed56df2142a996b033fe283
SHA512 ef5741af4d0804a1c7756e25c4cdbc028b5c34a9f154f0f15fdca943af9ef3429bba80f0e100d2927fe392f5acd35b6e4448dfec4b0388650d5a88730de2bf78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 d19f357145a2ee96291ea0f34504aa36
SHA1 26ffce889eacbee5c4e96fd8b61c2ebd84cd1730
SHA256 f085d23e60e753705381c1861cb512e90305651e4107b9a3db6529367e7ccce6
SHA512 25987b8c3d8c56b26039c6f1e46eba6161739c93b81434822b0c85282310b63387e9c2f9af5de6dd7812ddf1eaf1491b10467c8fb1f1c285783ffac2f3496efc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

MD5 52c11498c7b62200b2eaad6e044a3a9c
SHA1 053e3c71de096a11aa3403ec3747ae21be8026b4
SHA256 19fefaa1afb5eabbca7e26bf75082224c4343acc80d295eb1f8b637cc94f0c75
SHA512 245f3bb8d4c340ca4db5e2c17b67273ebdffe4525e454d415415d2e7f4c95418508679cdb28762825556046a32be4b6ade933010c60bfa2117497c3c3548c3f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 b22571ee44ef2080016c1e6c6648845a
SHA1 115d6df805a78462f7c750a861922b0e2abd0de7
SHA256 adf2381b1e610d05bcb0c9e03798e4dfcfe77d10d136ff5a4d8226fec19334bb
SHA512 4015ffa6a08e42d85157cb216e995d6cd6a7fbf408dd13abc2a18f15e46dd3e0f1ee2d2b5676770ff23a1db0a5b2a1b74b6c6104299575e076ea0a31a3f10750

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

MD5 f5c51a791c3385a1d6365385d41587b5
SHA1 510a673c9479e26b9b9f1933782c8a14a848b04e
SHA256 f387f3a4730972f5113754c6ca6a500fc74b07c2127870655f49a82e58e83f93
SHA512 aa46539dfc1679189195bd320a9b3c8076517f8f3f5df684ce16152c22d6fd9f0efd74c01898d3b6a6e7aaba4d63152078cbaec2df3754a8037bb0aa054ac60e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

MD5 0bd999c2c81bf947c534fbfc130b85e1
SHA1 73e080f025b01ae0450a041552743ab1cf452cbc
SHA256 7bef6271860d665d878fed0e709398a6026940a3a7408d9137e4f9f54af469c0
SHA512 7e1e0e37e6ca88d56a36b4858a7d1c8b0a550f0a0211802c956f4351053f3ce0d36cc06e0413d838c89510421ff4907682424217f1356f9b66ae567a3730c27f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 bcc4b91575004b43a8d8784b3ce12385
SHA1 d3248f3bdaea64ee97ba0196051000c31abffa38
SHA256 ccaebf2f7e94b54ccd54438896cc4c3867be5dc986527cc71f57a9404d07af41
SHA512 a1c3dc049ca0252a442cd9fcd7ca4786c43b9d0086b6a1273c224c476e613c53f4966c88b6c5350e026da1e27ec977e3ee6a9b53d33eea9995480d4b41e7e98e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c091f907bf0978ddfedd2b6ec9d0fe34
SHA1 ab01af0b09350fca9d25ff69bbd73e4e9596ef42
SHA256 63826eec94288376516b0f771033a7097cac78d2e23383fd66316832bb5c2b77
SHA512 ab3a69c66941feba1b4cb7cff3fe363db420983e0ee0804bceb24f4f1360c5199c585f02b3d9591f79f62e7513c2328bc5d1b1df051f2bdd28f3bcb1923bcd18

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e70a2e797fe3503387b2216240a40c2a
SHA1 b17eee5b12545d7eb734452954a94451fa035cdb
SHA256 d0d6b2ff27d847f6adbfb8ecd89e2c071561fe2e6295841dca5a92f3638386a4
SHA512 ce28dc6d7d3d9a22e0c01354d48c76c1c2b6b0394e700407b5d57d43e29e477513702f553ac51f6efd4edcca4cadfb73d05adea31672f250034ce85b9745881a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9b333baa3342f6d3a7acd5102852f672
SHA1 a865f2dd5e2bf1fd4a1276aa773a09075a6b1121
SHA256 0608bd82ac9153451acce0c38d9fff90ef13a2cda2a344091437254c731c9381
SHA512 2b72f5d47700c0281def1bd6cc4ba8896a5315206decef7e644f55eba2fd88f3fdda7d4d8ce1ff9e9f9854476aa2f8e5b33b637dc266059c3defd94e28d87d7d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7db5928e0f7e7f9a22671b345ef4bd67
SHA1 db156be6b68d5eb1cfd9aedf319cbb28cb4541ab
SHA256 e293e39f100596ff6d7e0fe968015ed768b98f7cc2fbe7c81f32403ba352cb62
SHA512 058bf3a818b9890fe7dc703b46372ea94e439843cdbe001a0b4d68caa53941c4664fa3b01bf2adf74306d28024822a9f6182a7ea0d78d49b1b44934cf9a3e936

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 74d026323bcff87157c4fa67f60e76d9
SHA1 0ac03941267696a1480b6272bf44d342d4a6cfc2
SHA256 1bd42d78f2e31bf80295e54850f330f3dde1a2c8cfe90f8c3135312016529a15
SHA512 c0bfaaf742cf625d8a5fa5e1f5a5fe3d6b7cf7b2cd62bc35d3d3dd5def0fba4557ee141a5bdcaea0f2df3e4ce2b90b91f88a1a9355e404e42d9a9caccac76c9b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

MD5 55540a230bdab55187a841cfe1aa1545
SHA1 363e4734f757bdeb89868efe94907774a327695e
SHA256 d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512 c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5d37a2685db2a31e04898a60882099c5
SHA1 0922d58525f3b38cfbb118c0bf934a9fcdbcb8be
SHA256 9e21c7e2063a6541f532118ae4dff6e6ed94c16069a449efc01e2901acd6d7ac
SHA512 00f8d342d3a1c7f82b07d927f5a633d6e4ef8bf8bb4abd2c6aae14c5178515c0c1adeeae4a62fc808830bc978a8d42d6f0b40495fbc8a0b4f01e8d3441b458d5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

MD5 8b3f1038cac254922c24af41879b35aa
SHA1 2f4b32c6fe73dd1a5c3fa7cf34d484fdd820cf5e
SHA256 0f083ee865952e6814a5b568b2f7df5dcebf96c8f807012e1d743665e1dc91e0
SHA512 2d9e04b15aae20bfc82aa4260f648ada004bea21ce4bad0ff02b8a0f0f74b1ad88350a32a836f5e8b7f09131c2f53ae88c281e8ca8e75a5805e75a7a4e62f7a0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8406c46c7c6daa09f80a39f30ac7c9d8
SHA1 00149b372dd5c434c78d5d61d8bafa25c57ece71
SHA256 2cbf6c25d612befd8eca0a22d54bef8f8f15a7ad575de29476fd64487e84fe12
SHA512 1ca2f76fbe58974621e72d3e42c748ffecdf88e31702c38c30ad1c2cc1773ea39ed07fab4ef9d34d0e02858c61e884dc7c31310a55538cd5a3462f5335ae8f46

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 de3140fc20fb94747c57f50f3ae9e98e
SHA1 cd10f8dff9dc39f5114d822864f4d2ec2b470c86
SHA256 e2e4c0acb1010490a9c6c97906f4199a4935da105ee6abea172b7ab83c563454
SHA512 06652de3a41d124a22d8d6e9584a8ab455a4db27a4db4ba4a84e9d2a705176e3f56a208d45fae27fd8ce2b096a631869ca5fefefbe11b19e57e6fa3994e5ab2f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 4bd85b719e1a640d79199a1f4cf3af96
SHA1 b809e587502737fe03f1200295fbab4008e452bd
SHA256 d6e59aeb1f0a8a3a777444e9d376c8effcaf4dca8d41b99f94904e44536dc29b
SHA512 6a869953f1d38cefeb5a9bec8de4d3f8adda00210d558a4694c60f8252f2aa4b71b7776d20a676241751916452253f965f5e2f36a8e8b0a6765e11094bb4ad24

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9186aa35d93462f422dae3f11c321ec4
SHA1 cb6a0510cb9541dc8edf492aeaa5ea3da9efa7db
SHA256 7aa0f8b1bdad1b60c985787f624b4407a1e84bd8a353251a919e2ebf305df4bb
SHA512 2907ab48a67537d67cb1d6e8746b5525e633dda83a9e7b2844d815697619530ad01f73efb8db908caaa689ce6fafd2dd49e684178c630c2244c99d0cbc33791c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 48b749d19edb08f51b39efb328194656
SHA1 b61b594c87b799a9a881d37ca0ca195bf9b5cb1c
SHA256 f2af6f9326b2a68eb5213c3823bf83e5b59624143424c9d90b06eb175fd395b7
SHA512 c6ba980057da211afbb13af3bc632c2f67a53ec67293058e7d66e0796b49b6fc110d1ceb5804763f3d4216639479484a1454a2992f2b91a270d388d09e5ef7b8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 17f43cd668d75d42880ef2a8e30eeaae
SHA1 ca98eecbf4bdb1313d23a7a83745d0f44d4ee206
SHA256 89eeb60e7e3958787fc25e6e925af5b313b729bd9eb693139dd0ba864f102a21
SHA512 ec8c515de86e080adde21ba8bf12c50bc4c29d6ef3835a4cb2630f060564534e779c3271d8433be6f7406bc0eeee2900a3cf0761c39bf8f0b94f0a9dc5a7687e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ad7e04d9e59b3159a067bbbb93ec643b
SHA1 803e0fce4ffc8811db5a583e4e52923acbc02e89
SHA256 8edf267eb17217a0e07b41ee6653939c41f1e6bc40a97b554771d937be11387c
SHA512 ccfc9e00e1712fead1714bc30627ca7ddcd9365a8346e3c0511f3a5b42095bbab5b4d6ba440f89b35343f4f18925de13ff5045a381e7cbe0ab9da8fa9a38d587

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 aba544062cee2a3bb8c56ac8383d6c33
SHA1 7a72252a6039f4a4e8f109d848c0bf696e88bcc7
SHA256 685a59a21707556a3cfe3f40cde862b1266474bafd9f9dc618274ea50a7daaad
SHA512 18cdcec94f9a0d195eed32066a5cc617f72ffa055567e3b18f074f3f41185c6df8793c03be81f8dc59df582656b75480d709646b62774ebd16b794e5207f06aa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c31ba8543131635468fd5ec23260131f
SHA1 3a0913399841a0e464e197eec05d9322301bfbe3
SHA256 7239c13fcc7fec165897e20594d085f1836659a1965d91361c266e0e4a3d38c2
SHA512 c0824f9bb0156ee780931f7e28bcaab43d55c3f6c27b8f9e08a512a9e699b2e73c25befe4a16bfb2e1efec0409e1b6deba8a9bab9ae0f5b0574483563cee01b1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8e0cfd78aae9bc652d9fa131835e6906
SHA1 19fd71f69cd61f936b8ab1c9d3d0e3ae6d6cf4e3
SHA256 3a13e63bbcd7a8e1775c16d0094fe66a10417a151a4b0be7dd3006d74d28cdce
SHA512 3d900897470378a7e03772f05ae66d8972a78a5c9a5a6be066912f5a1b1e8ec0a9a719e2a7bb934c88dfd36e44a1dbd1c5fde7dffa9511539ac6607a01ee5c75

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a5f3afe89ce7b1a20726ca568df6760f
SHA1 e6aa38139516e591ee1bbc74ab6d2e704ab2de5d
SHA256 4e120aa859875cc380aa6ba259cbd99e8954d8da45473b40f4aa03d5b3087b38
SHA512 90e7ce8b054463ebac59e80d2abdeb2e20d6fd0bcf4ee71a2865cba1615d23a27e8bf57d552eb03c5950a5c76b1e90b923c47537d40d29aea6616be40cfd7ebc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2187cf8c00ab6b1d964040329a3bd18a
SHA1 30ea8a34085de4e8f92cf0db11f1c4f8b5e9125b
SHA256 e314582fca4bc1554aefa27cd6ba9fff6893e4b494480533c83e642036131479
SHA512 30e76c86f24254b29ab6a3a684a9b857ff750404cadd4755b580590ba399f7f047c1018b32bd5b58bbf610fc9f450541b782897c752ec5ad3a3df6426490a989

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0e51918954b0b90538d924fd3f15ccc8
SHA1 11b64b5fd38e2ce09441cf1ff2c27fb23f2ad9c5
SHA256 9199217a470aa0870d70ae0c01e5a1aa991ac0d3c3d3ba7eab6af5377480cab3
SHA512 ba4cf597c2a3a5ceca5d73886ea42f57037f450d6fec063e89ce3fcb49c445a7a72abfe313d3f03ce42dd26f47f6b0aaccb2c6e24af1d7fed9be7e0a02feb72a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 305ece427544a4f91b6564b7dcca97c6
SHA1 37d15b3a8312a6eced8cfef82f7811fef13a28eb
SHA256 765f3fd016c0ee6563044569bfe9f00538560baf0415b51516a3635f8e07e00e
SHA512 0d9a7493850e48530d4146dc2c81076ee490391d8ee2ec58e2084c3fe85e62a50b5458450f422e3e8cabddb6ce45766e8126f5e3dbaf9a5c627d5537ee0b00e1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e10b26e3072d9d811f1dddb1d7247f2d
SHA1 ab7400160b04ca89fed1e2618ca87ddd956992f7
SHA256 1b7f18da6d9260a743b73a13bbfdf6b9ea0c0d457c33456dee07445ee3e2067d
SHA512 e838008266e40390b60754e5d264a8dcd7ad33c6db3b214a42565ab0afa84bbf69e3024b00136bb3e9ca0f460953b7f5d8cf02ab992c92961453cf6ab8f1b1bf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f0e0bfab83d1bf8f5bbd214193b0706f
SHA1 ff741a29ce601a1806021781b6fa5c45a88d511f
SHA256 e9b9fd37df6c99334a8de883dc5f44a6aba2548262c668d31fd0031c4ba0a6da
SHA512 49cde3b5ca42aa7c2a3b6eb1b1efa61ecb2b7f460819455f316b8c21e6c4292e563cce8116976c999c8b3fe1b7977ca30ec248116b41bc9256bbbe85108fd912

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ac23fc0da610c79fe05c4be090b7233c
SHA1 1a1bec1fa1f1692c6185b54d2bf863ad7c92b181
SHA256 d7df7875851b653c41ba0dc36f36bd9d6c77000dacce0c0e8afe4a462f2ce6f4
SHA512 3f8455aa67f96c1600cf6ba91713b0a607934916acb3d3a1ef45c8f541158e237341557491f0893c7be195d7044eaecd363e764c2233c107f85379c06d1c679f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d47760f40e450c087e58cec817c28a5c
SHA1 17a405a3ef8eec4f221136e229cf9c2a1288b21e
SHA256 d07443fdc2fe5464baddaefbec840f4a0b15675ba28983331ae9191eb0406ffa
SHA512 d7d5fe1069d71bb640b9a64f757e29e66a4f3a48828ab16e2494527013f69a2886e4ec2ee15f7042a96f349136cc007060823e3bb3cb03469ed8747bbbace82a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d4c4d156b402873e549954e6cf35d76e
SHA1 72eea28390e99cce727288b7594636201466c9e6
SHA256 7ddec67b87a6152e9ac3eb6d50afc37ddd3080fd2360971f83a655359e5d6388
SHA512 6145a7cfb646bcfec6f892c01a305ebef4e7600494661a949a892d87404fee06e4d70e4d49d9406cf30dc107bbe45bc2ee0d2d7b24a281c4d52d7a539a2b1f20

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bbf176f4018a8604a3b04d3a1f3eddaf
SHA1 bf704cd69b0b187ebccc64de7357ae83d60fae8f
SHA256 8cc5ece162be4712d9ed48d5af7d8f7c2e635a8960b300249b3d94c6b52eadff
SHA512 996ef8293d1afcd00402ad479213deb9daafc191f9a48feda8a58e73fdcb33006cf3abfa57d0eb504b79cb8d11c1f507dcbecda1da7113dc041520825ab563a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 82d60294a31baf78c98e6f35762617d7
SHA1 8aa50d9916a5af7470d55a2de7b0b04c554ef11a
SHA256 9b2e2f17ba529108720c8d3fc981a1e3c08bfb2e98954f7b3edf0ab2bf1e5063
SHA512 85ce7380b3f6e1f9ab84b36e0dd38cefb1c544bcea09cd25df90aee3e1fab02406b5be2497e52129a84c42eab00c07f697487708d08db7dda39803a9e46e05a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 96a92d44fa98c40d9482dffcbbc5f01c
SHA1 95aa57576d776da5b0764d37902937c9c896f0fa
SHA256 ba0e4e14ec00540afb7c664020a4b5cf0ed12ea0ee1c32677a2584e30c4b872c
SHA512 87bc7a8731b84efcc522e5dab4315a8525615b5c44c8b767ce29e83fb38152d405fe43ac1d17e01735198702f824b63fdf34c6e8816d36b9e665d219b1b73d3d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\45c3e5c0-d461-4ece-9f7e-8f68ae0432fa.tmp

MD5 8e9e3640e8bcd70f71ad678fca2bcfac
SHA1 39cb4e081d2a057f5b976099bb5e0b46727f469a
SHA256 29fab1b9ce90a7fc4a7c63ac4d78e983a71977bc68a24bd38291cbff6da3b920
SHA512 e1d331a1cd850a355078f05ae481e29b8508ce85921c662a5005f0caf6f8717d0773fa5ec801afaba7937615af5a1c74a407494bd3377eb3e71fb1869b3f643c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 3e161eb8b6341a9b1c369e504299efe0
SHA1 d8f2da7ba98695167c76e0cc29fe6b9714581b7c
SHA256 e8aecb13554ac557c19172b64f76d3347400c645f9127d93527a38506727286f
SHA512 91447f0f9c25818d4ae3fb36eec37d882a73fc5cc8ffd0936b26c3e5729cf910826ec597f9d364d1664ed18f21599b7fcc12291236465ac418f2ab27b77a34bd

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-10 19:38

Reported

2024-06-10 19:41

Platform

win10v2004-20240508-en

Max time kernel

51s

Max time network

54s

Command Line

"C:\Users\Admin\AppData\Local\Temp\modest-menu.exe"

Signatures

Identifies VirtualBox via ACPI registry values (likely anti-VM)

evasion
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A

Checks BIOS information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A

Themida packer

themida
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\modest-menu.exe N/A

Processes

C:\Users\Admin\AppData\Local\Temp\modest-menu.exe

"C:\Users\Admin\AppData\Local\Temp\modest-menu.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp

Files

memory/840-0-0x00007FF701300000-0x00007FF703D0F000-memory.dmp

memory/840-1-0x00007FFDA3C10000-0x00007FFDA3C12000-memory.dmp

memory/840-2-0x00007FF701300000-0x00007FF703D0F000-memory.dmp

memory/840-3-0x00007FF701300000-0x00007FF703D0F000-memory.dmp

memory/840-4-0x00007FF701300000-0x00007FF703D0F000-memory.dmp

memory/840-5-0x00007FF701300000-0x00007FF703D0F000-memory.dmp

memory/840-6-0x00007FF701300000-0x00007FF703D0F000-memory.dmp

memory/840-7-0x00007FF701300000-0x00007FF703D0F000-memory.dmp

memory/840-8-0x00007FF701300000-0x00007FF703D0F000-memory.dmp