Analysis Overview
Threat Level: Likely malicious
The file https://github.com/Vencord/Installer/releases/latest/download/VencordInstaller.exe was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Reads local data of messenger clients
Checks computer location settings
Executes dropped EXE
Loads dropped DLL
Adds Run key to start application
Legitimate hosting services abused for malware hosting/C2
Drops file in System32 directory
Drops file in Program Files directory
Enumerates physical storage devices
Command and Scripting Interpreter: PowerShell
Checks processor information in registry
Suspicious use of SetWindowsHookEx
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Suspicious behavior: LoadsDriver
Modifies registry class
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Modifies registry key
Suspicious behavior: EnumeratesProcesses
Checks SCSI registry key(s)
Modifies data under HKEY_USERS
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-12 14:16
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-12 14:16
Reported
2024-06-12 14:35
Platform
win10v2004-20240611-en
Max time kernel
1143s
Max time network
1139s
Command Line
Signatures
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\Update.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\Update.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\Update.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\Update.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\Update.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Reads local data of messenger clients
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Discord = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\Update.exe\" --processStart Discord.exe" | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Discord = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\Update.exe\" --processStart Discord.exe" | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Discord = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\Update.exe\" --processStart Discord.exe" | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Discord = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\Update.exe\" --processStart Discord.exe" | C:\Windows\System32\reg.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping4148_1498332668\_platform_specific\win_x64\widevinecdm.dll.sig | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| File created | C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping4148_1498332668\LICENSE | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| File created | C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping4148_1498332668\_metadata\verified_contents.json | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| File created | C:\Program Files\chrome_url_fetcher_4148_1193341671\neifaoindggfcjicffkgpmnlppeffabd_1.0.2738.0_win64_kj4dp5kifwxbdodqls7e5nzhtm.crx3 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| File created | C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping4148_1486203332\Google.Widevine.CDM.dll | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| File created | C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping4148_1486203332\_metadata\verified_contents.json | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| File created | C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping4148_1498332668\_platform_specific\win_x64\widevinecdm.dll | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| File created | C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping4148_1498332668\manifest.json | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| File created | C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping4148_1498332668\manifest.fingerprint | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| File created | C:\Program Files\chrome_url_fetcher_4148_915748561\oimompecagnajdejgnnjijobebaeigek_4.10.2710.0_win64_adsurwm4gclupf32xdrpgdnapira.crx3 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| File created | C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping4148_1486203332\manifest.json | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| File created | C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping4148_1486203332\manifest.fingerprint | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
Command and Scripting Interpreter: PowerShell
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord\DefaultIcon\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9149\\Discord.exe\",-1" | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2080292272-204036150-2159171770-1000\{DFF8436E-E8B1-4A02-8093-4A4D406255CB} | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord\shell\open\command | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord\ = "URL:Discord Protocol" | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9149\\Discord.exe\" --url -- \"%1\"" | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2080292272-204036150-2159171770-1000\{AFE9459E-3E84-4B89-BE90-96E3D5E0A181} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord\DefaultIcon | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord\DefaultIcon\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9148\\Discord.exe\",-1" | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord\ = "URL:Discord Protocol" | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord\shell\open\command | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord\DefaultIcon | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord\URL Protocol | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord\DefaultIcon | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord\DefaultIcon\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9148\\Discord.exe\",-1" | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord\shell | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9148\\Discord.exe\" --url -- \"%1\"" | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9148\\Discord.exe\" --url -- \"%1\"" | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord\shell\open\command | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord\ = "URL:Discord Protocol" | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord\shell\open | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord\URL Protocol | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Discord\URL Protocol | C:\Windows\System32\reg.exe | N/A |
Modifies registry key
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\VencordInstaller.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\VencordInstaller.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\VencordInstaller.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\VencordInstaller.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\VencordInstaller.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\VencordInstaller.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\VencordInstaller.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\VencordInstaller.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\VencordInstaller (1).exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/Vencord/Installer/releases/latest/download/VencordInstaller.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffeea1eab58,0x7ffeea1eab68,0x7ffeea1eab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1700 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2224 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3036 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3044 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4700 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4864 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4900 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5252 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5240 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5144 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4684 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5400 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5048 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5452 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4304 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3288 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5068 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5040 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2f8 0x310
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3252 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5020 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5060 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4924 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5144 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5076 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5340 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Users\Admin\Downloads\DiscordSetup.exe
"C:\Users\Admin\Downloads\DiscordSetup.exe"
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
"C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe" --install .
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe" --squirrel-install 1.0.9148
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9148 --annotation=plat=Win64 --annotation=prod=Electron --annotation=ver=28.2.10 --initial-client-data=0x50c,0x510,0x514,0x4fc,0x518,0x7ff760273108,0x7ff760273114,0x7ff760273120
C:\Users\Admin\AppData\Local\Discord\Update.exe
C:\Users\Admin\AppData\Local\Discord\Update.exe --createShortcut Discord.exe --setupIcon C:\Users\Admin\AppData\Local\Discord\app.ico
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1864 --field-trial-handle=1868,i,10750232650111515221,17167847544544215207,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:2
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=sentry-ipc --mojo-platform-channel-handle=2536 --field-trial-handle=1868,i,10750232650111515221,17167847544544215207,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:8
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord /d "\"C:\Users\Admin\AppData\Local\Discord\Update.exe\" --processStart Discord.exe" /f
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /ve /d "URL:Discord Protocol" /f
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /v "URL Protocol" /f
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\DefaultIcon /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe\",-1" /f
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\shell\open\command /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe\" --url -- \"%1\"" /f
C:\Users\Admin\AppData\Local\Discord\Update.exe
"C:\Users\Admin\AppData\Local\Discord\Update.exe" --processStart Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe"
C:\Users\Admin\AppData\Local\Discord\Update.exe
"C:\Users\Admin\AppData\Local\Discord\Update.exe" --processStart Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe"
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9148 --annotation=plat=Win64 --annotation=prod=Electron --annotation=ver=28.2.10 --initial-client-data=0x500,0x504,0x508,0x4f4,0x50c,0x7ff760273108,0x7ff760273114,0x7ff760273120
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2436 --field-trial-handle=2440,i,3501611754729408972,7043781750723606184,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:2
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --mojo-platform-channel-handle=2580 --field-trial-handle=2440,i,3501611754729408972,7043781750723606184,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:8
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=0 --gpu-device-id=0 --gpu-sub-system-id=0 --gpu-revision=0 --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2744 --field-trial-handle=2440,i,3501611754729408972,7043781750723606184,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:8
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /ve /d "URL:Discord Protocol" /f
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\resources\app.asar" --no-sandbox --no-zygote --first-renderer-process --autoplay-policy=no-user-gesture-required --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3204 --field-trial-handle=2440,i,3501611754729408972,7043781750723606184,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:1
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9148 --annotation=plat=Win64 --annotation=prod=Electron --annotation=ver=28.2.10 --initial-client-data=0x4cc,0x4e8,0x4ec,0x4e4,0x4f0,0x7ff760273108,0x7ff760273114,0x7ff760273120
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /v "URL Protocol" /f
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1984 --field-trial-handle=1988,i,15959859906465113138,11003912271228419291,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:2
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=sentry-ipc --mojo-platform-channel-handle=1624 --field-trial-handle=1988,i,15959859906465113138,11003912271228419291,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:8
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\DefaultIcon /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe\",-1" /f
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\shell\open\command /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe\" --url -- \"%1\"" /f
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --mojo-platform-channel-handle=3340 --field-trial-handle=2440,i,3501611754729408972,7043781750723606184,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:8
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\Discord.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --mojo-platform-channel-handle=4200 --field-trial-handle=2440,i,3501611754729408972,7043781750723606184,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:8
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe query HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord /d "\"C:\Users\Admin\AppData\Local\Discord\Update.exe\" --processStart Discord.exe" /f
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9149 --annotation=plat=Win64 --annotation=prod=Electron --annotation=ver=28.2.10 --initial-client-data=0x50c,0x510,0x514,0x4f4,0x518,0x7ff7c0373108,0x7ff7c0373114,0x7ff7c0373120
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1916 --field-trial-handle=1920,i,7733277616820647986,14487116339294346560,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:2
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --mojo-platform-channel-handle=2488 --field-trial-handle=1920,i,7733277616820647986,14487116339294346560,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:8
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=0 --gpu-device-id=0 --gpu-sub-system-id=0 --gpu-revision=0 --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2700 --field-trial-handle=1920,i,7733277616820647986,14487116339294346560,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:8
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /ve /d "URL:Discord Protocol" /f
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\resources\app.asar" --no-sandbox --no-zygote --first-renderer-process --autoplay-policy=no-user-gesture-required --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3172 --field-trial-handle=1920,i,7733277616820647986,14487116339294346560,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:1
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /v "URL Protocol" /f
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\DefaultIcon /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe\",-1" /f
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\shell\open\command /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe\" --url -- \"%1\"" /f
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "chcp"
C:\Windows\system32\chcp.com
chcp
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\resources\app.asar" --no-sandbox --no-zygote --autoplay-policy=no-user-gesture-required --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=4016 --field-trial-handle=1920,i,7733277616820647986,14487116339294346560,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --enable-node-leakage-in-renderers /prefetch:1
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\resources\app.asar" --no-sandbox --no-zygote --autoplay-policy=no-user-gesture-required --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4024 --field-trial-handle=1920,i,7733277616820647986,14487116339294346560,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --enable-node-leakage-in-renderers /prefetch:1
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --mojo-platform-channel-handle=4088 --field-trial-handle=1920,i,7733277616820647986,14487116339294346560,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:8
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --mojo-platform-channel-handle=4260 --field-trial-handle=1920,i,7733277616820647986,14487116339294346560,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:8
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe
"\\?\C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe" nvidia
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe
"\\?\C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe" amd
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe
"\\?\C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe" intel
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c ""C:\Windows/System32/nvidia-smi.exe""
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://discordapp.com/handoff?rpc=6463&key=3dbd0306-6c34-4196-afbf-7ab5535ffea9
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffed1df46f8,0x7ffed1df4708,0x7ffed1df4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,13026174867226580093,11486333320731588493,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,13026174867226580093,11486333320731588493,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2148,13026174867226580093,11486333320731588493,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2828 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,13026174867226580093,11486333320731588493,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,13026174867226580093,11486333320731588493,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3572 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,13026174867226580093,11486333320731588493,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2148,13026174867226580093,11486333320731588493,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5244 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2148,13026174867226580093,11486333320731588493,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5256 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1740 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=4956 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=4936 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4872 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5800 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=4636 --field-trial-handle=1920,i,7733277616820647986,14487116339294346560,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=5660 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=5032 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:1
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\resources\app.asar" --enable-sandbox --autoplay-policy=no-user-gesture-required --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3720 --field-trial-handle=1920,i,7733277616820647986,14487116339294346560,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --enable-node-leakage-in-renderers /prefetch:1
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\resources\app.asar" --enable-sandbox --autoplay-policy=no-user-gesture-required --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3664 --field-trial-handle=1920,i,7733277616820647986,14487116339294346560,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --enable-node-leakage-in-renderers /prefetch:1
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe query HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord /d "\"C:\Users\Admin\AppData\Local\Discord\Update.exe\" --processStart Discord.exe" /f
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://support.discord.com/hc/en-us/articles/6181726888215
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffed1df46f8,0x7ffed1df4708,0x7ffed1df4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,9734938017665514199,313130186829061543,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2280 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,9734938017665514199,313130186829061543,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2348 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,9734938017665514199,313130186829061543,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2796 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,9734938017665514199,313130186829061543,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,9734938017665514199,313130186829061543,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,9734938017665514199,313130186829061543,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,9734938017665514199,313130186829061543,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,9734938017665514199,313130186829061543,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3948 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,9734938017665514199,313130186829061543,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,9734938017665514199,313130186829061543,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5584 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,9734938017665514199,313130186829061543,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5584 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,9734938017665514199,313130186829061543,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5096 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,9734938017665514199,313130186829061543,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,9734938017665514199,313130186829061543,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,9734938017665514199,313130186829061543,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5488 /prefetch:1
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\resources\app.asar" --enable-sandbox --autoplay-policy=no-user-gesture-required --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4908 --field-trial-handle=1920,i,7733277616820647986,14487116339294346560,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --enable-node-leakage-in-renderers /prefetch:1
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe query HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord /d "\"C:\Users\Admin\AppData\Local\Discord\Update.exe\" --processStart Discord.exe" /f
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\VencordInstaller.exe
"C:\Users\Admin\Downloads\VencordInstaller.exe"
C:\Users\Admin\Downloads\VencordInstaller.exe
"C:\Users\Admin\Downloads\VencordInstaller.exe"
C:\Users\Admin\Downloads\VencordInstaller.exe
"C:\Users\Admin\Downloads\VencordInstaller.exe"
C:\Users\Admin\Downloads\VencordInstaller.exe
"C:\Users\Admin\Downloads\VencordInstaller.exe"
C:\Users\Admin\Downloads\VencordInstaller.exe
"C:\Users\Admin\Downloads\VencordInstaller.exe"
C:\Users\Admin\Downloads\VencordInstaller.exe
"C:\Users\Admin\Downloads\VencordInstaller.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,9734938017665514199,313130186829061543,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4252 /prefetch:2
C:\Users\Admin\AppData\Local\Discord\Update.exe
"C:\Users\Admin\AppData\Local\Discord\Update.exe" --processStart Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe"
C:\Users\Admin\AppData\Local\Discord\Update.exe
"C:\Users\Admin\AppData\Local\Discord\Update.exe" --processStart Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe"
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9149 --annotation=plat=Win64 --annotation=prod=Electron --annotation=ver=28.2.10 --initial-client-data=0x4f0,0x4f4,0x4f8,0x4e8,0x4fc,0x7ff7c0373108,0x7ff7c0373114,0x7ff7c0373120
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1836 --field-trial-handle=1840,i,11397296037831452804,17331715698157245695,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:2
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=sentry-ipc --mojo-platform-channel-handle=2416 --field-trial-handle=1840,i,11397296037831452804,17331715698157245695,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:8
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9149 --annotation=plat=Win64 --annotation=prod=Electron --annotation=ver=28.2.10 --initial-client-data=0x4e0,0x4e4,0x4e8,0x4d4,0x4ec,0x7ff7c0373108,0x7ff7c0373114,0x7ff7c0373120
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2104 --field-trial-handle=2108,i,4302970140538075063,9364015875116813608,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:2
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=sentry-ipc --mojo-platform-channel-handle=2512 --field-trial-handle=2108,i,4302970140538075063,9364015875116813608,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:8
C:\Users\Admin\Downloads\VencordInstaller.exe
"C:\Users\Admin\Downloads\VencordInstaller.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=4980 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=976 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4884 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1840 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5704 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5132 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5728 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Users\Admin\Downloads\VencordInstaller.exe
"C:\Users\Admin\Downloads\VencordInstaller.exe"
C:\Users\Admin\AppData\Local\Discord\Update.exe
"C:\Users\Admin\AppData\Local\Discord\Update.exe" --processStart Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe"
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9149 --annotation=plat=Win64 --annotation=prod=Electron --annotation=ver=28.2.10 --initial-client-data=0x4d8,0x4dc,0x4e0,0x4cc,0x4e4,0x7ff7c0373108,0x7ff7c0373114,0x7ff7c0373120
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1868 --field-trial-handle=1872,i,14674796806962482100,11587003947119081156,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:2
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=sentry-ipc --mojo-platform-channel-handle=2468 --field-trial-handle=1872,i,14674796806962482100,11587003947119081156,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=5000 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5496 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6060 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4892 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6156 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6036 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5648 --field-trial-handle=1868,i,11949764984556258450,9337657608628985436,131072 /prefetch:8
C:\Users\Admin\Downloads\VencordInstaller (1).exe
"C:\Users\Admin\Downloads\VencordInstaller (1).exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 10.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 133.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| NL | 23.62.61.57:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 57.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| GB | 142.250.178.14:443 | encrypted-tbn1.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn1.gstatic.com | tcp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.187.238:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | cdn.prod.website-files.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | global.localizecdn.com | udp |
| US | 162.159.135.232:443 | discord.com | udp |
| US | 104.18.34.227:443 | cdn.prod.website-files.com | tcp |
| US | 104.18.4.175:443 | global.localizecdn.com | tcp |
| US | 8.8.8.8:53 | d3e54v103j8qbb.cloudfront.net | udp |
| CH | 13.224.98.50:443 | d3e54v103j8qbb.cloudfront.net | tcp |
| US | 104.18.34.227:443 | cdn.prod.website-files.com | udp |
| US | 8.8.8.8:53 | assets.website-files.com | udp |
| CH | 18.165.183.60:443 | assets.website-files.com | tcp |
| CH | 18.165.183.60:443 | assets.website-files.com | tcp |
| CH | 18.165.183.60:443 | assets.website-files.com | tcp |
| CH | 18.165.183.60:443 | assets.website-files.com | tcp |
| CH | 18.165.183.60:443 | assets.website-files.com | tcp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.135.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.34.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.4.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.98.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.133.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.133.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.133.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.133.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.133.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.133.233:443 | cdn.discordapp.com | tcp |
| US | 8.8.8.8:53 | 60.183.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.133.159.162.in-addr.arpa | udp |
| US | 104.18.34.227:443 | cdn.prod.website-files.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 104.18.4.175:443 | global.localizecdn.com | udp |
| CH | 18.165.183.60:443 | assets.website-files.com | tcp |
| GB | 142.250.200.46:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| CH | 13.224.98.50:443 | d3e54v103j8qbb.cloudfront.net | tcp |
| US | 8.8.8.8:53 | sentry.io | udp |
| US | 35.186.247.156:443 | sentry.io | tcp |
| US | 8.8.8.8:53 | dl.discordapp.net | udp |
| US | 104.18.52.172:443 | dl.discordapp.net | tcp |
| US | 8.8.8.8:53 | 156.247.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.52.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| GB | 142.250.187.195:443 | update.googleapis.com | tcp |
| GB | 142.250.187.195:443 | update.googleapis.com | tcp |
| US | 8.8.8.8:53 | updates.discord.com | udp |
| US | 162.159.136.232:443 | updates.discord.com | tcp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.136.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.35.104.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dl.discordapp.net | udp |
| US | 104.18.48.115:443 | dl.discordapp.net | tcp |
| US | 104.18.48.115:443 | dl.discordapp.net | tcp |
| US | 104.18.48.115:443 | dl.discordapp.net | tcp |
| US | 104.18.48.115:443 | dl.discordapp.net | tcp |
| GB | 142.250.187.195:443 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | 115.48.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 162.159.136.232:443 | updates.discord.com | tcp |
| US | 8.8.8.8:53 | discordapp.com | udp |
| US | 8.8.8.8:53 | discordapp.com | udp |
| US | 162.159.130.233:443 | discordapp.com | udp |
| US | 162.159.130.233:443 | discordapp.com | tcp |
| US | 8.8.8.8:53 | 233.130.159.162.in-addr.arpa | udp |
| US | 104.18.48.115:443 | dl.discordapp.net | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 162.159.130.233:443 | discordapp.com | tcp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| US | 162.159.135.234:443 | tcp | |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.135.159.162.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| N/A | 127.0.0.1:6463 | tcp | |
| N/A | 127.0.0.1:6463 | tcp | |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 74.125.175.135:443 | udp | |
| US | 8.8.8.8:53 | 135.175.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| GB | 142.250.200.14:443 | www.youtube.com | udp |
| GB | 74.125.175.134:443 | udp | |
| US | 8.8.8.8:53 | 134.175.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 142.250.187.195:443 | update.googleapis.com | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 162.159.133.233:443 | discordapp.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn3.gstatic.com | udp |
| GB | 142.250.178.14:443 | encrypted-tbn3.gstatic.com | udp |
| GB | 142.250.180.14:443 | encrypted-tbn2.gstatic.com | tcp |
| GB | 142.250.180.14:443 | encrypted-tbn2.gstatic.com | tcp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| GB | 172.217.16.225:443 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | en.wikipedia.org | udp |
| NL | 185.15.59.224:443 | en.wikipedia.org | tcp |
| NL | 185.15.59.224:443 | en.wikipedia.org | tcp |
| US | 8.8.8.8:53 | upload.wikimedia.org | udp |
| US | 8.8.8.8:53 | login.wikimedia.org | udp |
| US | 8.8.8.8:53 | meta.wikimedia.org | udp |
| NL | 185.15.59.240:443 | upload.wikimedia.org | tcp |
| NL | 185.15.59.240:443 | upload.wikimedia.org | tcp |
| NL | 185.15.59.240:443 | upload.wikimedia.org | tcp |
| NL | 185.15.59.240:443 | upload.wikimedia.org | tcp |
| NL | 185.15.59.240:443 | upload.wikimedia.org | tcp |
| NL | 185.15.59.240:443 | upload.wikimedia.org | tcp |
| US | 8.8.8.8:53 | 224.59.15.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.59.15.185.in-addr.arpa | udp |
| US | 162.159.133.233:443 | discordapp.com | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 104.19.230.21:443 | udp | |
| US | 8.8.8.8:53 | 21.230.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | stun.l.google.com | udp |
| US | 74.125.250.129:19302 | udp | |
| US | 8.8.8.8:53 | stun.l.google.com | udp |
| US | 8.8.8.8:53 | 129.250.125.74.in-addr.arpa | udp |
| US | 104.19.230.21:443 | udp | |
| US | 104.19.229.21:443 | udp | |
| US | 8.8.8.8:53 | 21.229.19.104.in-addr.arpa | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 74.125.250.129:19302 | udp | |
| US | 8.8.8.8:53 | stun.l.google.com | udp |
| US | 8.8.8.8:53 | dl.discordapp.net | udp |
| US | 162.159.130.234:443 | tcp | |
| US | 104.18.48.115:443 | dl.discordapp.net | tcp |
| US | 162.159.128.233:443 | discord.com | udp |
| US | 8.8.8.8:53 | 234.130.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.128.159.162.in-addr.arpa | udp |
| US | 162.159.133.233:443 | discordapp.com | udp |
| US | 162.159.129.235:443 | tcp | |
| NL | 35.214.208.163:50001 | udp | |
| NL | 35.214.221.167:50003 | udp | |
| NL | 35.214.201.74:50003 | udp | |
| NL | 35.214.180.75:50002 | udp | |
| NL | 35.214.194.214:50001 | udp | |
| DE | 35.207.71.218:50004 | udp | |
| DE | 35.207.145.35:50002 | udp | |
| DE | 66.22.243.165:50002 | udp | |
| DE | 66.22.243.193:50003 | udp | |
| DE | 66.22.243.15:50004 | udp | |
| IT | 35.219.254.233:50004 | udp | |
| IT | 66.22.238.147:50002 | udp | |
| IT | 35.219.242.221:50001 | udp | |
| IT | 35.219.231.131:50003 | udp | |
| IT | 35.219.252.135:50004 | udp | |
| ES | 34.0.217.60:50001 | udp | |
| ES | 34.0.204.193:50004 | udp | |
| ES | 34.0.205.60:50001 | udp | |
| ES | 34.0.193.212:50002 | udp | |
| ES | 34.0.192.121:50003 | udp | |
| SE | 66.22.237.152:50002 | udp | |
| SE | 66.22.237.153:50002 | udp | |
| SE | 66.22.237.41:50004 | udp | |
| SE | 66.22.237.138:50004 | udp | |
| SE | 66.22.237.8:50003 | udp | |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 235.129.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.208.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.221.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.201.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.180.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.194.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.71.207.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.145.207.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 165.243.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.243.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.254.219.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.243.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.238.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.242.219.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.231.219.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 135.252.219.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.217.0.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.204.0.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.205.0.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.193.0.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.192.0.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.237.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.237.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.237.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.237.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.237.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | support.discord.com | udp |
| US | 162.159.137.232:443 | support.discord.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.17.2.184:443 | challenges.cloudflare.com | tcp |
| US | 104.17.2.184:443 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | 232.137.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.2.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.zdassets.com | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.19.177.52:443 | cdn.cookielaw.org | tcp |
| US | 104.19.177.52:443 | cdn.cookielaw.org | tcp |
| US | 104.18.70.113:443 | static.zdassets.com | tcp |
| US | 8.8.8.8:53 | hammerandchisel.zendesk.com | udp |
| US | 104.19.177.52:443 | cdn.cookielaw.org | tcp |
| US | 104.16.51.111:443 | hammerandchisel.zendesk.com | tcp |
| US | 8.8.8.8:53 | status.discord.com | udp |
| US | 162.159.138.232:443 | status.discord.com | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | 52.177.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.70.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.51.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.138.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | ekr.zdassets.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 104.18.70.113:443 | ekr.zdassets.com | tcp |
| US | 104.16.51.111:443 | hammerandchisel.zendesk.com | tcp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 162.159.133.233:443 | discordapp.com | udp |
| US | 162.159.135.234:443 | tcp | |
| US | 104.19.229.21:443 | udp | |
| US | 104.19.230.21:443 | udp | |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 162.159.133.234:443 | tcp | |
| US | 162.159.128.233:443 | status.discord.com | udp |
| US | 8.8.8.8:53 | 234.133.159.162.in-addr.arpa | udp |
| US | 162.159.133.233:443 | discordapp.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| NL | 35.214.238.59:50001 | udp | |
| NL | 35.214.211.3:50003 | udp | |
| NL | 66.22.196.4:50003 | udp | |
| NL | 35.214.134.163:50002 | udp | |
| NL | 35.214.138.117:50001 | udp | |
| DE | 35.207.110.97:50004 | udp | |
| DE | 35.207.81.249:50002 | udp | |
| DE | 66.22.243.45:50002 | udp | |
| DE | 66.22.243.188:50003 | udp | |
| DE | 66.22.243.14:50004 | udp | |
| IT | 35.219.252.135:50004 | udp | |
| IT | 35.219.231.60:50002 | udp | |
| IT | 66.22.238.35:50001 | udp | |
| IT | 35.219.235.32:50003 | udp | |
| IT | 35.219.247.35:50004 | udp | |
| ES | 34.0.209.92:50001 | udp | |
| ES | 34.0.200.74:50004 | udp | |
| ES | 34.0.205.60:50001 | udp | |
| ES | 34.0.212.174:50002 | udp | |
| ES | 34.0.202.34:50003 | udp | |
| SE | 66.22.237.159:50002 | udp | |
| SE | 66.22.237.41:50002 | udp | |
| SE | 66.22.237.143:50004 | udp | |
| SE | 66.22.237.39:50004 | udp | |
| SE | 66.22.237.152:50003 | udp | |
| US | 8.8.8.8:53 | 59.238.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.211.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.196.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.134.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.138.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.110.207.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.81.207.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 45.243.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 188.243.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.243.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.231.219.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.238.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.235.219.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.200.0.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.209.0.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.247.219.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.212.0.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.202.0.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.237.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.237.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.237.22.66.in-addr.arpa | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 162.159.129.233:443 | discordapp.com | udp |
| US | 8.8.8.8:53 | 233.129.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | en.wikipedia.org | udp |
| NL | 185.15.59.224:443 | en.wikipedia.org | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 162.159.130.233:443 | discordapp.com | udp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cxcs.microsoft.net | udp |
| BE | 104.68.66.114:443 | cxcs.microsoft.net | tcp |
| NL | 23.62.61.57:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 114.66.68.104.in-addr.arpa | udp |
Files
\??\pipe\crashpad_804_DKVNZNAUUHTQDOOA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\Downloads\Unconfirmed 447790.crdownload
| MD5 | 1b8ee61ddcfd1d425821d76ea54ca829 |
| SHA1 | f8daf2bea3d4a6bfc99455d69c3754054de3baa5 |
| SHA256 | dc0826657a005009f43bdc3a0933d08352f8b22b2b9b961697a2db6e9913e871 |
| SHA512 | 75ba16ddc75564e84f5d248326908065942ad50631ec30d7952069caee15b8c5411a8802d25d38e9d80e042f1dde97a0326f4ab4f1c90f8e4b81396ca69c229a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 65838eb4c3cd460ad365533f819f7f73 |
| SHA1 | a02abb6509c1498816b236acde2c0d3bf3590d3e |
| SHA256 | 6092cce896520cdc46125c5920b86cbb18390d8a881a0b79892b064f0199d1d3 |
| SHA512 | 1bfd1f69ea4f6cca03f36379df550d9228229cd1666583abde854b0ea10f833b9e8d391fa7640e955d7e3ddaa5ff212956b28e574111f37c8c2db418c5ca9a7f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b888582a9a4ab8449c15e3f8be1a88d5 |
| SHA1 | dcfbe8bda36d6c892661ad289643083dc8a5bfce |
| SHA256 | 99ca3712634805b66fe971b6a2307785a90c98b400ce0292d2b457370b5c2b5d |
| SHA512 | d47cbcc791848ee95701c5278ab9c8491f01ea4860550035ad3e318e4402d3213fba74e433fae68b73ad44c118f3c8c6dbad8b59b9669a4adbbae934570081d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d05cd4c0dd388ea695289e5efafcd713 |
| SHA1 | 4b709836af8e6fd1e5a8a07e857b4e91034a7184 |
| SHA256 | 8bf58da1ee25a4d14ff92eb9d2a926f8c507bd8fdf6159c6fc53fd7b70b5d92a |
| SHA512 | 18c85c82feafe69f2ccf6bfa8819c3be98a596fc88751bb3cd14e0b0352cf29e4c0f8f35dcc40e0ee6e8b82ebcdcc05c599f6d3799e5ba1d0437b04ff67d06f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 2081c0994fb32b320e759363b91d0a83 |
| SHA1 | c1ba4c79b0bc6a23c0bae85b03b886e4dbf91375 |
| SHA256 | ffb279816939dd3c16ace5abc786139bbf2d85159d4903aefb25c11e167baf7a |
| SHA512 | 394eadfa0cefdcecd262403728e6f9d6f3a03cb8bd2036052cd8464d8dc20d22e62f8c1740eebdfc0e740f9c84ca62b040da1f3ab66c86754901a9b035c9a173 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ad47cb3bc60cbc309bd07f1b49b9cc2b |
| SHA1 | 407162e65b08eb03de7353c97db4ab0c01cd4baa |
| SHA256 | fcfeb4d483c6af068174000d118b153912e851fd429a50c971dced30f98bef92 |
| SHA512 | 98f11b5a347c3b541c00be510e4b264c483ea5a84a16eaa8dab6ff1e9771e0f87a5934526b3f9f6cf3df0aacacafcc4d7ccf6948cd85c91775631f83c5b2a049 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 50815f03492d194f59ee9cce5aa30d62 |
| SHA1 | 915658d468957b2fb78c5bbf77ab88720e61bea2 |
| SHA256 | 130aa9cfcdd1754ea4b39d1079a422f43cc2d679158e7325411a770f49b064ea |
| SHA512 | e972c7a46c0c0871ce3bb66ff16e3fec65ff45f7bdbe9ea1c42d3fe4c2525865fc1d8838e37c928c5663f7bd6c80a9323cdb1391329788c2ca571072d786e2df |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57b229.TMP
| MD5 | fc1111d0103bd6497d60afd9f0cbb91b |
| SHA1 | 2cd020219afabcffdffa0bd964f1e92c55e5f4a7 |
| SHA256 | 2860d0c3116bdf34ed7f0dd766c236ca8b874a564a15f11e2c3a0b24866baf05 |
| SHA512 | aa06e54ad8fb8b429ebeb51d6d4ceecc94bb58771d27a17aa57633f2780103ba4b84459c00f863a13e55baab62c5d41b1ea99893525940f66026c6c10584e542 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 424ada022386e6c6eba9f02ddc27d329 |
| SHA1 | 656b961b1a7e04f621c64cec4454dbb2bc040680 |
| SHA256 | 7831e9e965745e5f6886c33bd1a8cb36e851210d74f02a14d91c255aebb1b36c |
| SHA512 | 005f688db3436ec72ee959a53e247e961452f10c53122414666b084f90f8ca96f6aae82357506cbc1b3edf4b6b1dfa0a966d49906184c06f08e7581f4f2310c7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 999a5074537ba498d80678c998fe8c47 |
| SHA1 | 93de93f6ede7f7789216471b67f2b516effa0fb9 |
| SHA256 | 09d691f9cac9ace8e75c2bd3e1b41fe852c49a4b8b8390692d4d6b5b9a045af8 |
| SHA512 | cdfa97848b26ee8092e869a0ba9aaed2591d74a338df5e57b034477660a73a39d398043863469731427f3be9e93826cb9f1988cc428125eae113ba363a3ebafe |
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
| MD5 | 172a25012639d2177d4218d386953f6d |
| SHA1 | f7a937a8d9fa267cf2cfd9f7ebfbbef0618c91f5 |
| SHA256 | 59b4c3fd71a9d602778ac9479c101c87c9ec0ef28d9a986c6222ed965cad21c8 |
| SHA512 | c8d318e3eb81928d1e781182fc59a57395353443e9d33548316238f3cafcbb2de40e0978d17147a5a3a021b168f24144222246d2749dca1a4a10bff3662a0a80 |
memory/1992-433-0x0000000000A80000-0x0000000000BF6000-memory.dmp
C:\Users\Admin\AppData\Local\SquirrelTemp\RELEASES
| MD5 | a7657c3d29ffa0c38fa0710c4a057a18 |
| SHA1 | 5300f1c026ad4858951eb8b38c1eda03369f2161 |
| SHA256 | 732fca23c9deaab2aec377e2bbba5905983a5545c2a8c7eecdded379b59699b6 |
| SHA512 | 886bee5b25822ada19a411eda1b5bbb98b83740a1b17d96e915dcdc0c835d81bd2d9e83cb49fc4299aac52722c51007d3ceee3229f070fa7a0accafec2c7a07c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 898a3533a79df2f93bca7448eadfc2fd |
| SHA1 | 3ab23a9d4343aa7d690dfeca8fcda59d277b946e |
| SHA256 | 23a9234e023099715a304e425d99ae38d3f85e1a1ab551fe4a1d573d2ca76312 |
| SHA512 | dadea9b2d0cb0d2916d2f41a436d6a4a5acafd55ba0fdc38231202e88926fb885598490c611f3c65b137626312357439c9a80f35038bfbbef16f510d67c6de12 |
memory/1992-622-0x0000000012710000-0x0000000012718000-memory.dmp
memory/1992-623-0x0000000012790000-0x00000000127C8000-memory.dmp
memory/1992-624-0x0000000012770000-0x000000001277E000-memory.dmp
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\ffmpeg.dll
| MD5 | 3c3f780ec6dddfc5803d19dcf0b4a0c1 |
| SHA1 | e27813b9c36539d67daba118a58038ba751c2ee5 |
| SHA256 | f51ba46aa90587df7294c216d3e0d45f5cbf3a062b04971d96d87647556fa02c |
| SHA512 | 332aa9bff4db2458b7a1742f732e501dec165236b87a062a9fef4b09b734d901d13966b18d5fbe7461b50990585a240fd8b2593def254a7d03e92269f40b8ccc |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\v8_context_snapshot.bin
| MD5 | 1e4da0bc6404552f9a80ccde89fdef2b |
| SHA1 | 838481b9e4f1d694c948c0082e9697a5ed443ee2 |
| SHA256 | 2db4a98abe705ef9bc18e69d17f91bc3f4c0f5703f9f57b41acb877100718918 |
| SHA512 | 054917652829af01977e278cd0201c715b3a1280d7e43035507e4fa61c1c00c4cd7ed521c762aebd2ea2388d33c3d4d4b16cee5072d41e960021b6f38745a417 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\icudtl.dat
| MD5 | e0f1ad85c0933ecce2e003a2c59ae726 |
| SHA1 | a8539fc5a233558edfa264a34f7af6187c3f0d4f |
| SHA256 | f5170aa2b388d23bebf98784dd488a9bcb741470384a6a9a8d7a2638d768defb |
| SHA512 | 714ed5ae44dfa4812081b8de42401197c235a4fa05206597f4c7b4170dd37e8360cc75d176399b735c9aec200f5b7d5c81c07b9ab58cbca8dc08861c6814fb28 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\resources\app.asar
| MD5 | 91a273dc1d39acad8781fecd5f57933d |
| SHA1 | 918ae121eafdae53fa029f1aece4e7dfce752112 |
| SHA256 | f819a0553fe7e04e331119cfcd6ed399a05865ff05f0434d0b2e5ef660bef2d2 |
| SHA512 | b406f7f686b56014c198e3df8d80f104cbacb3593ecd21c35003e6820b53092f7269f35d3045b7de9ea370ae258efb0d30639a494af1b59eea3f6563cbb83ef4 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\resources\build_info.json
| MD5 | 5a3e7b67737956e1e0e985788775062d |
| SHA1 | b861613a795f268ead8b990a85fda1bb3ba74a01 |
| SHA256 | 3d3f8ef59d1323705154516e73d62fa0781b19315372ac2332a82029acced2a4 |
| SHA512 | 86a45e9023b3f82d0f781e64de06d969ef427052063f3e8bf8cb508dc771299af10bcdff6a596e06094a7ad64805c04d3331e98b4d602556b5643f7c5c7546ec |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\app.ico
| MD5 | 084f9bc0136f779f82bea88b5c38a358 |
| SHA1 | 64f210b7888e5474c3aabcb602d895d58929b451 |
| SHA256 | dfcea1bea8a924252d507d0316d8cf38efc61cf1314e47dca3eb723f47d5fe43 |
| SHA512 | 65bccb3e1d4849b61c68716831578300b20dcaf1cbc155512edbc6d73dccbaf6e5495d4f95d089ee496f8e080057b7097a628cc104fa8eaad8da866891d9e3eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 26a43e2406051104ea3aee3634970a36 |
| SHA1 | 9b5f940b5286dd04358f77fd3b415ad186839ccd |
| SHA256 | 4b43b1c14fd18f1b53788eacf26035371b571af73602400167afe7c980573ff1 |
| SHA512 | 6d3b74ae6ad02e74487f1c56395940ec1c4944b3c57aa8d0129cc5678bbed4c1f3bf027af5a933c0c46b5f3a8ade035368b7a6da914611b53f09fa40bb8ca60d |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\chrome_200_percent.pak
| MD5 | 47668ac5038e68a565e0a9243df3c9e5 |
| SHA1 | 38408f73501162d96757a72c63e41e78541c8e8e |
| SHA256 | fac820a98b746a04ce14ec40c7268d6a58819133972b538f9720a5363c862e32 |
| SHA512 | 5412041c923057ff320aba09674b309b7fd71ede7e467f47df54f92b7c124e3040914d6b8083272ef9f985eef1626eaf4606b17a3cae97cfe507fb74bc6f0f89 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\resources.pak
| MD5 | e9056386a2b4edac9f0ffa829bc0cfa0 |
| SHA1 | f8d4b8289ebb088c9997a1fde1c2f12aedd6c82e |
| SHA256 | 546456d9a1328836a99876824f3beb7279f38403cd001515f5d9eb204939e57c |
| SHA512 | c49e832e5c16a1846ea882395e83f9cbe9f4f6b44be9f0c7276d0a4495b88091bd95593c5e167dba853834058d7ca823db60d2fac73434ed952b7064b2daf6da |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\locales\en-US.pak
| MD5 | 809b600d2ee9e32b0b9b586a74683e39 |
| SHA1 | 99d670c66d1f4d17a636f6d4edc54ad82f551e53 |
| SHA256 | 0db4f65e527553b9e7bee395f774cc9447971bf0b86d1728856b6c15b88207bb |
| SHA512 | 9dfbe9fe0cfa3fcb5ce215ad8ab98e042760f4c1ff6247a6a32b18dd12617fc033a3bbf0a4667321a46a372fc26090e4d67581eaab615bf73cc96cb90e194431 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\chrome_100_percent.pak
| MD5 | 4fc6564b727baa5fecf6bf3f6116cc64 |
| SHA1 | 6ced7b16dc1abe862820dfe25f4fe7ead1d3f518 |
| SHA256 | b7805392bfce11118165e3a4e747ac0ca515e4e0ceadab356d685575f6aa45fb |
| SHA512 | fa7eab7c9b67208bd076b2cbda575b5cc16a81f59cc9bba9512a0e85af97e2f3adebc543d0d847d348d513b9c7e8bef375ab2fef662387d87c82b296d76dffa2 |
memory/3900-658-0x00000000054F0000-0x0000000005510000-memory.dmp
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\libglesv2.dll
| MD5 | dff04251531a9736bbec5c5c1ab10149 |
| SHA1 | ad2f87b5979be1bc357095d5711f423c42e41ee8 |
| SHA256 | 0fc406dac7eae10fa86288d5691c6081df39b7171fcdfe73e69d8dd425e46bb3 |
| SHA512 | 7ba144932052f4fc581f1a1b535c81a4d47d0d4e2ca3a1c5098b748ff215cff8d9dd74fe2faed395cc622761ef576ce6e4a5fc028fc1594c486d90d641645b84 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\vk_swiftshader.dll
| MD5 | 700157cfec9d351080312a53b7d0efb7 |
| SHA1 | 837ed874e8cce1c4622e97c9715fce3bb9c5fb27 |
| SHA256 | 8a64ec86334666091f56e04dba1cb10389add22dc155e4c45ac6fa642cab57da |
| SHA512 | bd06ae31f7de7888f9c2bbfc229d82d593b810ff4568d4f4c22287070f9131ec33ea327db36195d3ed3c18a83aa6c576c24d22894a5c5894e8bf1c661a14c316 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\libEGL.dll
| MD5 | 880591a0884a88a60bcfd499243f14fd |
| SHA1 | b09b1c587e1b112359d9a5c63bb9e547dbbe23f6 |
| SHA256 | ecf1bdf20e961dec39e84717b653153cee4a70bd55e1d6854804652badfb80d6 |
| SHA512 | 327f1acbe7f8a955572f095e09db956b65940b1eb14b92be18be2df341aaa1dd0f0a94a00f7bef452ad8bb082550d9617f6f0aaca4801f83e94b7c3b1cf98266 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9148\d3dcompiler_47.dll
| MD5 | a7b7470c347f84365ffe1b2072b4f95c |
| SHA1 | 57a96f6fb326ba65b7f7016242132b3f9464c7a3 |
| SHA256 | af7b99be1b8770c0e4d18e43b04e81d11bdeb667fa6b07ade7a88f4c5676bf9a |
| SHA512 | 83391a219631f750499fd9642d59ec80fb377c378997b302d10762e83325551bb97c1086b181fff0521b1ca933e518eab71a44a3578a23691f215ebb1dce463d |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 65823028eba89b0168d4e5fcca06c8b7 |
| SHA1 | 13de67de2e5b305d29446a793a45f789d0f90381 |
| SHA256 | 006c37923550a7cf5d6de2ac9f0e12c47ea0283dfe0af20c8e0d479085ed33fc |
| SHA512 | 8f6853420d58747fd79d3ab9d55c72c026b22d14f388100da6dbaea39de33f27997415b8c234263b3db8e51c2547e22e36440caa2abc9d0bce3acc6e30eb9541 |
memory/1876-775-0x00000173AEDD0000-0x00000173AEDD1000-memory.dmp
memory/1876-774-0x00000173AEDD0000-0x00000173AEDD1000-memory.dmp
memory/1876-777-0x00000173AF650000-0x00000173AF652000-memory.dmp
memory/1876-791-0x00000173AF650000-0x00000173AF652000-memory.dmp
memory/1876-792-0x00000173AF650000-0x00000173AF652000-memory.dmp
memory/1876-790-0x00000173AF650000-0x00000173AF652000-memory.dmp
memory/1876-789-0x00000173AF650000-0x00000173AF652000-memory.dmp
memory/1876-788-0x00000173AF650000-0x00000173AF652000-memory.dmp
memory/1876-787-0x00000173AF650000-0x00000173AF652000-memory.dmp
memory/1876-786-0x00000173AF650000-0x00000173AF652000-memory.dmp
memory/1876-785-0x00000173AF650000-0x00000173AF652000-memory.dmp
memory/1876-784-0x00000173AF650000-0x00000173AF652000-memory.dmp
memory/1876-783-0x00000173AF650000-0x00000173AF652000-memory.dmp
memory/1876-782-0x00000173AF650000-0x00000173AF652000-memory.dmp
memory/1876-781-0x00000173AF650000-0x00000173AF652000-memory.dmp
memory/1876-780-0x00000173AF650000-0x00000173AF652000-memory.dmp
memory/1876-779-0x00000173AF650000-0x00000173AF652000-memory.dmp
memory/1876-778-0x00000173AF650000-0x00000173AF652000-memory.dmp
memory/1876-776-0x00000173AF650000-0x00000173AF652000-memory.dmp
memory/1876-773-0x00000173AEDD0000-0x00000173AEDD1000-memory.dmp
memory/944-831-0x0000020CC6EA0000-0x0000020CC6EA1000-memory.dmp
memory/944-830-0x0000020CC6EA0000-0x0000020CC6EA1000-memory.dmp
memory/944-829-0x0000020CC6EA0000-0x0000020CC6EA1000-memory.dmp
memory/944-828-0x0000020CC6EA0000-0x0000020CC6EA1000-memory.dmp
memory/944-827-0x0000020CC6EA0000-0x0000020CC6EA1000-memory.dmp
memory/944-826-0x0000020CC6EA0000-0x0000020CC6EA1000-memory.dmp
memory/944-825-0x0000020CC6EA0000-0x0000020CC6EA1000-memory.dmp
memory/5976-850-0x00007FFEF8020000-0x00007FFEF8021000-memory.dmp
memory/5976-849-0x00007FFEF77B0000-0x00007FFEF77B1000-memory.dmp
memory/5976-879-0x00000125C8DB0000-0x00000125C8DE0000-memory.dmp
C:\Users\Admin\AppData\Roaming\discord\MediaFoundationWidevineCdm\x64\1.0.2738.0\_metadata\verified_contents.json
| MD5 | 3e839ba4da1ffce29a543c5756a19bdf |
| SHA1 | d8d84ac06c3ba27ccef221c6f188042b741d2b91 |
| SHA256 | 43daa4139d3ed90f4b4635bd4d32346eb8e8528d0d5332052fcda8f7860db729 |
| SHA512 | 19b085a9cfec4d6f1b87cc6bbeeb6578f9cba014704d05c9114cfb0a33b2e7729ac67499048cb33823c884517cbbdc24aa0748a9bb65e9c67714e6116365f1ab |
C:\Users\Admin\AppData\Roaming\discord\MediaFoundationWidevineCdm\x64\1.0.2738.0\manifest.fingerprint
| MD5 | d30a5bbc00f7334eede0795d147b2e80 |
| SHA1 | 78f3a6995856854cad0c524884f74e182f9c3c57 |
| SHA256 | a08c1bc41de319392676c7389048d8b1c7424c4b74d2f6466bcf5732b8d86642 |
| SHA512 | dacf60e959c10a3499d55dc594454858343bf6a309f22d73bdee86b676d8d0ced10e86ac95ecd78e745e8805237121a25830301680bd12bfc7122a82a885ff4b |
C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping4148_1486203332\manifest.json
| MD5 | bbc03e9c7c5944e62efc9c660b7bd2b6 |
| SHA1 | 83f161e3f49b64553709994b048d9f597cde3dc6 |
| SHA256 | 6cce5ad8d496bc5179fa84af8afc568eeba980d8a75058c6380b64fb42298c28 |
| SHA512 | fb80f091468a299b5209acc30edaf2001d081c22c3b30aad422cbe6fea7e5fe36a67a8e000d5dd03a30c60c30391c85fa31f3931e804c351ab0a71e9a978cc0f |
C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping4148_1486203332\Google.Widevine.CDM.dll
| MD5 | 477c17b6448695110b4d227664aa3c48 |
| SHA1 | 949ff1136e0971a0176f6adea8adcc0dd6030f22 |
| SHA256 | cb190e7d1b002a3050705580dd51eba895a19eb09620bdd48d63085d5d88031e |
| SHA512 | 1e267b01a78be40e7a02612b331b1d9291da8e4330dea10bf786acbc69f25e0baece45fb3bafe1f4389f420ebaa62373e4f035a45e34eada6f72c7c61d2302ed |
C:\Users\Admin\AppData\Roaming\discord\component_crx_cache\neifaoindggfcjicffkgpmnlppeffabd_1.c900ba9a2d8318263fd43782ee6fd5fb50bad78bf0eb2c972b5922c458af45ed
| MD5 | f265d47475ffd3884329d92deefae504 |
| SHA1 | 98c74386481f171b09cb9490281688392eefbfdd |
| SHA256 | c900ba9a2d8318263fd43782ee6fd5fb50bad78bf0eb2c972b5922c458af45ed |
| SHA512 | 4fd27594c459fb1cd94a857be10f7d1d6216dbf202cd43e8a3fa395a268c72fc5f5c456c9cb314f2220d766af741db469c8bb106acbed419149a44a3b87619f1 |
C:\Users\Admin\AppData\Roaming\discord\component_crx_cache\oimompecagnajdejgnnjijobebaeigek_1.d9a253514b6a010dfc1916c55246797e5773f13844ea3ec2d25078e845fef760
| MD5 | 17c227679ab0ed29eae2192843b1802f |
| SHA1 | cc78820a5be29fd58da8ef97f756b5331db3c13e |
| SHA256 | d9a253514b6a010dfc1916c55246797e5773f13844ea3ec2d25078e845fef760 |
| SHA512 | 7e33288afd65948a5752323441c42fcc437d7c12d1eaf7a9b6ae1995784d0771e15637f23cc6bc958e40ea870414543d67a27b4c20331fde93d5b6dc6a59cbaf |
memory/5268-925-0x000002472AC70000-0x000002472ACA0000-memory.dmp
C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping4148_1498332668\manifest.json
| MD5 | 2648d437c53db54b3ebd00e64852687e |
| SHA1 | 66cfe157f4c8e17bfda15325abfef40ec6d49608 |
| SHA256 | 68a3d7cb10f3001f40bc583b7fff0183895a61d3bd1b7a1c34e602df6f0f8806 |
| SHA512 | 86d5c3129bec156b17b8ebd5dec5a6258e10cb426b84dd3e4af85c9c2cd7ebf4faea01fd10dd906a18ea1042394c3f41a835eae2d83dc8146dfe4b6d71147828 |
C:\Users\Admin\AppData\Roaming\discord\87d0abdb-3915-4d2a-ab9f-f88e3bfcf529.tmp
| MD5 | 58127c59cb9e1da127904c341d15372b |
| SHA1 | 62445484661d8036ce9788baeaba31d204e9a5fc |
| SHA256 | be4b8924ab38e8acf350e6e3b9f1f63a1a94952d8002759acd6946c4d5d0b5de |
| SHA512 | 8d1815b277a93ad590ff79b6f52c576cf920c38c4353c24193f707d66884c942f39ff3989530055d2fade540ade243b41b6eb03cd0cc361c3b5d514cca28b50a |
C:\Users\Admin\AppData\Roaming\discord\Local State
| MD5 | 5547dc1c852f4ae421362e1c91d0f31d |
| SHA1 | 8f9270975485495e1a149b5d35eb2012c1065c47 |
| SHA256 | 9b4cff3c707dba3ff0b6f862b56b50431fe24968c0a7e2883676076f583d9581 |
| SHA512 | 609be1c91f25907f3f0335f0db5956e099f86a37c61e67be1c3112cd6cf6dfde5e458182bd8ffc8819a507bf0e3aeea8819c1f349ef6ffdbc55ffe5920ea3bb6 |
C:\Users\Admin\AppData\Local\Discord\download\36db45dd3aafdb5b8ed76aa6132497fa3b656001267d768e6e77c8a14fbdb720
| MD5 | 9a3aedd2f280bbd0dcaf725a504b1497 |
| SHA1 | f572bac45e3eccac2eca212e93b3894b82b915d6 |
| SHA256 | 36db45dd3aafdb5b8ed76aa6132497fa3b656001267d768e6e77c8a14fbdb720 |
| SHA512 | 8d834368d86bbdf7d7f60e362236d081c57ebc73e8c2761523a6a29a81ff4f548ad2697048aec0d074ec4efc9c62925e22a5e43791131e4dca2daa535e5ed7d3 |
C:\Users\Admin\AppData\Local\Discord\download\3d9ba34a9eac5f447ff1a0753d093e4b2eb8222513f3a8a48b727b4069707991
| MD5 | a47db345153eecc327230824d0d2ddde |
| SHA1 | 26d00af0e27b3b1b67a7eb549a242ba057502411 |
| SHA256 | 3d9ba34a9eac5f447ff1a0753d093e4b2eb8222513f3a8a48b727b4069707991 |
| SHA512 | 516174e0d6527ed9fc29ed2535b0a49df83360dc620f0bd1a8f7443366c8d281eee9485a2dc827089331b94d73e62b30917faddb112d5d348b355e8a5f29e951 |
C:\Users\Admin\AppData\Local\Discord\download\d295003905e54bf87f87154ca683603c861a68c8ee5354b2b6ddb43239afd475
| MD5 | 1ba747bd5f52531a218b7f2e43b48e46 |
| SHA1 | 84adb77615ebcac5193b76f429195a690e1cf523 |
| SHA256 | d295003905e54bf87f87154ca683603c861a68c8ee5354b2b6ddb43239afd475 |
| SHA512 | a97c37517281aad3042ee0d134d6dfa33ba23b5cc1b049c15f0634f5becf6017c13526b0598a08b66ec40510dee49699dc1e977469359ddbc60278e419cf8b72 |
C:\Users\Admin\AppData\Local\Discord\download\94a39ab7b20f5595f3a64c7a9436b2471b66355dee0ac5685d3c787fe6bdfe83
| MD5 | f3bf492848715ab7d63ea3b998c7ae38 |
| SHA1 | c3d574657bad2262b1c8f40a847dc01cbfe5f692 |
| SHA256 | 94a39ab7b20f5595f3a64c7a9436b2471b66355dee0ac5685d3c787fe6bdfe83 |
| SHA512 | fa9f3b2488649af0330a4d53a699ef0b23c349afe01d45f56fbd2ab88b441ead5c7664246ecadd19c31129ee4b2dc6511f8b1ff17490db8f17dfe11b7f704b93 |
C:\Users\Admin\AppData\Local\Discord\download\376b9b123f6029257d797c4c3ff1cdec3479f5dea5f78b019303d5bcac0e14c8
| MD5 | 2fcaa9ea8b589aaa9552af33993e1e30 |
| SHA1 | 24ad07e62da4f07227f19e6889ceb6a8b57d1c0f |
| SHA256 | 376b9b123f6029257d797c4c3ff1cdec3479f5dea5f78b019303d5bcac0e14c8 |
| SHA512 | 07482d18808d4919cdc3d0fa94dd7db54c6d6e134888aa48b79d4c50f0a43dcacb9f841b1731f144cad95089552ea5111d19d6989c42ba538e42d25c8b64699f |
C:\Users\Admin\AppData\Local\Discord\packages\RELEASES
| MD5 | abb371bed77b76fca35fb2fcf3e4c8ac |
| SHA1 | 609ae59caeaa8e3eafb717af42cba5709c3d6068 |
| SHA256 | 4c15212f6a3116c75124ab7de153e1016cc5975c5010257c0d38951bb4adadfe |
| SHA512 | 45383b600e792e0cacfaabfd084c293db62dbe72ff71ef12fde6fa2f06ba1da3835e59d0255ab1d8e4d30bab3c3bf5bb6fb2d03f6f28acbbf0bf525661205fd4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 3b44097f3f8040a767e075590e766033 |
| SHA1 | a4c2c063edda286bef8fe2b1f662863ca1a288f0 |
| SHA256 | ad9802cf34cbe258f4d67d467526cfe47963b20bac6a8dc31d43bf68027271d4 |
| SHA512 | 0558df3ff195c23736b84a3fd04c4601487e70b03a6b7f46df970568b34837f8a3a2bc45fa6b2a6e1229aef8694f31f541c9f8e4e539462a7aae9767b78b6ba3 |
C:\Users\Admin\AppData\Roaming\discord\Session Storage\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Roaming\discord\Session Storage\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Roaming\discord\DawnCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Roaming\discord\DawnCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Roaming\discord\DawnCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Roaming\discord\DawnCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | 6f9316d94816680780f567a274c39149 |
| SHA1 | e54be2e11263e52e3922a2c4f663473720554fb1 |
| SHA256 | c7757bb98558d911b17e7916659fad012c4ce9e48a1a2851facb94703182a7b6 |
| SHA512 | 73bee6028faf14963a8b2382c08cd4f9e34ab5fb8a6514c3460da39316c699bd1870f9537b760fa7edc5171ec650340816240f12bb33450eecdda57b1feffd58 |
C:\Users\Admin\AppData\Roaming\discord\Crashpad\settings.dat
| MD5 | 7f495de3a0313be843e6adaf45ba6284 |
| SHA1 | 4ec1440bb56fc1bd7c0955b2bdff804fb950b73e |
| SHA256 | c3585e62e0e851ecd3308fbb7d150f514dfc95626662669ce682e180cf94c1ff |
| SHA512 | 8e786b91861fa93da9af9b1b18cea300290192f726e427f68e68d9a6fdba270c3e55bf45d8e491007537dc5d7853ed427e563655306ca4c957f99868ea2b5205 |
memory/4044-1844-0x0000028D22E30000-0x0000028D22E31000-memory.dmp
memory/4044-1845-0x0000028D22E30000-0x0000028D22E31000-memory.dmp
memory/4868-1888-0x000001E07D4E0000-0x000001E07D4E2000-memory.dmp
memory/4868-1887-0x000001E07D4E0000-0x000001E07D4E2000-memory.dmp
memory/4868-1886-0x000001E07D4E0000-0x000001E07D4E2000-memory.dmp
memory/4868-1885-0x000001E07D4E0000-0x000001E07D4E2000-memory.dmp
memory/4868-1884-0x000001E07D4E0000-0x000001E07D4E2000-memory.dmp
memory/4044-1867-0x0000028D22E30000-0x0000028D22E31000-memory.dmp
memory/4044-1870-0x0000028D22E30000-0x0000028D22E31000-memory.dmp
memory/4044-1869-0x0000028D22E30000-0x0000028D22E31000-memory.dmp
memory/4044-1868-0x0000028D22E30000-0x0000028D22E31000-memory.dmp
memory/4044-1866-0x0000028D22E30000-0x0000028D22E31000-memory.dmp
memory/4044-1865-0x0000028D22E30000-0x0000028D22E31000-memory.dmp
memory/4044-1843-0x0000028D22E30000-0x0000028D22E31000-memory.dmp
memory/4868-1895-0x000001E07D4E0000-0x000001E07D4E2000-memory.dmp
memory/4868-1894-0x000001E07D4E0000-0x000001E07D4E2000-memory.dmp
memory/4868-1893-0x000001E07D4E0000-0x000001E07D4E2000-memory.dmp
memory/4868-1892-0x000001E07D4E0000-0x000001E07D4E2000-memory.dmp
memory/4868-1891-0x000001E07D4E0000-0x000001E07D4E2000-memory.dmp
memory/4868-1890-0x000001E07D4E0000-0x000001E07D4E2000-memory.dmp
memory/4868-1889-0x000001E07D4E0000-0x000001E07D4E2000-memory.dmp
memory/4868-1883-0x000001E07D4E0000-0x000001E07D4E2000-memory.dmp
memory/4868-1882-0x000001E07D4E0000-0x000001E07D4E2000-memory.dmp
memory/4868-1881-0x000001E07D4E0000-0x000001E07D4E2000-memory.dmp
C:\Users\Admin\AppData\Local\Discord\installer.db
| MD5 | 3100a2183f52beda36805152ac310259 |
| SHA1 | bdd0e3e5c113ef54a16e6bf90714879b2b995fd1 |
| SHA256 | 7c14e9b1a75151d760bba9d04eb69c6952946436f07b3c42bd02e200179d8adf |
| SHA512 | 1489b310eeb73bece906a1ab1176501fa955364fb3fdf2876eea863d630108b1ed9d3679aaffcfeacc73a22530d001311ac9b23f8bd204ef8fa7edd179019bbb |
C:\Users\Admin\AppData\Local\Discord\download\8296e21d9bbd77edb3adbd44d4e44cc71577cc44af5dd9475b7f352af1b64323
| MD5 | adb8c23ae4309daa45228552a0b8eea7 |
| SHA1 | 1ec715ef991a5cffab491774e934aef68b91228f |
| SHA256 | 8296e21d9bbd77edb3adbd44d4e44cc71577cc44af5dd9475b7f352af1b64323 |
| SHA512 | e4c3bc50c1a53a51473b2e51b1d7fc091627ffbd5a3acabbbadd9d99bb2a75544bca217fa577cac18943496a37ab8640d40ebfa1a638bb4df5e6de9b9628be96 |
C:\Users\Admin\AppData\Local\Discord\download\68e6eeb6c9e76caa43040be4d8caac230096501b7bf143384ce1b9f679616549
| MD5 | 22379eab0f09696703f4adaa58efdb37 |
| SHA1 | ecde8544aa231fbca7d2eda71b62386c684261a4 |
| SHA256 | 68e6eeb6c9e76caa43040be4d8caac230096501b7bf143384ce1b9f679616549 |
| SHA512 | 9f9005d326ec41e988747d3541b28473e1076b0b769a9ca027cea54d7d1958ac84f795340c1e1d4185a2ebe74f49fce416f7b82869882d908221c4dc12d34048 |
C:\Users\Admin\AppData\Local\Discord\download\fdf78d356e077d3f36c5519dbbf37335c3ac3405a53237c8c664344a579956a1
| MD5 | 643b75cf327727a2b3931f7c4811dd64 |
| SHA1 | 24460b04d6792dafe0995b630bae7621b23f11bd |
| SHA256 | fdf78d356e077d3f36c5519dbbf37335c3ac3405a53237c8c664344a579956a1 |
| SHA512 | 7561da3ff55ba15378add224e9a3a9cb8fd31e4c096d295e1b021e1293428eabccc09c992bbe64c0ea55c8316e90f3846ad2874118be5abe719b0bf446824391 |
C:\Users\Admin\AppData\Local\Discord\download\cc2d550b76df60e9973723437615f07ee6beaf451d8b416345760f76c3dace67
| MD5 | 8c1f3e379ccae79cd7315fe7870765b8 |
| SHA1 | 095d19cc1b36c75807ed1de7c598e2d3b699a7fa |
| SHA256 | cc2d550b76df60e9973723437615f07ee6beaf451d8b416345760f76c3dace67 |
| SHA512 | 9d8996a5b1901a856a4cd3b1ce9f528e741a3c4ac679446344f52b25ef17852560dcac4ef28537f2bf47e69ce679a8e6909e38952aa3f3b205f9b2705bc9c122 |
C:\Users\Admin\AppData\Local\Discord\download\ba6abb2a8b96668a9bec934e360744ed9c22da6bded59b5e612dcde9d730066d
| MD5 | 5d6605456da604080457c762f3044f70 |
| SHA1 | dcf2e0d3c903f7057c24e714fc47d75b9afa43ba |
| SHA256 | ba6abb2a8b96668a9bec934e360744ed9c22da6bded59b5e612dcde9d730066d |
| SHA512 | 5b8c44617190a87fa72b94bdd580d4b88a337ab3f46c3814ff0ba4b5adc6f5d8aaa4a94326aed3dd6cd38151a31a932305b28817e13d3c8eb4713970e609f7ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 81e892ca5c5683efdf9135fe0f2adb15 |
| SHA1 | 39159b30226d98a465ece1da28dc87088b20ecad |
| SHA256 | 830f394548cff6eed3608476190a7ee7d65fe651adc638c5b27ce58639a91e17 |
| SHA512 | c943f4cfe8615ac159cfac13c10b67e6c0c9093851dd3ac6dda3b82e195d3554e3c37962010a2d0ae5074828d376402624f0dda5499c9997e962e4cfd26444c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 893bd58c79a631226791354119d80688 |
| SHA1 | ef577817c70ca56b2a2d15f3de38522e8f34642b |
| SHA256 | f766ce84a6a17ee7cd8ca75afd4b6034410cb43f2c4fd9e11f00ecce92af8f44 |
| SHA512 | 3b8e5c3509940e4f64be9b5396e4a6499190cb6c735bdcb3f6d9db85eadad49955b1c39b78292651cb6c248c6a96bbd0b116887e80504e06c5027926c06761ef |
C:\Users\Admin\AppData\Roaming\discord\sentry\scope_v3.json
| MD5 | 6caf512a1b9a2bd290a36ee2f38000dd |
| SHA1 | a7f927a71110b3be5ad5fd17cae888c80543bb19 |
| SHA256 | 2fde4090ce8325adf26662643e8fd4581006f85068c95048ee2020281f93ceac |
| SHA512 | fa8067810285324f9c31c8fa7ca3d6b0a1f6db89bc6317c643b7b7ab2f08bc0be1b42b0444514a17c36b0eb4fa90133d824103c27d76355d1b77202efc14bbe2 |
C:\Users\Admin\AppData\Roaming\discord\Preferences
| MD5 | 5d62907599a8c65119e0d12761315ff0 |
| SHA1 | 16be22bafb4134279ace49be6b9421e5c923f155 |
| SHA256 | 6dd5a837bc33ddd6b50b276ea9b0dea9d313752278d173d3c4f080f88b0fde45 |
| SHA512 | 74dcdbf0847a75cea932cbafa3f0fd242a76cf119d1c459fc89da0376c4feefbd02e3a14972fd5f15dedc3440e029ba0f0033b0e4d5ecf246e10c224114347fe |
C:\Users\Admin\AppData\Local\Discord\download\df69f08a1a7a387b3d13f014b2e4ef242f4e6b6512fbbcd965cec42c0040cd07
| MD5 | ddea095b594a75e2f0992386b861d566 |
| SHA1 | 97ebad3b88e3b3810616d3e428aaeea18a9f613b |
| SHA256 | df69f08a1a7a387b3d13f014b2e4ef242f4e6b6512fbbcd965cec42c0040cd07 |
| SHA512 | fd3b51622df76dc760b994c0b65d1f18e0f43893db88968d371ca797756a3168a2763ed2c48273e93b73bb790ed7ccf2b4dfef34d01f02031e64480a4774cdda |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b02ec09db93fb4b1c9ba367ccd576d90 |
| SHA1 | e785bfa13586c596ed5721fec0dce58415bfb9a5 |
| SHA256 | 7c4fa24845d9d191d4942ebfa9167691591750dc03486c522b4eb6946a1a532a |
| SHA512 | 1cd39316341ea200dd6c936b1c11af44aee61515bb864073849d6471e712e9fb8d247da23079c2630fa3c486a11e67c42a85d711fd1dcf222f4c94ac2bb4f988 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0931e77b9449521cde85f65c0fa50d2c |
| SHA1 | 890aa9738e311cf549e19f44fe6d869bcc232cc1 |
| SHA256 | a880777eeb1d92ea1234835cd0185237cad7fecf3ef3669efda2301d72bc4844 |
| SHA512 | 409eeff9f44418868b5e27bb7805c85a63e6b09a0ee8de9eb739fa8645dfbb1bfcdfd0c7768434726e06783c329ec7cad66dd898d72cddc5b08bf1031ce09836 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 18d527c050b71bde811c13ea463c14fb |
| SHA1 | 10e85e705687680b3c65fa6ba64a060ca2f3d0c6 |
| SHA256 | dc4ab7c8dd234dfef034bd68bea31931fecce3ad273c323b938fb5aa98affdc8 |
| SHA512 | 2eafc584bdf8714401c1b42ad87efcb420e60068d1c98ee0aa6de8d3e642de8c2770c26c16dbc7f7d9e1f4cb199387a03ef62885c7cc57872971e2477a52ec8f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2b888d7f7f574da0a851404e2c3c3117 |
| SHA1 | 4592249f049f5aed045c8acf6770e91b24278d3c |
| SHA256 | 6d914d1ddb4c5788216f5787efb5e94a9a3928e2953829857108ba0892021170 |
| SHA512 | 1367659f249b3112ec96b2fba99219da9b3d3a5630fda59266108ee86029871774aa4f6a25d5c23c4190fc3825a5679bfaa6c69660756acafc6508850b7a837f |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 346c749d40c78eae2c1bcd512247fa08 |
| SHA1 | 246eef4bfc20b23f7d7f707cbfdb270e052a62a3 |
| SHA256 | b45cb49959b3176c4225709b85f668375f2f3abd33fc3a0939f9f89eb2c8f3c0 |
| SHA512 | a5a49f3ff39f005563db1a1cabc21dbd8b5f0b794fc458a5f481a0d335bf19e2038042490d14f9604a09be3e660984a33830f127396fbc13bfa82f00a92c49a6 |
C:\Users\Admin\AppData\Roaming\discord\Dictionaries\da-DK-3-0.bdic
| MD5 | f7bbfd190500aa58c4eaeb00f053d625 |
| SHA1 | 06dee206943ff309dab5b32efa988e727b081e35 |
| SHA256 | 265ce85a15f2e470f7cf4bbefba0b457327af813e444f63c652f666e67de459f |
| SHA512 | 17fe62ceee8b3b3968b54252ebd9fe46f37ca778bd14e1ce626124dcd887776b661256eed4a837fe96b4b12bfc9bee5984b2a9c1b5eb8a60373e7a5911c27e22 |
C:\Users\Admin\AppData\Roaming\discord\Dictionaries\cy-GB-1-0.bdic
| MD5 | d76d8ab752cafc6b3f72a9d1a98629d7 |
| SHA1 | 3c8e8b94af71ec2bd564322d933cfa1aa1360fb5 |
| SHA256 | 58b4bbc81f418ff81926b4d323ea8c2aa100ae8905f151116e1dff68b22314f2 |
| SHA512 | 632486bd9176f1f0b990a4f96ee8042c15d65164f51700efc289ae5b8f31f98adca020395ee562d75a581265f65b5bf386a16d0ac958df7e4b984d9869fb41e3 |
C:\Users\Admin\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index
| MD5 | 6522de0f93e5232460556899083d0932 |
| SHA1 | 5814ca65a1f4bcd15ec36f5a6d2c108a86fa4118 |
| SHA256 | c9d21dc4092ffbb508b2f24762bb68c190673afcc8c00c35588cdaf71489ab23 |
| SHA512 | ce8c9384aafc4c7a5b7ccd54a72e8e3297946dedffa330f83fc587da8ca889343242c1b3f3804a4c0a92c0931f2f44a490dfef638e00c489928c35450c458f40 |
C:\Users\Admin\AppData\Roaming\discord\Preferences
| MD5 | 9214640863d7979269c2d312f67d05b1 |
| SHA1 | 42be6885d06f88903fc39293c9ad585c2b5a3819 |
| SHA256 | 3704debc62fba493a24052bf9fb16245862815b573821f3be0645578b8d056e2 |
| SHA512 | 7fc886dc8e680d6dfcb6cdc520f0bd12bf819954e60c90aca2e91ff31e8437e9bd24defd207eebb666d8f9daf9029e2b3122311190c27282e0fa88a3966a5dd5 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | c9c3920f327d22660a71d52c3bd1ee55 |
| SHA1 | 70095f46d0b3de1257ba5f4c16f1b178c42c2066 |
| SHA256 | 03ff3bbfda902a58cddc561ba7907be658ab75220c033af4302ef2a6589eae15 |
| SHA512 | 503b3589d55cd9cb7e7064c282e5ff9279731020265895a65cbe0e88bf3cb1e24017b6834b6f79afba149dee982f073e615fceb78df2fff17ec70a2c836108e3 |
C:\Users\Admin\AppData\Roaming\discord\Local State
| MD5 | 7d1908b8f069a3ee4b788c3895811ce7 |
| SHA1 | f5793e4438a9aed02950b27e94d504070d769514 |
| SHA256 | b5c4f6ffe6d19f71b88417b0d20c38beb554a79326d525e32598e95eb67d2160 |
| SHA512 | 0df8c832d316553b3ae126b7f6d43a0500a1f1071d093a978b7a4654930605ede19a1ee65b582addd73438a524abfd5f6d69f5d3a0e490eae5591d007e4aaf33 |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | fdd9354b638cf3fcad0581ca43fc11e9 |
| SHA1 | e734b88aef1feef8445f632601d10487d6c8f148 |
| SHA256 | ea70b747913521899cfa4aaa3a9c4176df92378d660240d0492cbe9e74650157 |
| SHA512 | e87bdd27bd4a25c293a06bb859186869769377cf17c1366e2bb776e7a0f9f3b335296ff7492ab796794b9f76836b1fbfa535563c6bac538fae4f821f942c8a8d |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 65594790fcdaf07a16c109e05271b444 |
| SHA1 | 7b90fbfd44e177452391a9afd55df454b3719363 |
| SHA256 | 9a4f916e3ed96a6d3116df751b8b17a1e780ce628fdd62eb8165b6f262ecf68b |
| SHA512 | ea3959c9036e630c0acb10517e770b5020a0e76804c31d9bfdc42c59c615e525da40cb11f080f9a9795a4ad663dba363d19696f7d335d79b5d276fef835896f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | ea22c5b839533146c330fa0cb64fe15c |
| SHA1 | b5d1c2ec6a5b0c5403338b60d4f096beee34619c |
| SHA256 | 5a93da12af21c6f46fd1294f9153ef0c120dd2549dc372b1d7a494f13e4ca231 |
| SHA512 | 7bfbeb271cbece7c89bfd6be30579e90c482b3be776e14f718447bc68d173fefe620c2b72ef337b6c7ca3b7f18c5e16fb2a34324a221a5500916d7516ec01a6f |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | ceb3782b58a085c7f95c0fd05de14a5f |
| SHA1 | 08fd1a3dc25b93f78b61be3c4f8e087dffa4b1d1 |
| SHA256 | 41895cd65197dade5885eae38fd7c2db79532b5722a6271bda19b9bc1a09fa8d |
| SHA512 | bc83baedef0a131e66b6dc74e22205dc67fe33573fa227367b84a80219724e2fd2321dad102f01f6af8d18428b92be2d5b6228326d7912b740f6a157460cf4d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 20b2f8c06bc883f86dec8763800ec7c9 |
| SHA1 | 01f3903be725946591976e05af42b101c3f77d7d |
| SHA256 | 1b0fc4a89c9f2dff5f4eeabf195ba31957172d0138f20add802118265aeaac7a |
| SHA512 | 3090d5d53108e05043fd5fadb3e046f3faaabd742b12b5fd2760f8a616292e6f886b999765b07182412082bcad8b8ecd2a988602a783d149b638eb4ba1674a35 |
C:\Users\Admin\AppData\Local\D3DSCache\93e7f05821b87c7e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 6ef0fac0e9e51020506b3482f6e38bbd |
| SHA1 | 6fa1790cdfb8a0e43a985bea1f8fbbe5bfe5390a |
| SHA256 | 43afb5f9d32578c13d19d8775da6b839b8f7229a91754df4601f1505890667ef |
| SHA512 | fe4227a858bb2390426833c3c6a08c336081e307c7c14f2993b078a11f544353ec4008c077dfb92bef7ddfe73bfad43112fae8a7244384b4d2a80814bdce46d5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 72c7a194890a2412ad7182906b3d0ceb |
| SHA1 | ef077c08f78c42f8ea09aabd178bd1198147bdfe |
| SHA256 | 5542b0245de3c9e6b130ed37a39b4238cde7ee6aa70112981bd533e6d5594015 |
| SHA512 | f27ca15071d76dcd81536b70389ee54553cdc8c06c7eef7dd4682a5768ec7030767ee223f13d86e2cdf6cec62fa7d0b37091731d4d4cf6a2152f4fba0eb67e9c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
| MD5 | f0c27286e196d0cb18681b58dfda5b37 |
| SHA1 | 9539ba7e5e8f9cc453327ca251fe59be35edc20b |
| SHA256 | 7a6878398886e4c70cf3e9cec688dc852a1f1465feb9f461ff1f238b608d0127 |
| SHA512 | 336333d29cd4f885e7758de9094b2defb8c9e1eb917cb55ff8c4627b903efb6a0b31dcda6005939ef2a604d014fe6c2acda7c8c802907e219739cf6dab96475b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
| MD5 | 1e2ee40c5ffe4aa418ee58f9007792a7 |
| SHA1 | f28b05c74e22d0b0ffb9552c8bbfd122a03dfe87 |
| SHA256 | ff9665f206508f2662d1b4137ad427d6eb983f8cbf86d5a28e68ac116169bb5c |
| SHA512 | 5c67234e24e394c5d02c80e26514b8480a2330cebe98fb07906c035a868714a00c8e2845c9f26d13adbe3f5de4088c913979d46ff2a0739b0adf9a35409b7672 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
| MD5 | acaa294e100adf477e1294642179035a |
| SHA1 | d9af3b297bd8f8a9c87717eecf155d1cc9cd10f0 |
| SHA256 | bcb3bfebef31088ebb1deec81ffbc4225519446f80f2bd6f8add034c3813208a |
| SHA512 | 778e0b308503fcd0db06c5f9d9e7b1591c641063066dfcd9137bc36a851174000da06f9a6981ff41f8359e79a52bf5b6c238d83f0d1514c1dc3d204d51bcded2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 625b90804c51bb82f33284d43e4d3adc |
| SHA1 | cbdd573eede70f5dc93fd7e8887789680451e311 |
| SHA256 | b1ae1c97baa23380d91c9396288e5ad0ce9c2a3f323d3e971e261ed0ab6f4b66 |
| SHA512 | 40156fbcb9fd390fc514740fe0f9d019385682a837670445a097094421288e2bc6540d97c7891638773730b2668ef07c517c4d9d04cb8d008e44f34bd3d16cea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ab454bf4e475f21ea18ac84691989d0d |
| SHA1 | d0d2ed1e51ddaa2ac0f3a21e2cf136239e7bbcb9 |
| SHA256 | a7fd4b50e3aac1ef0ad89b95d5214e41e6decf213217fb445564a88840a096cc |
| SHA512 | f005935fa49e766510039add75b7c5392a544e1aa51e65ca9866b806d4427b6dfa65df3f172d4bd40b032feb10f9d0b65fb8b762d289a8c9834a73325dda63df |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5cf724787dee065d278e2dbeaa4d65f4 |
| SHA1 | 5cfb227250916d8943b4f53e06bfc3b3a8c7c835 |
| SHA256 | 5cd2d73237c3c54fc6baf7d65bcbb47351e9b6f13a88edf1d7e6c2efae844914 |
| SHA512 | f28d49b8a5941d92b16631b113ecb164123fd84f92b2fb0523f7a2de97fc5a8f58bf0d082690db818fdcabf163a0e1db80af76360d7573598e0911fe0aa8eb59 |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | 03e964d749e18b80e6618f53eb23709c |
| SHA1 | abfa37144d9fb76f7742c71823f54e101dc74b9b |
| SHA256 | 8d6223ed8bc4f5e740b39660fe3d4a3df500955b55037b2d4518b4b9a4b9046b |
| SHA512 | 27f343d780946d430c7cb3afce1f09f5cac6226c297214aac6dc0676260c971a6cb5524dc8abc51676cab33a53a50adf24b48523349437a44233e980dac863ae |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 17c4fd0137f6f7cc3e4a4f791f746ee0 |
| SHA1 | ca03445e1057f032b78bb7dbd7063d67bc239fc2 |
| SHA256 | fa511bfb045610c02893751f4e23a2190777f7dcd672741ad12f1e4acb08f897 |
| SHA512 | fc1577fd6cd3ba43a4e6cbe661b091db1dcbd93d642a3042ce2e8be13768cc699507d3e8c206fb3b29ef67491d2cc87a1f2e88a73d6a16c926dff9aec5de2864 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a3a0192cca339b71384625dc29ae650d |
| SHA1 | a6503f71a935da0fc4ee87f8bc91c2e5b09ff2c0 |
| SHA256 | d9a1083ca931fec290a64e42670ebf6071ea10c618fba95c33a3276dcb16cbf3 |
| SHA512 | ad28bbc060150c7a5317dda2465a7e2f5ccbb2e715ccc5e5ab986c38664a6cae3351d51c34a3961ed0caad2c86b1a1f584c3a9ac7d6b92bd75f1bfc6d91f44aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | e3b7d91e5c992c5e16cd0cdce4191a43 |
| SHA1 | a3c49c96813eb786af82f8ce7b44b24694cfd5d9 |
| SHA256 | a9cb8347e5f612734b56691fa9a3c7c3dec3920b0706dc5cb42923d52f159604 |
| SHA512 | ca529a780538f56a2779a27421c79f5a7593ac1197e657d9cc45ef1b5fc0832c5057448d7c8e056955fef1eb8325b047ce52b84b53c32629579a7f7700a13010 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 25d77ec60b78816eadc5313c805ee825 |
| SHA1 | 01ec5a0c11275280c87ed946b2c9c8c572bfe8f7 |
| SHA256 | 99246f6b4c646e45ae39c233f586d4b1178170c70a76ce68d6797f9422b0ee97 |
| SHA512 | 30f0738b43b5de0a962b5bdf759c723f43e2cb6c235534d610679dc704bbb2680b54ecbfc6073750ef7a17429a4a33ece6485c2655adedf63c722b3fddb63e96 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 386911e5489a1c8405ffd3dd774d3c2b |
| SHA1 | 7a41311fc58c3db6563f912cfff4a0c7f59104d0 |
| SHA256 | f4abe45aaeb45c5bfaf907a4d0522273f269132a15eea05d5021b3ec88b971e0 |
| SHA512 | 92ee2aa8fab6cebe6ad6ad779f7c739afe48241a6c9eb014a44cf44997439587f505737b19cf375d1f813439c68336037056175f35fa80dc01a6126273be25d0 |
C:\Users\Admin\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index
| MD5 | 0b8eabb543a6bcacb326fc233a37fda4 |
| SHA1 | 04e7c167989f9bd76f0b685ccaf0a4334def6c6b |
| SHA256 | e218f1ab31f3f2f091e1d17918a5b89141188792087de33755ab88d6a56913b1 |
| SHA512 | dd9b9c11c8deb50079b94d0cc4c247b71a1f1cd58f108a71978bc38cddc3766053362b32ad47023a2e8939b0028afb215ae7591e5648d22c7f996e013f9c65f7 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | c3a6b1636ddb1c0d649f9762d8082ab7 |
| SHA1 | 0a5a2a0c2b61a2857c00a89db2783a44d7061469 |
| SHA256 | 55fcdebe49c9639b3362460e8ef650449ac08b7b3ae36c42fff2cc7fd5512597 |
| SHA512 | c8ef303ef5559e817feaa534dfcbb888b482a9794b3985dd6bab87c0be7575ec7356efb8b0bbc5c7975f2f6779336199222632627b1927e6a63385ce48346a7c |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_000025
| MD5 | 171e6cf25882b3de492c41615a30e2b2 |
| SHA1 | a8f030a4d782753a125490db737e669e398cabe5 |
| SHA256 | 8982eb7de3ace95b0bc0377bc1c343d73644a7557dd262ab44c1b9c60054ce1d |
| SHA512 | 0d09e0a7b84484dfc1b8c5a4ceaac2fdfbd8b543ab81ac3333be4cb449e01cdcbbd03e60ecac5c5d7b9a6924c23544493dbdd8385fda43d8662f4a189f392f79 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | c8ca7cb51cf2683e7543a699bc2c770c |
| SHA1 | 59cc077b4b16179658c2e6ef39852147851cd43c |
| SHA256 | 9751550909347041978dd968ac019eaa29b7e01fb0a504c12c0c222a8137035e |
| SHA512 | 40976cc0e600e9d64f6cd509bd0b1ee2087bfb8a9556695f03c9d05d6c37309325cdf276d3cb98ce84a73240a3a3386db1df2c6b0e1ab480c729eb0c49f37e24 |
C:\Users\Admin\AppData\Local\Discord\download\a08f1805bfa68de4c6985bf45184f00e401bf780505e022b317b49b20b97ca28
| MD5 | 48b299cc0a03cdd24102aea32dae1f59 |
| SHA1 | 690c20f36c6193e6babfa1ea406c2ea13a98f4ff |
| SHA256 | a08f1805bfa68de4c6985bf45184f00e401bf780505e022b317b49b20b97ca28 |
| SHA512 | d7f443924108dd81ea652ee4f1b4c5d8c11d7ed840c5fc4fd20f27cf9f11f81482467b17a6ce205b0bc94878696b3f43b5766c9d6bb97b2427e9594b9a223848 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_000008
| MD5 | 07bd004322d7b2832709191bddd0567a |
| SHA1 | 9149ed0c2466995a3b6dd5182865a78fd76ec0ea |
| SHA256 | 6160a9f25b0dba39f0325b3268e0c00e2c374fd278fd1e90edc2fa87271b55bd |
| SHA512 | 28de08cc0284652a62600ea99583a758e83b8c79e10982a8fb11058bb5bfeac5570ecc51b4c58589e8f1b821645839ea5639dbdea2071bd1af9d0d4145e2d944 |
C:\Users\Admin\AppData\Local\Discord\download\8db5f719ea351e1a211da4a020d1ad5e21d49791617a8826ccb73ebf6c6a7404
| MD5 | 29123ac200fe4d07acf9b352b2f7869e |
| SHA1 | 53520444ff5b42799bd073159861c56f384859cf |
| SHA256 | 8db5f719ea351e1a211da4a020d1ad5e21d49791617a8826ccb73ebf6c6a7404 |
| SHA512 | 95b762d5629569c06f29f1c8ad5f8dea9946f7bfb8aeb2befe44af0f2384ce92ccf7d285fdb510cb5defe2ad936db09c5f914329e75d4cb5b7908879b5b74c89 |
C:\Users\Admin\AppData\Local\Discord\download\04fbf70b0271077f0b57f1aaf9da09012668872f1b16228466c37340d66545b7
| MD5 | 5f7aa0786aeab5894e283db03f27bd6a |
| SHA1 | 388a3cb1bac45b5dde0f073909bfc256b7cfc204 |
| SHA256 | 04fbf70b0271077f0b57f1aaf9da09012668872f1b16228466c37340d66545b7 |
| SHA512 | ecb18b3c546b44153055d7fdcfe05de8d502998a2a252f2000cb02f7b9dae532389b63be4cbd80a6f6f752cc5b6abd5814b4984d998f8fc8cbd7d176225f0e2d |
memory/5936-3059-0x00000200E50B0000-0x00000200E50D2000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_bpl2zlyy.0cz.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/6952-3186-0x000001AD668C0000-0x000001AD66904000-memory.dmp
memory/960-3187-0x000001C37DEC0000-0x000001C37DF36000-memory.dmp
memory/5692-3204-0x000001836A710000-0x000001836A734000-memory.dmp
memory/5692-3203-0x000001836A710000-0x000001836A73A000-memory.dmp
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | e751ccda94f1e5a2633adf2d907373c2 |
| SHA1 | 23417eed4657b85cb6267378bd013eb00449846a |
| SHA256 | 88c7072a7a5064f4a0bc99d7eccf0f8cc85069ca4bd111403a54be1b5c4e1db8 |
| SHA512 | 081c323bfb554b0109e6bd74cd41714bea9fdcc099963e0dc5e655f03453fab759b7c321c7577860ac6222db4992f78cd0de87c56a11ac512c00e7f885e555ff |
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive
| MD5 | 28c65370f12e84b734af87ad491ea257 |
| SHA1 | 402d3a8203115f1365d48fa72daf0a56e14d8a08 |
| SHA256 | 4ea873fb3d77a2f8eefae82c943f621f16723516e181bde133568f8f0c91290c |
| SHA512 | 56eb34162b0a39da4aaf66aad35ef355a7709982b5060792e3b4849c36650725176e927815537ec58e7ddf0fb1763066b203d6b7f9d1b3dd2c8bc091c0c850cc |
C:\Users\Admin\AppData\Roaming\discord\Network\1bfa0e7c-68b9-4164-a6a0-61135f6441a0.tmp
| MD5 | 0e1ed5c966abee00c181bc68cf9f3aad |
| SHA1 | 910ab47786d2ae897c1ab1df108d33424d747ebd |
| SHA256 | 30e461908972c1a9dba61caff329833be5724fccd84bec71db906835d157cba7 |
| SHA512 | 0a60183a6384a122bce5cf4f0f76d16afb59db33df3e98d3e179082c7bf2573ac907f907c92319aafdb1fab82d0e48e69fa41c44da88210b5390d9cae86d7187 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 3d28ebac8de1f1dde69c468bbc8f36a9 |
| SHA1 | 00e914b225e38c5d034e788fa30cb526e0d189e7 |
| SHA256 | ab7633040181563cbabde9849271335af5345b986f1d3b4a46ab80294cffe245 |
| SHA512 | c88b8736f71eae54352984a09191954d8248ef48f106a159fcadeafb9f6a99397dc3a2d4994ebbaf8c5ca2f3d5c89b2b3ebb0a5176049c1b9d36160058fe6155 |
C:\Users\Admin\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index
| MD5 | e043cd35aa22483b8c7a908165f18f70 |
| SHA1 | 2b673939eab81dd067d113c8d360967b9fc72a29 |
| SHA256 | 197070b389dba38cfb2d72df454280d619fd917726a74b256f624dce8e27072a |
| SHA512 | 34b106081b34d6fa946d983a220bcd1135b7641159766545dc17ae7041b9b550ced786dd5ed0a37b8633a90055c4b4a03c367cc8ed49b909f31065b981bb1e6d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\9a0339c8-add9-4c5c-8f38-9ef26232b605.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4e885293ceff902d3c6d67213bf1a611 |
| SHA1 | adfa42262463cb0df7dcf32bc6ba84dacabf4c5a |
| SHA256 | ff451b10c7d775b2fa67d095512fdf4094673987594156ece234fb2269cc7340 |
| SHA512 | c00686a267c6e55db30177382657fc7e075827a7f004d41ab5a969cf9bef92ebca57dc3039d56f192a6a13500a99bcf835e46d2228a0b50363e662c24f1c8e2c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a9cd72c156f1406969e52db6416748f0 |
| SHA1 | 8d577ba317f5e666d84d226442e968c729f4c5b1 |
| SHA256 | 586ce2a813397fab71ac3a5cfe1f62c8a95531183fc299fd665ae190d54cb551 |
| SHA512 | 3ca61de5d8b53f250c1dbbe9346b1a955483073641ac1ca2818d4c3b7ee910b6a9a596e396f0b80ee0d0f6c7c37c9c9c7a9e0b84cf795012e995dc618514447d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | dd382e561ed4cbfdea44bad6c5e58736 |
| SHA1 | 52799646e8e48b2503732607ebfacc0e04423974 |
| SHA256 | 430bff089fc2c584a641a12023443115a121e2844fea85bc27f030e7cd77f548 |
| SHA512 | d71ff3ec689fd0ae066a8ba88559deb2fe6ae619574ea1e82bf19bf3218fb9559348d19f685f74d9053aed32506861b196973f01b7e4345502f2815da3ffcd32 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1a239cd6575d718a555db9362145a187 |
| SHA1 | 7a0ee079ab69fed766db9498360c9d954477b319 |
| SHA256 | 48bd6996871cca0a9664a21af022ff142be69bf42cde90c66a6d10742494654c |
| SHA512 | 9bd376a12d59d9bfdf4f17cd4c280d9eb16f8ed494e7e4b56109c40f007d9b6ddb12c22def382c505d8d0562d97a636d0a58e9cb109e76eb4c0b43d9228d28eb |
C:\Users\Admin\AppData\Roaming\discord\tray.png
| MD5 | 08e3872ede2967f3ccf2c4a3eee511c9 |
| SHA1 | aa604f49406d8617c03e306a889931813f4b479c |
| SHA256 | a44bbb3d84b73c628714f3ff805e94fd524943963c1740d4b59b53f422ffbea8 |
| SHA512 | fc0e14c8ada9ef43421a7e69d98887c06e01e1ed9f117902c06b4609ede02709de40de08b5f3f583a29fff45a80fa075e51680d2960088d13e4c236c379b9585 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 26047519f613a3fb4fab390d39b01d09 |
| SHA1 | ee37cba7f09d233cc1b6b965f02b42a94f612a84 |
| SHA256 | b5258c5bd5fe7aa53f270f57edc200d7adb9b7eda43431bcd45ac3580d1fec9d |
| SHA512 | 1075701ec94277e0126d1ad174f4d878b26cf02e2a7d28a478458f8a28cc7d020a2f8b0e94bf0e8527564b6fe936324a031c5f326a0dd557d1cfe44c502b50d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f9ebf425f0fc994a7d6a968030b1bd6d |
| SHA1 | 140d5b0210f623ab7d980bcddbe034cbb27bacc9 |
| SHA256 | 245df6a5a7edbf005286b498cc1e3c158cc0ce17cdd1b012665d49be079a10c8 |
| SHA512 | 4f1e37f3d767eb10aea0336cdb354be729ecea8c0f0a3731f274fb8d4f95e4843e6ffb837208fe9100cba6270873d6c0806ff3e1859e8df8cabc2269da6d5fc2 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | ce66bf10e53da7b242d9dc26d95d3d7e |
| SHA1 | ed0534159241934b44ab53bf40b41dd391c5c138 |
| SHA256 | 3feb84eeb189d61c25887e6baed49b9fcf2308c323998ea1f9a558e723f75b2d |
| SHA512 | 704e5c6c848e489f781ea838a0c229025239321d20f4eacd2a394fb7242658e075c4f2e57b1816db25be34775de64e2466d67677d31f7fe7b9ea29f583ea597b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 18129eb918288cbec18e0d50323805e8 |
| SHA1 | e191580236e9bf70d4aaca24fe655a9cec5c1870 |
| SHA256 | 9fb8bc44a6aa1ed2425aef4749879efd207c5d78eba918b9f0dab31a532b5e01 |
| SHA512 | f2f93de6d513ddb0dee4308235289282af49344187cff2df0d7515849cec0a1166e4d05464385e11d86892af9f8331890cee9fe02ee794dcf12e680b5924b9e0 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 6ab85511086d557b41e114b081e2f5ef |
| SHA1 | 78424d3cd0c81ef2087137792a8a9b066fdb2890 |
| SHA256 | 1b140a732ec68c3d42d1eb30cd8eb1316ab169060f37cf158eb6662b09481009 |
| SHA512 | 236efa1f65d39c92dd19bb3246d46af77b981d3427373020353126a3ccff875c46222e4bb9696df7b65fddd11dd831fb25d1a0651373f583ce18e16332b23e1a |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_00002d
| MD5 | 3b0d96ed8113994f3d139088726cfecd |
| SHA1 | 1311abcea5f1922c31ea021c4b681b94aee18b23 |
| SHA256 | 313818d6b177a70fbe715a5142d6221ac1a1851eff5a9f6df505670ddcd73074 |
| SHA512 | 3d78c250029069e1850b1e302a6d8a5154f6e7bc5cd58f449b8824ccf418e80dba2d5569a9cff72f51ccc9de140dc91148f93ec4717f4a880e2ba94898fbdb24 |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | e99cbebdff2399beb7a601f81fddb8fe |
| SHA1 | a3d6541b6cffefa7d7e665d7304ca496ae9e5351 |
| SHA256 | f858d56f449f83d57519392a050e0dcd6ab12acaa89ad14022e0741f7e67683c |
| SHA512 | 09d39db051d7f64ec4f7cf3158d8dc472d4165899673f4e9564627c9f3572d58088ed8639e1a31c873c8449d770f1bd8a09d1f4152130faa6a44a60e92425df0 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 178c81744af19384e3b6f7e09b05dd07 |
| SHA1 | 0bf8b8164c3d56c287afb5b8011b81a309dc6471 |
| SHA256 | 3b27169cb6396dbef77cd3a051d489293910ca9b12035b51092340d118ceae45 |
| SHA512 | 6dda6b52540b056d61b3fd487e67d6099b5811288041d8a601d1ee951ca6d8db39214349403c46d98059f25e599203a0f84d71c1cd5cf3b280bf38f29a332ecf |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 330997a7601ea6129ddc491ddb44ce04 |
| SHA1 | e916489e43be08c24d0c1c49d710adeef14e3bb6 |
| SHA256 | 795215c038f8610a633652fb32be297d27151772d8939b1c40bd85dfcdf5e144 |
| SHA512 | c36bf692e8210db87f9528b54c6248b1f6a9c6743034821b806248d3d74be06880e357dd5037c29eb21b09f628876b797ba02631036f0623f73b3d5bb7c7ade4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 035e3812243a7ae93da50ea94b1dfba9 |
| SHA1 | 18b80342956043a62145e39cd37e43787c6fea67 |
| SHA256 | b79880de95ed11a5053230b7e5496bf3e5dc951b17b415cfeb539c36a569f0cc |
| SHA512 | df0856c45e379652736dd23dd5faa82ccca1f49239f7517f6988d47120af83d4d354ea06b512b1636118d7f722a3664d50e8a466b1c356f9c1ad6e8bb037e523 |
C:\Users\Admin\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index
| MD5 | a175eff97ea823975979965bc663487a |
| SHA1 | 3a888f68d051de0fb2ae8d533558111f3776b2b8 |
| SHA256 | db3d2529e2154c086016b8c2ae94d329cccd8aefe0cf133dd830393ed7a80e04 |
| SHA512 | e17b2b11d8d130fb4f6b4b0fa03d71f4aa4a8137855669f3c2dd8c4e40152943ab0361ff48f4ba41b367d8f67a43160c4a2922516090de29396a6ddfca5851b0 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 584e89e4f1e1e7bbde09c607770bf335 |
| SHA1 | b46fb0558cd54ba5c3a80e2482b1c22f87de2ed7 |
| SHA256 | d5c0f3fc687cbe4b14c8d21fa01c8b198a16248dfbfaecd3b128f31ece418ab5 |
| SHA512 | aa4248896b6ffa6f23a270cdff9fbfab980220764567e66f7fb771519b6b558d6bcdc92b6fd0fade58281ddc447432f8904aa69e127dae3ebad61e1745393163 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0a290492bdc9d05de9a82d3e6baa2ee2 |
| SHA1 | 13466259c1c16f246460421082c71dbbee1f8925 |
| SHA256 | 1337d68d4210068583a21fbcc18a732f912ab1dc6c1a51dce48378515ee2af06 |
| SHA512 | 75ead50151cd04960e03bef2944ca4879e6b317acd7881236dc953a7352dfac17553d06eda491dfd16d70ae4a820545ef96e60c967faceb5c318286dcd4c2e1c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 899acb46e036a5a72cd4a7ba4286dfe7 |
| SHA1 | 83ade522a708e8d5f491d37fdd1e4f688d468ac3 |
| SHA256 | ba754265908de696d3b0d4563fdb46f42098f0752725213fce5e3d311250191a |
| SHA512 | 1dd781985700e26571432337bbf96ff72e9c7dc91a62df736a4f1cff526c2e77aa5bdaaeb515971c0d8d195a9c349d60ab93840a48efa38e6193c91d401417b3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6a9bfd9a63cdb1954aa6865a46c8befc |
| SHA1 | 3b78f49cdabbbfc5323e0d937588cec498811539 |
| SHA256 | cb8d96c14e396c723919b0f9e26f73496adc8f40078b64af7ed9e7f734b80664 |
| SHA512 | be4015bd06c1246ca93e4f050145ef7643fabaf641c9773a6b5cc6bc7a9dfb2ad03a1e01a6a4096d8b9929c2d149284f7cd4533bc262db24515ecc37b9cf778f |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 0e6620673f1edfeaa72b3ac1a5dd6cf8 |
| SHA1 | 9932cec502478574d8fac3a4e81ff032262b6271 |
| SHA256 | 9f32f4f0f9db9af75102dffa815af004da6a685421122d3f7699cc5ae14272a0 |
| SHA512 | 7e281de40dc2ed9d1c6dc89d711e387b45a3b576aef3100e7c48e1eea965ec72c6c17ed247d4c5ed520df7ae2ebbd61a1b7508a47967d9f3821373faf0811abb |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 99fe9ae0873f341f86052636f00a2da3 |
| SHA1 | 930d0834be195ec4ce6643fddb2d5ae63558c2f4 |
| SHA256 | f26d7855e8e370880adbe20756fccdb75a10b1f2f2d50cb0e2653a041b64ad6e |
| SHA512 | 6a84f6e8bed0e1b222d27e216840854131e960a89e273b3ede6f1c047ec57acd90376656ebb3465c2530ae74a0e2fd1316432b04f2a750066e35143c6efcd0ee |
C:\Users\Admin\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index
| MD5 | d31b24d00bffab02aec6a49cadd7df53 |
| SHA1 | a8eba4ff866f1b8fa2197361bb772a082f3cee4d |
| SHA256 | 70b326ba5f9343839f1bec787e59c01ff1719d59b2742a854cb3c55f51053e29 |
| SHA512 | 9939ffc7392ec532311aa0a002f8f2afa242152b5afb2a2aa28ac97676d9f9f0dda6b58d9c77b07e1abd032c440a525ae04fa0c28c225a7266962de30120e2e1 |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | 89643fd7f0945349ba00c4402cda848a |
| SHA1 | 9cd9990df8042266c51efe0a949d69a54010d954 |
| SHA256 | c67ace51e08cdf191e683df56cbb439c94a2654cb09e57135e5fca2c109026ac |
| SHA512 | 3c37b9d5bc4c214617c9b9dc62fe450fe1a5842c0980ea9c8486948c7d6bb421341fbd3e67ec671a9caeb1a1aca2d338a81684b969bffa859e035c29577b28b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b7558d2489f7825afda2a425a76de1e0 |
| SHA1 | db07574593da0e142f9e45703623aacfe78dcd01 |
| SHA256 | 04f39f2c6e99f27cd58cdeccdeb3138656c539ec83927a553ec28908c76a4bcb |
| SHA512 | 72d6812f9e56c29c9682a987e0ee0830076e15a5375a2770ef64e960a6c93816fd283ce70674d326d5ad9474b9c13eedefc776a272ea2035beca68393a2b74a3 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 83e11d70255f021208e2e3340ce719b1 |
| SHA1 | 1efbfaee6ca8196dec6dc998dd4e59348817e306 |
| SHA256 | 85cfcf118878ab458dfe08a9cc3b86c0451739e7edc4759eb2a797a695cfeb43 |
| SHA512 | 896ce04f48ea60f50b8c839afaf3a5213861c83dd912537f10f80eaff844ea2b69c813b74c96f3bd40c21cb54d757c42ce55cef2bd7f9c29174d19fa087a65bd |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9149\modules\discord_dispatch-1\discord_dispatch\dispatch.log
| MD5 | 41db85296387c2eec89bcbe5a6105672 |
| SHA1 | 1ac1517ca95604e85af5279bbfe9c70b7506b463 |
| SHA256 | 1a3afdb8fd6d2f7d614236484174a116bef5a4b6fbdb7d39b976daf2d8b6900c |
| SHA512 | cd877ee551aa4774d97a372f8c463febaf28b91fde517d2899243da57b0a35b69cd63f79e8a24760291a611fcae06085b1013d488a19b4d3617a3102afab54b4 |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | ce8690c05f64c6eb9149121e943e8177 |
| SHA1 | b14b3f5420f0f8f6f480bed25be494f5f2380f89 |
| SHA256 | 3f0b0f2335e6828ad4b722e341a8577e6e3affc72af77c2d5cec4cd10b684254 |
| SHA512 | 689a6eb8fa3318fd3867782f5dc11fecec8f975c8e00c1c6db8e7545aa2d49837d51ed3121e08ec91df48d867b5dd4436ed38d9902bf1578c04cc444c64b344d |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 6c903225399cc5405583ffba2df7728a |
| SHA1 | 6bb0b5c89eb1cab12768c36d9556dc032cbb2fe0 |
| SHA256 | d342510d10d32b682730b2bb8db1ab1e1044052561b2703969a1e2fd74aa8b7d |
| SHA512 | 67bbe50a71c9cc0ce046ba69be4e82215124bfc1057a8d47d2b4f9bd6b57fc0464227ea141b36313cb4a250d06c64ffabee363aa5f9b37eddbd3c959426953b0 |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | dca58ae79e2123aef1426f2475166e65 |
| SHA1 | 1268802a1eaaf25bbec50c2e6af86f31c40766e8 |
| SHA256 | 76b2d04cd25b33c0cd20edcb10356e2fe51bc9f69eb06d10168ae2a32a7ce435 |
| SHA512 | da43de0fd28df34625ddc990c806cb1a92fef4e5c0ec867a645fd6c7800f4538b9bfa9268e6210487d2c60fc69afae14d93627d1e08d1b93e876eb70875ce928 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5afd8f9278f73d7a8c7f0ea15e1e1448 |
| SHA1 | dc7c61c0481837c12ab3d4b509af7e79d4a5a475 |
| SHA256 | 930c27ec92a9812149e525cafaa8ffb2e551d8ed23993e4ba4aa015948dbe574 |
| SHA512 | 64b7ba1ab010920fad2c925b7850148cc080fc5f31ee42ba70d8dd83f61e32c3be3634090500e26db82b8bd48ad906a08829df89fb1bfd1656dd492fabeea6ab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 92e407ce76db50b82bed7cade917c5bf |
| SHA1 | a96fd65258324ca79988113ac1111e1dc6530a2e |
| SHA256 | 9a542c734dd7ae198a9fdc109f0ccbb080d9a5ca55663aca59c59ab139a56f57 |
| SHA512 | ebe6fab94458b7cf99d4b2db334326e6dfec2071a45f5aa3721e46f90f1d007ca27828617a6424666402665f347ee1338d47ece8b21ca399140581f1c22791e9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9204f6ac341c199a6198d4441cc79ad5 |
| SHA1 | 7bb584bd338f93fe9601dba25289649026a2d14c |
| SHA256 | 6fa74e1b446d67db00e7a9a98909166eac36ce549232960611bd7a8815e3f4a6 |
| SHA512 | e85608dc636e8e88437594c0aad83e02ccd1cd53235fd044e10a2656bbb1d3ccb5dd533777453804801a46ae59a855d54f473a8a858e0747e08c9ccb247c86ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f77b4b934d7f94bb2f4d19f1501b3192 |
| SHA1 | 264bc3783d9f6012e6ab1cd2b7464471098bbf56 |
| SHA256 | 5238b787327d5589a31dba57a9ff182340abf615cf91b76f13b131b25671d6ff |
| SHA512 | 1f570b5e2dc7344f879196ff0e2f7dd990b87bd493f9e2f2cdd8b8d074fa7f895a363f0632885a54bcbd5a40af27978932da95689ae19422de0a8f2006e92040 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 37696b64bceac8bcc90d528d2d06f422 |
| SHA1 | ccbc93355b1800093e045d2efe10140a8a7030cc |
| SHA256 | 48fd5c4b544dcf42e862a813da9052d283d4de3eabcfbc4acd6f5ae2edfcfd29 |
| SHA512 | 3c7d0be560dec8fbe33217f8044e7f5de20931e6cdf5c9a54fd241598583d350eaade05f669632b007ee0f712951b2efc627583062f3570061f25cfed6309e19 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8aa21515c5577ace555015f40e54d842 |
| SHA1 | 89a0027e6907801944d4b6b6f046ed9b9d233f9d |
| SHA256 | 4099990ffac89a69118cabb45880a34c3532996fa85a5927acdee2404caf0e20 |
| SHA512 | 0cd734c6dd2e593420e207dfc0311878bd37a4ef7d76221937b0384cdf185c822123b8a5056a3c20a3b8d5aed612110d0926542c4625f7b77c00df4e505a7822 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ca7d29b0f5b2b6882f6438ce34d52186 |
| SHA1 | ab8bdae0fc329587d22e0127591ee3c66383d284 |
| SHA256 | 2b516999141984d215ba43ee6c79cbf34d6e25ca9be7f3fbfa8ca0900a7c1739 |
| SHA512 | 3640647c75bb7133de64a9202041c0936b7ed062e798abc650ac50be52380e7e051cd07dfb55a0e65ee7677db525843f7b12ae738c91942be7614e8b3f200479 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 94190dcf391fd3e6b222531fdca5ae0a |
| SHA1 | 193da097180e81a66a97c64e92bedeb1818a1bcd |
| SHA256 | 054c89cce069edd3ec3574e7c3bb50336c730fb5c5cd33d9ac1b7d0cf071f905 |
| SHA512 | ab134a8c66d1fe23a48b69d24a33e5c05eef93aab55cc5857db56f1bafd4017b2cec5838efeb07b05b7fdb40a9eb910937edd20142020743b1f1cdfd2b55940d |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | ed1ed9c6cebeb3a8d218e0b000729854 |
| SHA1 | 49ae4b75776836d2dbda1c1d2e94fe6c20409193 |
| SHA256 | 4e39a2c13f3f38762cefcf8a6d7a53dbe8dea8200f9d5f8f49d6230af530908c |
| SHA512 | 7d2816d81678112df537903a085d0f40ee4366aec2bd5bf506ed89a33b228c886c5f279a68e27a2bb7294054300baf5ee2d316e046baead1485430fe23a3ebf1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b1b670fa99460677b0f21e9682c9a47c |
| SHA1 | c3f707634ce12eccf69c216b71e09dfafe6da123 |
| SHA256 | 180113adea3d1e639333db45d6b20d03bf50d50c05fb70af56fa26ae946f11b6 |
| SHA512 | 703b8b3817c22816b7b14b9e86c0ace2981ea19221925f195f1fd5920ebf03cf59fded859c2a107e7262d1875bca4d5466c266f3cc821611a2734c4c2a9c1434 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 67bce6fd23a13c474174b227bf9a5b9a |
| SHA1 | f6f6301a806b6d43b8e2f516b2a452cebb6b80a8 |
| SHA256 | 0aa7aab46c80b9ee351d5f4e31289a1c7e9d7dba8e49f1b0737fd1b2b7b479da |
| SHA512 | b33483a5636d4a425508157a7a0904b407ae406561eb9b27470b0c596329fc63df72e68777358de2ac50abd07f9ef4d0d04d6e44735c3b6896918455dc0554ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 4e9821819b2873db691fbe7b3d818417 |
| SHA1 | 8b2b23ea38264b44d7861a8ff76a83b422903509 |
| SHA256 | 32964d71abca0ced5eec1b1178acd905a5543bb17ecf4b49252ffdf2df8660a4 |
| SHA512 | 8b795092b3818d8ba4987822e5afd9ca48ef962d5d4e5d1f2d9ef9e4870ba1a8fc0cd219840ed9b0ec00d5b277a2985f27b1a8dc32c3e0405d9e4cb5ce23fa53 |