Analysis Overview
Threat Level: Likely benign
The file https://ouo.io/CMJmOxA was found to be: Likely benign.
Malicious Activity Summary
Drops file in Windows directory
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 09:20
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 09:20
Reported
2024-06-13 09:26
Platform
win10-20240611-en
Max time kernel
300s
Max time network
303s
Command Line
Signatures
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133627440817665621" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://ouo.io/CMJmOxA
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffdb89b9758,0x7ffdb89b9768,0x7ffdb89b9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1536 --field-trial-handle=1788,i,7638595895868795556,6790465098169611585,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1816 --field-trial-handle=1788,i,7638595895868795556,6790465098169611585,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2104 --field-trial-handle=1788,i,7638595895868795556,6790465098169611585,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2820 --field-trial-handle=1788,i,7638595895868795556,6790465098169611585,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2968 --field-trial-handle=1788,i,7638595895868795556,6790465098169611585,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4896 --field-trial-handle=1788,i,7638595895868795556,6790465098169611585,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4912 --field-trial-handle=1788,i,7638595895868795556,6790465098169611585,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5096 --field-trial-handle=1788,i,7638595895868795556,6790465098169611585,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4664 --field-trial-handle=1788,i,7638595895868795556,6790465098169611585,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5380 --field-trial-handle=1788,i,7638595895868795556,6790465098169611585,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=6024 --field-trial-handle=1788,i,7638595895868795556,6790465098169611585,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2992 --field-trial-handle=1788,i,7638595895868795556,6790465098169611585,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5520 --field-trial-handle=1788,i,7638595895868795556,6790465098169611585,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5960 --field-trial-handle=1788,i,7638595895868795556,6790465098169611585,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5612 --field-trial-handle=1788,i,7638595895868795556,6790465098169611585,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5112 --field-trial-handle=1788,i,7638595895868795556,6790465098169611585,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2804 --field-trial-handle=1788,i,7638595895868795556,6790465098169611585,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5168 --field-trial-handle=1788,i,7638595895868795556,6790465098169611585,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5700 --field-trial-handle=1788,i,7638595895868795556,6790465098169611585,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2544 --field-trial-handle=1788,i,7638595895868795556,6790465098169611585,131072 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | ouo.io | udp |
| US | 104.22.23.162:443 | ouo.io | tcp |
| US | 104.22.23.162:443 | ouo.io | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 23.63.101.153:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | c.adsco.re | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | platform.bidgear.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 104.17.166.186:443 | c.adsco.re | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 172.67.74.36:443 | platform.bidgear.com | tcp |
| US | 8.8.8.8:53 | 162.23.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.101.63.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.166.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.74.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | adsco.re | udp |
| US | 8.8.8.8:53 | cuplikenominee.com | udp |
| US | 162.252.214.5:443 | adsco.re | tcp |
| NL | 23.109.170.31:443 | cuplikenominee.com | tcp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.170.109.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.214.252.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.adsco.re | udp |
| US | 8.8.8.8:53 | 4.adsco.re | udp |
| US | 162.252.214.5:443 | 4.adsco.re | tcp |
| US | 104.17.166.186:443 | 6.adsco.re | tcp |
| US | 8.8.8.8:53 | 6mplsfae1cp6.l4.adsco.re | udp |
| US | 8.8.8.8:53 | 6mplsfae1cp6.n4.adsco.re | udp |
| US | 8.8.8.8:53 | 6mplsfae1cp6.s4.adsco.re | udp |
| GB | 185.200.118.51:443 | 6mplsfae1cp6.l4.adsco.re | tcp |
| US | 104.17.166.186:443 | 6.adsco.re | udp |
| US | 162.252.214.5:2087 | 4.adsco.re | tcp |
| US | 104.17.166.186:2087 | 6.adsco.re | tcp |
| US | 38.132.109.115:443 | 6mplsfae1cp6.n4.adsco.re | tcp |
| US | 38.132.109.115:443 | 6mplsfae1cp6.n4.adsco.re | tcp |
| US | 104.17.166.186:443 | 6.adsco.re | udp |
| SG | 185.200.116.51:443 | 6mplsfae1cp6.s4.adsco.re | tcp |
| US | 8.8.8.8:53 | widgets.outbrain.com | udp |
| US | 8.8.8.8:53 | imp9.bidgear.com | udp |
| US | 8.8.8.8:53 | ads.vidoomy.com | udp |
| US | 8.8.8.8:53 | adxbid.info | udp |
| SE | 23.34.233.58:443 | widgets.outbrain.com | tcp |
| SG | 185.200.116.51:443 | 6mplsfae1cp6.s4.adsco.re | tcp |
| GB | 79.127.237.161:443 | ads.vidoomy.com | tcp |
| US | 104.21.48.215:443 | adxbid.info | tcp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.118.200.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.109.132.38.in-addr.arpa | udp |
| US | 162.252.214.5:443 | 4.adsco.re | tcp |
| US | 8.8.8.8:53 | vpaid.vidoomy.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | 58.233.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.237.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.48.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.116.200.185.in-addr.arpa | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| GB | 89.187.167.4:443 | vpaid.vidoomy.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| FR | 154.54.250.80:443 | ads.stickyadstv.com | tcp |
| US | 8.8.8.8:53 | tcheck.outbrainimg.com | udp |
| SE | 23.34.233.149:443 | tcheck.outbrainimg.com | tcp |
| US | 8.8.8.8:53 | widget-pixels.outbrain.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | mv.outbrain.com | udp |
| US | 151.101.190.132:443 | mv.outbrain.com | tcp |
| US | 8.8.8.8:53 | log.outbrainimg.com | udp |
| US | 64.74.236.31:443 | log.outbrainimg.com | tcp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.167.187.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.250.54.154.in-addr.arpa | udp |
| IE | 54.220.158.112:443 | sync.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 149.233.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.190.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mcdp-chidc2.outbrain.com | udp |
| US | 64.74.236.127:443 | mcdp-chidc2.outbrain.com | tcp |
| US | 64.74.236.127:443 | mcdp-chidc2.outbrain.com | tcp |
| US | 8.8.8.8:53 | images.outbrainimg.com | udp |
| US | 8.8.8.8:53 | pixel.tapad.com | udp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| SE | 23.34.233.149:443 | images.outbrainimg.com | tcp |
| US | 8.8.8.8:53 | ad.vidoomy.com | udp |
| ES | 212.36.83.215:443 | ad.vidoomy.com | tcp |
| US | 8.8.8.8:53 | 112.158.220.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.236.74.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.113.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.236.74.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.83.36.212.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.vidoomy.com | udp |
| ES | 212.36.83.215:443 | ad.vidoomy.com | tcp |
| ES | 212.36.83.246:443 | a.vidoomy.com | tcp |
| US | 8.8.8.8:53 | vpaid.pubmatic.com | udp |
| US | 8.8.8.8:53 | vidoomy-d.openx.net | udp |
| US | 8.8.8.8:53 | vid.springserve.com | udp |
| SE | 23.34.232.193:443 | vpaid.pubmatic.com | tcp |
| US | 35.244.159.8:443 | vidoomy-d.openx.net | tcp |
| IE | 54.74.27.74:443 | vid.springserve.com | tcp |
| US | 35.244.159.8:443 | vidoomy-d.openx.net | tcp |
| IE | 54.74.27.74:443 | vid.springserve.com | tcp |
| US | 8.8.8.8:53 | 246.83.36.212.in-addr.arpa | udp |
| US | 35.244.159.8:443 | vidoomy-d.openx.net | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 193.232.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.27.74.54.in-addr.arpa | udp |
| US | 64.74.236.31:443 | log.outbrainimg.com | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| GB | 185.64.190.78:443 | image6.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | vid.pubmatic.com | udp |
| GB | 185.64.190.75:443 | vid.pubmatic.com | tcp |
| US | 8.8.8.8:53 | st.pubmatic.com | udp |
| NL | 185.64.189.221:443 | st.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 78.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | vpaid.springserve.com | udp |
| GB | 54.192.137.118:443 | vpaid.springserve.com | tcp |
| US | 8.8.8.8:53 | 118.137.192.54.in-addr.arpa | udp |
| ES | 212.36.83.215:443 | ad.vidoomy.com | tcp |
| ES | 212.36.83.215:443 | ad.vidoomy.com | tcp |
| ES | 212.36.83.215:443 | ad.vidoomy.com | tcp |
| ES | 212.36.83.215:443 | ad.vidoomy.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | vid-io-dub.springserve.com | udp |
| IE | 54.154.36.150:443 | vid-io-dub.springserve.com | tcp |
| US | 8.8.8.8:53 | 150.36.154.54.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 162.252.214.5:443 | 4.adsco.re | tcp |
| US | 162.252.214.5:443 | 4.adsco.re | tcp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | e2c54.gcp.gvt2.com | udp |
| US | 35.219.153.27:443 | e2c54.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.153.219.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.73.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b45494c095c4f68a43de9fcdca0d88a7 |
| SHA1 | 43ecb3585b61dcd1986f4aa8f5e031a874da8bcc |
| SHA256 | 022df770c949bd344b6c6327295404a6269495698df50f870b755675807ff508 |
| SHA512 | e471aaf99f02cb7a062befdc32bc8ad2aec28aaf575a034992a7887ba275669cd1036fba816163db0b827d5cf2ca2f92011f5b70d8bb32f9ed95fbf3d7ec559d |
\??\pipe\crashpad_3840_NNVCKQLDQJWKIPEW
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
| MD5 | bf2c9b4c340827cb10ac21e17f3db378 |
| SHA1 | 2203a03b53ed7ee3ef8f7a4835694a3d313becff |
| SHA256 | d66c19bcc3bae147b4606eb1cf98fdf16427865451b9b5f41ca685215abed254 |
| SHA512 | d2e87455aca2b99bb29fc5f4940a64a78ddc6da47703a02f8b46d51b4bdbd301b67532165af9d0afa48afbf1b4785b714e00bdd33f67a80a8d68250b0e4037c6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b871181f5a10e00ec12574c9b2fc6b34 |
| SHA1 | 064694fab4b6f0d1e50ae3d91e1cb4fb2f303888 |
| SHA256 | 7f955e9f65b728fede6dee597a0255c14a8b46648fc27187cc583776afcf1123 |
| SHA512 | 13a0812e7e4431fce7c3dcc9955f8e2414f893910cd5c4331dfe2b6006c4f433ccf64a3c70189a3fee1c3799ee7641bd9226ba5d1108c534bf774c210bb830a5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 7b869af08483d8bc02dba2fcf4f389fc |
| SHA1 | ad3942f0d814ca7dea6b157cd08f1c8761f3616e |
| SHA256 | 62348292f77e86543f62ed331ece067b764984e86110d1ed6091f3bccc3930e6 |
| SHA512 | c5ec21d5285c77daf4f490d36a807461fb7afdaedce1ef7922534ccb4a0ebd4c9b706855e84869b0a2b68bda6f51304d4b82fc2f711b64caa0214e77a844fce8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f
| MD5 | 99916ce0720ed460e59d3fbd24d55be2 |
| SHA1 | d6bb9106eb65e3b84bfe03d872c931fb27f5a3db |
| SHA256 | 07118bf4bbc3ba87d75cbc11ddf427219a14d518436d7f3886d75301f897edaf |
| SHA512 | 8d3d52e57806d1850b57bffee12c1a8d9e1a1edcf871b2395df5c889991a183a8d652a0636d5452068f5ef78d37e08ce10b2b2f4e05c3e3c0f2f2230310418a8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\531da33d-514e-4e49-854f-918cee95ea8f.tmp
| MD5 | 605936a55e57b898849f7797abc89352 |
| SHA1 | 2eef9d33288e47d5ea99000f45422eadec1fd3cf |
| SHA256 | a3a6616000309eb0991307f0f0b1ad018356a0878a5738877a2416bacf5b5e4b |
| SHA512 | 791f48934b6add30f8e0bef5a9d5d5c5ae946177c62759db5b6226de9c91f9b606882b48d6e34caf5ea97616178e78de57e3efc224deddcb8c4033e34bbca783 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e4f1b82a32cddc50a5ba3a505e710df0 |
| SHA1 | 4bfcd3a74e5de3046ac11f3a532845e3f4b7305b |
| SHA256 | 1d78ed5e95f1e66185be4342a97ab7d78271ebb63f08663cfafd86d9d1240de5 |
| SHA512 | 3ea0f5c41f666982ce79ffc68956de8cafe1686427c370ed4204ba70f4455bf1c8e425aad1a3a268e9f2dbe18af9cac8bc289e8cbc89bf6512e39cdda458e883 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014
| MD5 | 5117b70957d62c0c00577d965e5e7f65 |
| SHA1 | f4ae70014d4797e06697ac523d731192d3d7a313 |
| SHA256 | 90a65ee967719d6288eb675421c3f9bd5a79d374160740a148da44231d177af9 |
| SHA512 | b48d1fb2042eb6762995cdc0a90e8ef0acef9860759b1b5e0eb6a394467fc69a89eed8070e40deeca4e1c9e77946f492898d904132688f3a9f315618b58d6bca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0bbf93cc5e08811e8192c407d05711f3 |
| SHA1 | 87d115c37980d25d5bbc20d3d65105c2d84d85c9 |
| SHA256 | 59b674082a784a0902180e48920aacf43e44b143d5ef953528febefdbd6f4308 |
| SHA512 | 1fbb0cca4ab95907aa2c2eb5cdfced868cc06891edca365f1bacc76634a3fa77a6ab2992137f8f4ae1f46373ea31824aa326eac3d5f40c3c525f97ef73f293ca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | aa93e7da1eb7788dc80f40a278b8de08 |
| SHA1 | 8bd987f4a4f7dd7b45c63334d7687db44a747825 |
| SHA256 | bb472c3533601300216d965ea897aab8c9c545356265beec16eb7c95c7717043 |
| SHA512 | 6de7434622492445b2131c1e334ed5f645cf74b9b0a2cfc7ad557a92451264547ea8da47d13b995661535b3bd974d6e001efbb43ad888d010c0b45db4f1f909d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6fd09cb222793676006b9a9e727a7c83 |
| SHA1 | f98c5c895fb68ad2d35f132bc15349c3077cc1d2 |
| SHA256 | 5b369faf5811e64f1bd895953ecb1f0ff6e155936c416a49adc7c31fb7510425 |
| SHA512 | 6363e126ce1100b252b492dc2b43434b0ba2da78547b6ce2cf857fb9ed28e305c0d62336a4eddff0d8c112b96c46e66d84d8687eb249efd262bb56c1a9e02939 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 062acad10a9d7141fe2e3cdfbccab1ae |
| SHA1 | be135b7915674c9581ed44a65a7efec6eab70ada |
| SHA256 | 62f8a4ea899ff589ae65281910b60caa4754d8c5a424b8589f5d86813e8fea54 |
| SHA512 | 532ddfba5bc4b710756a87059fd63d1696c0985e7b8b21d2f16626683b720cd9df4bce2133c9327d91aac97feec5fe22ffd52f57aa4a25e4e383c9df899c9628 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe587d0b.TMP
| MD5 | 917e67f7bae1ff9742de4959176fc6b7 |
| SHA1 | 52bf89d26ab06e4178ac9eea3c78820692e2efe8 |
| SHA256 | 899f130ca870aabc441efe74f502a731d0837ea1b2d6779f0d7af28f42e9be06 |
| SHA512 | d0fb8a4c6c6e820b0ab54ee5a24ff6d9755d94c310bc514b9c4be04d461f21573f501889e1384ecbff48206a7786310371b0affc744d6986927cb1ff5c1b2b4b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0047b2c6a967b5d62b2a275d5454c571 |
| SHA1 | 212caafec1fb074e4c1296174fe05b586a6c6237 |
| SHA256 | d62d2057e86d9e342f5d3972f9be89cd174c300c78aea66c71f7ce7923925cb5 |
| SHA512 | a563f72f4d809536d3185d84b2eef57461fd4b95981d30114976af48f8ef23455461e0925a0ae69ec84fb9faa91576127ae940e0f952eb62d2f62096d56f2590 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f34ba7805ad7658cfa6412e97d50515c |
| SHA1 | 7749189f566d6663317aba53a0ed9d79d6c892c4 |
| SHA256 | 3d626692f99652867f30c003b04059ee96c323cc93c057b27851a3db68a68f9f |
| SHA512 | 55b514c707d78e01e2bd5a466a576f21b4b7e14127b59768c5a2d7a5bfcce3b720fcfb84eba1b5a0f49204d3eb0a9f9fa7158ddd6ccd63251ffbe7495f5cdd53 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 83f67bf4767b8705d542e2b14bf73656 |
| SHA1 | 3f7b0841617343f4bfa670798398b1b4ee24eab2 |
| SHA256 | a92828a56de02434f4e78f853163e0e4ca2e8a96df3ae5cbf2d54249b2dbdfca |
| SHA512 | f23a6b44bc53f2347689d24ae2c438ea28b81fba34bc91f01d149816173878f087fbc2159e5fd0911acbb0f50e617a1e8da1a1a9912b3581682f5c12296a37d2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | f11fedacf374cf1e37a5c7ee5a8f58ec |
| SHA1 | 7abcbf20ccfb558949adc24a318958ab515091e7 |
| SHA256 | aedcb02c66252d06993a1515ccc85c1de7832229ceeaf6803d675e9234d5fc8d |
| SHA512 | 27aac16cc9a22a41f27ac25df77a985b665dabe6e9ee8ac16325aa123ea07689c8fb4b7b10e5a522732d705dfc5258e5c5e9e9f776c86b8c73e412998c96f928 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1cc9a3879feed95e1336e21f2e8933e2 |
| SHA1 | 499046e619ba5d44e62a1361e8ab60fad06e5b2e |
| SHA256 | c6634847159f3d0fd5a3f2df28e2486e14b70517d36ca1e85edf50dd7c7131e3 |
| SHA512 | b3face040750b48be81f89b61699f5c7d47e81fab06546022e6a9e1c9bcf0a95896c6e4f49eb3d0de82fa1f6e4137f07cd3f0bc7d769ecd52b76b50032fc5993 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | c01d0ff552d56839a878f000daf713fd |
| SHA1 | fe28b0dbfc969d4e2e3aba873209c268a0ddf29c |
| SHA256 | 7a54e083e84c3b124e05340f8ee2213b69ad1b2fd6f88fb94c8bad463b63bb8c |
| SHA512 | bda1c1dc410363970dac6606912aff519f996d565baad5aa11185f1797b4e2e5527872a363cb7c7ed211ed24b11c7f04ff849ac3f075776e0781d36775336298 |