Malware Analysis Report

2024-10-16 06:54

Sample ID 240616-1tx4kazdnf
Target https://www.mediafire.com/file/9r13k249f79stkj/VAPE_V4_LITE_%255BZIP%255D.7z/file
Tags
discovery evasion persistence themida trojan
score
9/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
9/10

Threat Level: Likely malicious

The file https://www.mediafire.com/file/9r13k249f79stkj/VAPE_V4_LITE_%255BZIP%255D.7z/file was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion persistence themida trojan

Identifies VirtualBox via ACPI registry values (likely anti-VM)

Downloads MZ/PE file

Loads dropped DLL

Executes dropped EXE

Checks BIOS information in registry

Checks computer location settings

Registers COM server for autorun

Themida packer

Checks installed software on the system

Checks whether UAC is enabled

Suspicious use of NtSetInformationThreadHideFromDebugger

Drops file in Program Files directory

Enumerates physical storage devices

Suspicious use of SetWindowsHookEx

Suspicious use of SendNotifyMessage

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of WriteProcessMemory

Modifies registry class

Enumerates system info in registry

NTFS ADS

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of FindShellTrayWindow

Suspicious use of AdjustPrivilegeToken

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-16 21:57

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-16 21:57

Reported

2024-06-16 21:59

Platform

win10v2004-20240611-en

Max time kernel

150s

Max time network

153s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.mediafire.com/file/9r13k249f79stkj/VAPE_V4_LITE_%255BZIP%255D.7z/file

Signatures

Identifies VirtualBox via ACPI registry values (likely anti-VM)

evasion
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe N/A

Downloads MZ/PE file

Checks BIOS information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation C:\Windows\system32\cmd.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 C:\Users\Admin\Downloads\7z2406-x64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip.dll" C:\Users\Admin\Downloads\7z2406-x64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment" C:\Users\Admin\Downloads\7z2406-x64.exe N/A

Themida packer

themida
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File opened for modification C:\Program Files\7-Zip\Lang\ca.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\cs.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\sr-spl.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\7-zip.chm C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\hu.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\mng2.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\va.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\eo.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\th.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\7z.sfx C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\kab.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\ext.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\fur.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\tr.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\tt.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\ast.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\sq.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\ta.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\af.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\fi.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\ga.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\kk.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\mr.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\nb.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\zh-tw.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\bn.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\tg.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\ne.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\gl.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\en.ttt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\ka.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\mng.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\pl.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\yo.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\hi.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\fy.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\he.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\tk.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\az.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\an.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\hy.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\descript.ion C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\gu.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\id.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\sl.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\7-zip.dll C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\da.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\ja.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\si.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\sr-spc.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\7-zip32.dll C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\br.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\pa-in.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\pt-br.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\ky.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\lij.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\fa.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\es.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\fr.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\hr.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\7z.exe C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\7zFM.exe C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\7zG.exe C:\Users\Admin\Downloads\7z2406-x64.exe N/A
File opened for modification C:\Program Files\7-Zip\Lang\el.txt C:\Users\Admin\Downloads\7z2406-x64.exe N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\ = "7-Zip Shell Extension" C:\Users\Admin\Downloads\7z2406-x64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip.dll" C:\Users\Admin\Downloads\7z2406-x64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip C:\Users\Admin\Downloads\7z2406-x64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\7-Zip C:\Users\Admin\Downloads\7z2406-x64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" C:\Users\Admin\Downloads\7z2406-x64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" C:\Users\Admin\Downloads\7z2406-x64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} C:\Users\Admin\Downloads\7z2406-x64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" C:\Users\Admin\Downloads\7z2406-x64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\7-Zip C:\Users\Admin\Downloads\7z2406-x64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" C:\Users\Admin\Downloads\7z2406-x64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\7-Zip C:\Users\Admin\Downloads\7z2406-x64.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000} C:\Users\Admin\Downloads\7z2406-x64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\ = "7-Zip Shell Extension" C:\Users\Admin\Downloads\7z2406-x64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 C:\Users\Admin\Downloads\7z2406-x64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" C:\Users\Admin\Downloads\7z2406-x64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\7-Zip C:\Users\Admin\Downloads\7z2406-x64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2080292272-204036150-2159171770-1000\{25976052-54FF-42AB-9155-C37A3BDE6375} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment" C:\Users\Admin\Downloads\7z2406-x64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 C:\Users\Admin\Downloads\7z2406-x64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment" C:\Users\Admin\Downloads\7z2406-x64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip32.dll" C:\Users\Admin\Downloads\7z2406-x64.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 465387.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeRestorePrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: 35 N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\7z2406-x64.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3952 wrote to memory of 4956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 1540 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 1540 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3952 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.mediafire.com/file/9r13k249f79stkj/VAPE_V4_LITE_%255BZIP%255D.7z/file

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa9db446f8,0x7ffa9db44708,0x7ffa9db44718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2072 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2440 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2880 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4792 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2152 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5840 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6040 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6284 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6420 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6244 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7160 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6604 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7364 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7516 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7632 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7780 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8044 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8184 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6808 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9088 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=9128 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6448 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9384 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10400 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10576 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10748 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10580 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10788 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11308 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10356 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=12068 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=12068 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11108 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8988 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11140 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8988 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10572 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8980 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10900 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8892 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7200 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7096 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5608 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10644 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8940 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=11868 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=10644 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6768 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11612 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11500 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9904 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11384 /prefetch:8

C:\Users\Admin\Downloads\7z2406-x64.exe

"C:\Users\Admin\Downloads\7z2406-x64.exe"

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\7-Zip\7zFM.exe

"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\VAPE V4 LITE [ZIP].7z"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=10024 /prefetch:2

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\Vape Crack fix\fix.bat" "

C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe

"C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe"

C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe

"C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9576 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1584 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9096 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.mediafire.com udp
US 104.16.113.74:443 www.mediafire.com tcp
US 8.8.8.8:53 the.gatekeeperconsent.com udp
US 104.21.42.32:443 the.gatekeeperconsent.com tcp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 static.mediafire.com udp
US 8.8.8.8:53 privacy.gatekeeperconsent.com udp
US 8.8.8.8:53 www.ezojs.com udp
US 104.22.75.216:443 btloader.com tcp
US 8.8.8.8:53 translate.google.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 8.8.8.8:53 cdn.amplitude.com udp
US 104.21.42.32:443 privacy.gatekeeperconsent.com tcp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
FR 13.249.9.41:443 cdn.amplitude.com tcp
US 172.67.170.144:443 www.ezojs.com tcp
DE 142.250.185.142:443 translate.google.com tcp
US 8.8.8.8:53 cdn.otnolatrnup.com udp
US 104.16.53.110:443 cdn.otnolatrnup.com tcp
US 8.8.8.8:53 ad-delivery.net udp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 www.mediafiredls.com udp
US 8.8.8.8:53 g.ezoic.net udp
US 104.26.3.70:443 ad-delivery.net tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 130.211.23.194:443 api.btloader.com tcp
US 104.26.2.173:443 www.mediafiredls.com tcp
FR 15.188.219.54:443 g.ezoic.net tcp
US 8.8.8.8:53 74.113.16.104.in-addr.arpa udp
US 8.8.8.8:53 68.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 32.42.21.104.in-addr.arpa udp
US 8.8.8.8:53 232.181.250.142.in-addr.arpa udp
US 8.8.8.8:53 216.75.22.104.in-addr.arpa udp
US 8.8.8.8:53 73.79.16.104.in-addr.arpa udp
US 8.8.8.8:53 144.170.67.172.in-addr.arpa udp
US 8.8.8.8:53 41.9.249.13.in-addr.arpa udp
US 8.8.8.8:53 142.185.250.142.in-addr.arpa udp
US 8.8.8.8:53 78.206.58.216.in-addr.arpa udp
US 8.8.8.8:53 50.201.222.52.in-addr.arpa udp
US 8.8.8.8:53 70.3.26.104.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 173.2.26.104.in-addr.arpa udp
US 8.8.8.8:53 198.185.250.142.in-addr.arpa udp
US 8.8.8.8:53 110.53.16.104.in-addr.arpa udp
US 8.8.8.8:53 go.ezodn.com udp
US 130.211.23.194:443 api.btloader.com udp
US 8.8.8.8:53 translate.googleapis.com udp
US 104.21.87.79:443 go.ezodn.com tcp
US 104.21.87.79:443 go.ezodn.com tcp
US 104.21.87.79:443 go.ezodn.com tcp
DE 142.250.186.138:443 translate.googleapis.com tcp
US 8.8.8.8:53 api.amplitude.com udp
US 8.8.8.8:53 otnolatrnup.com udp
US 8.8.8.8:53 apps.identrust.com udp
US 35.162.121.194:443 api.amplitude.com tcp
NL 23.63.101.153:80 apps.identrust.com tcp
US 104.21.87.79:443 go.ezodn.com tcp
US 104.21.87.79:443 go.ezodn.com tcp
US 104.21.87.79:443 go.ezodn.com tcp
US 8.8.8.8:53 g.ezodn.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 172.67.142.121:443 g.ezodn.com tcp
BE 108.177.15.156:443 stats.g.doubleclick.net tcp
DE 142.250.185.226:443 securepubads.g.doubleclick.net tcp
BE 108.177.15.156:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 translate-pa.googleapis.com udp
US 8.8.8.8:53 bshr.ezodn.com udp
DE 142.250.185.195:443 www.google.co.uk tcp
US 216.239.34.36:443 region1.analytics.google.com tcp
US 104.21.87.79:443 bshr.ezodn.com tcp
DE 142.250.185.195:443 www.google.co.uk tcp
US 8.8.8.8:53 www.google.com udp
DE 142.250.184.228:443 www.google.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
DE 142.250.185.226:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 79.87.21.104.in-addr.arpa udp
US 8.8.8.8:53 54.219.188.15.in-addr.arpa udp
US 8.8.8.8:53 195.74.250.142.in-addr.arpa udp
US 8.8.8.8:53 138.186.250.142.in-addr.arpa udp
US 8.8.8.8:53 153.101.63.23.in-addr.arpa udp
US 8.8.8.8:53 82.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 194.121.162.35.in-addr.arpa udp
US 8.8.8.8:53 121.142.67.172.in-addr.arpa udp
US 8.8.8.8:53 226.185.250.142.in-addr.arpa udp
US 8.8.8.8:53 156.15.177.108.in-addr.arpa udp
US 8.8.8.8:53 226.184.250.142.in-addr.arpa udp
US 8.8.8.8:53 195.185.250.142.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 227.181.250.142.in-addr.arpa udp
DE 142.250.185.66:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 ad.crwdcntrl.net udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
IE 52.17.55.191:443 bcp.crwdcntrl.net tcp
FR 18.155.129.21:443 tags.crwdcntrl.net tcp
IE 34.247.240.165:443 bcp.crwdcntrl.net tcp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 228.184.250.142.in-addr.arpa udp
US 8.8.8.8:53 66.185.250.142.in-addr.arpa udp
US 8.8.8.8:53 21.129.155.18.in-addr.arpa udp
US 8.8.8.8:53 191.55.17.52.in-addr.arpa udp
US 8.8.8.8:53 165.240.247.34.in-addr.arpa udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
DE 142.250.185.142:443 fundingchoicesmessages.google.com udp
N/A 224.0.0.251:5353 udp
DE 142.250.186.138:443 translate-pa.googleapis.com udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 57.15.31.184.in-addr.arpa udp
FR 15.188.219.54:443 g.ezoic.net tcp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 8.8.8.8:53 ghb.adtelligent.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 8.8.8.8:53 prebid.smilewanted.com udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 rt.marphezis.com udp
US 8.8.8.8:53 invstatic101.creativecdn.com udp
US 8.8.8.8:53 cdn.prod.uidapi.com udp
US 8.8.8.8:53 cdn-ima.33across.com udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 script.4dex.io udp
US 8.8.8.8:53 oa.openxcdn.net udp
US 104.18.36.155:443 htlb.casalemedia.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
FR 18.244.28.8:443 hb.yellowblue.io tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
DE 51.89.9.254:443 onetag-sys.com tcp
US 178.128.135.204:443 rt.marphezis.com tcp
DE 3.78.168.176:443 tlx.3lift.com tcp
NL 145.40.97.67:443 prebid.a-mo.net tcp
US 107.151.11.18:443 ghb.adtelligent.com tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 34.96.70.87:443 invstatic101.creativecdn.com tcp
US 104.22.31.209:443 prebid.smilewanted.com tcp
US 104.22.31.209:443 prebid.smilewanted.com tcp
US 104.22.31.209:443 prebid.smilewanted.com tcp
US 104.22.31.209:443 prebid.smilewanted.com tcp
US 104.22.31.209:443 prebid.smilewanted.com tcp
FR 99.86.95.185:443 cdn.prod.uidapi.com tcp
US 151.101.65.229:443 cdn.jsdelivr.net tcp
US 172.64.152.89:443 cdn-ima.33across.com tcp
US 34.102.146.192:443 oa.openxcdn.net tcp
US 104.22.52.86:443 cdn.id5-sync.com tcp
US 104.26.9.169:443 script.4dex.io tcp
NL 178.250.1.3:443 static.criteo.net tcp
DE 216.58.206.33:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 oajs.openx.net udp
US 8.8.8.8:53 id5-sync.com udp
US 104.26.9.169:443 script.4dex.io tcp
US 8.8.8.8:53 cadmus.script.ac udp
US 34.120.107.143:443 oajs.openx.net tcp
DE 216.58.206.33:443 tpc.googlesyndication.com udp
DE 142.250.184.228:443 www.google.com udp
DE 141.95.98.64:443 id5-sync.com tcp
DE 51.89.9.254:443 onetag-sys.com udp
US 178.128.135.204:443 rt.marphezis.com tcp
US 8.8.8.8:53 ghb1.adtelligent.com udp
US 104.18.23.145:443 cadmus.script.ac tcp
GB 185.239.172.170:443 ghb1.adtelligent.com tcp
US 34.120.107.143:443 oajs.openx.net udp
DE 142.250.185.66:443 googleads.g.doubleclick.net udp
DE 142.250.185.226:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 f12a1495057c4294105de0e7ffacee46.safeframe.googlesyndication.com udp
US 8.8.8.8:53 google-bidout-d.openx.net udp
DE 172.217.18.1:443 f12a1495057c4294105de0e7ffacee46.safeframe.googlesyndication.com tcp
US 34.98.64.218:443 google-bidout-d.openx.net tcp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 8.8.8.8:53 151.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 8.28.244.18.in-addr.arpa udp
US 8.8.8.8:53 87.70.96.34.in-addr.arpa udp
US 8.8.8.8:53 67.97.40.145.in-addr.arpa udp
US 8.8.8.8:53 254.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 229.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 185.95.86.99.in-addr.arpa udp
US 8.8.8.8:53 176.168.78.3.in-addr.arpa udp
US 8.8.8.8:53 209.31.22.104.in-addr.arpa udp
US 8.8.8.8:53 89.152.64.172.in-addr.arpa udp
US 8.8.8.8:53 192.146.102.34.in-addr.arpa udp
US 8.8.8.8:53 169.9.26.104.in-addr.arpa udp
US 8.8.8.8:53 86.52.22.104.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 33.206.58.216.in-addr.arpa udp
US 8.8.8.8:53 204.135.128.178.in-addr.arpa udp
US 8.8.8.8:53 18.11.151.107.in-addr.arpa udp
US 8.8.8.8:53 226.20.18.104.in-addr.arpa udp
US 8.8.8.8:53 143.107.120.34.in-addr.arpa udp
US 8.8.8.8:53 64.98.95.141.in-addr.arpa udp
US 8.8.8.8:53 145.23.18.104.in-addr.arpa udp
US 8.8.8.8:53 170.172.239.185.in-addr.arpa udp
DE 142.250.184.228:443 www.google.com udp
US 8.8.8.8:53 gum.criteo.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 cdn.ampproject.org udp
US 8.8.8.8:53 gem.gbc.criteo.com udp
US 8.8.8.8:53 ag.gbc.criteo.com udp
US 8.8.8.8:53 dnacdn.net udp
NL 185.235.87.77:443 ag.gbc.criteo.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
DE 142.250.185.129:443 cdn.ampproject.org tcp
DE 142.250.185.129:443 cdn.ampproject.org tcp
DE 142.250.185.129:443 cdn.ampproject.org tcp
DE 142.250.185.129:443 cdn.ampproject.org tcp
DE 142.250.185.129:443 cdn.ampproject.org tcp
FR 185.235.86.184:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 74.185.250.142.in-addr.arpa udp
US 8.8.8.8:53 1.18.217.172.in-addr.arpa udp
US 8.8.8.8:53 218.64.98.34.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 77.87.235.185.in-addr.arpa udp
US 8.8.8.8:53 184.86.235.185.in-addr.arpa udp
US 8.8.8.8:53 129.185.250.142.in-addr.arpa udp
DE 216.58.206.33:443 tpc.googlesyndication.com udp
DE 142.250.185.226:443 securepubads.g.doubleclick.net udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 download2389.mediafire.com udp
US 199.91.155.130:443 download2389.mediafire.com tcp
US 199.91.155.130:443 download2389.mediafire.com tcp
US 8.8.8.8:53 130.155.91.199.in-addr.arpa udp
US 8.8.8.8:53 sys.ctrackapp.com udp
FR 52.222.201.8:443 sys.ctrackapp.com tcp
FR 52.222.201.8:443 sys.ctrackapp.com tcp
US 8.8.8.8:53 track.donecperficiam.com udp
FR 52.222.149.76:443 track.donecperficiam.com tcp
FR 52.222.149.76:443 track.donecperficiam.com tcp
US 8.8.8.8:53 go.etoro.com udp
DE 184.25.158.219:443 go.etoro.com tcp
DE 184.25.158.219:443 go.etoro.com tcp
US 8.8.8.8:53 id.a-mx.com udp
US 8.8.8.8:53 visitor.omnitagjs.com udp
US 8.8.8.8:53 ssc-cms.33across.com udp
US 8.8.8.8:53 eb2.3lift.com udp
US 8.8.8.8:53 csync.smilewanted.com udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 76.223.111.18:443 eb2.3lift.com tcp
US 8.8.8.8:53 js-sec.indexww.com udp
US 8.8.8.8:53 ads.us.e-planning.net udp
DE 79.127.216.47:443 id.a-mx.com tcp
US 8.8.8.8:53 s.console.adtarget.com.tr udp
US 67.202.105.21:443 ssc-cms.33across.com tcp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 8.8.8.8:53 id.crwdcntrl.net udp
US 8.8.8.8:53 match.adsrvr.org udp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
DE 142.132.249.185:443 s.console.adtarget.com.tr tcp
US 104.22.5.69:443 id.hadron.ad.gt tcp
NL 193.3.178.4:443 ads.us.e-planning.net tcp
US 52.223.40.198:443 match.adsrvr.org tcp
US 172.64.149.180:443 js-sec.indexww.com tcp
DE 3.75.62.37:443 ups.analytics.yahoo.com tcp
US 8.8.8.8:53 8.201.222.52.in-addr.arpa udp
US 8.8.8.8:53 76.149.222.52.in-addr.arpa udp
US 8.8.8.8:53 219.158.25.184.in-addr.arpa udp
SE 23.34.232.193:443 ads.pubmatic.com tcp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
DE 162.19.138.119:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.119:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 marketing.etorostatic.com udp
US 8.8.8.8:53 etoro-cdn.etorostatic.com udp
US 8.8.8.8:53 assets.a-mo.net udp
US 104.19.158.19:443 assets.a-mo.net tcp
DE 23.212.216.134:443 etoro-cdn.etorostatic.com tcp
DE 23.212.216.134:443 etoro-cdn.etorostatic.com tcp
DE 23.212.216.134:443 etoro-cdn.etorostatic.com tcp
DE 23.212.216.134:443 etoro-cdn.etorostatic.com tcp
DE 23.212.216.134:443 etoro-cdn.etorostatic.com tcp
DE 23.212.216.134:443 etoro-cdn.etorostatic.com tcp
DE 23.212.216.134:443 etoro-cdn.etorostatic.com tcp
DE 23.212.216.134:443 etoro-cdn.etorostatic.com tcp
DE 23.212.216.134:443 etoro-cdn.etorostatic.com tcp
DE 23.212.216.134:443 etoro-cdn.etorostatic.com tcp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 18.111.223.76.in-addr.arpa udp
US 8.8.8.8:53 153.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 47.216.127.79.in-addr.arpa udp
US 8.8.8.8:53 180.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 4.178.3.193.in-addr.arpa udp
US 8.8.8.8:53 185.249.132.142.in-addr.arpa udp
US 8.8.8.8:53 37.62.75.3.in-addr.arpa udp
US 8.8.8.8:53 198.40.223.52.in-addr.arpa udp
US 8.8.8.8:53 21.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 193.232.34.23.in-addr.arpa udp
US 8.8.8.8:53 119.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 19.158.19.104.in-addr.arpa udp
US 8.8.8.8:53 134.216.212.23.in-addr.arpa udp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 104.19.178.52:443 cdn.cookielaw.org tcp
US 104.19.178.52:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 8.8.8.8:53 sync.mathtag.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 ads.stickyadstv.com udp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 amplify.outbrain.com udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 c0.adalyser.com udp
US 8.8.8.8:53 static.hotjar.com udp
US 8.8.8.8:53 static.ads-twitter.com udp
US 8.8.8.8:53 cdn.taboola.com udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 t.adx.opera.com udp
US 216.200.232.253:443 sync.mathtag.com tcp
US 8.8.8.8:53 ssbsync-global.smartadserver.com udp
US 8.8.8.8:53 image8.pubmatic.com udp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
NL 185.89.210.141:443 ib.adnxs.com tcp
FR 154.54.250.80:443 ads.stickyadstv.com tcp
US 204.79.197.237:443 bat.bing.com tcp
IE 54.72.212.61:443 c0.adalyser.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
US 80.77.87.161:443 cs.admanmedia.com tcp
US 151.101.129.44:443 cdn.taboola.com tcp
US 151.101.188.157:443 static.ads-twitter.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
NL 89.149.193.117:443 ssbsync-global.smartadserver.com tcp
US 18.245.175.102:443 static.hotjar.com tcp
DE 18.157.153.25:443 rtb.mfadsrvr.com tcp
GB 185.64.191.214:443 image8.pubmatic.com tcp
GB 163.70.147.23:443 connect.facebook.net tcp
SE 23.34.233.58:443 amplify.outbrain.com tcp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 52.46.151.131:443 s.amazon-adsystem.com tcp
DE 142.250.184.194:443 cm.g.doubleclick.net tcp
US 8.8.8.8:53 spl.zeotap.com udp
BE 108.177.15.156:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 9944765.fls.doubleclick.net udp
US 104.22.50.98:443 spl.zeotap.com tcp
DE 142.250.185.195:443 www.google.co.uk udp
US 8.8.8.8:53 geolocation.onetrust.com udp
DE 142.250.184.198:443 9944765.fls.doubleclick.net tcp
US 172.64.155.119:443 geolocation.onetrust.com tcp
US 8.8.8.8:53 t.co udp
US 8.8.8.8:53 trc.taboola.com udp
US 8.8.8.8:53 script.hotjar.com udp
US 8.8.8.8:53 analytics.twitter.com udp
PL 93.184.221.165:443 t.co tcp
US 8.8.8.8:53 tr.outbrain.com udp
US 104.244.42.67:443 analytics.twitter.com tcp
FR 18.164.52.95:443 script.hotjar.com tcp
US 8.8.8.8:53 wave.outbrain.com udp
US 8.8.8.8:53 52.178.19.104.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 141.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 44.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 157.188.101.151.in-addr.arpa udp
US 8.8.8.8:53 80.250.54.154.in-addr.arpa udp
US 8.8.8.8:53 8.213.145.82.in-addr.arpa udp
US 8.8.8.8:53 61.212.72.54.in-addr.arpa udp
US 8.8.8.8:53 214.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 23.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 117.193.149.89.in-addr.arpa udp
US 8.8.8.8:53 102.175.245.18.in-addr.arpa udp
US 8.8.8.8:53 25.153.157.18.in-addr.arpa udp
US 8.8.8.8:53 253.232.200.216.in-addr.arpa udp
US 8.8.8.8:53 58.233.34.23.in-addr.arpa udp
US 8.8.8.8:53 161.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 194.184.250.142.in-addr.arpa udp
US 8.8.8.8:53 131.151.46.52.in-addr.arpa udp
US 8.8.8.8:53 98.50.22.104.in-addr.arpa udp
US 8.8.8.8:53 119.155.64.172.in-addr.arpa udp
US 8.8.8.8:53 198.184.250.142.in-addr.arpa udp
DE 142.250.184.194:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 x.bidswitch.net udp
US 64.74.236.159:443 tr.outbrain.com tcp
US 64.74.236.159:443 tr.outbrain.com tcp
SE 23.34.233.58:443 wave.outbrain.com tcp
SE 23.34.233.58:443 wave.outbrain.com tcp
SE 23.34.233.58:443 wave.outbrain.com tcp
SE 23.34.233.58:443 wave.outbrain.com tcp
SE 23.34.233.58:443 wave.outbrain.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
DE 142.250.184.198:443 9944765.fls.doubleclick.net udp
SE 23.34.233.58:443 wave.outbrain.com tcp
US 8.8.8.8:53 static.smilewanted.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 sync.smartadserver.com udp
FR 5.196.111.73:443 sync.smartadserver.com tcp
US 8.8.8.8:53 gum.aidemsrv.com udp
US 104.17.44.93:443 gum.aidemsrv.com tcp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
BE 104.68.78.171:443 secure-assets.rubiconproject.com tcp
US 8.8.8.8:53 cdn.indexww.com udp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 eus.rubiconproject.com udp
DE 37.252.171.52:443 secure.adnxs.com tcp
BE 104.90.26.20:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 ice.360yield.com udp
US 8.8.8.8:53 165.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 67.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 95.52.164.18.in-addr.arpa udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 159.236.74.64.in-addr.arpa udp
US 8.8.8.8:53 35.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 73.111.196.5.in-addr.arpa udp
US 8.8.8.8:53 93.44.17.104.in-addr.arpa udp
US 8.8.8.8:53 171.78.68.104.in-addr.arpa udp
US 8.8.8.8:53 52.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 20.26.90.104.in-addr.arpa udp
IE 54.216.157.131:443 ice.360yield.com tcp
US 8.8.8.8:53 u.openx.net udp
US 8.8.8.8:53 ap.lijit.com udp
IE 54.154.6.201:443 ap.lijit.com tcp
US 34.98.64.218:443 u.openx.net udp
US 8.8.8.8:53 cm.adform.net udp
US 8.8.8.8:53 us.shb-sync.com udp
US 8.2.110.33:443 us.shb-sync.com tcp
DK 37.157.2.229:443 cm.adform.net tcp
US 8.8.8.8:53 s.ad.smaato.net udp
FR 18.164.52.46:443 s.ad.smaato.net tcp
US 8.8.8.8:53 trc-events.taboola.com udp
NL 141.226.228.48:443 trc-events.taboola.com tcp
US 8.8.8.8:53 sync.a-mo.net udp
NL 145.40.97.67:443 sync.a-mo.net tcp
NL 145.40.97.67:443 sync.a-mo.net tcp
US 8.8.8.8:53 player.aniview.com udp
US 8.8.8.8:53 131.157.216.54.in-addr.arpa udp
US 8.8.8.8:53 201.6.154.54.in-addr.arpa udp
US 8.8.8.8:53 229.2.157.37.in-addr.arpa udp
US 8.8.8.8:53 33.110.2.8.in-addr.arpa udp
US 8.8.8.8:53 46.52.164.18.in-addr.arpa udp
US 8.8.8.8:53 48.228.226.141.in-addr.arpa udp
SE 184.31.15.75:443 player.aniview.com tcp
US 8.8.8.8:53 cdn.mxpnl.com udp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 35.186.235.23:443 cdn.mxpnl.com tcp
US 8.8.8.8:53 dc.services.visualstudio.com udp
US 8.8.8.8:53 privacyportal-de.onetrust.com udp
US 104.18.32.137:443 privacyportal-de.onetrust.com tcp
NL 20.50.88.238:443 dc.services.visualstudio.com tcp
US 8.8.8.8:53 dis.criteo.com udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 api-2-0.spot.im udp
US 8.8.8.8:53 creativecdn.com udp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
NL 185.184.8.90:443 creativecdn.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
FR 99.86.91.65:443 api-2-0.spot.im tcp
US 50.31.142.31:443 b1sync.zemanta.com tcp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 50.31.142.31:443 b1sync.zemanta.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
US 52.86.229.235:443 sync.srv.stackadapt.com tcp
IE 52.17.93.114:443 match.prod.bidr.io tcp
US 174.129.13.121:443 cs-server-s2s.yellowblue.io tcp
US 8.8.8.8:53 jadserve.postrelease.com udp
IE 34.250.70.143:443 jadserve.postrelease.com tcp
US 8.8.8.8:53 id.rlcdn.com udp
US 8.8.8.8:53 bttrack.com udp
US 192.132.33.69:443 bttrack.com tcp
US 35.244.174.68:443 id.rlcdn.com tcp
US 8.8.8.8:53 75.15.31.184.in-addr.arpa udp
US 8.8.8.8:53 23.235.186.35.in-addr.arpa udp
US 8.8.8.8:53 238.88.50.20.in-addr.arpa udp
US 8.8.8.8:53 137.32.18.104.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
US 8.8.8.8:53 65.91.86.99.in-addr.arpa udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 114.93.17.52.in-addr.arpa udp
US 8.8.8.8:53 235.229.86.52.in-addr.arpa udp
US 8.8.8.8:53 31.142.31.50.in-addr.arpa udp
US 8.8.8.8:53 121.13.129.174.in-addr.arpa udp
US 8.8.8.8:53 143.70.250.34.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 token.rubiconproject.com udp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
US 8.8.8.8:53 s.company-target.com udp
US 8.8.8.8:53 bh.contextweb.com udp
US 34.96.71.22:443 s.company-target.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
FR 5.196.111.73:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 sync.adotmob.com udp
FR 45.137.176.88:443 sync.adotmob.com tcp
FR 5.196.111.73:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 match.sharethrough.com udp
FR 5.196.111.73:443 rtb-csync.smartadserver.com tcp
DE 18.196.133.194:443 match.sharethrough.com tcp
US 8.8.8.8:53 id.rtb.mx udp
US 8.8.8.8:53 ow.pubmatic.com udp
GB 185.64.190.84:443 ow.pubmatic.com tcp
NL 79.127.227.46:443 id.rtb.mx tcp
US 8.8.8.8:53 sync.aniview.com udp
US 96.46.186.182:443 sync.aniview.com tcp
US 8.8.8.8:53 69.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 149.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 22.71.96.34.in-addr.arpa udp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
US 8.8.8.8:53 88.176.137.45.in-addr.arpa udp
US 8.8.8.8:53 194.133.196.18.in-addr.arpa udp
US 8.8.8.8:53 84.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 46.227.127.79.in-addr.arpa udp
US 8.8.8.8:53 182.186.46.96.in-addr.arpa udp
US 8.8.8.8:53 sync.search.spotxchange.com udp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 8.8.8.8:53 91.90.14.23.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
NL 23.62.61.97:443 www.bing.com tcp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
NL 23.62.61.194:443 th.bing.com tcp
NL 23.62.61.194:443 th.bing.com tcp
NL 23.62.61.97:443 th.bing.com tcp
NL 23.62.61.97:443 th.bing.com tcp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 bing.com udp
US 204.79.197.200:443 bing.com tcp
US 8.8.8.8:53 194.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 login.microsoftonline.com udp
NL 40.126.32.74:443 login.microsoftonline.com tcp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 74.32.126.40.in-addr.arpa udp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
US 8.8.8.8:53 ghb2.adtelligent.com udp
GB 185.83.69.58:443 ghb2.adtelligent.com tcp
US 8.8.8.8:53 76.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
US 107.151.11.18:443 ghb2.adtelligent.com tcp
GB 185.239.172.170:443 ghb2.adtelligent.com tcp
US 8.8.8.8:53 www.7-zip.org udp
DE 49.12.202.237:443 www.7-zip.org tcp
DE 49.12.202.237:443 www.7-zip.org tcp
US 8.8.8.8:53 167.154.64.172.in-addr.arpa udp
US 8.8.8.8:53 237.202.12.49.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 185.199.109.133:443 objects.githubusercontent.com tcp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 133.109.199.185.in-addr.arpa udp
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp
N/A 127.0.0.1:52776 tcp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
NL 23.62.61.194:443 r.bing.com tcp
US 8.8.8.8:53 www.youtube.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 56067634f68231081c4bd5bdbfcc202f
SHA1 5582776da6ffc75bb0973840fc3d15598bc09eb1
SHA256 8c08b0cbceb301c8f960aa674c6e7f6dbf40b4a1c2684e6fb0456ec5ff0e56b4
SHA512 c4657393e0b9ec682570d7e251644a858d33e056ccd0f3eebffd0fde25244b3a699b8d9244bcdac00d6f74b49833629b270e099c2b557f729a9066922583f784

\??\pipe\LOCAL\crashpad_3952_SDUXMHWAKNHLZMRY

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 81e892ca5c5683efdf9135fe0f2adb15
SHA1 39159b30226d98a465ece1da28dc87088b20ecad
SHA256 830f394548cff6eed3608476190a7ee7d65fe651adc638c5b27ce58639a91e17
SHA512 c943f4cfe8615ac159cfac13c10b67e6c0c9093851dd3ac6dda3b82e195d3554e3c37962010a2d0ae5074828d376402624f0dda5499c9997e962e4cfd26444c0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0350b79082cd9be9a925e5dae6c08747
SHA1 7e75a090aaf2686cf0e347b866a7645c6f5b4abe
SHA256 8961ec9dce64934bef4e615f31d9a7525b473cc6ce72d5cba512cfd0ed58b45a
SHA512 a492f6c3b5c64242c272eec9b1db94c9a6073d3f55714c555e46bba6c707c2c4bdc76ea0eae995dd127cdcfb578f400299a57df169cc1f9a464768b9c2b8ee8c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 8c90616f70d98455c7745575283309a7
SHA1 85c226830035be137fb8c2d5c57a2a4aa6d94785
SHA256 7c71f726f5e98ac99bbf47aebe5047076db905e9c1498877ab53f08ecc95d6c7
SHA512 3cac714de927fa5f5b7efb2ee9bd0f8f43719ae293980aba2faf3e68ca870f2dc286e000ca458fee59e46a67afaaaf9cefff5fca30e0ff243e3448e1be4f74fc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 63bc9d3b88012f73a712f7ff591017d6
SHA1 324a3a38b496a32611af160f593730090a9d7f2c
SHA256 0d5d536450135c28058a0a5c86eed1d1c8701fa6873ff68ffb4b406f9a4d5cfd
SHA512 59b7f52b8f8704b48b3d32c73402a32459d66ac522351ea8f29c811dc8cdb135c495a2810ce8f851df47b14fbcd751529ce88a268cda8007f7012144c11ccc49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 18dba21ecc7d649880255609f26eb684
SHA1 0bb0b419b3367c8601c3d4ef1cfa3347ba6e92b0
SHA256 e27d9caa29810cffebdf8eee47dfa16cb1535c22e8c1611c408ca9e4cfb141f3
SHA512 cda7a5560aa85c3aaae8a5e370ddcdd3b530ed281e3731d0307ca4c7a19629535aab1cd1ec12c25918c208b43f11e6cc9667ccb3cb2187c4ff19ed7b11a75e29

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d2693ce2a822b7a41755adc9ef40738c
SHA1 c84625a3e88ccb857ab8996645c4ed2b5421471d
SHA256 8ae3463f2138074ec613d2c3e7ca2c0eb53902d8679831f4f17c8bd5bf951cbc
SHA512 2c43494fc1aacda35a71addda9ee97d4dc239979f36bcf882d4ee60b65d05aeb1c2c1964fdc8852c7524ee042e9cd0f3c2c16b2d22e437bd061fbff456b254cf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 44ad2f74e4e27cc3797eb76f9f3f2cb0
SHA1 29b45da99ebac81b689f208b091b1e08bf7b0273
SHA256 062bce07e576d4f94b98c6bddd9305339ef20516c0c9b4421a6bef2f5ba12243
SHA512 12805fed3de34c29573acd8445ee0a8021c25140a4f2b9e3a9f1cbbb50602c1e4f31b4e31afb63abd28968b48fb290236c54f06ec077c8fcd56b4df6438b5cf5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58439c.TMP

MD5 61c65f406fa11442c7ff30a643cc3bc9
SHA1 f776f97e8507bcf17c2f14494c47f123f4d012e7
SHA256 2781fb3031066d2cfd85aab9b2e09efad3765c41e4b624f9b40e662a23c4930e
SHA512 4e3b59ed13fb3d8773746aa557f65d8dc0152fd381e466711f49cd73a5e347b91a6f53ad3c8388c2c398c139dbb47e27971f69c2eccdebced5a123ad3fe9d308

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

MD5 99916ce0720ed460e59d3fbd24d55be2
SHA1 d6bb9106eb65e3b84bfe03d872c931fb27f5a3db
SHA256 07118bf4bbc3ba87d75cbc11ddf427219a14d518436d7f3886d75301f897edaf
SHA512 8d3d52e57806d1850b57bffee12c1a8d9e1a1edcf871b2395df5c889991a183a8d652a0636d5452068f5ef78d37e08ce10b2b2f4e05c3e3c0f2f2230310418a8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 00a0ce6bc943f4313aca051c24b50388
SHA1 cad12055a592d99d0e13a1193d0f60d87fb64fad
SHA256 b2812c03040fc8d24ebee770ae1400a1eeba45aedd305bc347146477c635f5f1
SHA512 a4dc9d228833ae054a1c6022e4a73a867a43919f027f07ad9fdb1ea0f6ddf909fce02d779384beaf1ff3aa967c7ba5ffc415235efe5dc94ce0a9ed88aa6ccc74

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\fb3271c5-32e9-4782-94cc-031c6ceae93c.tmp

MD5 193a88f782c59bddda4fc193ae26a171
SHA1 0cbd9bfd941ae43a34a52414a4c033eb625051e0
SHA256 da3f2f18902750509a48b273dc7b127602cf6fe7eb36f9fe4ac6d457a7a1bee8
SHA512 93c26d01c02f9a9cfe3b823c3721739f8d1cbb42c1041b2ea78693acdfe40dad8aa831644dc2b55631da867ba43ff2cb264705f04cc45ea01be650ffc6533ae6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4cb43b10792fea37d8c97a397c293a48
SHA1 7b07bd25925a1961f8f69c7b3ada7aac414e40f5
SHA256 cff8c90871f33e1cf34964a48f049fc3b91e501099c5c0a6f402aeb8c1014f4d
SHA512 cacede7fe1aec9e0a8371bf8c3129a82ce9af5f4422d80ed4be94bdaf117d02a835a98d0a96c9cb26ed3b553371d97ebef2933dad648732d65252444060b0f90

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 0454686832cccb23927d8e206791d39f
SHA1 14e9bbf05df5373c777ec299eedb4b71c68e7368
SHA256 34b7b4e8e7b053e6f57905646ef4444f44aa347757ebc1036ae1a55c30dfd897
SHA512 4d8719c2589c4a8291d157a7dba8fe3c009f309a0ea9b4dc0e9dfde3224ebc8baed29f046ec469e63ebefd597d9c2e3e76761b2b9d6bdd3b3bebc7f31e769daf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e7a7d4aceb4f7883593d42a5c4b1b5c2
SHA1 1f338e7f2205a2a23720ab4c063afa464d1459b2
SHA256 5434ac89573b99ae184a96a2ec54e032d9d3221b00727efd6c8c864254d0615d
SHA512 4d6de878725778a13c42c4d6ab977258d641c8d66f00fe3f0d2344cc44803f98570266147b03c63c92cd34429dbe41a9cf967981769c9f769da171f55acc22bb

C:\Users\Admin\Downloads\Unconfirmed 465387.crdownload

MD5 d8af785ca5752bae36e8af5a2f912d81
SHA1 54da15671ad8a765f3213912cba8ebd8dac1f254
SHA256 6220bbe6c26d87fc343e0ffa4e20ccfafeca7dab2742e41963c40b56fb884807
SHA512 b635b449f49aac29234f677e662be35f72a059401ea0786d956485d07134f9dd10ed284338503f08ff7aad16833cf034eb955ca34e1faf35a8177ccad1f20c75

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 79a71e3f5741e7d67349043a8c1bdbb5
SHA1 55e7b29c772ba660db8aec0b5bc10993997fbf29
SHA256 9972272343d6d62ba3a75823d71d5aa8af6ffa08ed40aca44091a72f985c0dc3
SHA512 5cc36f849bd0f1a6ba50a1015a3ecbf2fae300cc0ded0aa2b3ffcdb49d23f54ee99bfa353030be434a0dad30123bdfd658c1fca5f6d038db52f0d9f3419be2e0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1019df54d7efb3f6e1f338f13856057d
SHA1 203cc2159946fdb1e2fd02da79886f2593eb62aa
SHA256 b478d8d9c906c95dd1b4a697abeb30e45513a844576d189af7bac1769ee8b8f9
SHA512 247e52f4eeeffef7deb5782cf4ad997988b530558ee411f4b3759e7d90d441f8574596caf9d28da182b446de3c05d3761b94c8efc3864c2d1ed82c4818187208

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3945da9dca64a7dd3320fd9574187549
SHA1 64ee3c74d20dccf5d00b902a7350ad76128ea9e2
SHA256 c6b72c29ba85ce0dc5c9c9627968c6ce28640a4d047118485409fa32ea0d0638
SHA512 ec0cba51bebf1037b5f0e3054e3554d7fed5cd70dd834f503da2bc9ed113088cc51f8e1d45afcc7fbe001f4bba7040c4d291e785b73e701f8f078e9d7f36a9d9

C:\Program Files\7-Zip\7-zip.dll

MD5 7ec019d8445f4dcdb91a380c9d592957
SHA1 15fd8375e2e282a90d3df14041272e5ac29e7c93
SHA256 1cc179f097ee439bb35a582059cbc727d9cea0d5c43dfaa57f9f03050cfaea03
SHA512 d71a79091fcc6a96c24d95662a18cc24145b9531145ef0bcb4e882c12f5bb5ca6c7a9b9e50024c9c0bf4cb6bf40dca7627cecbfddd637142d04a194e1956ae9b

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\cryptography-36.0.2.dist-info\INSTALLER

MD5 365c9bfeb7d89244f2ce01c1de44cb85
SHA1 d7a03141d5d6b1e88b6b59ef08b6681df212c599
SHA256 ceebae7b8927a3227e5303cf5e0f1f7b34bb542ad7250ac03fbcde36ec2f1508
SHA512 d220d322a4053d84130567d626a9f7bb2fb8f0b854da1621f001826dc61b0ed6d3f91793627e6f0ac2ac27aea2b986b6a7a63427f05fe004d8a2adfbdadc13c1

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Africa\Asmera

MD5 86dcc322e421bc8bdd14925e9d61cd6c
SHA1 289d1fb5a419107bc1d23a84a9e06ad3f9ee8403
SHA256 c89b2e253a8926a6cecf7eff34e4bfcdb7fe24daff22d84718c30deec0ea4968
SHA512 d32771be8629fb3186723c8971f06c3803d31389438b29bf6baa958b3f9db9a38971019583ba272c7a8f5eb4a633dfc467bfcb6f76faa8e290bad4fd7366bb2b

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Africa\Bamako

MD5 09a9397080948b96d97819d636775e33
SHA1 5cc9b028b5bd2222200e20091a18868ea62c4f18
SHA256 d2efac4e5f23d88c95d72c1db42807170f52f43dd98a205af5a92a91b9f2d997
SHA512 2eccf2515599ed261e96da3fbcfbab0b6a2dfc86a1d87e3814091709f0bfe2f600c3044c8555ed027978a8ae9045666ee639a8c249f48d665d8e5c60f0597799

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Africa\Douala

MD5 8244c4cc8508425b6612fa24df71e603
SHA1 30ba925b4670235915dddfa1dd824dd9d7295eac
SHA256 cffeb0282ccbd7fba0e493ff8677a1e5a6dd5197885042e437f95a773f844846
SHA512 560c7581dcb2c800eae779005e41406beaf15d24efc763304e3111b9bb6074fe0ba59c48b5a2c5511245551b94418bbc35934d9bd46313fcc6e383323056668c

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Africa\Gaborone

MD5 b77fb20b4917d76b65c3450a7117023c
SHA1 b99f3115100292d9884a22ed9aef9a9c43b31ccd
SHA256 93f19e9551d58868ae5820752d2c93a486124c364463dc9c9489d0458f8bc682
SHA512 a088c2a4c7d72717257c3125c7c2aca28463d68306ea452afaad75b8a0f9e5730a8d9c430d14668809717a672dc63c4816762acb046b339da662da421a6d65df

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Africa\Mbabane

MD5 049a2b9b24bbd0cfad59a06f8e813e13
SHA1 65c0d4ab314cb72b8d8c768e3d0c3218848b61f1
SHA256 6c1bcc752668e77585a308ae8543bd0bccd8e813865626e809bf94f3fe3d977e
SHA512 fc9b86e23d12a6d013d98b8be6146317d9267732d87560fd175758c12e4606da662474bbd801ec14dc99213552d5ba00053952d6529fa34712fa0819ad0364bd

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\America\Aruba

MD5 adf95d436701b9774205f9315ec6e4a4
SHA1 fcf8be5296496a5dd3a7a97ed331b0bb5c861450
SHA256 8491e557ff801a8306516b8ca5946ff5f2e6821af31477eb47d7d191cc5a6497
SHA512 f8fceff3c346224d693315af1ab12433eb046415200abaa6cdd65fd0ad40673fdddf67b83563d351e4aa520565881a4226fb37d578d3ba88a135e596ebb9b348

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\America\Catamarca

MD5 1342337c1ba29a36342c5f9f8df09898
SHA1 ac9a4e79fe5a861447c23d68cccb35762d5f3aa4
SHA256 7621f57fdea46db63eee0258427482347b379fd7701c9a94852746371d4bec8d
SHA512 aad5259d1b7b2b7b88c43d43e42936ed7227cc232614be13565c830105497f97f23711ae042d77d1ea3393e9423f3683cbb2163675160722242e7aca667bb8bf

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\America\Coral_Harbour

MD5 0972a9c4c28bf71eeab5f0bac573cdbc
SHA1 a94fbc2d567e41723f03629b6c9a864260108a17
SHA256 91ac80fe976931c490d058c8ce8b5d71ffa6d4961f6ca13ea9c153f0b0bccea0
SHA512 ece548f7d840a588523aacddc93891e0dd300390f79de063e60074e00a92ae33a8201642b841ff868387f1ac2188c485cce941d83c7a3617d27ac286dbcc0c17

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\America\Indianapolis

MD5 d006fe381417eb507316edde462e5679
SHA1 bbbc8e6ed142fd6ed7c4c648932e9765decbc302
SHA256 1ab36e6f5ff7526e5087aef03b1e7cfd3100cf87f001e025936025313540fec2
SHA512 72a8972a3b498ee61a6b67f5dd539b593961fd11d7ffe66b99c772dfa378d514cbad0746657d512f4ebd2edcf9403c651229d07bcfd630a61fe1ed674cb2197c

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\America\Rosario

MD5 6b5ab25d6c67149b565e4b62ea6d07bd
SHA1 04f2815d23c3c63ac6bd204a2935f18366c8d182
SHA256 d57a883fc428d9b3d1efdd3d86b008faa02db726e6c045b89acec58d903961fc
SHA512 521820194f3e1a7dce73498ec37937214b8a168c414c4a4e0e0d77853efe928fa86d4eca30aabf438a3a910bd0e20dd3c46461cb7eb7d0f4704e8d452165d63a

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\America\Tijuana

MD5 f62f2b82ca05aafdbf7df7dca812df80
SHA1 039fb0c1f7175007ba07175b37a32878ac96968f
SHA256 3871edbf2dc9ef4cfac2f2811e03ea3049c6b3a497a7c7e47f4597f5988e3839
SHA512 7db3d0e84955d8c21de8c6d6c17d2f64a452b9d2266f65e1e1c7f2304ca30f2e07d65746fe59ac5d0187b08cd20549e63601b6aa19330a66c51b1ef4064a3b84

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\America\Toronto

MD5 44a2dd3cb61b90aa4201c38e571a15ba
SHA1 73f6ad91b2c748957bdaec149db3b1b6b0d8ac86
SHA256 820392cdb1e499f82ef704d0ccfd0c50ab2b28c6e0bdeb80793861d5e165d5ad
SHA512 11ddb971c65c2f4ecc690ef685163f2972c089660f4778997964d89113a403030927edbb2ed397b81cf61bde9276add6a43ee8ee92dfa69a6d102b035fe9f01d

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Asia\Harbin

MD5 09dd479d2f22832ce98c27c4db7ab97c
SHA1 79360e38e040eaa15b6e880296c1d1531f537b6f
SHA256 64ffc2e43a94435a043c040d1d3af7e92d031adc78e7737af1861baa4eeef3e6
SHA512 f88ae25f3f04c7d5d5f98aafecc03cc7e4e56f1cd4c8deba6afd043f0fb7fe67b4d50e4df5493e77c6b34ba183e019442e736a13f784ba8c2847c06fd74ff200

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Asia\Kuwait

MD5 310d07841066a98eddcc7d3813ec2786
SHA1 bde5a629fdb78b40544b8018b2578f0b085045cc
SHA256 aeaf4a3e3f25d050679ca9fddd690c780d489e036d4f3939fe8578b04661738c
SHA512 aba447ee023e8dc32da7bb14674c0554686e7a017ccf23091c6cb39a68079ebdfa16adedbb3e882b8605e411cf727f297223e6cff9be3c2ff99367a8037fb25e

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Asia\Vientiane

MD5 b6cb1b97eb7b7e587f17b7dd9301045b
SHA1 5c81d559f702a0239d5bf025c97e70b2c577682e
SHA256 798ab4be1f3d3758f4ebd511a10bed06ed277446a5e853ebb5b17c58228aa43c
SHA512 b32e4a6b3f7b88a4b2dd2b77eceaf9ac1e1c06c9a06b8473a4acb88d98bf03c59236212d936866865e32fccea478f06cebb3f8cb60cfc3f6f1a579bd1ae946bf

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Australia\NSW

MD5 44cc3e944fdd50314de398d0aed2bd8e
SHA1 ca9f55088c536a5cb6993b1a5fe361c0617bc4fd
SHA256 42c3857585b16db2f8ffd47ba19faa60f473340de8d4fe9320ea7be861605906
SHA512 33f9b04997fc4d3a207e7905029886110f455934f87d6820d7ec8f901f6b65700f69f667991d909d09d73acfd3bdeca9d077e3fa74f1f3a0d0edf9bcf871dfb3

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Australia\Tasmania

MD5 8b19c5bc1dc3b7baee99a3528d2bf3b6
SHA1 db8884f4beb55ae0c292403cdb8ffc47c18effcd
SHA256 18b412ce021fb16c4ebe628eae1a5fa1f5aa20d41fea1dfa358cb799caba81c8
SHA512 3b6ca88f06374f4c0f95b3cb9c62720a1a71491280b2d1f39938fe37e999e4685865070dc4b4c941a65ecd0f61c3c2e1bec15c153ce43a682f81134e4dc9b60c

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Brazil\Acre

MD5 103eb03cddced65a327ace0ecaf78ef0
SHA1 23649fa3b661b1a7b1332e38479d24bcdb4e902f
SHA256 d7ba27926f0ffd580c904ae32bdaebd2ac0d9e2eeaa7db6071467dde0de5b4eb
SHA512 dec8dc175c36b1a73ccf7a3524a1779fe1770832c21eef88f86c4b4b6e793d22b318173deaa5a85fc9969554dc486cec05bd4100466090438d9bc4660fcb0a3e

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Etc\GMT-0

MD5 9cd2aef183c064f630dfcf6018551374
SHA1 2a8483df5c2809f1dfe0c595102c474874338379
SHA256 6d9f378883c079f86c0387a5547a92c449869d806e07de10084ab04f0249018d
SHA512 dafa0cb9d0a8e0ff75a19be499751ad85372aafa856ff06dd68ecf2b1c5578bb98a040becaecf0aed2c3e4ff7372ff200fe7614334756d19fe79dd61c01d4e92

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Etc\UTC

MD5 38bb24ba4d742dd6f50c1cba29cd966a
SHA1 d0b8991654116e9395714102c41d858c1454b3bd
SHA256 8b85846791ab2c8a5463c83a5be3c043e2570d7448434d41398969ed47e3e6f2
SHA512 194867d0cf66c2de4969dbfeb58c775964ecb2132acdc1b000b5ef0998cefde4a2979ffc04ec8b7dcb430e43326a79d9cedb28ecea184345aa7d742eaf9234ac

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Europe\Isle_of_Man

MD5 3d9add8c0dd4f406b8a9ad6f1219fb95
SHA1 c0b30d0940f65b8819cd6628d0670784dcb6b344
SHA256 c69d3cc15e384d932601d06aa69b6d0c285001bf2d44dd3719c121b7df5162d6
SHA512 9c82987fa7919fc333f3f04b309345b91240fa60d205a144b6ca10fcb586fddc3e9725e71da5a588eddd21bf99265dfe1495bb16df4367a82df57e103a324c78

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Europe\Oslo

MD5 b14df1a5f5e982e5aad07468ef6890ad
SHA1 d8838a66441249a79ab65c959eff3dbd379a1a06
SHA256 51d0844618f5258a71de88e68a5691a32568478a8c035f8f12fea11b09e9b090
SHA512 9af8dab36bb648939594c9f67327f43c612b8912bdf523d59ee22158de7de99ced88a39979d853c0f26c17617f7a44ce5113ac519956a40b7aedc9a861d8dd61

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Europe\Podgorica

MD5 6213fc0a706f93af6ff6a831fecbc095
SHA1 961a2223fd1573ab344930109fbd905336175c5f
SHA256 3a95adb06156044fd2fa662841c0268c2b5af47c1b19000d9d299563d387093a
SHA512 8149de3fd09f8e0f5a388f546ffe8823bdcda662d3e285b5cebc92738f0c6548ccb6ed2a5d086fd738cb3edc8e9e1f81c5e2e48edb0571e7ea7f131675b99327

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Europe\Zurich

MD5 2da42297275a23b4a6b99702cf995583
SHA1 782d7d6812933a263ebfff012a0120d480071b1b
SHA256 2b9418ed48e3d9551c84a4786e185bd2181d009866c040fbd729170d038629ef
SHA512 68837833426fe905b74a9364496c572e3157c0c7cf179688e7facb7370fab3f01edf08421998dade9023c6bc17ab9b84eef2154a0ec83a8f7b85992bc9b88d1b

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Europe\Vatican

MD5 0854fdfdc75ae977fbfacbcf91373305
SHA1 645c9273e893a40dae3abba06edb5c9ae6f81bd9
SHA256 f97e45fdddc3cf49014568944d750df9f81e0876d41072da68723010f6447544
SHA512 86f972715b93d2531283a11cf1c0a29bca28d65098dec823ba923ad852251802c85c49d08d1e4997141b0469914dfcc24e79149d1b40b23264063d3228f1a02b

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Israel

MD5 570f4cd5d0ee9ebe57259c7ded62de1d
SHA1 89e42d27cfb78255ae18ee02f5a4c8e3ba57dde0
SHA256 254b964265b94e16b4a498f0eb543968dec25f4cf80fba29b3d38e4a775ae837
SHA512 6b89b8e78404ba60b8cb2c4bf1b22482968cf07e1d87c43f10205f915fa56d1a1bfc67ce89a84e625d625766fd1fe001d96070c74654e58c420eb3ae3ed07406

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Navajo

MD5 19227bc675e2571ae222314e661e3e6c
SHA1 1605d96fc5764f101adc3151d3a8a0345508652e
SHA256 ebfc8fa35fe6be7b7d0e0a4fcebd10747b2376c7d41ba00b9da8102cc2f50d23
SHA512 d3ae1f7aa3ed19427052a27be2797712b72e67bdc608c7fe4bc4e82b4fc57a6bb3fe65624c751e176757b485c353178afa88f01b549fff376071b8f35d25cef9

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\NZ

MD5 77332ae81e8f657034dd1e92e77716f1
SHA1 78d4d3a481c49ab7ff31722bced30e1c31e8bc98
SHA256 8000e3a323e8fd0212414e9426b020707a771c368ca0e151747f9ddb7b814b27
SHA512 ddfc24fd77bba175c9365bc4683260fe5d66c03c4f6035d9c74273a19ccc4e1733af4ead7cb9927bb2b6406cd2efabfb4457c2d2d12027600f0938b989fbf2a0

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Pacific\Samoa

MD5 c14f2b93f0df81c20caa20bb4cac3773
SHA1 4c388c7f9a7700517fc6577943f3efe3bdddd3eb
SHA256 7c262b62985863aad47f13b0ef5db2e5cc917b5d38002de9a2ea83ddb0883458
SHA512 de7fad8c156a159afc0422e2622096182c8e0f284e0971963f9793042983764de331e3eca316ce9d2f30c6adc9e65ac99178cea62ba7f119f2a99c8318e7be4e

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Pacific\Yap

MD5 241d697eee1307dd6dfc08a11f171e59
SHA1 84bd517076992c1ab829d16577327e8c1873fc28
SHA256 e886032958ae4430bf455c750093b16b35444fa719b5dbff2c513ac5bb4622d2
SHA512 c50689b85e0def9ba584aca2d9fccee49ea3125cd7c4474d12cd7d6782e64fd0aa64d6a51757bd19be8615679dd2ac848f90677f36cabec9fc0b720c813027bc

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Turkey

MD5 c9a38ba69f382895c76b041da1d8e40b
SHA1 df6cbece3d9afb3aedb44e131b6e68a6cf74ca8e
SHA256 d92d00fdfed5c6fc84ac930c08fa8adf7002840dbd21590caf5a3e4a932d3319
SHA512 cd85c8838e7f67a482252b0f3d35161f191cfc25f2a5e1ed6d05a2ebdb5c378fc7447ab362b8ab95861a43db3fbb095f0f1f7f0cd3bb6efbc2d4a7275c9fcf47

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\US\Arizona

MD5 cf35f572aafd957e09aeb94465607e14
SHA1 2a602f28796917b134dcb2bb57cc4ad958940405
SHA256 9c43b060e9c6c44370f735bc9b9d0f1b16ed55f4eb5f7418028e31e0b80e2df2
SHA512 b031557b697eb2879182dff02896d7ed9356e7f93686a8a49716eb8051a7ab1a43110df4f8b6e972240e42347506503dac83eafdd5191b364ed973ec05df279e

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\US\Aleutian

MD5 f43102c06ca5450a97e9467f49bed36a
SHA1 be58a7c839146fa675eeb6dad748c08d0647542c
SHA256 201d4387025000a6e13c9f631cb7fccd6e4369dec7224052f9d86feb81353a53
SHA512 ba8cdb793975054121eb8284fdf41336428778e4b856d176ed8e55f16eab6b520a6bb42db2e36b81684589a46b3363e41681916c5c5a27a3c56b675fdf9b635b

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\US\Hawaii

MD5 4e7fd88341bd37b660769d4583914ac2
SHA1 5d5313bee3a467f7b5311b263c7d38b52f182164
SHA256 7f03d1bf5264e7ab023a2ef9b997ddfc8cb6936692407c770762b9c549523f33
SHA512 0d7a0a3aab195c1b8c5b58793f78182fe9340193434b95541c93caf0b9860e2e1c07bc77cb62424657feb8f193a5da55df77fdc52e730638dc7d4cc673eb6a82

C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\US\Indiana-Starke

MD5 f21a138cc4c7ed21940f57b3172a4021
SHA1 f8a312b32af4e9074f4f68955ce2af41a8bdd6ca
SHA256 06200b4a18e238b835a3c98c4562758f24e526482fc33b5eec1f5648ebd350d8
SHA512 11c3cca68bca7d816e73b250b3340005fec6a9c2ef3395a3eed628a08bac215e18394db4eb9d5730e7b7de11c2ae8298acd9ce9d606197200822c4e9198d8f60

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 05d3e0895bc1c22b9e7e5f191399cb4e
SHA1 0c95f7d8be7461fb6133634e1607966cb5ac1cdb
SHA256 f635025ea31be3f94daefcb4fe8ae31a0e5787c87aa5370a3d254a2d368b0440
SHA512 16d2b49631553d2e35d200cf6c7c4be0ed56d4c8c14eed6f09ae33ee4dfb245b02330682f2393c22a5ebe9cc74d702e0c33ff1cfddf352087b05dd544b46d8b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 887c60452ecc8e7e2c324e18474d0157
SHA1 915e3b7379e86c8ce372703b0e37ff0fd94c1c9a
SHA256 daae3f97cbf9c5f8c0ed8a539c5bd82e89827a9d967c1bfcb198808dd784021f
SHA512 1b721756614f040b5da1ce8b1925a2884a310bffe8ee37795f933f2d9be070ba6e56cc5a49ad4be4bb4816b95f848ee248052d7e44be711464f8d586e69e8098

memory/2232-2570-0x0000000065FC0000-0x0000000067E66000-memory.dmp

memory/6528-2571-0x00007FF6BAB00000-0x00007FF6BB7EA000-memory.dmp

memory/6528-2572-0x00007FF6BAB00000-0x00007FF6BB7EA000-memory.dmp

memory/6528-2573-0x00007FF6BAB00000-0x00007FF6BB7EA000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 ff97b748fc48fde663e0f95acc5a0744
SHA1 7fd3f462cd922e93a136ac4d3e74df9c1dfc1745
SHA256 cca2b6e432aa929a006aa67db68bfb6a63932f3dd6d70904a55ded99ccaea2f0
SHA512 dec04a1f1dff739fc3364b7501dbc1df7a97aaa5e26f1288ddf972c10c46641ebb4893aec82d3f995585eb58d7b8dd4a1f40523e6228830603962c8bb99c3e40

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f7cfca2b6f7a13f9c4213bb0fa54ac58
SHA1 fb3ccc3c6392d3e359a13d0a392909d1ea3b7829
SHA256 76eb57412f1a3f6d156227bc8e7f65474a9681a0e9a5517c0bad3376ed35bce1
SHA512 a83435b3002d3a5da8a55cd79c2f56a38b3c29186c9a3b3c3a7471661ff019a752f0a51004cee61c3149fc7ff68b226f6e7be27a403a0c60c4e8be7aff249442