Analysis Overview
SHA256
52ed4671a31c8529f2ba3027e25080c842d09f0517fe64e844f93d619cb4dd26
Threat Level: Shows suspicious behavior
The file BlueStacks10Installer_10.41.210.1001_native_d72be3f131a47f5cfac7288d1e062210_MDs1LDM7MTUsMTsxNSw0OzE1LA==.exe was found to be: Shows suspicious behavior.
Malicious Activity Summary
Downloads MZ/PE file
Writes to the Master Boot Record (MBR)
Legitimate hosting services abused for malware hosting/C2
Checks computer location settings
Sets desktop wallpaper using registry
Executes dropped EXE
Checks installed software on the system
Drops file in Program Files directory
Drops file in Windows directory
Enumerates physical storage devices
Modifies data under HKEY_USERS
Modifies Control Panel
Suspicious use of SetWindowsHookEx
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Suspicious behavior: MapViewOfSection
Checks SCSI registry key(s)
Suspicious use of FindShellTrayWindow
Modifies registry class
Modifies Internet Explorer settings
Enumerates system info in registry
Runs regedit.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-20 13:45
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-20 13:45
Reported
2024-06-20 14:15
Platform
win10-20240611-en
Max time kernel
430s
Max time network
1734s
Command Line
Signatures
Downloads MZ/PE file
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\Downloads\MEMZ (2).exe | N/A |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\Downloads\MEMZ (1).exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\MEMZ (2).exe | N/A |
Sets desktop wallpaper using registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\Wallpaper = "C:\\Program Files (x86)\\Adolix\\Adolix Wallpaper Changer\\Images\\Desert2.jpg" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\Wallpaper = "C:\\Windows\\WPCWallpaper.bmp" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\Wallpaper = "C:\\Program Files (x86)\\Adolix\\Adolix Wallpaper Changer\\images\\Forest2.jpg" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\Wallpaper = "C:\\Program Files (x86)\\Adolix\\Adolix Wallpaper Changer\\images\\Rainbow2.jpg" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\Wallpaper = "C:\\Program Files (x86)\\Adolix\\Adolix Wallpaper Changer\\Images\\Forest2.jpg" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\Wallpaper = "C:\\Program Files (x86)\\Adolix\\Adolix Wallpaper Changer\\images\\Desert2.jpg" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\Wallpaper = "C:\\Windows\\WPCWallpaper.bmp" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\Wallpaper = "C:\\Program Files (x86)\\Adolix\\Adolix Wallpaper Changer\\images\\Forest1.jpg" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\Wallpaper = "C:\\Program Files (x86)\\Adolix\\Adolix Wallpaper Changer\\images\\Ocean1.jpg" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\Wallpaper = "C:\\Program Files (x86)\\Adolix\\Adolix Wallpaper Changer\\images\\Sky1.jpg" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\Wallpaper = "C:\\Windows\\WPCWallpaper.bmp" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\Wallpaper = "C:\\Program Files (x86)\\Adolix\\Adolix Wallpaper Changer\\images\\Ocean2.jpg" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\Wallpaper = "C:\\Program Files (x86)\\Adolix\\Adolix Wallpaper Changer\\images\\Rainbow1.jpg" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\Wallpaper = "C:\\Program Files (x86)\\Adolix\\Adolix Wallpaper Changer\\images\\Sky2.jpg" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\Wallpaper = "C:\\Program Files (x86)\\Adolix\\Adolix Wallpaper Changer\\Images\\Desert2.jpg" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\Wallpaper = "C:\\Program Files (x86)\\Adolix\\Adolix Wallpaper Changer\\Images\\Forest1.jpg" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\Wallpaper = "C:\\Program Files (x86)\\Adolix\\Adolix Wallpaper Changer\\Images\\Forest1.jpg" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
Checks installed software on the system
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\is-2DHE5.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\is-IMGFT.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\Images\is-43HOP.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\is-N6FIL.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\is-GAFM1.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\Images\is-49RTD.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\Images\is-0M9A1.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\Images\is-SPDD8.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\Images\is-LGTVQ.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\Images\is-IFTJ1.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\Images\is-F7A4Q.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\Images\is-50PQU.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\is-IGMCP.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\is-LVT5U.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\Images\is-84KKK.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\wallpaper.bmp | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\Images\is-7U1MA.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\wallpaper.bmp | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\settings.ini | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\unins000.dat | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\unins000.dat | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\is-OA835.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\is-LMULK.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\Images\is-QTL8D.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\wallpaper.bmp | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\Images\is-02BRS.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\Images\is-UQGK1.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\Images\is-ELJBQ.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\is-HMUPR.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\is-IIRMA.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\is-3FNJE.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\Images\is-PNETP.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File created | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\Images\is-39QU9.tmp | C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\settings.ini | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\settings.ini | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
Drops file in Windows directory
Executes dropped EXE
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Control Panel
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\PrevWallpaper = "C:\\Windows\\WPCWallpaper.bmp" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\TileWallpaper = "0" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\WallpaperStyle = "2" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\WallpaperOriginX = "0" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\ | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\WallpaperOriginX = "0" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\WallpaperStyle = "2" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\WallpaperOriginX = "0" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\ | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\WallpaperOriginY = "0" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\PrevWallpaper = "C:\\Windows\\WPCWallpaper.bmp" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\WallpaperStyle = "2" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\ | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\TileWallpaper = "0" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\WallpaperOriginY = "0" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\PrevWallpaper = "C:\\Windows\\WPCWallpaper.bmp" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\TileWallpaper = "0" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\Desktop\WallpaperOriginY = "0" | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\system32\browser_broker.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\system32\browser_broker.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\system32\browser_broker.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133633647929467516" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\History\CachePrefix = "Visited:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Privacy | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DummyPath | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionLow = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{A8A88C49-5EB2-4990-A1A2-087602 = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DXFeatureLevel = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\Total | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-DeviceId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VendorId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-DeviceId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\google.com\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\PrivacyAdvanced = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DXFeatureLevel = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Privacy\InProgressFlags = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus\CIPolicyState = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DummyPath | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies\CacheLimit = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\EnablementState = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\google.com | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionLow = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance | C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\IETld\LowMic | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\SyncIEFirstTimeFullScan = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\google.com\NumberOfSubdoma = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\TreeView = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionHigh = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionHigh = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionHigh = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Content\CachePrefix | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\AdapterInfo = "vendorId=\"0x1414\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.15063.0\"hypervisor=\"No Hypervisor (No SLAT)\"" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionHigh = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.google.com | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionHigh = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VendorId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Privacy | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{A8A88C49-5EB2-4990-A1A2-087602 = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VendorId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
Runs regedit.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\regedit.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\regedit.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\regedit.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\regedit.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\regedit.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: MapViewOfSection
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\BlueStacks10Installer_10.41.210.1001_native_d72be3f131a47f5cfac7288d1e062210_MDs1LDM7MTUsMTsxNSw0OzE1LA==.exe
"C:\Users\Admin\AppData\Local\Temp\BlueStacks10Installer_10.41.210.1001_native_d72be3f131a47f5cfac7288d1e062210_MDs1LDM7MTUsMTsxNSw0OzE1LA==.exe"
C:\Users\Admin\AppData\Local\Temp\7zS0D278FE7\BlueStacksInstaller.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0D278FE7\BlueStacksInstaller.exe"
C:\Users\Admin\AppData\Local\Temp\7zS0D278FE7\HD-CheckCpu.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0D278FE7\HD-CheckCpu.exe" --cmd checkHypervEnabled
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff93aa39758,0x7ff93aa39768,0x7ff93aa39778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1624 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1536 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2124 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2892 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3016 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4476 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4512 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4712 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4216 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4828 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --reenable-autoupdates --system-level
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff6a64e7688,0x7ff6a64e7698,0x7ff6a64e76a8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4708 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3568 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3516 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3100 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4328 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5104 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5268 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5548 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5580 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=812 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5656 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5508 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Users\Admin\Downloads\AdolixWallpaperChangerSetup.exe
"C:\Users\Admin\Downloads\AdolixWallpaperChangerSetup.exe"
C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp
"C:\Users\Admin\AppData\Local\Temp\is-INP0Q.tmp\AdolixWallpaperChangerSetup.tmp" /SL5="$701D8,3138367,53248,C:\Users\Admin\Downloads\AdolixWallpaperChangerSetup.exe"
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe
"C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe"
C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe
"C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe"
C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe
"C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5148 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5152 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5316 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3164 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5964 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=4804 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=4872 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=3152 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4632 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5324 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6032 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3032 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6108 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe"
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /main
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe" \note.txt
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\SysWOW64\Taskmgr.exe
"C:\Windows\System32\Taskmgr.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1500 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5284 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4484 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5112 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4616 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2460 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5772 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Users\Admin\Downloads\MEMZ (2).exe
"C:\Users\Admin\Downloads\MEMZ (2).exe"
C:\Users\Admin\Downloads\MEMZ (2).exe
"C:\Users\Admin\Downloads\MEMZ (2).exe" /watchdog
C:\Users\Admin\Downloads\MEMZ (2).exe
"C:\Users\Admin\Downloads\MEMZ (2).exe" /watchdog
C:\Users\Admin\Downloads\MEMZ (2).exe
"C:\Users\Admin\Downloads\MEMZ (2).exe" /watchdog
C:\Users\Admin\Downloads\MEMZ (2).exe
"C:\Users\Admin\Downloads\MEMZ (2).exe" /watchdog
C:\Users\Admin\Downloads\MEMZ (2).exe
"C:\Users\Admin\Downloads\MEMZ (2).exe" /watchdog
C:\Users\Admin\Downloads\MEMZ (2).exe
"C:\Users\Admin\Downloads\MEMZ (2).exe" /main
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe" \note.txt
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5764 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4384 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4484 --field-trial-handle=1616,i,15294447706742599932,8333163706475432308,131072 /prefetch:8
C:\Users\Admin\Downloads\MEMZ (1).exe
"C:\Users\Admin\Downloads\MEMZ (1).exe"
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Users\Admin\Downloads\MEMZ (1).exe
"C:\Users\Admin\Downloads\MEMZ (1).exe" /watchdog
C:\Users\Admin\Downloads\MEMZ (1).exe
"C:\Users\Admin\Downloads\MEMZ (1).exe" /watchdog
C:\Users\Admin\Downloads\MEMZ (1).exe
"C:\Users\Admin\Downloads\MEMZ (1).exe" /watchdog
C:\Users\Admin\Downloads\MEMZ (1).exe
"C:\Users\Admin\Downloads\MEMZ (1).exe" /watchdog
C:\Users\Admin\Downloads\MEMZ (1).exe
"C:\Users\Admin\Downloads\MEMZ (1).exe" /watchdog
C:\Users\Admin\Downloads\MEMZ (1).exe
"C:\Users\Admin\Downloads\MEMZ (1).exe" /main
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe" \note.txt
C:\Windows\SysWOW64\mspaint.exe
"C:\Windows\System32\mspaint.exe"
\??\c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3dc
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SysWOW64\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\SysWOW64\regedit.exe
"C:\Windows\System32\regedit.exe"
C:\Windows\SysWOW64\Taskmgr.exe
"C:\Windows\System32\Taskmgr.exe"
C:\Windows\SysWOW64\mmc.exe
"C:\Windows\system32\mmc.exe" "C:\Windows\System32\devmgmt.msc"
C:\Windows\system32\mmc.exe
"C:\Windows\System32\devmgmt.msc" "C:\Windows\System32\devmgmt.msc"
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SysWOW64\mmc.exe
"C:\Windows\system32\mmc.exe" "C:\Windows\System32\devmgmt.msc"
C:\Windows\system32\mmc.exe
"C:\Windows\System32\devmgmt.msc" "C:\Windows\System32\devmgmt.msc"
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SysWOW64\regedit.exe
"C:\Windows\System32\regedit.exe"
C:\Windows\SysWOW64\regedit.exe
"C:\Windows\System32\regedit.exe"
C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
"C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"
C:\Windows\SysWOW64\regedit.exe
"C:\Windows\System32\regedit.exe"
C:\Windows\SysWOW64\control.exe
"C:\Windows\System32\control.exe"
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Windows\splwow64.exe
C:\Windows\splwow64.exe 12288
C:\Windows\SysWOW64\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
"C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SysWOW64\Taskmgr.exe
"C:\Windows\System32\Taskmgr.exe"
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SysWOW64\control.exe
"C:\Windows\System32\control.exe"
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SysWOW64\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\9801009159a7474cadd533c214e6b524 /t 0 /p 11200
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\ea18a15e5fe044c289d661b77e32f88f /t 0 /p 12000
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\48f2730a9d2d4c13895eff0f3e2b0c3d /t 8220 /p 9048
C:\Windows\SysWOW64\mmc.exe
"C:\Windows\System32\mmc.exe"
C:\Windows\system32\mmc.exe
"C:\Windows\system32\mmc.exe"
C:\Windows\SysWOW64\explorer.exe
"C:\Windows\System32\explorer.exe"
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\1b9c1aa1f3d3460b840bc17404337faa /t 0 /p 8600
C:\Windows\SysWOW64\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\75cecec23cb74039acfc89321c76fa30 /t 9564 /p 9420
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe"
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\f85cac408579424888b42164ba494c88 /t 9768 /p 9720
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\6f5bf37318fa420e89eb617fa0459c51 /t 9952 /p 9904
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\c73db8ddca99464b833c17942a286810 /t 10072 /p 10028
C:\Windows\SysWOW64\regedit.exe
"C:\Windows\System32\regedit.exe"
C:\Windows\SysWOW64\control.exe
"C:\Windows\System32\control.exe"
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\a44fe22ea48d4da0a3118c81a394bdb9 /t 9496 /p 9288
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\3bda463f950a452d841f3b7aaa1d6296 /t 10436 /p 10016
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\d66b3b0263704004b2fdb5e5944293aa /t 10592 /p 10544
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | cloud.bluestacks.com | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 8.8.8.8:53 | 181.86.160.34.in-addr.arpa | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.187.238:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| IL | 172.217.22.67:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | 67.22.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.179.246:443 | i.ytimg.com | tcp |
| GB | 142.250.179.246:443 | i.ytimg.com | tcp |
| GB | 142.250.179.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | img.youtube.com | udp |
| US | 8.8.8.8:53 | 246.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.179.246:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| GB | 172.217.169.46:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.adolix.com | udp |
| US | 44.212.230.219:443 | www.adolix.com | tcp |
| US | 44.212.230.219:443 | www.adolix.com | tcp |
| US | 8.8.8.8:53 | cdn.adolix.com | udp |
| DE | 18.66.192.17:443 | cdn.adolix.com | tcp |
| DE | 18.66.192.17:443 | cdn.adolix.com | tcp |
| US | 8.8.8.8:53 | 219.230.212.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.192.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 44.212.230.219:443 | www.adolix.com | tcp |
| US | 44.212.230.219:443 | www.adolix.com | tcp |
| US | 44.212.230.219:443 | www.adolix.com | tcp |
| US | 44.212.230.219:443 | www.adolix.com | tcp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | 89.192.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| IE | 68.219.88.97:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | x.clarity.ms | udp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 204.79.197.237:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | 97.88.219.68.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.190.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 44.212.230.219:443 | www.adolix.com | tcp |
| US | 44.212.230.219:443 | www.adolix.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | 28.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.adolix.com | udp |
| US | 44.212.230.219:80 | www.adolix.com | tcp |
| US | 44.212.230.219:80 | www.adolix.com | tcp |
| US | 44.212.230.219:443 | www.adolix.com | tcp |
| US | 8.8.8.8:53 | 11.97.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.adolix.com | udp |
| US | 44.212.230.219:443 | www.adolix.com | tcp |
| US | 44.212.230.219:443 | www.adolix.com | tcp |
| US | 44.212.230.219:443 | www.adolix.com | tcp |
| US | 44.212.230.219:443 | www.adolix.com | tcp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| DE | 18.66.192.17:443 | cdn.adolix.com | tcp |
| DE | 18.66.192.17:443 | cdn.adolix.com | tcp |
| DE | 18.66.192.17:443 | cdn.adolix.com | tcp |
| US | 13.107.253.64:443 | www.clarity.ms | tcp |
| US | 13.107.253.64:443 | www.clarity.ms | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | 177.101.63.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.253.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.200.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.185.173.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ocsp.r2m03.amazontrust.com | udp |
| DE | 18.66.183.220:80 | ocsp.r2m03.amazontrust.com | tcp |
| US | 8.8.8.8:53 | 220.183.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| DE | 18.66.192.17:443 | cdn.adolix.com | tcp |
| DE | 18.66.192.17:443 | cdn.adolix.com | tcp |
| IE | 68.219.88.97:443 | c.clarity.ms | tcp |
| IE | 68.219.88.97:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | x.clarity.ms | udp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 204.79.197.237:443 | c.bing.com | tcp |
| US | 204.79.197.237:443 | c.bing.com | tcp |
| DE | 18.66.183.220:80 | ocsp.r2m03.amazontrust.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| GB | 172.217.169.67:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| GB | 172.217.169.67:80 | o.pki.goog | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| FR | 216.58.215.35:443 | beacons.gcp.gvt2.com | tcp |
| FR | 216.58.215.35:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 35.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | x.clarity.ms | udp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 8.8.8.8:53 | x.clarity.ms | udp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| FR | 216.58.215.35:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| FR | 216.58.215.35:443 | beacons.gcp.gvt2.com | udp |
| IL | 172.217.22.67:443 | id.google.com | udp |
| GB | 142.250.179.246:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.201.106:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | 154.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 21.114.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| FR | 216.58.215.35:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 228.187.250.142.in-addr.arpa | udp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 172.217.169.67:80 | o.pki.goog | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 161.19.199.152.in-addr.arpa | udp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | motherboard.vice.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 151.101.194.133:80 | motherboard.vice.com | tcp |
| US | 151.101.194.133:80 | motherboard.vice.com | tcp |
| US | 151.101.194.133:443 | motherboard.vice.com | tcp |
| US | 8.8.8.8:53 | 133.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.vice.com | udp |
| US | 151.101.66.133:443 | www.vice.com | tcp |
| US | 151.101.66.133:443 | www.vice.com | tcp |
| US | 8.8.8.8:53 | 133.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | htlbid.com | udp |
| FR | 52.84.174.81:443 | htlbid.com | tcp |
| FR | 52.84.174.81:443 | htlbid.com | tcp |
| US | 8.8.8.8:53 | 81.174.84.52.in-addr.arpa | udp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | vice-web-statics-cdn.vice.com | udp |
| US | 151.101.2.133:443 | vice-web-statics-cdn.vice.com | tcp |
| US | 151.101.2.133:443 | vice-web-statics-cdn.vice.com | tcp |
| US | 8.8.8.8:53 | oembed.vice.com | udp |
| US | 151.101.130.133:443 | oembed.vice.com | tcp |
| US | 151.101.130.133:443 | oembed.vice.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.npttech.com | udp |
| US | 172.67.155.215:443 | www.npttech.com | tcp |
| US | 172.67.155.215:443 | www.npttech.com | tcp |
| US | 8.8.8.8:53 | 133.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.130.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | video-images.vice.com | udp |
| US | 151.101.130.133:443 | video-images.vice.com | tcp |
| US | 151.101.130.133:443 | video-images.vice.com | tcp |
| US | 8.8.8.8:53 | 215.155.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | images.vice.com | udp |
| US | 151.101.66.133:443 | images.vice.com | tcp |
| US | 151.101.66.133:443 | images.vice.com | tcp |
| US | 8.8.8.8:53 | vice-sundry-assets-cdn.vice.com | udp |
| US | 151.101.194.133:443 | vice-sundry-assets-cdn.vice.com | tcp |
| US | 151.101.194.133:443 | vice-sundry-assets-cdn.vice.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 151.101.2.133:443 | vice-sundry-assets-cdn.vice.com | tcp |
| US | 151.101.2.133:443 | vice-sundry-assets-cdn.vice.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | cdn.privacy-mgmt.com | udp |
| US | 18.245.199.47:443 | cdn.privacy-mgmt.com | tcp |
| US | 18.245.199.47:443 | cdn.privacy-mgmt.com | tcp |
| US | 8.8.8.8:53 | 47.199.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 216.58.204.78:443 | www.youtube.com | tcp |
| GB | 216.58.204.78:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 172.217.16.246:443 | i.ytimg.com | tcp |
| GB | 172.217.16.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 246.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | firebaseremoteconfig.googleapis.com | udp |
| GB | 172.217.169.74:443 | firebaseremoteconfig.googleapis.com | tcp |
| GB | 172.217.169.74:443 | firebaseremoteconfig.googleapis.com | tcp |
| US | 8.8.8.8:53 | 74.169.217.172.in-addr.arpa | udp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | softonic.com | udp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | softonic.com | udp |
| US | 199.232.213.91:80 | softonic.com | tcp |
| US | 199.232.213.91:80 | softonic.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | 91.213.232.199.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 199.232.213.91:443 | softonic.com | tcp |
| US | 199.232.213.91:443 | softonic.com | tcp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.softonic.com | udp |
| US | 151.101.1.91:443 | www.softonic.com | tcp |
| US | 151.101.1.91:443 | www.softonic.com | tcp |
| US | 8.8.8.8:53 | 91.1.101.151.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 151.101.193.91:443 | en.softonic.com | tcp |
| US | 151.101.193.91:443 | en.softonic.com | tcp |
| US | 8.8.8.8:53 | 91.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assets.sftcdn.net | udp |
| US | 151.101.193.91:443 | assets.sftcdn.net | tcp |
| US | 151.101.193.91:443 | assets.sftcdn.net | tcp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 23.219.230.135:443 | images.sftcdn.net | tcp |
| US | 23.219.230.135:443 | images.sftcdn.net | tcp |
| US | 8.8.8.8:53 | 135.230.219.23.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | articles-img.sftcdn.net | udp |
| NL | 23.62.61.112:443 | articles-img.sftcdn.net | tcp |
| NL | 23.62.61.112:443 | articles-img.sftcdn.net | tcp |
| US | 8.8.8.8:53 | 112.61.62.23.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 151.101.193.91:443 | assets.sftcdn.net | tcp |
| US | 151.101.193.91:443 | assets.sftcdn.net | tcp |
| GB | 216.58.204.78:443 | www.youtube.com | tcp |
| GB | 216.58.204.78:443 | www.youtube.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| US | 151.101.193.91:443 | assets.sftcdn.net | tcp |
| US | 151.101.193.91:443 | assets.sftcdn.net | tcp |
| US | 8.8.8.8:53 | assets.sftcdn.net | udp |
| US | 151.101.129.91:443 | assets.sftcdn.net | tcp |
| US | 151.101.129.91:443 | assets.sftcdn.net | tcp |
| US | 8.8.8.8:53 | 91.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | softonic.com | udp |
| US | 199.232.209.91:80 | softonic.com | tcp |
| US | 8.8.8.8:53 | 91.209.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| US | 199.232.209.91:443 | softonic.com | tcp |
| US | 8.8.8.8:53 | www.softonic.com | udp |
| US | 151.101.65.91:443 | www.softonic.com | tcp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | 91.65.101.151.in-addr.arpa | udp |
| US | 151.101.65.91:443 | en.softonic.com | tcp |
| US | 8.8.8.8:53 | articles-img.sftcdn.net | udp |
| NL | 23.62.61.112:443 | articles-img.sftcdn.net | tcp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 23.219.230.135:443 | images.sftcdn.net | tcp |
| US | 8.8.8.8:53 | assets.sftcdn.net | udp |
| US | 151.101.1.91:443 | assets.sftcdn.net | tcp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | 128.233.34.23.in-addr.arpa | udp |
| NL | 23.62.61.129:443 | www.bing.com | tcp |
| NL | 23.62.61.129:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 129.61.62.23.in-addr.arpa | udp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 157.252.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.191.110.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\7zS0D278FE7\BlueStacksInstaller.exe
| MD5 | c8ec5e0af9329936df1fb6382f092687 |
| SHA1 | fc8a59149198e5acef2ca6a51f01d1e3ff0f50fe |
| SHA256 | 7b3fcbf635508cde1dd74e41b3914f5b85bdb8de1bcece745ac6a05ddfde63da |
| SHA512 | 1bd43948428d964b94befe7e2b9cd74e0cb5d6af76f5adb166323510b2f775ae479e781df104222197ac5e04e83e885cf6a5ec65c7bb3c5aebd45dead24439cf |
C:\Users\Admin\AppData\Local\Temp\7zS0D278FE7\BlueStacksInstaller.exe.config
| MD5 | 1b456d88546e29f4f007cd0bf1025703 |
| SHA1 | e5c444fcfe5baf2ef71c1813afc3f2c1100cab86 |
| SHA256 | d6d316584b63bb0d670a42f88b8f84e0de0db4275f1a342084dc383ebeb278eb |
| SHA512 | c545e416c841b8786e4589fc9ca2b732b16cdd759813ec03f558332f2436f165ec1ad2fbc65012b5709fa19ff1e8396639c17bfad150cabeb51328a39ea556e6 |
memory/204-113-0x00007FF93A5B3000-0x00007FF93A5B4000-memory.dmp
memory/204-114-0x0000000000550000-0x00000000005EE000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\7zS0D278FE7\JSON.dll
| MD5 | f5fd966e29f5c359f78cb61a571d1be4 |
| SHA1 | a55e7ed593b4bc7a77586da0f1223cfd9d51a233 |
| SHA256 | d2c8d26f95f55431e632c8581154db7c19547b656380e051194a9d2583dd2156 |
| SHA512 | d99e6fe250bb106257f86135938635f6e7ad689b2c11a96bb274f4c4c5e9a85cfacba40122dbc953f77b5d33d886c6af30bff821f10945e15b21a24b66f6c8be |
memory/204-116-0x000000001B2E0000-0x000000001B348000-memory.dmp
memory/204-117-0x00007FF93A5B0000-0x00007FF93AF9C000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\7zS0D278FE7\Locales\i18n.en-US.txt
| MD5 | 206562eed57e938afe21fc6942fa8e59 |
| SHA1 | 779e90fec866c0fd2f47da020651db71c89ec3dd |
| SHA256 | 27d611a71edf36307a7ed0651f6c5910292ac7e2b68074a7e33d306b3d93ec45 |
| SHA512 | 275c3192a7aee28fad31beb521cf5e7c66010e7562ce244ba9fc4de352f35b4ab63180ed12a56ea0b1458c185e076e2d07ba6d8797467177d3c5b2ac14371b26 |
C:\Users\Admin\AppData\Local\Temp\7zS0D278FE7\HD-CheckCpu.exe
| MD5 | 81234fd9895897b8d1f5e6772a1b38d0 |
| SHA1 | 80b2fec4a85ed90c4db2f09b63bd8f37038db0d3 |
| SHA256 | 2e14887f3432b4a313442247fc669f891dbdad7ef1a2d371466a2afa88074a4c |
| SHA512 | 4c924d6524dc2c7d834bfc1a0d98b21753a7bf1e94b1c2c6650f755e6f265512d3a963bc7bc745351f79f547add57c37e29ba9270707edbf62b60df3a541bc16 |
memory/204-121-0x00007FF93A5B0000-0x00007FF93AF9C000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\7zS0D278FE7\Assets\loader.png
| MD5 | 03903fd42ed2ee3cb014f0f3b410bcb4 |
| SHA1 | 762a95240607fe8a304867a46bc2d677f494f5c2 |
| SHA256 | 076263cc65f9824f4f82eb6beaa594d1df90218a2ee21664cf209181557e04b1 |
| SHA512 | 8b0e717268590e5287c07598a06d89220c5e9a33cd1c29c55f8720321f4b3efc869d20c61fcc892e13188d77f0fdc4c73a2ee6dece174bf876fcc3a6c5683857 |
C:\Users\Admin\AppData\Local\Temp\7zS0D278FE7\ThemeFile
| MD5 | c3e6bab4f92ee40b9453821136878993 |
| SHA1 | 94493a6b3dfb3135e5775b7d3be227659856fbc4 |
| SHA256 | de1a2e6b560e036da5ea6b042e29e81a5bfcf67dde89670c332fc5199e811ba6 |
| SHA512 | a64b6b06b3a0f3591892b60e59699682700f4018b898efe55d6bd5fb417965a55027671c58092d1eb7e21c2dbac42bc68dfb8c70468d98bed45a8cff0e945895 |
memory/204-128-0x00007FF93A5B0000-0x00007FF93AF9C000-memory.dmp
memory/204-127-0x000000001C8D0000-0x000000001CDF6000-memory.dmp
memory/204-129-0x000000001C800000-0x000000001C838000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\7zS0D278FE7\Assets\minimize_progress.png
| MD5 | 1504b80f2a6f2d3fefc305da54a2a6c2 |
| SHA1 | 432a9d89ebc2f693836d3c2f0743ea5d2077848d |
| SHA256 | 2f62d4e8c643051093f907058dddc78cc525147d9c4f4a0d78b4d0e5c90979f6 |
| SHA512 | 675db04baf3199c8d94af30a1f1c252830a56a90f633c3a72aa9841738b04242902a5e7c56dd792626338e8b7eabc1f359514bb3a2e62bc36c16919e196cfd94 |
C:\Users\Admin\AppData\Local\Temp\7zS0D278FE7\Assets\exit_close.png
| MD5 | 26eb04b9e0105a7b121ea9c6601bbf2a |
| SHA1 | efc08370d90c8173df8d8c4b122d2bb64c07ccd8 |
| SHA256 | 7aaef329ba9fa052791d1a09f127551289641ea743baba171de55faa30ec1157 |
| SHA512 | 9df3c723314d11a6b4ce0577eb61488061f2f96a9746a944eb6a4ee8c0c4d29131231a1b20988ef5454b79f9475b43d62c710839ecc0a9c98324f977cab6db68 |
C:\Users\Admin\AppData\Local\Temp\7zS0D278FE7\Assets\error_icon_72.png
| MD5 | 4aaf83d2b3fd56ad806708e60474df39 |
| SHA1 | 144777a265879b69fadea3eb3ac6939458918578 |
| SHA256 | 84e59d14d9433e6c3d92daeb8c443063b5e3be6c0b297f0403dbde473a05cb3f |
| SHA512 | 3b8485f054fe6ed2374bc81cb1786f09741219fbfcb22503707b11cf5db1ab262ba4349633597d5d9ddabc3415b170fa8eebc932f58d211d7092b8fb96fa1304 |
C:\Users\Admin\AppData\Local\Temp\7zS0D278FE7\Assets\link.png
| MD5 | ae2c73ee43d722c327c7fb6fdbee905c |
| SHA1 | 96f238bf53ac80f5b7a9ad6ef2531e8e3f274628 |
| SHA256 | 28c0abc6bfe7a155815104883a37a53dd783d142300471064c95eddf3cae0eaf |
| SHA512 | 5a1e341f727cf1cb4832cced8e96c5a74971451629603c48bfb91ceb4561d0122ab9ae701f8b34681d5f13115a384467d430ccb8282494b40f4577ebc3ad825b |
C:\Users\Admin\AppData\Local\Temp\7zS0D278FE7\Assets\exit_close_hover.png
| MD5 | 92c2bf222d6ab81fe7a0c072bf31c107 |
| SHA1 | 8853eb08a2aa3e99fae6dabb9cff6461704f2a2e |
| SHA256 | bcc053a9a087e077d58114106d29701a34f7851f4052f3157102811355d3e709 |
| SHA512 | 6548d0038f4bda1db69de0729cc9648725d744953649a396b9147afb16abf018a5aef7ff7d3bb019031863f20c81bc202d6e37d171027ab9fde3b37402e179c7 |
memory/204-139-0x00007FF93A5B0000-0x00007FF93AF9C000-memory.dmp
C:\Users\Admin\Desktop\ConvertFromAdd.ram
| MD5 | 51e42c9448758f5e3476db86b7673158 |
| SHA1 | 0c77b50d76ffbaca26160b789c49842b15396b0a |
| SHA256 | 84e6e5e4235976d0aa6c2d76d66a0157e9273abd529a387648698fd2ddb1173f |
| SHA512 | 6151fa58097c8a8405752bb9524e4627c6bd0197217ea903a29cfd45aa20486572fab7d777de947a33222c447e3982b462a0062a90effe9edca930215670098a |
C:\Users\Admin\Desktop\ConvertFromClose.DVR
| MD5 | 7cb7f27dc3d08d8c62eda0f68906b097 |
| SHA1 | 2719bd897a25884d86570366c22f2d8e5882166c |
| SHA256 | 530b5cb26eb31caffa1f445ef9a39cd91fa1ed80c40f8c12e666fad71a3b4f57 |
| SHA512 | c357fc96bc0f23a81bdd039724b15cbefb1500ea02b3ec8287b6a6dd6cd2c3b6f21c1e067647637cb7a62d0ff09e676d1a3b65b5aac5ca986bccdc9703b1d290 |
C:\Users\Admin\Desktop\DenyPing.easmx
| MD5 | c2aa20b6eee3a6e44545b62f49c2d691 |
| SHA1 | eb91ba5a84b9ee1f1eb9aad157cb633083873e3e |
| SHA256 | b51b4e20593912a2aedbc3282adeeaf53678d654e37bc7b189a5547b1d7fa9d5 |
| SHA512 | c1980d3f7739d4236d3c97bc4f7464bbb1ec05b6dfcb70dbf6d684a58d4268ea5b7f4946962c44f93a02f557259049efb1e39062043bf359b33316fd127591e4 |
C:\Users\Admin\Desktop\AssertSend.midi
| MD5 | 1b396170deee8a3cbab4e0cb6bde9055 |
| SHA1 | 64cfae56ef0a8bb8e753b2a6b5ee86020c09b803 |
| SHA256 | ee4d353aad5badc2678309520fa8aeb1d6ef311c60a03f3df91cb8e82920307a |
| SHA512 | ef9f84d84253ddeecc4a64b743c4d210812b51ae9f516fca988c241da97d047dfc8acbda53fd86234b9613bd604e664a56376532162bca8f21967d7ca95dfaf3 |
C:\Users\Admin\Desktop\ApproveResolve.pub
| MD5 | 9cc808f19f53efcb195a386f0aa7378f |
| SHA1 | 3212106d8791371088821c1734eb728127354617 |
| SHA256 | 8fee7993b60dd478d9e9e7c0621da9518fbb9c1dbad0026fd58ce8ea3e46a442 |
| SHA512 | 6a1fea22f4f23fbd8c2dad4ef2098d2d6cbe17705c209c1b34ff7f9146bb00f8a2e8fa89745cf3b4af48e3f17c531d3b0a4371908efb6f92c2676144caaa1b8f |
C:\Users\Admin\Desktop\StepCopy.search-ms
| MD5 | f2bdfdf99d6a701c1319fe79f8c09435 |
| SHA1 | 1f47201baa26d2073453c0012407ceb660b95205 |
| SHA256 | 850700312fb10451a4704963eb20d6ca36343855d38030ef0c386274dbf01142 |
| SHA512 | ae3685b5264eaaf676b53a09404d3cb07f084a0d59edd98009460b2da26e29f1bbba2fbad4003713006db7f4d42273ef0f724cf56f5a88e296caa6029426c43f |
C:\Users\Admin\Desktop\TestInvoke.MTS
| MD5 | a240d022627b223a890c4b301983c759 |
| SHA1 | a2f8223ae01db996bb147d795156e82330e49eb8 |
| SHA256 | 93674d39f515343dbe910182bd66e68c43c12c1956dc068768cf19b77df2740f |
| SHA512 | 177de342a3cd4cc27fbfa36ecea1eeef865063f2ebf361c2d1e9e2b1737ab2e9e6a94974345b60ab433089c9d60ae92a63df893fb1399f334bc0e849e75b548e |
C:\Users\Admin\Desktop\SubmitUnpublish.TS
| MD5 | 6eeab9f54f8e60a17d13786ded7f2c68 |
| SHA1 | 9f23e0e1c68554fbe0b67506b01aa886cd951f48 |
| SHA256 | eb967468d7ac36ca717ba13d4db92eee67c79e663953089ada1039a6624b57c3 |
| SHA512 | a4304886ffd8d898fdc1f8002c839f836027c91f12ca68a773228b1f6d608f285db4b7cb00561fc96081e7cb04846f86a616c3da4a271ecd497a75a2c42aabde |
C:\Users\Admin\Desktop\OpenPublish.docx
| MD5 | 6b6581d7f21e59ca6e000768a9eab3eb |
| SHA1 | ce06fa66a1375973a605f03410bec3cdd9c0833c |
| SHA256 | 07c6cccdc3134864d9ad6c6522238d7ffe15e7d526890b9b16e4d9c15d6e998d |
| SHA512 | ad2990960e2bbaffbd23424a18a09a12fb86acb1d5c641c89a616aa081f657dd7f76b3182e63031f1ceb65b73bffcb6fdf331773b96f8d3c461698bc86fc7aa4 |
C:\Users\Admin\Desktop\AssertDebug.wvx
| MD5 | 062f6440427dd884597534b0974cede2 |
| SHA1 | 21defa8bee841b4b992a29e17ee36af995ef5eac |
| SHA256 | 9d241634801201a83f1bd880f5226088086f235f70f5cb8ccb5b67f7893b03e4 |
| SHA512 | 3f905595317082ae398f3254f7b3d186c2c098f071438850ee98045c15d61f99b4f42b2cb6eba55c718af55d71b9679bec740fc1c38495085c0833196089a6f0 |
C:\Users\Admin\Desktop\GrantBlock.ps1
| MD5 | e68e44f807653f06d96cc71795adf611 |
| SHA1 | dd327e7bcf2165641e3ff7d786c202c18f08310c |
| SHA256 | 861125bcf232514ef67ebc8156fad59f5517e45c6edd6c700356fcf136c15e6b |
| SHA512 | e07eba0ef99c39dd90e24c7eb370aeb5909e9598cab99c1764453bb932727bf4356ba82838c072d260f029333384fb6c2d3234675c244e32a98a09960e78f882 |
C:\Users\Admin\Desktop\MeasureCheckpoint.M2TS
| MD5 | f0c9d18b2aed52907d1826872e31dc6d |
| SHA1 | c1c4627e112fad7703a75554edb334459bcdf08f |
| SHA256 | ca85db9bd61cc1c1a3b2750b0e8360597d38f9a433017fdce4ab5b38c961f4f4 |
| SHA512 | cab5783f39e60dc325b872e991020ad33717bce7e12e5564e83e3d2aa0c539672eb9cadba1d88a79f43fdaaa57e6da99b9588c22f482f6ee3129d78ffa8d97c4 |
C:\Users\Admin\Desktop\MeasureTrace.jpe
| MD5 | d95e2e8024385f171be305a51fd157ce |
| SHA1 | 36a8e26ea8f121ae7f7ccf086b85ef3cc4998ec5 |
| SHA256 | c0503c27dbda424bc76063bf55920db1eebc5525170b628eea8f7fac89d75661 |
| SHA512 | 42c8ca574ecc975d92e5289018cd97ba1a98abfea726ccdb3586de650bf6508ee0d67785b872255b6859ca61ac0c0b75284199ec187b4f4f4830b0ccd331d4db |
C:\Users\Admin\Desktop\RestartSwitch.mht
| MD5 | df38f8b0edbec5f9fc08c3aba52a8483 |
| SHA1 | 069e724e0f12a493b5c162e063c786652a58cb7e |
| SHA256 | c037bd2fbdf67ac2a84dbc694ecbe5a07af1b82308861ef88e8cc14801ecbda3 |
| SHA512 | 3e213066a869df5dd1e04d8293d9b49864ef6b79186325e54065a9b70b5a63982267246daa2b064fba2de354a9ac5f1b2a1e6d3dc6d338177a88e043be076f1d |
C:\Users\Admin\Desktop\RedoUnprotect.wmv
| MD5 | 50162dd03fb05917abc3f1d66ff0637a |
| SHA1 | 89df5e3a8db5d4a945f6c23fc62a4416eedba0bd |
| SHA256 | d439df0c1cda2a4b4a72cdb703efc0c12a67d8497c358e2ec6140e32adedae1a |
| SHA512 | eee7da3262f886b460dc2673adf0c0383e81eba376e6ba394780e592294430d9e77094e83ad037fcd4d7f01cee8b19dfd8ee4552d7717597d291202c465000e7 |
C:\Users\Admin\Desktop\PushComplete.wmf
| MD5 | 153711f612dd29096207ee2f970db568 |
| SHA1 | adde83e9d053a0cd8cb0162637aef693b5bf3b6d |
| SHA256 | 6ba4cd24025e9a0e3ea2a2d9c0adb5a23785600367c7ce170e15ce465caa6e0a |
| SHA512 | 0d051ee966275f5ca2b911d6d2f35ae6badb196e50c4d7af98b0247cdb180c1b14a511e38ce90d5f64207b5313a049d23be8a0696e6b1e7c9baff8496ddfb47b |
C:\Users\Admin\Desktop\RestoreSwitch.cfg
| MD5 | 45c7fde89edb81d61b0713b2c5beadde |
| SHA1 | c35f6b71f42799352d6b2b905566c9c06389c37e |
| SHA256 | 2c7afa5c0da98fbb250719eb9e3c4078c75c453ba604516f329fe9596213657e |
| SHA512 | 48f80e6c238fe3f50be32a68fd1eedcd48abaa8d840842487688bcc405f16be56e4ddae9f1158c7f26ed3d6e479a3bbace29fdd2481fb3755ee5ed2bb587b622 |
C:\Users\Admin\Desktop\SetExport.mpeg
| MD5 | dd05ff82bc5ec765be93f870a61289f1 |
| SHA1 | b35a809ac85186a6c74b7e8950430af7e438b184 |
| SHA256 | 88fa1c354a76dc4a80009c52b1d87f38813406d8a5c856832dbe3cbc2db3f78d |
| SHA512 | 2fafe519b6108ad9f567d059db5fe8bb951844b47c1fc578aeafb55459c889502a2259349d2d1e35b3f62bdf88bc367917bc8fe12916b8e42165a6a576d70fb2 |
C:\Users\Admin\Desktop\CompleteExit.png
| MD5 | 6e84211925fb83de98185fb5f07c38bd |
| SHA1 | 094c0f9957b943d32f4fd1f6def3cb55e4b62d39 |
| SHA256 | e5a35bda181eebed5c806b8be461da90ece48203459a2d0dfac09753efc691d9 |
| SHA512 | 61b921630be0d65e6d8ebe230441b4a62d93f79b0469e691024c4ff4c31970d06267432ada38dc7b7c1327a3416d1daeb15c3e75c04f1336ea95fd51ca76052b |
C:\Users\Admin\Desktop\BlockSearch.m1v
| MD5 | ae368286ba63e6ea8359f4ff69861252 |
| SHA1 | b29b65498611b7ab7fcd8988301ccf4edea1bcf2 |
| SHA256 | f67fdd13f593ffafff261ab45b45d5ed6c50e092c5ad97a2352ac49a7732e986 |
| SHA512 | b62a8615baeda4286c66948c156a9662d4bd646210f4da788101934761d009b22d6987fa4d6450ab713a79e0fc5a88a6bc42e47f3dad513ed11ba2c340c9fe3e |
C:\Users\Admin\Desktop\CompressLimit.bmp
| MD5 | 645a17f13e264478ea1564eaa8e125ba |
| SHA1 | 73231a165341947fae2b46d12782f071d81d2405 |
| SHA256 | 5aa25ab785d952901bb6f216a2786faab02714058ee14574e6a0adf20c7f3758 |
| SHA512 | 0be0d6eb0dbe20496cb85ba3ff663fcf53f85024c2c582abc8b704d296294042a1a91d1562b9b9ec8525994398ee4f1cb51971500866b1e1045ea0a04cd653ec |
C:\Users\Admin\Desktop\DisableLock.potx
| MD5 | f9b53d60bb1e429d86e75de967b08b8d |
| SHA1 | 46d6a9d3186ba71d553d2ffb32ce9b222f1edc15 |
| SHA256 | 1133cae947d84d4f5a7631c551f094d2324b30ac79940cc7aebb58f56e6828cc |
| SHA512 | ee6ef0b479fa6c995cb88cf4dbc87ec1faf29091aade970683db3b1398b3b1668857d722226af5794ce525413f095f7614471d0a91ec12b27d5ebbfd853da208 |
C:\Users\Admin\Desktop\GetUnpublish.3gpp
| MD5 | 3edb4f005d5f519e059696b9b13d1562 |
| SHA1 | 98177b94243ad65dee5c95129d7d0b26c5699463 |
| SHA256 | 64c7d45810ce896b091701dd0dff27722eb021d4f65c6a4540d64208d38425d0 |
| SHA512 | c02f272a3e2569aa92a453abb7b2156f4a9912b201538ab0dc6a1b03dd823a9aa0076c046957ce4aaa8f6df942be75fe3863352448e252e63494a1ee9716550e |
C:\Users\Admin\Desktop\GrantRestart.001
| MD5 | 29fb8c227829c23d85355545a43a5fe2 |
| SHA1 | 0b230fa12e88d0cb2bfb0f5b3e46a4b31c8d03a0 |
| SHA256 | af77c0cf5708cc35b3ef1a5154bad2ba847a1ce5313e7dcde68c43151aa5b6d7 |
| SHA512 | 0ee89baa71f10e78b1d0d1dfbd44130729ef92c10b5e70c53960bafa4a964d958783f1fd3248568017c0b23b2085a01776d7d9239025f322b104df664499c509 |
C:\Users\Admin\Desktop\ApproveGroup.mpa
| MD5 | 33ae5429c7ef00b138023e7432c513c5 |
| SHA1 | 0481724efaf8fd6bf4d477a8adb918a8a1858db0 |
| SHA256 | 7b1ca258e0e86867d25244a1666faef14beb5f3ea69eb661c9d4d887c41a206a |
| SHA512 | 8f87cadf0bb017830496eeb2f4c498c098e6ddaf4c37139cee2d7bd24617d650b1c8b767e88a077958a8d4dfdc124b294526ad584bc11d0b83e8d926d89d6ac7 |
C:\Users\Public\Desktop\Acrobat Reader DC.lnk
| MD5 | b5c6f9f25ffc78d031287735623c39c3 |
| SHA1 | c724b5a92d7647be47f3ee4ccf21c51b84b45a43 |
| SHA256 | acf73b2d3fb34beeef3ae0e0d5b88e0f159a77e188a6584eb60c1596f43a0d99 |
| SHA512 | f52484b858b5841a86e662005257b1452935068390153925ef8f719b1b5322afa56d5b6ecf066012ff3a35ad00fe04db89e544fa1256deed60cef489d6bdd0ed |
C:\Users\Public\Desktop\VLC media player.lnk
| MD5 | 0667a27d5d22cc3abd646432c6ea3024 |
| SHA1 | e4f34319ecd1f296e622f477a33fe6f1873af56e |
| SHA256 | 555b2726e4721495a486a39dc9968b2ec03b26ebc713421bbdbb39b7a918df9a |
| SHA512 | 55e5c5c27c0013a043b7d7265633efd036097a2b3adb2e798068cedbb141377f6034643c3df5b9a2459e8b7790cdaf64f59a11bff7d30113c7f0f4771ed1bf40 |
C:\Users\Public\Desktop\Firefox.lnk
| MD5 | 3d0a7fb24085093ae0b8650fd0e9daa4 |
| SHA1 | 361c9ab865d131cf73b15df9532de3ff59f1d2cc |
| SHA256 | 67d1a7891f7a191669103ce6a699bcf2f3af24a5697933764afdca2c1755554b |
| SHA512 | 20a299cf876a9784d157d18df70bf0b4ecea529e8c74e6bb1621e2589e99582b09920869f7d2b1fde0ba15800cb4a2dff13a9bed64886404866cc9bebbe77286 |
\??\pipe\crashpad_4612_QNDVZXCJNZBNRQWP
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 948d88fe552e83087553432a40d28dac |
| SHA1 | e3100536d565d0fb4f2c0c04cdbc217fc9cd6541 |
| SHA256 | 11df9d7050ad3c14b25bb4be0f6b44e05204353f734818303a42e6f760b122f8 |
| SHA512 | a0b173e7d7399377557bb0d6cf1ab207cc86412408159e22b87e9fed8b199ee9a60b1594a12fbde43c0c12463f3d2756d2ddbb89a9ca2da22769a6031160cf7f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c16ea7937f96a49b793012dfbe00b53f |
| SHA1 | 8d4aedf4bba4bc6f1ce3339da78704c6854345a0 |
| SHA256 | 7295d1193d00ede7f9343407b9e3f1dd376e975387ec6cddd8e275a05bb48a15 |
| SHA512 | 3e1781f4d778da209ca53261aab68f44adf968414624417bb2c1b9a724b8414503cab1f69b2f31a83c9385e4d7ce872347989fae33ba2aacae3958ad8e501984 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e3d1ba9de83c5ded551e01d5e459fb83 |
| SHA1 | 96478047d2ef244d16aa32b241bb38549bf96880 |
| SHA256 | 3ecaa85b96af432d470723f840a0ccef0d63409b495017d1e156c1b0b7763593 |
| SHA512 | 0278f14145017445ff41b928534e47258c912a28f35af6375b6ea40ab82d53a6a02a42d91830b5fdc0abfb009fc00a0301e372316ef0d01cbd9c165f8247b4d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c7d5f736181abaa3adb20e03aacdce93 |
| SHA1 | 246f9ea0c495993b76f01418e972f97b7d7aa9c0 |
| SHA256 | 47ec50f58339bebaccb5857da059c6e0eef0e687276811291e8f9f606db0f49c |
| SHA512 | ebedd2b77b2628074339c3d18ba5f3fc368e786e6c12840f16bae937902cf98901726ae6bef5bb97520c15236456ba1ede2d0f30cc5e41a33b3bace18365f533 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 336e666000a2344982225df2caa221bb |
| SHA1 | f5bc15f5f1893ef36d859407ac448e6a8732efde |
| SHA256 | a5e222d73796f9b81c619c0894a658d3780382dc3861fdc0fe8a19a43111828c |
| SHA512 | e2011f68432a2071ba4b84ea2f0bced6b699a11acd9ed4d8cfca88eecf47a3eb996ae98122ede94db57fdfe96fa590ebf454c72de1177b6059bda1ef68925eb3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f986547f7a0a8f9e24e7376b74d0ba9d |
| SHA1 | 3f01486f4c1c10b5ef7115d6f8ac73d53b066c72 |
| SHA256 | 154438fe1a7d1a6cfda6fd24221d5e887d01603bf118c9d4da581b8068135d09 |
| SHA512 | d894b032972fe49816a2a814500a82f7c933d1e91a75d0e3fe3ae7cbec9ddadbf1b0a4c3b77a6f102c572b5acde358ea75c660f9174904f963f5d4051c25dbae |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe597f29.TMP
| MD5 | ea59c6d23273bcbcf4e3c116a014f3a6 |
| SHA1 | 5b16db1678efd4e7d4b27be0c4e038947e7fa6ba |
| SHA256 | 960882b59ab57ae26295475028292fe9b42f6d86745f6b86583d8e0338157ad4 |
| SHA512 | c0fb1b464fccbbb094a7adc3572e4746b1fff9161d4cdddd6fdf9e04ce7644bf14680066137d23fc8f8f9749da71dbf6faa61aca859ed79b87963a4c047d9e1e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt.tmp
| MD5 | ae1bccd6831ebfe5ad03b482ee266e4f |
| SHA1 | 01f4179f48f1af383b275d7ee338dd160b6f558a |
| SHA256 | 1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649 |
| SHA512 | baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e3b2ffd69292589ad916d42077babcc7 |
| SHA1 | e32cfc0b9351a2a366df94472d40608ebe77ff57 |
| SHA256 | a6e61aed3d86f582c0bcbc5af28552150c919ebe06f4254151df276c4ba76aad |
| SHA512 | 9634c26a36c9180f124bbfd8c7f7d3ff4660cd1a24e9495e82b991d6d9b91d2cbbe2107321a309a2a53b5310a875b3b09529e412ede457f0ef8a014c5911e418 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f5add16c84f819bdbc6a38b50119ac10 |
| SHA1 | cd252d4e11c798218f5a27fcadd8799f6289ea82 |
| SHA256 | 9653e1bd7e0cbad5f9796ff1699fe91a534d9ac7e959dfe0645ee17f9bb46a89 |
| SHA512 | 86e3a3dc356303e2f4976495e881cc95260f2761c810bb8911dfbc74fcab02fab63dc6af9059b4edb0b92571a907549c3bd32a270875f32f2b53362f38a46893 |
C:\Users\Admin\Downloads\Unconfirmed 478337.crdownload
| MD5 | 49f219ca139448487277acba93ca4c32 |
| SHA1 | 269c721963c25a59f381e1ba26c4147b9bf6391f |
| SHA256 | f03451dd6fc5336376b2e401c2bfe15072d142787843d661ffeb042590c2389c |
| SHA512 | 5673e6bb378fcd9d658a1cc780e5d22468757118605e30bf765f381927bd4711546244b8434e14b252149d74b7c7c9e6ca3d5118809cd81aa64886fa68defe2b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f37923fdc509986c5662257ba6f6be1e |
| SHA1 | e7b85d9dcb67a9cb0a9d59372d5b9850140104a8 |
| SHA256 | 6f9799b886f0a6ba2f7297a988a5c9287eff29c3f821609bef0347b40a3439f8 |
| SHA512 | 6c49925521e74000274219dcb8a3e47e69b18da4905a07b86ea6e70d9d655d32946ada8a51e5bf50caf8799d7a059c253ab59410bdd0f7fc740475f9970099f6 |
C:\Program Files\Google\Chrome\Application\SetupMetrics\20240620134636.pma
| MD5 | 6d971ce11af4a6a93a4311841da1a178 |
| SHA1 | cbfdbc9b184f340cbad764abc4d8a31b9c250176 |
| SHA256 | 338ddefb963d5042cae01de7b87ac40f4d78d1bfa2014ff774036f4bc7486783 |
| SHA512 | c58b59b9677f70a5bb5efd0ecbf59d2ac21cbc52e661980241d3be33663825e2a7a77adafbcec195e1d9d89d05b9ccb5e5be1a201f92cb1c1f54c258af16e29f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1b027961e449bdad108b435604faa5d5 |
| SHA1 | fd4e043feb0a2ecf463bcbc36254a82dd8446057 |
| SHA256 | 84352f7fb1df28fa8c41e18c3e9f0a8b6392507f0226c895f100e5525453535b |
| SHA512 | e2f13dd55a83a4c362471ab5b81f58f3560974777d43f4e960ddcc012adc0f8b6f72511d866bd72673fd43605cfab59927bffdc00f86f017416382209f56ca57 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 755a8bfe0196686f5f4dbfab8824c42a |
| SHA1 | 94df3df9bdeac255e7b4883bb2691025f427b553 |
| SHA256 | 0c18c75f24300cb5b89affcd0435306daa977d64de4a6e038266e1d4af0ba960 |
| SHA512 | 43a60c15df6220f869c7918587a28ea2e9376bd4429e19538ecdddebf561e83bd8c35be1c8877aff0396c9fa22e75e6b56b560c69ad2fcd4c58893c4ddacdef4 |
memory/2296-564-0x0000000000400000-0x0000000000414000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8c59bb0f795eee20c3bec8324745ec76 |
| SHA1 | 1ac21475fd81d25b27260de7872edf76478b36aa |
| SHA256 | 117437b021eb4da313dcbae670c379c705188110837a0fb8bdb6033bac705b81 |
| SHA512 | eb22a8fa8d34270266f495d41baf37c0da3ab9d99675382406048f7d6e087b5b9846745ea03ed556e71563093a3ba3436db6dbae3f24efa00c717f17d4fd432b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | b1f02b5dcee5b4392c215d0839b00ff4 |
| SHA1 | 418a7499adc8b12be472309a7941d7820a13a9a4 |
| SHA256 | 8cde409385ddc7a79682fcbb04597694ae2d6cacf6510875cda720c13b413856 |
| SHA512 | 1d9febdca9f9f854d7e201a08ff855980a8faad0406d7ee03eca9f1445f6d09def26f97b7dbc9e59a70be5d9feaad0440deeaa84f8279224beb3f0a0ed017a2c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0a55317e194840b93accaa2dcaa64b34 |
| SHA1 | 717edd66aa6a3f10b13ef4646ccf71b7f3da0f01 |
| SHA256 | 3d9f5e8efb2dbf86777ce72cc3653681c8044c3c1bcf256f8e12847d81186e8c |
| SHA512 | 73161091053373200bd8f3bfe7f2e382aa8e8857f819efd140f16bad6daf9880cf77cf47e34411c727de5330c040a9fdf1c1ad3dae2d6dfc260ea26fd7fd5911 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 6e374382d66dfda9e6a5147dd76f7c4e |
| SHA1 | 6c53d7cb14ca88536c7da4e0af852fb06d676128 |
| SHA256 | 9f14757d466584404a02784270a8aa151cb05e69fd14666a58521552ee09a5c9 |
| SHA512 | 0ef69ddb07fc07a4589695ee2c60b7ab809b04d30221b473c7b37f0b4dfc21dd3b03fefbac683bf8171393b186df618d3e609caf97e6ac2bc33b2da23c5659ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe59ec89.TMP
| MD5 | 8c44538e3832e33dc729b7faca60358a |
| SHA1 | d6fc66d162cb4a0e4e81e9ca3c53578b8921d8ae |
| SHA256 | 6741e5dd526ce8708828ecc685fdbe364c493067f3ae0bdf71adb7624d821263 |
| SHA512 | d3c3a307bc3ba47dcf1a34acfbae054549fbfe4513f233d204e6264ce34f5e14261b9a2fd6b2f7076dffc0264f9d790384e6dbc912ccf768bd92c734c6424f8a |
memory/2296-603-0x0000000000400000-0x0000000000414000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2a29574115e6bf1c32d4ff89ed41ac31 |
| SHA1 | 419bb660b2d4164c8d60ee376cea89771c21d295 |
| SHA256 | 8ee396baa9614d4164011f8e94507b36495b571c17a34d4b0063d3b890284d8f |
| SHA512 | 019322b8f1aee1ea82d974371641cc23581df777f2b93452f0cc2602c51b50fbdcadedc46e689c6f3f6619e98032f6dd6ba9cf3ba98db6249ac88df36fba4e70 |
memory/3004-613-0x0000000000400000-0x00000000004B6000-memory.dmp
C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\WEBSITE.URL
| MD5 | 09f2e9fc4c41845a27f7a47ad10832ba |
| SHA1 | 48cd783d8548891c7a6f3957c31f73daed9b1bfb |
| SHA256 | 3127e09469aeddeb26728be46abc47858ccd77a17dbdfae711ac598e9ab17bae |
| SHA512 | d65c9ccd44d1cadb8536d7707e3ce6bef2ddb468b26e0726e356e84ca2b78b710c32fe2660b4e6da2057f90a15f3e2fd41f49fdc3ec8bceef60380107f38c5d8 |
C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\AWC.exe
| MD5 | 76a32e25d4eff579264cd0be35c7b390 |
| SHA1 | 9400a2dd4ece453de05ffb6ed82c2702d6f13add |
| SHA256 | 600750d0503414f6d3031ce0b6fda939b2e4d64165aa310e9ffa1260c8b634ad |
| SHA512 | 1c67b0b315a7492052b9011fac4c802f20a08c038087c3dc120738bdb4b7b0bc9fb6a561466552003f92f81e7bba32fac7dcc0b836fb481cbcd44d442e682621 |
memory/3080-685-0x000001BAD9120000-0x000001BAD9130000-memory.dmp
memory/3080-701-0x000001BAD9220000-0x000001BAD9230000-memory.dmp
memory/3080-720-0x000001BAD84B0000-0x000001BAD84B2000-memory.dmp
memory/3884-727-0x0000026776D00000-0x0000026776E00000-memory.dmp
memory/4160-749-0x0000018A3F9F0000-0x0000018A3F9F2000-memory.dmp
memory/4160-747-0x0000018A3F9D0000-0x0000018A3F9D2000-memory.dmp
memory/4160-745-0x0000018A3F9B0000-0x0000018A3F9B2000-memory.dmp
memory/4160-781-0x0000018A409B0000-0x0000018A409D0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 508cefd24c1245a2361618545726276a |
| SHA1 | b8258c1f2ce7a758c260ee8e63ad6599d80dc385 |
| SHA256 | d31cde54a6f6c00698a03adbbc43eca3d09ad7c1cc24b95c3a68309af92048b2 |
| SHA512 | 844c00e7acc7c508a0261bd5ec75af82eb860d9bc2551279d9b15d612d250ac260c6fdbee4a0ec49058f55a811262d8a6e2b550a35152449b159da2bd28f832f |
memory/4160-878-0x0000018A40220000-0x0000018A40240000-memory.dmp
memory/4160-950-0x0000018A43C60000-0x0000018A43C62000-memory.dmp
memory/4160-948-0x0000018A41FF0000-0x0000018A41FF2000-memory.dmp
memory/4160-946-0x0000018A41FD0000-0x0000018A41FD2000-memory.dmp
memory/3004-1009-0x0000000000400000-0x00000000004B6000-memory.dmp
memory/3080-1103-0x000001BADF960000-0x000001BADF961000-memory.dmp
memory/3080-1102-0x000001BADF950000-0x000001BADF951000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\Q6NNEG0C\favicon-192[1].png
| MD5 | 6063cd35f5200b226b29b86748464d8e |
| SHA1 | a6cfbdc753b7e137aa74c569088726ddf4817b1a |
| SHA256 | 50b32f669246670ddf0ce5385c778892f9d2e746c7c6b4fe59a4f2f46d19d1f6 |
| SHA512 | 8a734328c4199c4ff483517c6c2d16d69f5ea21aaea7b4b26f44c69c234d7fc50d8de427f78edabf1d8b1604300807973210d1907b0abee5eb4a233ea5919a9a |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\X2CFSU2S\KFOkCnqEu92Fr1Mu51xIIzI[1].woff2
| MD5 | abe083d96b58eb02ada8b7c30d7b09f2 |
| SHA1 | 61447d66d13a8c8f4335696777a85c438c46f749 |
| SHA256 | db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9 |
| SHA512 | d17e095a6f0871fa0c9cddde08f87a63589574eb23f3dca7430ea23fd6ff5c3523e9807dc0ed0cf9c874e1a37046461e79ee47e1e9aa64513fff25bdd48c3696 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GVR39UQM\forkawesome-webfont[1].woff2
| MD5 | 3a9e014c2469ffa65a0ea64a24e48b44 |
| SHA1 | 53fced558eee8058c40d2be2f5f886f5768ccce6 |
| SHA256 | 84422de97eb1cf27bcb9bca4f3fbb18f3ebc711647b09c68292f5f43c89d5064 |
| SHA512 | 54422a528f322fd28087c216a7bd9426cafee2194d939c134ca339e759862bd0ccf5a617a2215b97a87faa932054323085046a0bc98e71101f3b2d53e41a6fa8 |
memory/3080-1351-0x000001BADD8C0000-0x000001BADD8C2000-memory.dmp
memory/3080-1354-0x000001BAD84E0000-0x000001BAD84E1000-memory.dmp
memory/3080-1358-0x000001BAD83F0000-0x000001BAD83F1000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp\~DF0F04B7308610CE00.TMP
| MD5 | 298fd5f70c86dbaeac56e11dfb2960b7 |
| SHA1 | e2d1bd7765a3218a1bd5e7071831f4461b9885c1 |
| SHA256 | 3af4c5a636079325de22d92cb408a98a4b1ab734b05937e56bea8e841bd5c65d |
| SHA512 | 3b52f0a41b6c48044092a8072d607020ca31dadba68c4a8816d5fa2fec663491fc3ef4749749e685ca89c5879b70d0f416c8201020eb21008f2d10baf5c49d5e |
memory/3004-1371-0x0000000000400000-0x00000000004B6000-memory.dmp
memory/2296-1372-0x0000000000400000-0x0000000000414000-memory.dmp
C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\SETTINGS.INI
| MD5 | f4e75387407aad0740821477df75f07a |
| SHA1 | fb391f5a6a644e9f9a4bf1bd3c9fd9cb306517e7 |
| SHA256 | cb4bd54969175beb5b05e2bef1b26cf013701ebbb74cb8dc59b2aa8e2bf41490 |
| SHA512 | 114b6891f895079fe6a8686aec54de0d1f54d3579d5e5f4b77b294a2dbf94a9e5257e75231105e4647fcd2a3cb5d05c4c6ce1b36c9220b989d738c0453b2278e |
memory/5760-1445-0x0000000000400000-0x00000000005E2000-memory.dmp
memory/5856-1446-0x0000000000400000-0x00000000005E2000-memory.dmp
C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\SETTINGS.INI
| MD5 | e3e79849db84305fdc13f23fff9b85d8 |
| SHA1 | b7b9bd6cc6ba5f95d3bf4ba1757ffd9ad33f412f |
| SHA256 | bac97fd6a33f89a35e3ea686d4297309fa86a7ee4bba686af4306427fe5a90ea |
| SHA512 | a201ef3a413444ac7fd97b0c72274a7e88abfc33ffda0abbc69503b52b35d4421676beb978c0e65b7ba992659e97fa047300e47e00dc554ef94aed08b46eca1a |
C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\SETTINGS.INI
| MD5 | e95e7d395611f46ae96f628e5a799a14 |
| SHA1 | 1306f4c7281568c7e6c710f4010a57c945efeb87 |
| SHA256 | 3d7f26322d2e46242accc2703444f35dc5c3258f90527a70db86d629c6cd7683 |
| SHA512 | 87998d2f0d14b0f6e00bf62100f7247b421b9e58f554269fc8b065ab908bc400087e7a047888294d24328066f7354bc45a29af37f2a7db75573d110a4221a557 |
C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\SETTINGS.INI
| MD5 | e04d1895a34514e1e272047d7e6ec83d |
| SHA1 | 245147cde796628b61af174383d24b32e8f581dc |
| SHA256 | 22bc9796513e08a77e6abdf1cd777c6ad575d4d645cf56a7076dfa15be0aed34 |
| SHA512 | 876dc5502f4ee2f968046644b838d28f6fced3303cdcdc682ce0b9124e6ba36aee836d498805aa97eeb4441bcafb2d866f042eaac7b18dc1e08fd43d3590b8fe |
C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\SETTINGS.INI
| MD5 | 8a465b2253f9707eca65685ba379f48d |
| SHA1 | d05b06a5614e68b82d2370e1eb104b96e66bddad |
| SHA256 | 24de0f11f1fedccee0ec745f8ac94f2e5c0fc88f77a7c6c26cbfcc1bd1c600c0 |
| SHA512 | a7df092e96b47664c2b9f129488b8e3733bc9ff7eed9fe49d1a9c3504ec781d1697e76515f252bf63f8bc765d15c3bd870f625fe69372dbbf6eda5493b2ec0b3 |
C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\SETTINGS.INI
| MD5 | c20378b0f8e676fea16349431e5a4e65 |
| SHA1 | bf2dbc62a5e0b00738f8b78f002902d3cbbc49e1 |
| SHA256 | 9ca864e26ff754db7b072b4175780f991f481bdf867b1c426f6e2fe13336bf82 |
| SHA512 | 4273b28b4ac7c72da967a5658ea8fdfaaa4007ab9ef01afe3ed77f712d7f0d85de078e7df3b5aad33bf99d74f2bcf285b26aaf248adbb867ca7f4e0886d2b161 |
C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\SETTINGS.INI
| MD5 | f26db50c7ab70ec8dcd9281a09b94471 |
| SHA1 | 6755e7c13812a6cbd27bf1f86d49b523fe0e872b |
| SHA256 | 8b4d71d37bd076a8ca5e245da68e97cd48f1cf98bb3f50c9f36bf490ec4303ce |
| SHA512 | e8d90e45fb306da3541fe2083d593cbc6d4420e2e5fab12c6063a5e81383a7ae2e4821b50d690ace1cd3b9146169c2b4e1bad893f2a2d2333d700fb1bef665c4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d5aa5c0a89d129c5e46f97fb432fe0dd |
| SHA1 | 3be8716ec00d96e0e45eebe09542661b498d1f5f |
| SHA256 | f611f3554ccad8ed996c7298a8d30371f7143dbf7f3e084279c86fdc546c9411 |
| SHA512 | 321abe4e995710bf0368dddb2a780ab4d431e73db57f9bbb90ead6eb09a50ee58ad170f577251ed375bec3e7cc13bba7ca6f34a5f832056dd31677717c06733e |
C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\SETTINGS.INI
| MD5 | 49b43b8f2518301433b1996fe7367c42 |
| SHA1 | 6aa870fd5ff909b9ec13f2ce719ede9a87711969 |
| SHA256 | 6222907f6cb0e4913b37efe16eec194851147e0fef00d93adf8a7a700ba041b0 |
| SHA512 | 637b8aafa4c94bf402f7a90eded3147af54e38cafb82a032bd365d30d99237446edf35232f5fc6d55d9aabc3dd3e368e14cb343652882b9ef2c9068fb9ba4022 |
C:\Program Files (x86)\Adolix\Adolix Wallpaper Changer\SETTINGS.INI
| MD5 | 97baed8b83c37c4e574bb1945234fafb |
| SHA1 | 5fd64970571ec92b8082886394befe7b3cd22fdb |
| SHA256 | 50e5ad115f48bc1693426a8617b1fe237ad866ecd6b5f3482f315e5e8d877598 |
| SHA512 | a6cc87090810b1e866407a57bdac3cb30ebd1034f590757542fb4eaaf3896f4427c97d4fc9609b19f032bb0eac74edaf1a1b127a3b706a3f9a406717ae61dd67 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
| MD5 | 921df38cecd4019512bbc90523bd5df5 |
| SHA1 | 5bf380ffb3a385b734b70486afcfc493462eceec |
| SHA256 | 83289571497cbf2f2859d8308982493a9c92baa23bebfb41ceed584e3a6f8f3f |
| SHA512 | 35fa5f8559570af719f8a56854d6184daa7ef218d38c257e1ad71209272d37355e9ad93aaa9fbe7e3b0a9b8b46dfc9085879b01ce7bb86dd9308d4a6f35f09e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
| MD5 | 40e01c775b4f150dec2ff43bdf0f1816 |
| SHA1 | 29cc0f7eb904aced209cec12ebbf8e6ab192da53 |
| SHA256 | 4d21e64e043f3f03c39754589e8131f993de6565a9da3bf86a21c205e37b3ca0 |
| SHA512 | c868ed04136d1c38c2d4f22f7c16337532fa1b62a3da413df9815ddeb2fbd5a5175d7987beb796193a4e812a679c117928c97a4e87042ce4383433ba479b923f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 03ab609b4fb58ae57116216e9d27c082 |
| SHA1 | e8c5647682ecde570264120a7f50999ed38f8a6c |
| SHA256 | 563aad447d5f1998df1960700aab036a4bb793bfc6b483ba1d925bac5b166b8d |
| SHA512 | 30611ca7da840a788e6a16cb3fe898ad3c5a888f1b39188456a1d7c5d379afb7c4f49cba285a96af33080704948aaee32a889ffa1d567fc1a18e2f7afb46f0ea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
| MD5 | e7a6fb8978b40ede02f572f7f6cdc541 |
| SHA1 | 7487dcf685fffc6ed67e6b40d778e4ac3ad7d8e4 |
| SHA256 | bb0c344d05018874bafcfa2c1271f7ebe7ca3a449f03937680b41fab020b6af6 |
| SHA512 | 8d71f31dc337d872682b2074522dcfbc57618a53ea5cd117e83beeda8773ba9157f61c02c1d59b91e8d38b116c37c50c19924d9ec02e0b28618244b0f3167fbb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
| MD5 | 9ac95c912675ccc02dcd31a9542f8478 |
| SHA1 | 80d472edf49e3ad60b009a98af045cc76d17e6c5 |
| SHA256 | 6cf6897d73ae9ab457f4364b8771f56e502413d4d255b1511622090a32bf95e5 |
| SHA512 | b11625f35d295b9c3fb903517fc37bea045b59009014da674445fbadda079426967879c7e83ce47a466e06c140e612269d1973adef061ccc0144473d46776baf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012
| MD5 | 6d53dd4517b48262aab18bdc2ef3a830 |
| SHA1 | 9c163a2d1fec496db66789ff4ad73b35baf576bb |
| SHA256 | 81320c19b14c74cc0f4440df9b3e1872ba364c823fb5fb25c80a8af7ef7f54f1 |
| SHA512 | c3f71f748902ca950b9eece75a4114e7ae0227028cab4440b3155f2fd3dc2bc88a50531f720383f269d05575777ff0971b2b2c362eb459e4787eeee9b3a12bdc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 05ec95f8d095c5e0fc4528ed19e1557c |
| SHA1 | aac41e059a5b9e62bd430f2251557178eea4e2e9 |
| SHA256 | 14db683b3cd716525574de515c94c8b7cbecf8c09b868900d40a0829e39dadaf |
| SHA512 | 77458d6eef3c6c476d06e8b29cff71f8f054e3894fe5951147ece31fdd683e6f27b86370ac4239f198ad2314db38557785c6d879eeee0296f78ea476068ada49 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 27022b57017c30efe5f03cde5a43a77b |
| SHA1 | a0bb645ad58b33179bca861eb035327044c3cffc |
| SHA256 | 82b0ae282cf070a11a3364093bdf40e8a588d20fe32fb30c39a0f8edba60ac5e |
| SHA512 | 8623bdc89818dd20215f2c5215e6ab5b5b2d4ce69849600b87aac38a53b2f3a3ff67b57c180e85ae780cae3ffab21c58855e55f7f1b7a73ecb134398d61eaf17 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e5ef7ac8b2e2527835ad8b2bfd43bdfa |
| SHA1 | 979bdb121e29b916f2b55a0d0c8bd3cdbc278a48 |
| SHA256 | 3d7042b199b7b598aa36feba2b76d924ccb039104fcbfc925f1a6cdb9143ea16 |
| SHA512 | 5991f79a6255594f2142bc0e2177467cf9f1d9d584dbdc4dc0484c115ed94b0fadc2f3f5251a0f848820d78ed0d0dd401905531807ffcf9750adbbf710c960ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 919dbb031ad7d50fbee5f6857a0ed3e3 |
| SHA1 | 6020d3fde98f85540628383e71f378a2eceda306 |
| SHA256 | 392bfcf8b2f839e154e023a937adf91b4df1b228630acbf2ded18001fb23f146 |
| SHA512 | b91cf61568f1a4409c224aa2709ee8626ad301beeac5ffb27c2fd8cab5f0d92b8636d481a22f81ff0849f3d52f450153052f8e025de83477b8d12c22173acc97 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6cf5e0c4949b3f623cc71c7805fc423c |
| SHA1 | 9face29b964244ee9c1e764d4a47ec3610b4841a |
| SHA256 | 0326f4937123b1d19668bfe9bd1e39367c57cf95fbbf3844ba5ccbfad0774776 |
| SHA512 | 44582915eae1ba85631a84ff6132e355730020fe7feb3592ae9e16efbd24061426253eed6ddbad34ac6401da614189e70eb217da1dc93078a4af1988d1c53d04 |
C:\Users\Admin\Downloads\MEMZ.exe
| MD5 | 1d5ad9c8d3fee874d0feb8bfac220a11 |
| SHA1 | ca6d3f7e6c784155f664a9179ca64e4034df9595 |
| SHA256 | 3872c12d31fc9825e8661ac01ecee2572460677afbc7093f920a8436a42e28ff |
| SHA512 | c8246f4137416be33b6d1ac89f2428b7c44d9376ac8489a9fbf65ef128a6c53fb50479e1e400c8e201c8611992ab1d6c1bd3d6cece89013edb4d35cdd22305b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | a083c8061d25bd1894ce2f999a7f83bb |
| SHA1 | ea8a461dc8f19756e7941205f32e5d0897795e6f |
| SHA256 | cd3de52e8aa2beb9a3081dd31445bec50ffad39491d64c6b568ede3105130cfd |
| SHA512 | 18f5c7924f56cba47d71d31fd2a55149c29ea27c47af589423ed9e6ff5d43aa3ebf9d5b8ee6b6480434e590cf431a0b83a1efb49172d6e26d155d488d6d98edf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0f57e400668f07a04659355440dac59f |
| SHA1 | 777e3dbffdebaad80ae48d1bbc31dd57fab2d92b |
| SHA256 | 45bf57cb390374ffeed3560a680fe08c1b41a70eb0308c2145a532b4e03eb3e8 |
| SHA512 | 5fab5c7bfd5213dcfe8b3a2d676329fad7ab69927f63bee4cc121b06e7e5d86af9639a2077cf66c66815b2c04b46961d2c8836bc46e064777d518b360ed9f193 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 380da4d6670a4a0f5cfcfdc6587da7ce |
| SHA1 | ff3d1234a2838916379b069658bbfb53a626b83c |
| SHA256 | 55f916ff6dbf9c3085c74f6e4d706f5895fce33a9202fefc15d9edb32323188b |
| SHA512 | 8689daead83c1980f7f81b0a808c2368773e5b736511dc20e49a08e999908b619b79aefd638eb2bf91bcc77e6991fde1ebb174a4331123fc76e344da39d50751 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7ea9ed92ef20f8ecf10ed9c7941adf10 |
| SHA1 | 91999b46239c7e0b31d4a939bd8553cae5e4d473 |
| SHA256 | df256b0e19e3198a10dd04ecef33a98bd5db3cc22d810138402cfd4a86e79187 |
| SHA512 | d1998a5f89690d3b492afc7d3d2f94ba3c0cbe7795a4383ab79061b3d86632054401d2b21540f5047fad4e92fe5bf3913ab0a9f5d2b08ad484d0bf1330065b5a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d1948e722dcc16150b7ce9636b1cb28f |
| SHA1 | 757291d617e5cd2ef1acb697c44b1d924b3739c2 |
| SHA256 | 094e40ee47363d6b358c55b7c4bc3243d650523e0f5b72c27ebe5f0c2eeb0666 |
| SHA512 | f98ff98822913d6b63e90a659316e819ddf2b63f61dd30d866a150a81cf83ca327538fe76d3716bf4e502ce20b0f646ae83ca4b916468da9f1351b8e1bfe93dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3a2db5dc0765d2ba832f017f735b1826 |
| SHA1 | d50b9f3d260963396350e53612e3c2cf4d7f68aa |
| SHA256 | e2ad2cf471613f9f60f52b1d44c44d657b9bc17feddec0dce483ba858d3e9331 |
| SHA512 | c99bdcb85e6df40f64a53a0a8b545ede545652790636f4099df4f6649bb54309fde6fd2a23438a43663a84e67ff68814bdb0c105ac1a940c9c39c8adb620c394 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d989274f857a4c89214a048a11cd19f9 |
| SHA1 | 0c32d493b276696cad0f16032a4754cda31b8b74 |
| SHA256 | 1c9f73075bd8dedd733b954868e020e0d9772e97518119e372c1d97bdc7c41be |
| SHA512 | 4ef9b826220220a760ec1c6b88607d9e877c76b91e16757b7e5c5ea23e10c43c184b86c3c0f9f5170ea1f9cd8e0a7501334031546cf60cff6c37d36745e3c526 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7313202f70fe97bd2519a7f5d735b636 |
| SHA1 | 0ecbe08f96c9469b535de0a285c78ea6b0ac7db5 |
| SHA256 | d24e72997aa7264a99b72929ccb5303330fbdaadc473ebafbef177c37d3959df |
| SHA512 | 44c3d561f55dd49293ca567bfe6957ddf0f5bca667c3e7c5b4f15a5e9af49ac105c7191ee38ee4a8bf9b4b300c8cc436b675001bf6ae2861f4138ba2ad0f5c58 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\QMY23W13\favicon[1].ico
| MD5 | f3418a443e7d841097c714d69ec4bcb8 |
| SHA1 | 49263695f6b0cdd72f45cf1b775e660fdc36c606 |
| SHA256 | 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770 |
| SHA512 | 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\ImageStore\pg3sp6z\imagestore.dat
| MD5 | d4745cdfc2df34fd3d853c015497a5f0 |
| SHA1 | 036f75164232caa18f1ee855a2918dd79cff1f0e |
| SHA256 | b399d50e8698a682b947781810a1284991abff5d873e328bd19b234224c54599 |
| SHA512 | 422beb42e6d3fe5c9d6f4e8ceb2c59947043d9f150c091d796d333ec3e52c2705e053e3b94812969cd50fde4732d0e194f852dd8321361c177c339cf37928b60 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\LogFiles\edb.log
| MD5 | f83708e7e79ef8c9f237f5a046ecc1cb |
| SHA1 | 23bd168bb77601b42310fb5535e7561ff25c05ad |
| SHA256 | a858363b7955cd96efc75ebcd14b76900341249d3fbca4a7dd4e707982c01eec |
| SHA512 | 66ac0675426fa1ec2563c0131a8a6f2462ef26f0c52c01c209c24e052d1f678c259275835511a7f7344cad2b8074d1a01f4a8414514861725bea1b038d086179 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 964d8d91c08cd520340a8cc5d7fd2ed5 |
| SHA1 | 34e74ca3f15752897a20bf9f0879c2a1831c5314 |
| SHA256 | 35b9d03c727b5e98f535477014fc5828ec5e8261f877d0abdd1f1775244021fb |
| SHA512 | 3b9ea66e468279fe710e46b9664dbe20f5f083486d9b0f21b2a6bd6173451e96f808cdb13fc98f9c99a4c200663aee1c316dac0539d92cecb56e82defc4f26cc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 7d2b784582462b992ea55334a548cd6c |
| SHA1 | 87b18858623b0f2c93a905b5b0c97d9ea8280ef5 |
| SHA256 | 689a0c2162cb71ee02522023fa951e7dff147fc6e4679e76b39a6df141190bef |
| SHA512 | 7836248e9754e2988889ca45d6c4a8dde778a6595ac149c2a7fb8387729c4b62e2698bbc388099ede7ffc9708cb14862336f56c3894b6d782cadbd69dafc59f4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | afc0e96b3925787ca0a22c6cfaae3e08 |
| SHA1 | 6d65e1a147d2255a86b11558cad364936f16b1cf |
| SHA256 | 7316cbf893b657bf2096718244bb277898e84f517892b4e5b46cc08080f96949 |
| SHA512 | 4bd02f1117f338f7f3b6ed3da0e2a29d8cabca3ecc849f8455a5dec1243317489d92a0bfd34fe0e7a5ec495f60573c1226f88e3398a5488ede69f7f7c2b97d18 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | ec2b9b3e9d7aca09b02902af4f2c87c0 |
| SHA1 | 2ff4a6434f42faf1962814273c389c19e7973e4b |
| SHA256 | 1fb9033bfb8b9732a87efff3c8c3aad9eeaffe8adc421fa2ee513a1a439226af |
| SHA512 | dd80020a454a93b7720f673d3b011ad940365944dd8dadaf66ec678acb52288522edcc35de079fc9dd24ee43a3798aaaab415357b91ac22db93055b4987c107c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a2c91604bc7c1f9096654ee4b700d1c8 |
| SHA1 | 190f34140e84cea60995f1bb39fc148403161d19 |
| SHA256 | 14c1dd0f83dfce3c4413de9dee040a82af363d00c5201f9e4dc002064595af23 |
| SHA512 | 17e3f7fd143d59daf0a494573602e7d530b742b0de7066a09e61244bd10c78041c6f28269eceaa32c4fa26fe90d5b01af3f8d048be6e2e275532f27803ab2dca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | 445e349e8e5140eda2674a25936e1cbd |
| SHA1 | ea5d5c8df22c8e76cb0bacf9c87669d459a1a6bc |
| SHA256 | 2145e660ea619b044210b0dd9f80a1cc614f7a32290bee263d90cf068fa4cf25 |
| SHA512 | 382f96672d52020ce99dfd9f2d5b7df543bb2ce677fafa6131e1b413cdcf69feed88fdea75b6669a67dde2410efa120da60b651cd366060436c70b53ac2d59ee |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GVR39UQM\api[2].js
| MD5 | 832e6993cda3469c6a40da72268663ac |
| SHA1 | 4650b1e5c601a454d3fd746276fff4cd3dbd54aa |
| SHA256 | 0ef1e5d700fb1691e5faa92a14f8a755c8dd4a92ec9b1a2310ad769b225cf46f |
| SHA512 | 6aefa1b28c697c81239e47ff57b3b61cc67bdbf820b7eac99f924db2b5093b7d03a029accd7dce42d517bde32cec9f6540082f7557b72bdc3c8da27095d68b80 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GVR39UQM\YiMnlwYAPK-5JOvV4HgQVh4BjdfeuDlm7M1GgLf3u0w[1].js
| MD5 | 5d31f8563fd0092335680029470d6270 |
| SHA1 | 66f8eeecdfa6f440631eadfaf180260bd5254cac |
| SHA256 | 6223279706003cafb924ebd5e07810561e018dd7deb83966eccd4680b7f7bb4c |
| SHA512 | 99c33021aba199d6f25d24726d1f4db24b6bd827a27f1637a15a6005fa2266aa04bbbbf269ef18f7761be40239809276f9260d48cce58753d886794a06e5283d |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GVR39UQM\webworker[1].js
| MD5 | 62eb30af91dddd7d80f32a890e1e4672 |
| SHA1 | 37f1141450a98dda7dd8899600e46d8a9f7cc970 |
| SHA256 | d601447806420fb7676679daa6dbb113d6617440ecc79998bb013370dc08f4fa |
| SHA512 | 16446d271e46b6561b1e26d77394dcc999f49cbcdd9971cc836be2de8048fef46168dc578f02c8b33af492d586d1e636331360a21778eb337ddcd1d9af471da6 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AP5HIIJS\anchor[1].htm
| MD5 | 6aa26a497e7884b38d929ae4ed22d77d |
| SHA1 | d15c85d81b064e50718c00a143d98216db78079b |
| SHA256 | 5cbbf6c3333791f25271ece91a003116e650d9951114555ab73765fa0727648f |
| SHA512 | bb5f6b08067aba5217b6d996a9f6b648c30772f7f354007303ce3253f891e80fbdb01ac2e6a8cac0acce5a4bb5b06b7bae22698e9c61b1afd8a426c127edd992 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AP5HIIJS\bframe[5].htm
| MD5 | fc931c1f62756ff102443fd8a9840e8f |
| SHA1 | c7645a76d0568f9bca48dd832f2d0b17d04e585e |
| SHA256 | f8998a6bdc604f76a8c8444d8114d8be681e5618bb55f8ad374b22c4c63a24da |
| SHA512 | 2e02516cadf606eae212a58dcba036c90618444db83576c66156deb9e256de789af669e3ec1ad0e724b4c95764a6671d5826af32973beb201a06c2824845d317 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\BU0KRETY\edgecompatviewlist[1].xml
| MD5 | d4fc49dc14f63895d997fa4940f24378 |
| SHA1 | 3efb1437a7c5e46034147cbbc8db017c69d02c31 |
| SHA256 | 853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1 |
| SHA512 | cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\5O19EZTQ\suggestions[1].en-US
| MD5 | 5a34cb996293fde2cb7a4ac89587393a |
| SHA1 | 3c96c993500690d1a77873cd62bc639b3a10653f |
| SHA256 | c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad |
| SHA512 | e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\PES54EPL\www.vice[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\Q6NNEG0C\coast-228x228[1].png
| MD5 | b17926bfca4f7d534be63b7b48aa8d44 |
| SHA1 | baa8dbac0587dccdd18516fa7ed789f886c42114 |
| SHA256 | 885cf4c748081f6e569c4c5432249084eded544d55f7c85cf47ec1aebe6bdcd6 |
| SHA512 | a99269cc3c0af6a291e5373c4e488eaa3900e66bc3342933da3a18caff5401a4408aa1cb4463fac649c3cc5d88773f789fb120e292ed956188f1f5eda8ca7633 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\PES54EPL\www.vice[1].xml
| MD5 | 556e331a90d23da4dac0f9e322f76a81 |
| SHA1 | 3ca2beb59a8145408074bc359fff3a9d87713b55 |
| SHA256 | 81ec30802997a7dc2ce3eb467f67817073acb730c4206c484d869e3300becaa1 |
| SHA512 | e5ccddf212392c77e1c35e20fbae945e3fa9c36e40b2a040b8c2f36573543325f4e19102c219bf128a34f943ec68bdc175e8a1484c029258ca0385f67f123474 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\FIEUC5Z6\www.youtube[1].xml
| MD5 | 442b179c6e0baccb96c17b56928abc10 |
| SHA1 | 4e99660579491ac38261dcf480c13e3f02e7db04 |
| SHA256 | 3d535feaffe03e63653b749ad1aac178506984a72b1aca7918e335dffedf279a |
| SHA512 | bd3d57236c6bad43c908e1f1a1e3f287dc7901555635f3b890f2f842faefabd29f847dc9e8e90ef07f3b8ae9d024b9403d7cc16e4b2f520acfd3bff95dbd8c07 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\FIEUC5Z6\www.youtube[1].xml
| MD5 | 6ebb8e510fd726ec7ca4e950d40d2688 |
| SHA1 | 2c0bd95eb179863ffb8db54b90a102051a51a062 |
| SHA256 | 6c6baa8637570f3168fe8d9716448e0203b3e7c3e1f9779e608cb16aa6383cdf |
| SHA512 | bb99402370ccbdf832c858537f290058f3b979fc88f9692ddb38b65ee1938bd2bc555a97063c154157969d9d8e099b1de9bbdbc09089c1bcfc02fcfcec4421f7 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\FIEUC5Z6\www.youtube[1].xml
| MD5 | c8665ce2991fb863f13b6676ac83af50 |
| SHA1 | 572d7aa7cc88bdb3377cdb71e9d9270a1e340b2c |
| SHA256 | 944c4089e517d85315f1cce0f3a8cc022e0a22961f92896c991e2979e65c3775 |
| SHA512 | 78c397bf14a3d93fb2a69c014c091c8e1fdbe41c0fc38fe97ed8b14f380009652cb0ecf2d5d2595a2750b99fd96602b265e9cf4f0c5ea37ce7e517f4a0a9ad7c |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\QMY23W13\b80692[1].ico
| MD5 | ac0cd867e03ed914827807d4715bdfe7 |
| SHA1 | 4051a8c23756c10d9cc00fcde6f7215c780fdf6f |
| SHA256 | b50546da121186fbffd2aec430249cb21c7c2e2c85e561a393a9df9abfc4477c |
| SHA512 | fa11d1d76c39719c218b4ffa34de8dd44d398bdcbb236a666f0be6eeee96bcbe4da9ac65a89441ad284c0de21788c135dc4fd21f6f82c7039f00c8a7c705c8e2 |