Malware Analysis Report

2024-09-11 05:29

Sample ID 240623-sglk1aygpp
Target a.bat
SHA256 abb30b0a70e39de39ce0790c6c157fd04bcfb998705ec1672fe8070ff2d34573
Tags
defense_evasion discovery exploit persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

abb30b0a70e39de39ce0790c6c157fd04bcfb998705ec1672fe8070ff2d34573

Threat Level: Likely malicious

The file a.bat was found to be: Likely malicious.

Malicious Activity Summary

defense_evasion discovery exploit persistence

Possible privilege escalation attempt

Drops file in Drivers directory

Downloads MZ/PE file

Executes dropped EXE

Loads dropped DLL

Modifies file permissions

Checks computer location settings

File and Directory Permissions Modification: Windows File and Directory Permissions Modification

Looks up external IP address via web service

Adds Run key to start application

Checks installed software on the system

Drops file in System32 directory

Drops file in Program Files directory

Enumerates physical storage devices

Suspicious use of WriteProcessMemory

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies Internet Explorer settings

Modifies registry class

Modifies data under HKEY_USERS

Suspicious use of SetWindowsHookEx

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of SendNotifyMessage

Checks SCSI registry key(s)

Suspicious use of FindShellTrayWindow

Modifies Control Panel

Enumerates system info in registry

Kills process with taskkill

Checks processor information in registry

Suspicious behavior: AddClipboardFormatListener

Uses Task Scheduler COM API

Suspicious use of AdjustPrivilegeToken

MITRE ATT&CK Matrix V13

Initial Access
TA0001
Execution
TA0002
Persistence
TA0003
Boot or Logon Autostart Execution
T1547
Registry Run Keys / Startup Folder
T1547.001
Privilege Escalation
TA0004
Boot or Logon Autostart Execution
T1547
Registry Run Keys / Startup Folder
T1547.001
Defense Evasion
TA0005
File and Directory Permissions Modification
T1222
Windows File and Directory Permissions Modification
T1222.001
Modify Registry
T1112
Credential Access
TA0006
Discovery
TA0007
Query Registry
T1012
System Information Discovery
T1082
Peripheral Device Discovery
T1120
Lateral Movement
TA0008
Collection
TA0009
Exfiltration
TA0010
Command and Control
TA0011
Impact
TA0040
Resource Development
TA0042
Reconnaissance
TA0043

Analysis: static1

Detonation Overview

Reported

2024-06-23 15:05

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-23 15:05

Reported

2024-06-23 15:21

Platform

win10v2004-20240611-en

Max time kernel

922s

Max time network

924s

Command Line

C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\a.bat"

Signatures

Downloads MZ/PE file

Drops file in Drivers directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\drivers\etc\hosts C:\Users\Admin\AppData\Local\Temp\is-8C6LO.tmp\BuildBox-2-3-3_Loader_Setup.tmp N/A
File opened for modification C:\Windows\system32\drivers\etc\hosts C:\Users\Admin\AppData\Local\Temp\is-DEJ4K.tmp\BuildBox-2-3-3_Loader_Setup.tmp N/A
File opened for modification C:\Windows\system32\drivers\etc\hosts C:\Users\Admin\AppData\Local\Temp\is-BR9EL.tmp\BuildBox-2-3-3_Loader_Setup.tmp N/A

Possible privilege escalation attempt

exploit
Description Indicator Process Target
N/A N/A C:\Windows\system32\icacls.exe N/A
N/A N/A C:\Windows\system32\takeown.exe N/A
N/A N/A C:\Windows\system32\icacls.exe N/A
N/A N/A C:\Windows\system32\takeown.exe N/A
N/A N/A C:\Windows\system32\icacls.exe N/A
N/A N/A C:\Windows\system32\takeown.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\is-8C6LO.tmp\BuildBox-2-3-3_Loader_Setup.tmp N/A
Key value queried \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\is-DEJ4K.tmp\BuildBox-2-3-3_Loader_Setup.tmp N/A
Key value queried \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\_iu14D2N.tmp N/A
Key value queried \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\is-BR9EL.tmp\BuildBox-2-3-3_Loader_Setup.tmp N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\buildbox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-8C6LO.tmp\BuildBox-2-3-3_Loader_Setup.tmp N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox2Loader.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-DEJ4K.tmp\BuildBox-2-3-3_Loader_Setup.tmp N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox2Loader.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\unins000.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\_iu14D2N.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-G6IEG.tmp\Buildbox_2.3.3-1986.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-BR9EL.tmp\BuildBox-2-3-3_Loader_Setup.tmp N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox2Loader.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BsSndRpt.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox2Loader.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A

Modifies file permissions

discovery
Description Indicator Process Target
N/A N/A C:\Windows\system32\takeown.exe N/A
N/A N/A C:\Windows\system32\icacls.exe N/A
N/A N/A C:\Windows\system32\takeown.exe N/A
N/A N/A C:\Windows\system32\icacls.exe N/A
N/A N/A C:\Windows\system32\takeown.exe N/A
N/A N/A C:\Windows\system32\icacls.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Buildbox = "\"C:\\Program Files (x86)\\Buildbox\\BuildBox.exe\"" C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Buildbox = "\"C:\\Program Files (x86)\\Buildbox\\BuildBox.exe\"" C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Buildbox = "\"C:\\Program Files (x86)\\Buildbox\\BuildBox.exe\"" C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A

Checks installed software on the system

discovery

File and Directory Permissions Modification: Windows File and Directory Permissions Modification

defense_evasion

Looks up external IP address via web service

Description Indicator Process Target
N/A checkip.dyndns.org N/A N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSTokenDB2.dat C:\Windows\System32\svchost.exe N/A
File created C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSTokenDB2.dat C:\Windows\System32\svchost.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSS.log C:\Windows\System32\svchost.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSS.jtx C:\Windows\System32\svchost.exe N/A
File created C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSStmp.log C:\Windows\System32\svchost.exe N/A
File created C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSSres00001.jrs C:\Windows\System32\svchost.exe N/A
File created C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSSres00002.jrs C:\Windows\System32\svchost.exe N/A
File created C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSS.chk C:\Windows\System32\svchost.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSS.chk C:\Windows\System32\svchost.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSS.jcp C:\Windows\System32\svchost.exe N/A
File created C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSTokenDB2.jfm C:\Windows\System32\svchost.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File opened for modification C:\Program Files (x86)\Buildbox\d3dcompiler_47.dll C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File opened for modification C:\Program Files (x86)\Buildbox\imageformats\qgif.dll C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\is-8S3OR.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\QtGraphicalEffects\private\is-Q83HR.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\QtGraphicalEffects\is-VTKET.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\QtGraphicalEffects\private\is-AQQ4J.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File opened for modification C:\Program Files (x86)\Buildbox\Buildbox2Loader.exe C:\Users\Admin\AppData\Local\Temp\is-8C6LO.tmp\BuildBox-2-3-3_Loader_Setup.tmp N/A
File opened for modification C:\Program Files (x86)\Buildbox\imageformats\qtga.dll C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File opened for modification C:\Program Files (x86)\Buildbox\qmltooling\qmldbg_profiler.dll C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\is-4ELBG.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\Resources\presets\is-7NG6K.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\Resources\presets\is-FRF2K.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File opened for modification C:\Program Files (x86)\Buildbox\msvcr100.dll C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\is-I6ILQ.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\QtQuick\PrivateWidgets\is-EQN4A.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\Resources\presets\is-KFSFI.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\imageformats\is-TRQHA.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File opened for modification C:\Program Files (x86)\Buildbox\msvcr120.dll C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\LICENSES\is-2FR7R.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\Resources\presets\is-MDMUI.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\Resources\presets\is-CQE91.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\QtQuick\Window.2\is-7QMUS.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\Resources\presets\is-LJQH4.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File opened for modification C:\Program Files (x86)\Buildbox\pthreadVCE2.dll C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\qmltooling\is-QQ0N6.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\QtQuick\PrivateWidgets\is-8PQGH.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\Resources\presets\is-300CL.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\LoaderConfig.TXT C:\Users\Admin\AppData\Local\Temp\is-BR9EL.tmp\BuildBox-2-3-3_Loader_Setup.tmp N/A
File opened for modification C:\Program Files (x86)\Buildbox\mediaservice\dsengine.dll C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\is-SJ5FH.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\is-EDTK4.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\Resources\presets\is-DMHEJ.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\Resources\presets\is-192D5.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File opened for modification C:\Program Files (x86)\Buildbox\playlistformats\qtmultimedia_m3u.dll C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\is-8OMLG.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\is-L1EAL.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\QtQuick.2\is-QLQ69.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\Resources\demos\is-NNDL8.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\Resources\presets\is-17B94.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\QtGraphicalEffects\is-PAVQR.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\QtQuick\PrivateWidgets\is-JCQ7K.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\Resources\presets\is-02ID2.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\imageformats\is-5JA3L.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\LICENSES\is-CE932.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\Resources\presets\is-5N046.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\translations\is-9NNID.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File opened for modification C:\Program Files (x86)\Buildbox\msvcp120.dll C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\QtGraphicalEffects\is-7OM6E.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\imageformats\is-GV896.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\QtQuick.2\is-RAC3L.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File opened for modification C:\Program Files (x86)\Buildbox\imageformats\qdds.dll C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File opened for modification C:\Program Files (x86)\Buildbox\QtQuick.2\qtquick2plugin.dll C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\translations\is-L3UH3.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File opened for modification C:\Program Files (x86)\Buildbox\libvorbisfile.dll C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File opened for modification C:\Program Files (x86)\Buildbox\QtQuick\Layouts\qquicklayoutsplugin.dll C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\qmltooling\is-LL8ON.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\QtGraphicalEffects\is-TDL9O.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\QtQuick\Extras\is-CMS2V.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\QtQuick\Window.2\is-1FJN9.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File created C:\Program Files (x86)\Buildbox\Resources\is-R56A7.tmp C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
File opened for modification C:\Program Files (x86)\Buildbox\imageformats\qtiff.dll C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File created C:\Program Files (x86)\Buildbox\QtGraphicalEffects\is-TM5ND.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
File opened for modification C:\Program Files (x86)\Buildbox\Qt5Core.dll C:\Users\Admin\AppData\Local\Temp\is-8C6LO.tmp\BuildBox-2-3-3_Loader_Setup.tmp N/A
File created C:\Program Files (x86)\Buildbox\LICENSES\is-CB9TR.tmp C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A

Enumerates physical storage devices

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Kills process with taskkill

evasion
Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\taskkill.exe N/A
N/A N/A C:\Windows\SysWOW64\taskkill.exe N/A
N/A N/A C:\Windows\SysWOW64\taskkill.exe N/A
N/A N/A C:\Windows\SysWOW64\taskkill.exe N/A
N/A N/A C:\Windows\SysWOW64\taskkill.exe N/A
N/A N/A C:\Windows\SysWOW64\taskkill.exe N/A

Modifies Control Panel

evasion
Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000\Control Panel\Desktop\ForegroundLockTimeout = "0" C:\Program Files (x86)\Buildbox\BsSndRpt.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000\Control Panel\Desktop\ForegroundLockTimeout = "1700412" C:\Program Files (x86)\Buildbox\BsSndRpt.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" C:\Windows\explorer.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133636287716321971" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365271" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365271" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" C:\Windows\system32\LogonUI.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4288567808" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292311040" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292311040" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "206" C:\Windows\system32\LogonUI.exe N/A
Set value (data) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = a6d8ff0076b9ed00429ce3000078d700005a9e000042750000264200f7630c00 C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0" C:\Windows\system32\LogonUI.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM C:\Windows\system32\LogonUI.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\telephon.cpl,-1#immutable1 = "Phone and Modem" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\inetcpl.cpl,-4312#immutable1 = "Internet Options" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\3\0\0 C:\Windows\explorer.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.bbdoc C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\16\Shell C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\16\Shell\SniffedFolderType = "Documents" C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\16\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\LogicalViewMode = "1" C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Build_Box_Project C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\3 C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 03000000020000000100000000000000ffffffff C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\11\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\GroupView = "0" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\12\Shell\{D674391B-52D9-4E07-834E-67C98610F39D}\GroupByDirection = "1" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\16\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\GroupByDirection = "1" C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\mmsys.cpl,-301#immutable1 = "Configure your audio devices or change the sound scheme for your computer." C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\11\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\IconSize = "48" C:\Windows\explorer.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Build_Box_Project C:\Users\Admin\AppData\Local\Temp\_iu14D2N.tmp N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\3\0\0 = 1e007180000000000000000000006abe817b2bce7646a29eeb907a5126c50000 C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Build_Box_Project\ = "Buildbox Project" C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\SyncCenter.dll,-3000#immutable1 = "Sync Center" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\DiagCpl.dll,-1#immutable1 = "Troubleshooting" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\12\Shell\{D674391B-52D9-4E07-834E-67C98610F39D}\FFlags = "18874433" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Build_Box_Project\shell\open C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257" C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202020202020202 C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sud.dll,-10#immutable1 = "Choose which programs you want Windows to use for activities like web browsing, editing photos, sending e-mail, and playing music." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\usercpl.dll,-1#immutable1 = "User Accounts" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\intl.cpl,-2#immutable1 = "Customize settings for the display of languages, numbers, times, and dates." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\inetcpl.cpl,-4313#immutable1 = "Configure your Internet display and connection settings." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\colorcpl.exe,-6#immutable1 = "Color Management" C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202020202020202020202020202 C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 01000000020000000000000003000000ffffffff C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\16\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\GroupView = "0" C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\devmgr.dll,-5#immutable1 = "View and update your device hardware settings and driver software." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\autoplay.dll,-2#immutable1 = "Change default settings for CDs, DVDs, and devices so that you can automatically play music, view pictures, install software, and play games." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\DiagCpl.dll,-15#immutable1 = "Troubleshoot and fix common computer problems." C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\WOW6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\powercpl.dll,-2#immutable1 = "Conserve energy or maximize performance by choosing how your computer manages power." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\Speech\SpeechUX\speechuxcpl.dll,-1#immutable1 = "Speech Recognition" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\11\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\LogicalViewMode = "2" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Build_Box_Project\shell\open\command\ = "\"C:\\Program Files (x86)\\Buildbox\\BuildBox.exe\" \"%1\"" C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 000000000200000001000000ffffffff C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2 C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\appwiz.cpl,-160#immutable1 = "Uninstall or change programs on your computer." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\usercpl.dll,-2#immutable1 = "Change user account settings and passwords for people who share this computer." C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\3\NodeSlot = "11" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\11\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\FFlags = "18874369" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\11\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\Mode = "6" C:\Windows\explorer.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Build_Box_Project\shell C:\Users\Admin\AppData\Local\Temp\_iu14D2N.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Build_Box_Project\shell C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\2\MRUListEx = ffffffff C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\Speech\SpeechUX\speechuxcpl.dll,-2#immutable1 = "Configure how speech recognition works on your computer." C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\3\MRUListEx = ffffffff C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\11\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\GroupByDirection = "1" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\FirewallControlPanel.dll,-12122#immutable1 = "Windows Defender Firewall" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\devmgr.dll,-4#immutable1 = "Device Manager" C:\Windows\explorer.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-8C6LO.tmp\BuildBox-2-3-3_Loader_Setup.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-8C6LO.tmp\BuildBox-2-3-3_Loader_Setup.tmp N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox2Loader.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox2Loader.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\SnippingTool.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\BuildBox.exe N/A
N/A N/A C:\Windows\system32\SnippingTool.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\unins000.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\_iu14D2N.tmp N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Program Files (x86)\Buildbox\Buildbox.exe N/A
N/A N/A C:\Windows\system32\LogonUI.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3624 wrote to memory of 2280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 2280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 2608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 4988 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\a.bat"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd8e3eab58,0x7ffd8e3eab68,0x7ffd8e3eab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1676 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1964 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2240 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2944 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2952 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4340 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4476 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4624 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4912 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5088 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4748 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4752 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5000 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4328 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4496 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3224 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=3252 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5276 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5560 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5788 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5820 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5512 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5856 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=6096 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6196 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=6116 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=6420 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=6584 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=6748 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=6752 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=7096 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=7260 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=6364 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=7392 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=7464 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=6592 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=6156 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=7828 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=7816 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=7908 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=7904 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=8276 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=6432 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=5788 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=8520 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8908 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8096 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=8528 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=8420 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=5832 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=5496 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=6488 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=5452 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=8156 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=1184 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=8784 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=1724 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=4708 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=5504 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=8772 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=1724 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=9104 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=7200 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=9108 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=4436 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8312 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8692 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3316 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=9072 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=4700 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4204 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3204 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=7140 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --mojo-platform-channel-handle=5668 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=9120 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=4524 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --mojo-platform-channel-handle=4424 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=2480 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=6184 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --mojo-platform-channel-handle=6340 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --mojo-platform-channel-handle=5972 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --mojo-platform-channel-handle=7120 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --mojo-platform-channel-handle=5156 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --mojo-platform-channel-handle=5132 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --mojo-platform-channel-handle=5188 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --mojo-platform-channel-handle=8072 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --mojo-platform-channel-handle=8020 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --mojo-platform-channel-handle=8088 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --mojo-platform-channel-handle=5204 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --mojo-platform-channel-handle=7404 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --mojo-platform-channel-handle=8284 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --mojo-platform-channel-handle=6684 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --mojo-platform-channel-handle=9228 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --mojo-platform-channel-handle=9252 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --mojo-platform-channel-handle=9520 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --mojo-platform-channel-handle=9560 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --mojo-platform-channel-handle=9588 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --mojo-platform-channel-handle=8336 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10200 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7240 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7136 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=10024 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10024 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Users\Admin\Downloads\buildbox.exe

"C:\Users\Admin\Downloads\buildbox.exe"

C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp

"C:\Users\Admin\AppData\Local\Temp\is-31HA4.tmp\buildbox.tmp" /SL5="$180046,46582880,56832,C:\Users\Admin\Downloads\buildbox.exe"

C:\Program Files (x86)\Buildbox\BuildBox.exe

"C:\Program Files (x86)\Buildbox\BuildBox.exe"

C:\Windows\SysWOW64\werfault.exe

werfault.exe /h /shared Global\3b43f4c7db484dc0a671cea95a161fc2 /t 1416 /p 3096

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --mojo-platform-channel-handle=5696 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --mojo-platform-channel-handle=6544 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6764 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4756 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --mojo-platform-channel-handle=8260 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --mojo-platform-channel-handle=6544 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --mojo-platform-channel-handle=5000 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4272 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6248 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --mojo-platform-channel-handle=9912 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --mojo-platform-channel-handle=6604 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --mojo-platform-channel-handle=6380 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --mojo-platform-channel-handle=9848 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --mojo-platform-channel-handle=5436 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --mojo-platform-channel-handle=9912 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --mojo-platform-channel-handle=4732 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=9880 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=9400 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --mojo-platform-channel-handle=7952 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --mojo-platform-channel-handle=6560 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --mojo-platform-channel-handle=8932 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --mojo-platform-channel-handle=6864 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --mojo-platform-channel-handle=3028 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --mojo-platform-channel-handle=7148 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8312 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=9696 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --mojo-platform-channel-handle=9688 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --mojo-platform-channel-handle=6824 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --mojo-platform-channel-handle=9868 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=9572 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7680 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --mojo-platform-channel-handle=4272 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --mojo-platform-channel-handle=5636 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --mojo-platform-channel-handle=3228 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --mojo-platform-channel-handle=9220 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5152 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3240 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Windows\system32\SnippingTool.exe

"C:\Windows\system32\SnippingTool.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9784 --field-trial-handle=1876,i,17167946868643231171,5357543982934846878,131072 /prefetch:8

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Windows\system32\mspaint.exe

"C:\Windows\system32\mspaint.exe" "C:\Users\Admin\Desktop\Buildbox_2.3.3_Build_1986\Crack\INSTRUCTIONS.jpg" /ForceBootstrapPaint3D

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xfc,0x10c,0x7ffd8e3eab58,0x7ffd8e3eab68,0x7ffd8e3eab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1740 --field-trial-handle=1908,i,3845735947290949672,9378228444281257981,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1908,i,3845735947290949672,9378228444281257981,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2212 --field-trial-handle=1908,i,3845735947290949672,9378228444281257981,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2928 --field-trial-handle=1908,i,3845735947290949672,9378228444281257981,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2936 --field-trial-handle=1908,i,3845735947290949672,9378228444281257981,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4472 --field-trial-handle=1908,i,3845735947290949672,9378228444281257981,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4316 --field-trial-handle=1908,i,3845735947290949672,9378228444281257981,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4660 --field-trial-handle=1908,i,3845735947290949672,9378228444281257981,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4996 --field-trial-handle=1908,i,3845735947290949672,9378228444281257981,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5100 --field-trial-handle=1908,i,3845735947290949672,9378228444281257981,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4192 --field-trial-handle=1908,i,3845735947290949672,9378228444281257981,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4864 --field-trial-handle=1908,i,3845735947290949672,9378228444281257981,131072 /prefetch:1

C:\Users\Admin\Desktop\Buildbox_2.3.3_Build_1986\Crack\BuildBox-2-3-3_Loader_Setup.exe

"C:\Users\Admin\Desktop\Buildbox_2.3.3_Build_1986\Crack\BuildBox-2-3-3_Loader_Setup.exe"

C:\Users\Admin\AppData\Local\Temp\is-8C6LO.tmp\BuildBox-2-3-3_Loader_Setup.tmp

"C:\Users\Admin\AppData\Local\Temp\is-8C6LO.tmp\BuildBox-2-3-3_Loader_Setup.tmp" /SL5="$801D4,219014,111104,C:\Users\Admin\Desktop\Buildbox_2.3.3_Build_1986\Crack\BuildBox-2-3-3_Loader_Setup.exe"

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /7

C:\Windows\SysWOW64\taskkill.exe

"C:\Windows\SysWOW64\taskkill.exe" /F /IM Buildbox.exe /T

C:\Windows\SysWOW64\taskkill.exe

"C:\Windows\SysWOW64\taskkill.exe" /F /IM Buildbox.exe /T

C:\Windows\SYSTEM32\cmd.exe

"cmd.exe" /c takeown /f "C:\Windows\system32\drivers\etc\hosts" /r /d y

C:\Windows\system32\takeown.exe

takeown /f "C:\Windows\system32\drivers\etc\hosts" /r /d y

C:\Windows\SYSTEM32\cmd.exe

"cmd.exe" /c icacls "C:\Windows\system32\drivers\etc\hosts " /grant everyone:F /c /t /q

C:\Windows\system32\icacls.exe

icacls "C:\Windows\system32\drivers\etc\hosts " /grant everyone:F /c /t /q

C:\Program Files (x86)\Buildbox\Buildbox2Loader.exe

"C:\Program Files (x86)\Buildbox\Buildbox2Loader.exe"

C:\Users\Admin\Desktop\Buildbox_2.3.3_Build_1986\Crack\Modules\BuildBox-2-3-3_Loader_Setup.exe

"C:\Users\Admin\Desktop\Buildbox_2.3.3_Build_1986\Crack\Modules\BuildBox-2-3-3_Loader_Setup.exe"

C:\Users\Admin\AppData\Local\Temp\is-DEJ4K.tmp\BuildBox-2-3-3_Loader_Setup.tmp

"C:\Users\Admin\AppData\Local\Temp\is-DEJ4K.tmp\BuildBox-2-3-3_Loader_Setup.tmp" /SL5="$50308,219014,111104,C:\Users\Admin\Desktop\Buildbox_2.3.3_Build_1986\Crack\Modules\BuildBox-2-3-3_Loader_Setup.exe"

C:\Windows\SysWOW64\taskkill.exe

"C:\Windows\SysWOW64\taskkill.exe" /F /IM Buildbox.exe /T

C:\Windows\SysWOW64\taskkill.exe

"C:\Windows\SysWOW64\taskkill.exe" /F /IM Buildbox.exe /T

C:\Windows\SYSTEM32\cmd.exe

"cmd.exe" /c takeown /f "C:\Windows\system32\drivers\etc\hosts" /r /d y

C:\Windows\system32\takeown.exe

takeown /f "C:\Windows\system32\drivers\etc\hosts" /r /d y

C:\Windows\SYSTEM32\cmd.exe

"cmd.exe" /c icacls "C:\Windows\system32\drivers\etc\hosts " /grant everyone:F /c /t /q

C:\Windows\system32\icacls.exe

icacls "C:\Windows\system32\drivers\etc\hosts " /grant everyone:F /c /t /q

C:\Program Files (x86)\Buildbox\Buildbox2Loader.exe

"C:\Program Files (x86)\Buildbox\Buildbox2Loader.exe"

C:\Windows\explorer.exe

C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{FCC74B77-EC3E-4DD8-A80B-008A702075A9}

C:\Program Files (x86)\Buildbox\unins000.exe

"C:\Program Files (x86)\Buildbox\unins000.exe"

C:\Users\Admin\AppData\Local\Temp\_iu14D2N.tmp

"C:\Users\Admin\AppData\Local\Temp\_iu14D2N.tmp" /SECONDPHASE="C:\Program Files (x86)\Buildbox\unins000.exe" /FIRSTPHASEWND=$13016E

C:\Users\Admin\Desktop\Buildbox_2.3.3_Build_1986\Buildbox_2.3.3-1986.exe

"C:\Users\Admin\Desktop\Buildbox_2.3.3_Build_1986\Buildbox_2.3.3-1986.exe"

C:\Users\Admin\AppData\Local\Temp\is-G6IEG.tmp\Buildbox_2.3.3-1986.tmp

"C:\Users\Admin\AppData\Local\Temp\is-G6IEG.tmp\Buildbox_2.3.3-1986.tmp" /SL5="$1C02C4,76352150,56832,C:\Users\Admin\Desktop\Buildbox_2.3.3_Build_1986\Buildbox_2.3.3-1986.exe"

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /7

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5200.0.1705214258\109016566" -parentBuildID 20230214051806 -prefsHandle 1784 -prefMapHandle 1776 -prefsLen 22076 -prefMapSize 235121 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5879ad77-2249-4e5c-a047-594b937fa5ce} 5200 "\\.\pipe\gecko-crash-server-pipe.5200" 1864 1df0b92ec58 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5200.1.1527465622\4747722" -parentBuildID 20230214051806 -prefsHandle 2404 -prefMapHandle 2392 -prefsLen 22112 -prefMapSize 235121 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {36b9173b-6de0-48cc-bf64-d18a8d3706f1} 5200 "\\.\pipe\gecko-crash-server-pipe.5200" 2432 1df0bd76558 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5200.2.609962081\91394921" -childID 1 -isForBrowser -prefsHandle 2972 -prefMapHandle 2968 -prefsLen 22150 -prefMapSize 235121 -jsInitHandle 1264 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a1d411af-2d58-41f5-84dc-222b171cef3d} 5200 "\\.\pipe\gecko-crash-server-pipe.5200" 2984 1df0e707258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5200.3.1960513424\1928080044" -childID 2 -isForBrowser -prefsHandle 4148 -prefMapHandle 4160 -prefsLen 27616 -prefMapSize 235121 -jsInitHandle 1264 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {915e0273-0318-4d0e-8053-cb2a86dfb1a1} 5200 "\\.\pipe\gecko-crash-server-pipe.5200" 4172 1df0bf8fc58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5200.4.248150767\864329294" -childID 3 -isForBrowser -prefsHandle 4956 -prefMapHandle 4952 -prefsLen 27616 -prefMapSize 235121 -jsInitHandle 1264 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5c7532ac-2f61-427b-8169-7698f5309676} 5200 "\\.\pipe\gecko-crash-server-pipe.5200" 4968 1df1236f958 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5200.5.985445486\1984287389" -childID 4 -isForBrowser -prefsHandle 5104 -prefMapHandle 5108 -prefsLen 27616 -prefMapSize 235121 -jsInitHandle 1264 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1963b4cd-bcee-4f13-94c5-d316e44c2d77} 5200 "\\.\pipe\gecko-crash-server-pipe.5200" 5092 1df1236e758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5200.6.1954404433\1914257646" -childID 5 -isForBrowser -prefsHandle 5256 -prefMapHandle 5260 -prefsLen 27616 -prefMapSize 235121 -jsInitHandle 1264 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c88b9a1c-0bf5-41b8-9a7b-339a1175a1db} 5200 "\\.\pipe\gecko-crash-server-pipe.5200" 5244 1df1236e458 tab

C:\Users\Admin\Desktop\Buildbox_2.3.3_Build_1986\Buildbox_2.3.3-1986.exe

"C:\Users\Admin\Desktop\Buildbox_2.3.3_Build_1986\Buildbox_2.3.3-1986.exe"

C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp

"C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp" /SL5="$70288,76352150,56832,C:\Users\Admin\Desktop\Buildbox_2.3.3_Build_1986\Buildbox_2.3.3-1986.exe"

C:\Users\Admin\Desktop\Buildbox_2.3.3_Build_1986\Crack\BuildBox-2-3-3_Loader_Setup.exe

"C:\Users\Admin\Desktop\Buildbox_2.3.3_Build_1986\Crack\BuildBox-2-3-3_Loader_Setup.exe"

C:\Users\Admin\AppData\Local\Temp\is-BR9EL.tmp\BuildBox-2-3-3_Loader_Setup.tmp

"C:\Users\Admin\AppData\Local\Temp\is-BR9EL.tmp\BuildBox-2-3-3_Loader_Setup.tmp" /SL5="$24004A,219014,111104,C:\Users\Admin\Desktop\Buildbox_2.3.3_Build_1986\Crack\BuildBox-2-3-3_Loader_Setup.exe"

C:\Windows\SysWOW64\taskkill.exe

"C:\Windows\SysWOW64\taskkill.exe" /F /IM Buildbox.exe /T

C:\Windows\SysWOW64\taskkill.exe

"C:\Windows\SysWOW64\taskkill.exe" /F /IM Buildbox.exe /T

C:\Windows\SYSTEM32\cmd.exe

"cmd.exe" /c takeown /f "C:\Windows\system32\drivers\etc\hosts" /r /d y

C:\Windows\system32\takeown.exe

takeown /f "C:\Windows\system32\drivers\etc\hosts" /r /d y

C:\Windows\SYSTEM32\cmd.exe

"cmd.exe" /c icacls "C:\Windows\system32\drivers\etc\hosts " /grant everyone:F /c /t /q

C:\Windows\system32\icacls.exe

icacls "C:\Windows\system32\drivers\etc\hosts " /grant everyone:F /c /t /q

C:\Program Files (x86)\Buildbox\Buildbox2Loader.exe

"C:\Program Files (x86)\Buildbox\Buildbox2Loader.exe"

C:\Program Files (x86)\Buildbox\Buildbox.exe

"C:\Program Files (x86)\Buildbox\Buildbox.exe"

C:\Program Files (x86)\Buildbox\BsSndRpt.exe

"BsSndRpt.exe" /i "C:\Users\Admin\AppData\Local\Temp\BsSndRpt.ini" /dl

C:\Program Files (x86)\Buildbox\Buildbox2Loader.exe

"C:\Program Files (x86)\Buildbox\Buildbox2Loader.exe"

C:\Program Files (x86)\Buildbox\Buildbox.exe

"C:\Program Files (x86)\Buildbox\Buildbox.exe"

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x40c 0x4cc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x104,0x108,0x10c,0xd8,0x110,0x7ffd8e3eab58,0x7ffd8e3eab68,0x7ffd8e3eab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1932 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2064 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2944 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2976 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3304 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4396 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4408 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4660 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4724 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4788 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4520 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4948 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4472 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3344 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4984 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4996 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5872 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=3352 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5944 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=6004 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6152 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6312 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=6340 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6348 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=6936 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=7076 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=7228 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=7368 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=7532 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=7244 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=6628 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=7852 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=6680 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=8060 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=8196 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=8224 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=8452 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=8560 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=8592 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=8012 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=7892 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=7664 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=8484 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=8876 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=8868 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=8292 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=9192 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=9484 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=9548 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=9504 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=8024 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=10156 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6284 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8824 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=9880 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=9860 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=8764 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=8168 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8044 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=9800 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9880 --field-trial-handle=2044,i,17347479194150669590,17582772110752743090,131072 /prefetch:8

C:\Windows\SysWOW64\werfault.exe

werfault.exe /h /shared Global\c8f4193f15e345a1ae9c9056771f8106 /t 5860 /p 5828

C:\Windows\system32\LogonUI.exe

"LogonUI.exe" /flags:0x4 /state0:0xa3ffd055 /state1:0x41c64e6d

Network

Country Destination Domain Proto
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
US 8.8.8.8:53 99.58.20.217.in-addr.arpa udp
US 8.8.8.8:53 69.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.187.238:443 clients2.google.com udp
GB 142.250.187.238:443 clients2.google.com tcp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 ogs.google.com udp
GB 142.250.187.238:443 ogs.google.com tcp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 172.217.169.3:443 ssl.gstatic.com tcp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 consent.google.com udp
US 8.8.8.8:53 98.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 www.filehorse.com udp
US 104.20.0.51:443 www.filehorse.com tcp
US 104.20.0.51:443 www.filehorse.com tcp
US 8.8.8.8:53 static.filehorse.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 spn-v1.revampcdn.com udp
US 8.8.8.8:53 51.0.20.104.in-addr.arpa udp
US 151.101.193.91:443 spn-v1.revampcdn.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
US 104.20.1.51:443 static.filehorse.com udp
US 151.101.193.91:443 spn-v1.revampcdn.com tcp
US 8.8.8.8:53 ajax.googleapis.com udp
US 104.20.0.51:443 static.filehorse.com udp
GB 142.250.200.10:443 ajax.googleapis.com tcp
US 8.8.8.8:53 www.datadoghq-browser-agent.com udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 btloader.com udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 172.67.41.60:443 btloader.com tcp
HU 18.172.247.177:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
HU 18.244.0.24:443 www.datadoghq-browser-agent.com tcp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.187.246:443 i.ytimg.com tcp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 lexicon.33across.com udp
US 8.8.8.8:53 id.crwdcntrl.net udp
US 8.8.8.8:53 apps.cpi.arturito.cloud udp
GB 142.250.187.246:443 i.ytimg.com tcp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 ad-delivery.net udp
DE 162.19.138.83:443 id5-sync.com tcp
US 35.244.193.51:443 lexicon.33across.com tcp
US 34.120.186.113:443 apps.cpi.arturito.cloud tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 104.26.3.70:443 ad-delivery.net tcp
IE 52.211.142.73:443 id.crwdcntrl.net tcp
US 130.211.23.194:443 api.btloader.com tcp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 104.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 91.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 51.1.20.104.in-addr.arpa udp
US 8.8.8.8:53 10.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 60.41.67.172.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 177.247.172.18.in-addr.arpa udp
US 8.8.8.8:53 24.0.244.18.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 246.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 51.193.244.35.in-addr.arpa udp
US 8.8.8.8:53 83.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 113.186.120.34.in-addr.arpa udp
US 8.8.8.8:53 70.3.26.104.in-addr.arpa udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
HU 18.172.247.177:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
HU 18.239.255.86:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 images.sftcdn.net udp
US 130.211.23.194:443 api.btloader.com udp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
US 23.219.230.135:443 images.sftcdn.net tcp
US 23.219.230.135:443 images.sftcdn.net tcp
US 23.219.230.135:443 images.sftcdn.net tcp
US 23.219.230.135:443 images.sftcdn.net tcp
GB 142.250.187.238:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 104.22.52.86:443 cdn.id5-sync.com tcp
DE 162.19.138.83:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 6.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 73.142.211.52.in-addr.arpa udp
US 8.8.8.8:53 86.255.239.18.in-addr.arpa udp
US 8.8.8.8:53 120.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 135.230.219.23.in-addr.arpa udp
US 8.8.8.8:53 86.52.22.104.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 prg.smartadserver.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 shb.richaudience.com udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 ad.360yield.com udp
DE 37.252.171.21:443 ib.adnxs.com tcp
DE 37.252.171.21:443 ib.adnxs.com tcp
HU 18.172.244.239:443 aax.amazon-adsystem.com tcp
HU 18.172.244.239:443 aax.amazon-adsystem.com tcp
NL 89.149.192.192:443 prg.smartadserver.com tcp
NL 89.149.192.192:443 prg.smartadserver.com tcp
NL 89.149.192.192:443 prg.smartadserver.com tcp
NL 89.149.192.192:443 prg.smartadserver.com tcp
DE 46.4.139.58:443 shb.richaudience.com tcp
DE 46.4.139.58:443 shb.richaudience.com tcp
DE 46.4.139.58:443 shb.richaudience.com tcp
DE 46.4.139.58:443 shb.richaudience.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
US 8.8.8.8:53 invstatic101.creativecdn.com udp
US 8.8.8.8:53 oa.openxcdn.net udp
US 8.8.8.8:53 static.criteo.net udp
IE 52.18.168.73:443 ad.360yield.com tcp
US 8.8.8.8:53 f8c7545aafa19c399adfed18524b88bb.safeframe.googlesyndication.com udp
US 34.96.70.87:443 invstatic101.creativecdn.com tcp
US 34.102.146.192:443 oa.openxcdn.net tcp
GB 172.217.169.65:443 f8c7545aafa19c399adfed18524b88bb.safeframe.googlesyndication.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
US 8.8.8.8:53 esp.rtbhouse.com udp
US 8.8.8.8:53 dis.eu.criteo.com udp
US 35.190.39.111:443 esp.rtbhouse.com tcp
NL 178.250.1.9:443 dis.eu.criteo.com tcp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
IE 52.94.222.140:443 aax-eu.amazon-adsystem.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 uipglob.semasio.net udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 192.192.149.89.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 21.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 151.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 58.139.4.46.in-addr.arpa udp
US 8.8.8.8:53 239.244.172.18.in-addr.arpa udp
US 8.8.8.8:53 73.168.18.52.in-addr.arpa udp
US 8.8.8.8:53 192.146.102.34.in-addr.arpa udp
US 8.8.8.8:53 87.70.96.34.in-addr.arpa udp
US 8.8.8.8:53 65.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 226.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 111.39.190.35.in-addr.arpa udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 140.222.94.52.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
DK 77.243.51.122:443 uipglob.semasio.net tcp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 www.youtube-nocookie.com udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 216.58.204.78:443 www.youtube-nocookie.com tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
US 8.8.8.8:53 cdn.mediago.io udp
US 8.8.8.8:53 images.mediago.io udp
US 34.111.60.239:443 images.mediago.io tcp
HU 18.239.255.13:443 cdn.mediago.io tcp
US 8.8.8.8:53 cdn.ampproject.org udp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
US 8.8.8.8:53 ice.360yield.com udp
IE 52.214.128.20:443 ice.360yield.com tcp
HU 18.239.255.13:443 cdn.mediago.io tcp
US 8.8.8.8:53 trace-eu.mediago.io udp
US 8.8.8.8:53 gtrace.mediago.io udp
NL 35.214.168.80:443 gtrace.mediago.io tcp
NL 35.214.168.80:443 gtrace.mediago.io tcp
US 8.8.8.8:53 225.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 122.51.243.77.in-addr.arpa udp
US 8.8.8.8:53 78.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 6.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 239.60.111.34.in-addr.arpa udp
US 8.8.8.8:53 13.255.239.18.in-addr.arpa udp
US 8.8.8.8:53 193.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 20.128.214.52.in-addr.arpa udp
NL 35.214.168.80:443 gtrace.mediago.io tcp
US 8.8.8.8:53 match.adsrvr.org udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 15.197.193.217:443 match.adsrvr.org tcp
US 8.8.8.8:53 onetag-sys.com udp
DE 51.89.9.254:443 onetag-sys.com tcp
US 8.8.8.8:53 rtb.gumgum.com udp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
IE 52.51.107.176:443 rtb.gumgum.com tcp
US 8.8.8.8:53 ads.pubmatic.com udp
FR 178.32.210.231:443 ssbsync.smartadserver.com tcp
GB 2.21.188.239:443 ads.pubmatic.com tcp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 eb2.3lift.com udp
IE 54.154.252.226:443 ap.lijit.com tcp
US 76.223.111.18:443 eb2.3lift.com tcp
US 8.8.8.8:53 image6.pubmatic.com udp
US 8.8.8.8:53 ce.lijit.com udp
IE 52.17.236.65:443 ce.lijit.com tcp
GB 185.64.190.78:443 image6.pubmatic.com tcp
US 8.8.8.8:53 80.168.214.35.in-addr.arpa udp
IE 52.17.236.65:443 ce.lijit.com tcp
US 8.8.8.8:53 217.193.197.15.in-addr.arpa udp
US 8.8.8.8:53 254.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 176.107.51.52.in-addr.arpa udp
US 8.8.8.8:53 231.210.32.178.in-addr.arpa udp
US 8.8.8.8:53 239.188.21.2.in-addr.arpa udp
US 8.8.8.8:53 18.111.223.76.in-addr.arpa udp
US 8.8.8.8:53 226.252.154.54.in-addr.arpa udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 dis.criteo.com udp
US 8.8.8.8:53 sync.crwdcntrl.net udp
US 8.8.8.8:53 cr.frontend.weborama.fr udp
US 8.8.8.8:53 mwzeom.zeotap.com udp
US 8.8.8.8:53 um.simpli.fi udp
US 8.8.8.8:53 c1.adform.net udp
GB 142.250.200.2:443 cm.g.doubleclick.net tcp
GB 142.250.200.2:443 cm.g.doubleclick.net tcp
GB 142.250.200.2:443 cm.g.doubleclick.net tcp
GB 142.250.200.2:443 cm.g.doubleclick.net tcp
US 34.111.129.221:443 cr.frontend.weborama.fr tcp
NL 35.204.74.118:443 um.simpli.fi tcp
NL 178.250.1.9:443 dis.criteo.com tcp
US 172.67.40.173:443 mwzeom.zeotap.com tcp
DK 37.157.5.84:443 c1.adform.net tcp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 8.8.8.8:53 creativecdn.com udp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 sync.serverbid.com udp
US 8.8.8.8:53 aorta.clickagy.com udp
US 8.8.8.8:53 simage2.pubmatic.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
US 54.225.185.86:443 aorta.clickagy.com tcp
US 8.8.8.8:53 d.turn.com udp
NL 198.47.127.205:443 simage2.pubmatic.com tcp
HU 18.239.255.77:443 sync.serverbid.com tcp
IE 52.214.45.172:443 match.prod.bidr.io tcp
GB 142.250.200.2:443 cm.g.doubleclick.net udp
NL 46.228.164.13:443 d.turn.com tcp
US 8.8.8.8:53 image2.pubmatic.com udp
NL 198.47.127.205:443 image2.pubmatic.com tcp
NL 198.47.127.205:443 image2.pubmatic.com tcp
NL 198.47.127.205:443 image2.pubmatic.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 8.8.8.8:53 visitor.omnitagjs.com udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 8.8.8.8:53 sync.richaudience.com udp
DE 168.119.146.39:443 sync.richaudience.com tcp
US 151.101.65.108:443 acdn.adnxs.com tcp
FR 185.255.84.152:443 visitor.omnitagjs.com tcp
US 8.8.8.8:53 65.236.17.52.in-addr.arpa udp
US 8.8.8.8:53 78.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 2.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 221.129.111.34.in-addr.arpa udp
US 8.8.8.8:53 173.40.67.172.in-addr.arpa udp
US 8.8.8.8:53 84.5.157.37.in-addr.arpa udp
US 8.8.8.8:53 118.74.204.35.in-addr.arpa udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
US 8.8.8.8:53 205.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 77.255.239.18.in-addr.arpa udp
US 8.8.8.8:53 172.45.214.52.in-addr.arpa udp
US 8.8.8.8:53 86.185.225.54.in-addr.arpa udp
US 8.8.8.8:53 13.164.228.46.in-addr.arpa udp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 x.bidswitch.net udp
DE 168.119.146.39:443 sync.richaudience.com tcp
US 8.8.8.8:53 api-2-0.spot.im udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 8.8.8.8:53 image8.pubmatic.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 jadserve.postrelease.com udp
US 8.8.8.8:53 ssc-cms.33across.com udp
NL 185.89.210.212:443 secure.adnxs.com tcp
NL 185.89.210.212:443 secure.adnxs.com tcp
US 8.8.8.8:53 player.aniview.com udp
NL 46.228.174.117:443 sync.1rx.io tcp
HU 18.172.242.88:443 api-2-0.spot.im tcp
US 50.31.142.255:443 b1sync.zemanta.com tcp
US 54.166.206.131:443 sync.srv.stackadapt.com tcp
GB 185.64.191.214:443 image8.pubmatic.com tcp
DE 51.89.9.254:443 onetag-sys.com udp
IE 52.211.208.72:443 jadserve.postrelease.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 67.202.105.21:443 ssc-cms.33across.com tcp
NL 104.97.14.106:443 player.aniview.com tcp
US 8.8.8.8:53 cacerts.rapidssl.com udp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
ES 23.60.223.190:443 secure-assets.rubiconproject.com tcp
US 34.234.226.97:443 cs-server-s2s.yellowblue.io tcp
US 8.8.8.8:53 csync.loopme.me udp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 8.8.8.8:53 sync.aniview.com udp
US 80.77.87.161:443 cs.admanmedia.com tcp
NL 35.214.243.89:443 csync.loopme.me tcp
NL 89.149.192.74:443 rtb-csync.smartadserver.com tcp
NL 89.149.192.74:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 pr-bh.ybp.yahoo.com udp
US 96.46.186.182:443 sync.aniview.com tcp
US 8.8.8.8:53 eus.rubiconproject.com udp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
US 80.77.87.161:443 cs.admanmedia.com tcp
IE 52.51.16.113:443 pr-bh.ybp.yahoo.com tcp
US 8.8.8.8:53 id.rlcdn.com udp
US 8.8.8.8:53 bttrack.com udp
BE 104.90.26.20:443 eus.rubiconproject.com tcp
US 192.132.33.68:443 bttrack.com tcp
US 35.244.174.68:443 id.rlcdn.com tcp
US 8.8.8.8:53 sync.targeting.unrulymedia.com udp
US 8.8.8.8:53 ads.avads.net udp
US 34.128.133.112:443 ads.avads.net tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 80.77.87.161:443 cs.admanmedia.com tcp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 52.46.130.91:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 pixel.rubiconproject.com udp
NL 35.214.199.88:443 rtb.mfadsrvr.com udp
US 8.8.8.8:53 sync.mathtag.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
US 8.8.8.8:53 ads.stickyadstv.com udp
US 80.77.87.161:443 cs.admanmedia.com tcp
US 8.8.8.8:53 t.adx.opera.com udp
US 8.8.8.8:53 ssbsync-global.smartadserver.com udp
NL 69.173.156.148:443 pixel-eu.rubiconproject.com tcp
NL 69.173.156.148:443 pixel-eu.rubiconproject.com tcp
US 74.121.140.211:443 sync.mathtag.com tcp
NL 69.173.156.148:443 pixel-eu.rubiconproject.com tcp
FR 154.54.250.80:443 ads.stickyadstv.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
NL 89.149.192.76:443 ssbsync-global.smartadserver.com tcp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
US 52.46.130.91:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 token.rubiconproject.com udp
DE 3.71.149.231:443 ups.analytics.yahoo.com tcp
US 8.8.8.8:53 108.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 152.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 39.146.119.168.in-addr.arpa udp
US 8.8.8.8:53 212.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 214.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 72.208.211.52.in-addr.arpa udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 88.242.172.18.in-addr.arpa udp
US 8.8.8.8:53 106.14.97.104.in-addr.arpa udp
US 8.8.8.8:53 131.206.166.54.in-addr.arpa udp
US 8.8.8.8:53 255.142.31.50.in-addr.arpa udp
US 8.8.8.8:53 21.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 190.223.60.23.in-addr.arpa udp
US 8.8.8.8:53 97.226.234.34.in-addr.arpa udp
US 8.8.8.8:53 89.243.214.35.in-addr.arpa udp
US 8.8.8.8:53 88.199.214.35.in-addr.arpa udp
US 8.8.8.8:53 20.26.90.104.in-addr.arpa udp
US 8.8.8.8:53 113.16.51.52.in-addr.arpa udp
US 8.8.8.8:53 182.186.46.96.in-addr.arpa udp
US 8.8.8.8:53 161.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 112.133.128.34.in-addr.arpa udp
US 8.8.8.8:53 68.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 91.130.46.52.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 80.250.54.154.in-addr.arpa udp
US 8.8.8.8:53 8.213.145.82.in-addr.arpa udp
US 8.8.8.8:53 211.140.121.74.in-addr.arpa udp
US 8.8.8.8:53 76.192.149.89.in-addr.arpa udp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 8.8.8.8:53 ads.travelaudience.com udp
US 8.8.8.8:53 sync.search.spotxchange.com udp
US 35.190.0.66:443 ads.travelaudience.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.8.8.8:53 pixel.tapad.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 34.111.113.62:443 pixel.tapad.com tcp
US 8.8.8.8:53 simage4.pubmatic.com udp
US 8.8.8.8:53 image4.pubmatic.com udp
NL 198.47.127.20:443 simage4.pubmatic.com tcp
GB 185.64.190.81:443 image4.pubmatic.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 52.46.130.91:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 sync.ipredictive.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 capi.connatix.com udp
US 8.8.8.8:53 ps.eyeota.net udp
US 54.158.1.77:443 sync.ipredictive.com tcp
US 8.8.8.8:53 pixel-us-east.rubiconproject.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 172.64.146.152:443 capi.connatix.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 px.ads.linkedin.com udp
DE 3.125.70.222:443 ps.eyeota.net tcp
US 69.173.151.100:443 pixel-us-east.rubiconproject.com tcp
US 52.46.130.91:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 live.primis.tech udp
US 13.107.42.14:443 px.ads.linkedin.com tcp
US 8.8.8.8:53 match.sharethrough.com udp
HU 18.172.242.123:443 live.primis.tech tcp
US 34.111.113.62:443 pixel.tapad.com udp
DE 3.122.213.30:443 match.sharethrough.com tcp
NL 35.214.243.89:443 csync.loopme.me tcp
US 8.8.8.8:53 149.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 66.0.190.35.in-addr.arpa udp
US 8.8.8.8:53 62.113.111.34.in-addr.arpa udp
US 8.8.8.8:53 231.149.71.3.in-addr.arpa udp
US 8.8.8.8:53 20.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 81.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 152.146.64.172.in-addr.arpa udp
US 8.8.8.8:53 77.1.158.54.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 100.151.173.69.in-addr.arpa udp
US 8.8.8.8:53 30.213.122.3.in-addr.arpa udp
US 8.8.8.8:53 123.242.172.18.in-addr.arpa udp
US 8.8.8.8:53 inmobi-match.dotomi.com udp
NL 63.215.202.172:443 inmobi-match.dotomi.com tcp
US 8.8.8.8:53 cms.quantserve.com udp
DE 91.228.74.166:443 cms.quantserve.com tcp
US 8.8.8.8:53 sonata-notifications.taptapnetworks.com udp
DE 35.157.30.247:443 sonata-notifications.taptapnetworks.com tcp
US 8.8.8.8:53 pixel.onaudience.com udp
FR 141.94.171.214:443 pixel.onaudience.com tcp
US 8.8.8.8:53 io.narrative.io udp
IE 52.50.29.241:443 io.narrative.io tcp
US 8.8.8.8:53 172.202.215.63.in-addr.arpa udp
US 8.8.8.8:53 166.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 247.30.157.35.in-addr.arpa udp
US 8.8.8.8:53 214.171.94.141.in-addr.arpa udp
US 8.8.8.8:53 dsp.adfarm1.adition.com udp
DE 85.114.159.93:443 dsp.adfarm1.adition.com tcp
US 8.8.8.8:53 sync-tm.everesttech.net udp
US 151.101.66.49:443 sync-tm.everesttech.net tcp
US 8.8.8.8:53 pubmatic-match.dotomi.com udp
NL 89.207.16.140:443 pubmatic-match.dotomi.com tcp
US 8.8.8.8:53 bh.contextweb.com udp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 8.8.8.8:53 241.29.50.52.in-addr.arpa udp
US 8.8.8.8:53 93.159.114.85.in-addr.arpa udp
US 8.8.8.8:53 49.66.101.151.in-addr.arpa udp
US 8.8.8.8:53 140.16.207.89.in-addr.arpa udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com udp
US 8.8.8.8:53 csm.nl3.eu.criteo.net udp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 25.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 id.google.com udp
GB 172.217.169.67:443 id.google.com tcp
GB 142.250.187.246:443 i.ytimg.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.179.238:443 www.youtube.com udp
GB 142.250.179.238:443 www.youtube.com tcp
US 8.8.8.8:53 www.buildbox.com udp
US 18.205.139.99:443 www.buildbox.com tcp
US 18.205.139.99:443 www.buildbox.com tcp
US 8.8.8.8:53 maxcdn.bootstrapcdn.com udp
US 8.8.8.8:53 downloads.buildbox.com udp
US 104.18.10.207:443 maxcdn.bootstrapcdn.com tcp
HU 18.172.242.110:443 downloads.buildbox.com tcp
US 8.8.8.8:53 i.imgur.com udp
US 104.18.10.207:443 maxcdn.bootstrapcdn.com udp
US 199.232.196.193:443 i.imgur.com tcp
US 8.8.8.8:53 207.10.18.104.in-addr.arpa udp
US 8.8.8.8:53 99.139.205.18.in-addr.arpa udp
US 8.8.8.8:53 110.242.172.18.in-addr.arpa udp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 193.196.232.199.in-addr.arpa udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 163.70.147.23:443 connect.facebook.net tcp
GB 199.232.56.157:443 platform.twitter.com tcp
GB 163.70.147.23:443 connect.facebook.net udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
BE 64.233.166.156:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 syndication.twitter.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
US 104.244.42.136:443 syndication.twitter.com tcp
GB 142.250.200.3:443 www.google.co.uk tcp
GB 142.250.200.3:443 www.google.co.uk tcp
US 8.8.8.8:53 twitter.com udp
US 8.8.8.8:53 23.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 157.56.232.199.in-addr.arpa udp
US 8.8.8.8:53 136.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 156.166.233.64.in-addr.arpa udp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 platform.buildbox.com udp
US 8.8.8.8:53 www.facebook.com udp
US 54.174.140.201:443 platform.buildbox.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 frontend-assets.buildbox.com udp
HU 18.172.242.36:443 frontend-assets.buildbox.com tcp
US 8.8.8.8:53 35.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 201.140.174.54.in-addr.arpa udp
US 8.8.8.8:53 36.242.172.18.in-addr.arpa udp
US 104.18.10.207:443 maxcdn.bootstrapcdn.com udp
GB 163.70.147.35:443 www.facebook.com udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
GB 172.217.169.67:443 id.google.com udp
US 8.8.8.8:53 buildbox.software.informer.com udp
US 104.22.17.194:443 buildbox.software.informer.com tcp
US 104.22.17.194:443 buildbox.software.informer.com tcp
US 8.8.8.8:53 img.informer.com udp
US 8.8.8.8:53 hits.informer.com udp
US 8.8.8.8:53 software.informer.com udp
US 8.8.8.8:53 i.informer.com udp
US 74.117.179.70:443 img.informer.com tcp
US 74.117.179.70:443 img.informer.com tcp
US 74.117.179.70:443 img.informer.com tcp
US 74.117.179.70:443 img.informer.com tcp
US 74.117.179.70:443 img.informer.com tcp
US 74.117.179.70:443 img.informer.com tcp
US 204.155.159.109:443 hits.informer.com tcp
US 104.22.16.194:443 i.informer.com tcp
US 104.22.16.194:443 i.informer.com tcp
US 104.22.16.194:443 i.informer.com tcp
US 104.22.16.194:443 i.informer.com tcp
US 104.22.16.194:443 i.informer.com tcp
US 104.22.16.194:443 i.informer.com tcp
US 104.22.16.194:443 i.informer.com tcp
US 8.8.8.8:53 194.17.22.104.in-addr.arpa udp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
US 8.8.8.8:53 194.16.22.104.in-addr.arpa udp
US 8.8.8.8:53 70.179.117.74.in-addr.arpa udp
US 8.8.8.8:53 109.159.155.204.in-addr.arpa udp
GB 142.250.187.238:443 www.youtube.com udp
GB 142.250.187.238:443 www.youtube.com udp
BE 74.125.206.84:443 accounts.google.com udp
US 8.8.8.8:53 84.206.125.74.in-addr.arpa udp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
GB 172.217.169.67:443 id.google.com tcp
US 204.155.159.109:443 hits.informer.com tcp
US 8.8.8.8:53 art-u2.infcdn.net udp
US 8.8.8.8:53 art-u1.infcdn.net udp
US 74.117.179.74:443 art-u1.infcdn.net tcp
US 74.117.179.74:443 art-u1.infcdn.net tcp
US 74.117.179.74:443 art-u1.infcdn.net tcp
US 74.117.179.74:443 art-u1.infcdn.net tcp
US 8.8.8.8:53 74.179.117.74.in-addr.arpa udp
US 204.155.159.109:443 hits.informer.com tcp
GB 172.217.169.67:443 id.google.com udp
US 8.8.8.8:53 p4-gueizrzuqoa52-g6sjft4tyx25bdlw-if-v6exp3-v4.metric.gstatic.com udp
GB 142.250.200.35:443 p4-gueizrzuqoa52-g6sjft4tyx25bdlw-if-v6exp3-v4.metric.gstatic.com tcp
GB 142.250.200.35:443 p4-gueizrzuqoa52-g6sjft4tyx25bdlw-if-v6exp3-v4.metric.gstatic.com udp
US 8.8.8.8:53 35.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 p4-gueizrzuqoa52-g6sjft4tyx25bdlw-589314-i1-v6exp3.ds.metric.gstatic.com udp
US 8.8.8.8:53 p4-gueizrzuqoa52-g6sjft4tyx25bdlw-589314-i2-v6exp3.v4.metric.gstatic.com udp
GB 142.250.179.242:443 p4-gueizrzuqoa52-g6sjft4tyx25bdlw-589314-i2-v6exp3.v4.metric.gstatic.com tcp
GB 142.250.187.210:443 p4-gueizrzuqoa52-g6sjft4tyx25bdlw-589314-i1-v6exp3.ds.metric.gstatic.com tcp
US 8.8.8.8:53 242.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 210.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 art-u3.infcdn.net udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
US 8.8.8.8:53 205.47.74.20.in-addr.arpa udp
US 8.8.8.8:53 10.27.171.150.in-addr.arpa udp
US 8.8.8.8:53 download.informer.com udp
US 89.187.179.101:443 download.informer.com tcp
US 8.8.8.8:53 101.179.187.89.in-addr.arpa udp
GB 142.250.179.238:443 www.youtube.com udp
US 8.8.8.8:53 tinyurl.com udp
US 104.20.138.65:443 tinyurl.com tcp
US 104.20.138.65:443 tinyurl.com tcp
US 8.8.8.8:53 www.mediafire.com udp
US 104.16.113.74:443 www.mediafire.com tcp
US 8.8.8.8:53 65.138.20.104.in-addr.arpa udp
US 8.8.8.8:53 the.gatekeeperconsent.com udp
US 104.21.42.32:443 the.gatekeeperconsent.com tcp
US 8.8.8.8:53 www.ezojs.com udp
US 8.8.8.8:53 translate.google.com udp
US 8.8.8.8:53 privacy.gatekeeperconsent.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.16.113.74:443 www.mediafire.com udp
US 8.8.8.8:53 cdn.amplitude.com udp
US 8.8.8.8:53 static.mediafire.com udp
US 104.21.63.106:443 www.ezojs.com tcp
US 130.211.23.194:443 api.btloader.com udp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 172.67.199.186:443 privacy.gatekeeperconsent.com tcp
HU 18.172.242.4:443 cdn.amplitude.com tcp
US 8.8.8.8:53 cdn.otnolatrnup.com udp
US 172.67.199.186:443 privacy.gatekeeperconsent.com udp
US 104.16.53.110:443 cdn.otnolatrnup.com tcp
US 104.21.42.32:443 privacy.gatekeeperconsent.com udp
US 8.8.8.8:53 translate.googleapis.com udp
GB 172.217.169.74:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 74.113.16.104.in-addr.arpa udp
US 8.8.8.8:53 73.79.16.104.in-addr.arpa udp
US 8.8.8.8:53 32.42.21.104.in-addr.arpa udp
US 8.8.8.8:53 106.63.21.104.in-addr.arpa udp
US 8.8.8.8:53 186.199.67.172.in-addr.arpa udp
US 8.8.8.8:53 4.242.172.18.in-addr.arpa udp
US 8.8.8.8:53 110.53.16.104.in-addr.arpa udp
US 8.8.8.8:53 g.ezoic.net udp
FR 15.188.219.54:443 g.ezoic.net tcp
US 8.8.8.8:53 go.ezodn.com udp
US 8.8.8.8:53 www.mediafiredls.com udp
US 8.8.8.8:53 api.amplitude.com udp
US 104.21.42.32:443 privacy.gatekeeperconsent.com udp
BE 64.233.166.156:443 stats.g.doubleclick.net udp
US 172.67.142.121:443 go.ezodn.com tcp
US 172.67.142.121:443 go.ezodn.com tcp
US 172.67.142.121:443 go.ezodn.com tcp
US 104.26.3.173:443 www.mediafiredls.com tcp
US 52.89.2.72:443 api.amplitude.com tcp
GB 142.250.200.3:443 www.google.co.uk udp
US 8.8.8.8:53 g.ezodn.com udp
GB 142.250.200.34:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 otnolatrnup.com udp
US 8.8.8.8:53 translate-pa.googleapis.com udp
US 172.67.142.121:443 g.ezodn.com udp
US 8.8.8.8:53 bshr.ezodn.com udp
US 104.21.87.79:443 bshr.ezodn.com tcp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 ad.crwdcntrl.net udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
IE 52.211.142.73:443 bcp.crwdcntrl.net tcp
IE 52.215.98.156:443 bcp.crwdcntrl.net tcp
US 104.21.87.79:443 bshr.ezodn.com udp
HU 18.239.255.43:443 tags.crwdcntrl.net tcp
US 8.8.8.8:53 54.219.188.15.in-addr.arpa udp
US 8.8.8.8:53 121.142.67.172.in-addr.arpa udp
US 8.8.8.8:53 173.3.26.104.in-addr.arpa udp
US 8.8.8.8:53 72.2.89.52.in-addr.arpa udp
US 8.8.8.8:53 79.87.21.104.in-addr.arpa udp
US 8.8.8.8:53 156.98.215.52.in-addr.arpa udp
GB 142.250.187.238:443 translate.google.com udp
US 8.8.8.8:53 43.255.239.18.in-addr.arpa udp
US 8.8.8.8:53 script.4dex.io udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 ghb.adtelligent.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 104.26.8.169:443 script.4dex.io tcp
DE 51.89.9.254:443 onetag-sys.com tcp
US 8.8.8.8:53 prebid.smilewanted.com udp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
FR 15.188.219.54:443 g.ezoic.net tcp
DE 18.157.230.4:443 tlx.3lift.com tcp
US 104.18.36.155:443 htlb.casalemedia.com tcp
NL 145.40.97.66:443 prebid.a-mo.net tcp
DE 142.132.249.188:443 ghb.adtelligent.com tcp
HU 18.172.242.103:443 hb.yellowblue.io tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 34.102.146.192:443 oa.openxcdn.net udp
NL 178.250.1.3:443 static.criteo.net tcp
US 8.8.8.8:53 cdn.prod.uidapi.com udp
US 8.8.8.8:53 invstatic101.creativecdn.com udp
US 172.67.14.119:443 prebid.smilewanted.com tcp
US 172.67.14.119:443 prebid.smilewanted.com tcp
US 172.67.14.119:443 prebid.smilewanted.com tcp
US 172.67.14.119:443 prebid.smilewanted.com tcp
US 172.67.14.119:443 prebid.smilewanted.com tcp
US 151.101.193.229:443 cdn.jsdelivr.net tcp
US 8.8.8.8:53 cdn-ima.33across.com udp
US 8.8.8.8:53 169.8.26.104.in-addr.arpa udp
HU 18.244.2.186:443 cdn.prod.uidapi.com tcp
US 34.96.70.87:443 invstatic101.creativecdn.com udp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
US 172.64.152.89:443 cdn-ima.33across.com tcp
US 8.8.8.8:53 oajs.openx.net udp
DE 162.19.138.83:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 cadmus.script.ac udp
US 104.26.8.169:443 script.4dex.io tcp
US 104.18.23.145:443 cadmus.script.ac tcp
US 34.120.107.143:443 oajs.openx.net tcp
US 8.8.8.8:53 ghb1.adtelligent.com udp
US 104.18.36.155:443 htlb.casalemedia.com udp
US 107.151.11.18:443 ghb1.adtelligent.com tcp
US 34.120.107.143:443 oajs.openx.net udp
US 8.8.8.8:53 google-bidout-d.openx.net udp
US 35.244.159.8:443 google-bidout-d.openx.net tcp
US 8.8.8.8:53 cfg.dotnxdomain.net udp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 8.8.8.8:53 4.230.157.18.in-addr.arpa udp
US 8.8.8.8:53 66.97.40.145.in-addr.arpa udp
US 8.8.8.8:53 188.249.132.142.in-addr.arpa udp
US 8.8.8.8:53 103.242.172.18.in-addr.arpa udp
US 8.8.8.8:53 119.14.67.172.in-addr.arpa udp
US 8.8.8.8:53 229.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 186.2.244.18.in-addr.arpa udp
US 8.8.8.8:53 89.152.64.172.in-addr.arpa udp
US 8.8.8.8:53 145.23.18.104.in-addr.arpa udp
US 8.8.8.8:53 18.11.151.107.in-addr.arpa udp
US 8.8.8.8:53 143.107.120.34.in-addr.arpa udp
US 8.8.8.8:53 8.159.244.35.in-addr.arpa udp
SG 139.162.2.194:443 cfg.dotnxdomain.net tcp
NL 178.250.1.11:443 gum.criteo.com tcp
SG 139.162.2.194:443 cfg.dotnxdomain.net tcp
US 104.16.53.110:443 otnolatrnup.com udp
US 8.8.8.8:53 download946.mediafire.com udp
US 205.196.121.141:443 download946.mediafire.com tcp
US 205.196.121.141:443 download946.mediafire.com tcp
US 8.8.8.8:53 194.2.162.139.in-addr.arpa udp
US 8.8.8.8:53 0du-ud2cbb35a-c231-a0cb9-s1719155282-ibf65d127-0.eu.dotnxdomain.net udp
US 8.8.8.8:53 04u-ud2cbb35a-c231-a0cb9-s1719155282-ibf65d127-0.eu.dotnxdomain.net udp
US 8.8.8.8:53 06u-ud2cbb35a-c231-a0cb9-s1719155282-ibf65d127-0.eu.dotnxdomain.net udp
US 8.8.8.8:53 0ds-ud2cbb35a-c231-a0cb9-s1719155282-ibf65d127-0.eu.dotnxdomain.net udp
US 8.8.8.8:53 0di-ud2cbb35a-c231-a0cb9-s1719155282-ibf65d127-0.eu.dotnxdomain.net udp
US 8.8.8.8:53 26u-ud2cbb35a-c231-a0cb9-s1719155282-ibf65d127-0.eu.dotnxdomain.net udp
US 8.8.8.8:53 000-000-000a-0000-000e-d2cbb35a-231-a0cb9-1719155282-bf65d127-0.eu2.dotnxdomain.net udp
US 8.8.8.8:53 14u-ud2cbb35a-c231-a0cb9-s1719155282-ibf65d127-0.eu.dotnxdomain.net udp
US 8.8.8.8:53 valid.starnxdomain.net udp
US 104.18.4.13:443 valid.starnxdomain.net tcp
US 103.21.244.12:443 invalid4.starnxdomain.net tcp
DE 172.105.90.234:443 0ds-ud2cbb35a-c231-a0cb9-s1719155282-ibf65d127-0.eu.dotnxdomain.net tcp
BR 203.147.108.2:443 14u-ud2cbb35a-c231-a0cb9-s1719155282-ibf65d127-0.eu.dotnxdomain.net tcp
DE 172.105.90.234:443 0ds-ud2cbb35a-c231-a0cb9-s1719155282-ibf65d127-0.eu.dotnxdomain.net tcp
US 8.8.8.8:53 invalid6.starnxdomain.net udp
US 8.8.8.8:53 fdu-ud2cbb35a-c231-a0cb9-s1719155282-ibf65d127.tbeu.dotnxdomain.net udp
DE 172.105.90.234:443 0ds-ud2cbb35a-c231-a0cb9-s1719155282-ibf65d127-0.eu.dotnxdomain.net tcp
GB 80.85.84.96:443 fdu-ud2cbb35a-c231-a0cb9-s1719155282-ibf65d127.tbeu.dotnxdomain.net tcp
GB 142.250.200.10:443 translate-pa.googleapis.com udp
BR 203.147.108.2:443 14u-ud2cbb35a-c231-a0cb9-s1719155282-ibf65d127-0.eu.dotnxdomain.net tcp
US 103.21.244.12:443 invalid4.starnxdomain.net tcp
GB 80.85.84.96:443 fdu-ud2cbb35a-c231-a0cb9-s1719155282-ibf65d127.tbeu.dotnxdomain.net tcp
US 104.16.53.110:80 otnolatrnup.com tcp
US 104.16.53.110:80 otnolatrnup.com tcp
US 8.8.8.8:53 13.4.18.104.in-addr.arpa udp
US 8.8.8.8:53 141.121.196.205.in-addr.arpa udp
US 8.8.8.8:53 234.90.105.172.in-addr.arpa udp
US 8.8.8.8:53 woreppercomming.com udp
HU 18.239.255.56:443 woreppercomming.com tcp
US 8.8.8.8:53 www.ovardu.com udp
US 104.21.96.72:443 www.ovardu.com tcp
US 8.8.8.8:53 www.opera.com udp
US 8.8.8.8:53 56.255.239.18.in-addr.arpa udp
DE 18.158.194.117:443 www.opera.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 id.a-mx.com udp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 8.8.8.8:53 id.crwdcntrl.net udp
US 15.197.193.217:443 match.adsrvr.org tcp
US 8.8.8.8:53 s.console.adtarget.com.tr udp
IE 52.49.45.15:443 id.crwdcntrl.net tcp
DE 142.132.249.187:443 s.console.adtarget.com.tr tcp
US 8.8.8.8:53 visitor.omnitagjs.com udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 104.22.5.69:443 id.hadron.ad.gt tcp
DE 79.127.216.47:443 id.a-mx.com tcp
DE 79.127.216.47:443 id.a-mx.com tcp
US 104.22.5.69:443 id.hadron.ad.gt tcp
US 8.8.8.8:53 cm.adform.net udp
US 8.8.8.8:53 ads.us.e-planning.net udp
NL 193.3.178.4:443 ads.us.e-planning.net tcp
DK 37.157.3.20:443 cm.adform.net tcp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
US 172.64.149.180:443 js-sec.indexww.com tcp
US 8.8.8.8:53 csync.smilewanted.com udp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
US 80.77.87.161:443 cs.admanmedia.com tcp
US 8.8.8.8:53 a.sportradarserving.com udp
GB 142.250.200.2:443 cm.g.doubleclick.net udp
IE 52.51.16.113:443 pr-bh.ybp.yahoo.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.8.8.8:53 ad.turn.com udp
US 80.77.87.161:443 cs.admanmedia.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 80.77.87.161:443 cs.admanmedia.com tcp
US 8.8.8.8:53 s.e-planning.net udp
US 8.8.8.8:53 cookies.nextmillmedia.com udp
NL 35.214.174.141:443 a.sportradarserving.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 54.163.119.28:443 cookies.nextmillmedia.com tcp
US 8.8.8.8:53 ib.adnxs.com udp
NL 46.228.164.11:443 ad.turn.com tcp
US 8.8.8.8:53 ssum.casalemedia.com udp
US 8.8.8.8:53 assets.a-mo.net udp
US 54.163.119.28:443 cookies.nextmillmedia.com tcp
NL 185.89.210.212:443 secure.adnxs.com tcp
NL 185.89.210.212:443 secure.adnxs.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
US 104.19.158.19:443 assets.a-mo.net tcp
US 8.8.8.8:53 match.prod.bidr.io udp
DE 37.252.171.53:443 ib.adnxs.com tcp
NL 193.3.178.2:443 s.e-planning.net tcp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 ap.lijit.com udp
IE 52.211.208.72:443 jadserve.postrelease.com tcp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 8.8.8.8:53 id.rlcdn.com udp
US 50.31.142.255:443 b1sync.zemanta.com tcp
US 8.8.8.8:53 static.smilewanted.com udp
US 192.132.33.68:443 bttrack.com tcp
US 8.8.8.8:53 gum.aidemsrv.com udp
US 8.8.8.8:53 player.aniview.com udp
US 8.8.8.8:53 ssc-cms.33across.com udp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 8.8.8.8:53 match.adsby.bidtheatre.com udp
US 8.8.8.8:53 p.rfihub.com udp
NL 35.214.174.141:443 a.sportradarserving.com udp
DE 37.252.171.53:443 ib.adnxs.com tcp
DE 37.252.171.53:443 ib.adnxs.com tcp
DE 162.19.138.83:443 lb.eu-1-id5-sync.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 8.8.8.8:53 72.96.21.104.in-addr.arpa udp
NL 193.0.160.130:443 p.rfihub.com tcp
FR 164.132.25.181:443 ssbsync.smartadserver.com tcp
US 104.17.44.93:443 gum.aidemsrv.com tcp
NL 104.97.14.56:443 player.aniview.com udp
US 35.244.174.68:443 id.rlcdn.com udp
NL 134.122.57.34:443 match.adsby.bidtheatre.com tcp
US 67.202.105.24:443 ssc-cms.33across.com tcp
US 34.234.226.97:443 cs-server-s2s.yellowblue.io tcp
IE 34.253.242.146:443 match.prod.bidr.io tcp
IE 34.247.129.145:443 ap.lijit.com tcp
US 52.86.0.224:443 sync.srv.stackadapt.com tcp
US 52.86.0.224:443 sync.srv.stackadapt.com tcp
US 52.86.0.224:443 sync.srv.stackadapt.com tcp
US 52.86.0.224:443 sync.srv.stackadapt.com tcp
US 8.8.8.8:53 117.194.158.18.in-addr.arpa udp
US 8.8.8.8:53 15.45.49.52.in-addr.arpa udp
US 8.8.8.8:53 187.249.132.142.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 47.216.127.79.in-addr.arpa udp
US 8.8.8.8:53 153.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 20.3.157.37.in-addr.arpa udp
US 8.8.8.8:53 180.149.64.172.in-addr.arpa udp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
NL 134.122.57.34:443 match.adsby.bidtheatre.com tcp
NL 193.0.160.130:443 p.rfihub.com tcp
US 8.8.8.8:53 141.174.214.35.in-addr.arpa udp
US 8.8.8.8:53 11.164.228.46.in-addr.arpa udp
US 8.8.8.8:53 28.119.163.54.in-addr.arpa udp
US 8.8.8.8:53 19.158.19.104.in-addr.arpa udp
US 8.8.8.8:53 2.178.3.193.in-addr.arpa udp
US 8.8.8.8:53 53.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 56.14.97.104.in-addr.arpa udp
US 8.8.8.8:53 130.160.0.193.in-addr.arpa udp
US 8.8.8.8:53 93.44.17.104.in-addr.arpa udp
US 8.8.8.8:53 181.25.132.164.in-addr.arpa udp
US 8.8.8.8:53 34.57.122.134.in-addr.arpa udp
US 8.8.8.8:53 145.129.247.34.in-addr.arpa udp
US 8.8.8.8:53 146.242.253.34.in-addr.arpa udp
US 8.8.8.8:53 224.0.86.52.in-addr.arpa udp
US 8.8.8.8:53 24.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 fdu-ud2cbb35a-c231-a0cb9-s1719155282-2-ibf65d127.tbeu.dotnxdomain.net udp
US 8.8.8.8:53 p4-gueizrzuqoa52-g6sjft4tyx25bdlw-589314-s1-v6exp3-v4.metric.gstatic.com udp
GB 142.250.200.3:443 p4-gueizrzuqoa52-g6sjft4tyx25bdlw-589314-s1-v6exp3-v4.metric.gstatic.com tcp
US 8.8.8.8:53 i.liadm.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 8.8.8.8:53 ad4m.at udp
US 8.8.8.8:53 dpm.demdex.net udp
US 8.8.8.8:53 u-ams03.e-planning.net udp
US 52.7.240.148:443 i.liadm.com tcp
IE 52.49.35.255:443 dpm.demdex.net tcp
US 172.67.74.129:443 ad4m.at tcp
NL 193.3.178.4:443 u-ams03.e-planning.net tcp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 dsum-sec.casalemedia.com udp
US 8.8.8.8:53 r.casalemedia.com udp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
US 8.8.8.8:53 sync.adtelligent.com udp
GB 185.83.71.234:443 sync.adtelligent.com tcp
US 8.8.8.8:53 sync.e-planning.net udp
NL 89.149.192.74:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 s.company-target.com udp
NL 89.149.192.74:443 rtb-csync.smartadserver.com tcp
NL 193.3.178.3:443 sync.e-planning.net tcp
US 8.8.8.8:53 rtb.openx.net udp
NL 89.149.192.76:443 ssbsync-global.smartadserver.com tcp
US 34.96.71.22:443 s.company-target.com tcp
US 8.8.8.8:53 dmp.adform.net udp
US 8.8.8.8:53 trc.taboola.com udp
US 8.8.8.8:53 dmp.v.fwmrm.net udp
DE 85.114.159.93:443 dsp.adfarm1.adition.com tcp
US 35.186.253.211:443 rtb.openx.net tcp
US 8.8.8.8:53 sync.smartadserver.com udp
US 8.8.8.8:53 sync.a-mo.net udp
US 8.8.8.8:53 aa.agkn.com udp
US 8.8.8.8:53 beacon.krxd.net udp
US 8.8.8.8:53 usermatch.krxd.net udp
US 8.8.8.8:53 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com udp
US 8.8.8.8:53 cms.quantserve.com udp
US 151.101.65.44:443 trc.taboola.com tcp
US 3.231.143.24:443 dmp.v.fwmrm.net tcp
NL 89.149.193.89:443 sync.smartadserver.com tcp
IE 34.249.71.131:443 aa.agkn.com tcp
IE 54.78.157.113:443 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com tcp
DE 91.228.74.200:443 cms.quantserve.com tcp
US 8.8.8.8:53 129.74.67.172.in-addr.arpa udp
US 8.8.8.8:53 255.35.49.52.in-addr.arpa udp
US 8.8.8.8:53 148.240.7.52.in-addr.arpa udp
US 8.8.8.8:53 234.71.83.185.in-addr.arpa udp
US 8.8.8.8:53 3.178.3.193.in-addr.arpa udp
US 8.8.8.8:53 22.71.96.34.in-addr.arpa udp
US 8.8.8.8:53 211.253.186.35.in-addr.arpa udp
NL 147.75.84.158:443 sync.a-mo.net tcp
NL 147.75.84.158:443 sync.a-mo.net tcp
NL 147.75.84.158:443 sync.a-mo.net tcp
NL 147.75.84.158:443 sync.a-mo.net tcp
NL 147.75.84.158:443 sync.a-mo.net tcp
NL 147.75.84.158:443 sync.a-mo.net tcp
US 8.8.8.8:53 rtb.adentifi.com udp
US 8.8.8.8:53 cdn.indexww.com udp
US 8.8.8.8:53 pb-am.a-mo.net udp
US 35.169.18.236:443 rtb.adentifi.com tcp
NL 147.75.84.158:443 pb-am.a-mo.net tcp
US 8.8.8.8:53 match.sharethrough.com udp
DE 35.157.83.226:443 match.sharethrough.com tcp
US 8.8.8.8:53 id.rtb.mx udp
US 8.8.8.8:53 ow.pubmatic.com udp
DE 79.127.216.47:443 id.rtb.mx tcp
NL 185.64.189.116:443 ow.pubmatic.com tcp
US 8.8.8.8:53 44.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 89.193.149.89.in-addr.arpa udp
US 8.8.8.8:53 131.71.249.34.in-addr.arpa udp
US 8.8.8.8:53 200.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 24.143.231.3.in-addr.arpa udp
US 8.8.8.8:53 158.84.75.147.in-addr.arpa udp
US 8.8.8.8:53 113.157.78.54.in-addr.arpa udp
US 8.8.8.8:53 236.18.169.35.in-addr.arpa udp
US 8.8.8.8:53 226.83.157.35.in-addr.arpa udp
US 8.8.8.8:53 116.189.64.185.in-addr.arpa udp
US 103.21.244.13:443 invalid4.starnxdomain.net tcp
US 103.21.244.13:443 invalid4.starnxdomain.net tcp
US 8.8.8.8:53 169.117.168.52.in-addr.arpa udp
US 8.8.8.8:53 download.buildbox.com udp
HU 18.172.242.22:80 download.buildbox.com tcp
US 8.8.8.8:53 22.242.172.18.in-addr.arpa udp
US 8.8.8.8:53 api.mixpanel.com udp
US 107.178.240.159:80 api.mixpanel.com tcp
US 8.8.8.8:53 159.240.178.107.in-addr.arpa udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 172.217.169.67:443 id.google.com udp
US 8.8.8.8:53 google.com udp
GB 142.250.178.14:443 google.com tcp
US 8.8.8.8:53 e2c41.gcp.gvt2.com udp
GB 35.214.42.68:443 e2c41.gcp.gvt2.com tcp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 68.42.214.35.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 172.217.169.67:443 id.google.com udp
GB 142.250.178.14:443 google.com udp
US 8.8.8.8:53 e2c28.gcp.gvt2.com udp
US 34.94.232.12:443 e2c28.gcp.gvt2.com tcp
US 8.8.8.8:53 12.232.94.34.in-addr.arpa udp
GB 142.250.179.238:443 play.google.com udp
US 8.8.8.8:53 beacons.gvt2.com udp
GB 172.217.169.3:443 beacons.gvt2.com tcp
US 8.8.8.8:53 geji.xyz udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 808.xyz udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 ads.xyz udp
US 104.18.30.9:443 ads.xyz tcp
US 104.18.30.9:443 ads.xyz tcp
GB 172.217.169.67:443 id.google.com udp
ID 34.101.114.154:443 e2c9.gcp.gvt2.com tcp
ID 34.101.114.154:443 e2c9.gcp.gvt2.com tcp
US 8.8.8.8:53 9.30.18.104.in-addr.arpa udp
GB 172.217.169.3:443 beacons.gvt2.com udp
US 8.8.8.8:53 154.114.101.34.in-addr.arpa udp
US 8.8.8.8:53 www.adsupply.com udp
US 75.2.47.113:443 www.adsupply.com tcp
US 75.2.47.113:443 www.adsupply.com tcp
US 8.8.8.8:53 113.47.2.75.in-addr.arpa udp
US 8.8.8.8:53 connect.facebook.net udp
GB 163.70.147.23:443 connect.facebook.net udp
US 75.2.47.113:443 www.adsupply.com tcp
US 216.239.32.36:443 region1.analytics.google.com udp
BE 64.233.166.156:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
GB 142.250.200.3:443 www.google.co.uk udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.35:443 www.facebook.com udp
US 8.8.8.8:53 2.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.179.238:443 play.google.com udp
GB 172.217.169.67:443 id.google.com udp
US 8.8.8.8:53 e2c16.gcp.gvt2.com udp
DE 34.89.141.94:443 e2c16.gcp.gvt2.com tcp
US 8.8.8.8:53 94.141.89.34.in-addr.arpa udp
GB 172.217.169.3:443 beacons.gvt2.com udp
US 8.8.8.8:53 e2c38.gcp.gvt2.com udp
AU 35.213.232.93:443 e2c38.gcp.gvt2.com tcp
AU 35.213.232.93:443 e2c38.gcp.gvt2.com tcp
US 8.8.8.8:53 93.232.213.35.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.187.238:443 clients2.google.com udp
GB 142.250.187.238:443 clients2.google.com tcp
N/A 127.0.0.1:64502 tcp
US 8.8.8.8:53 spocs.getpocket.com udp
US 8.8.8.8:53 getpocket.cdn.mozilla.net udp
US 34.117.188.166:443 spocs.getpocket.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.117.188.166:443 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 8.8.8.8:53 prod.pocket.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.pocket.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 44.240.188.8:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 8.8.8.8:53 8.188.240.44.in-addr.arpa udp
N/A 127.0.0.1:64509 tcp
US 8.8.8.8:53 download.buildbox.com udp
DE 18.245.86.97:80 download.buildbox.com tcp
US 8.8.8.8:53 97.86.245.18.in-addr.arpa udp
US 8.8.8.8:53 api.mixpanel.com udp
US 35.190.25.25:80 api.mixpanel.com tcp
US 8.8.8.8:53 25.25.190.35.in-addr.arpa udp
US 8.8.8.8:53 www.buildbox.com udp
US 18.211.59.154:443 www.buildbox.com tcp
US 8.8.8.8:53 154.59.211.18.in-addr.arpa udp
DE 18.245.86.97:80 download.buildbox.com tcp
US 35.190.25.25:80 api.mixpanel.com tcp
US 8.8.8.8:53 checkip.dyndns.org udp
JP 132.226.8.169:80 checkip.dyndns.org tcp
US 8.8.8.8:53 169.8.226.132.in-addr.arpa udp
N/A 127.0.0.1:443 tcp
N/A 127.0.0.1:443 tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.187.238:443 clients2.google.com udp
GB 142.250.187.238:443 clients2.google.com tcp
US 8.8.8.8:53 tinyurl.com udp
US 104.20.138.65:443 tinyurl.com udp
US 8.8.8.8:53 www.mediafire.com udp
US 104.16.113.74:443 www.mediafire.com udp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 www.ezojs.com udp
US 8.8.8.8:53 static.mediafire.com udp
US 104.22.75.216:443 btloader.com tcp
US 104.21.63.106:443 www.ezojs.com udp
US 8.8.8.8:53 translate.google.com udp
US 8.8.8.8:53 cdn.otnolatrnup.com udp
US 104.16.52.110:443 cdn.otnolatrnup.com udp
US 8.8.8.8:53 api.amplitude.com udp
US 44.226.25.73:443 api.amplitude.com tcp
US 8.8.8.8:53 www.mediafiredls.com udp
US 8.8.8.8:53 g.ezoic.net udp
US 104.26.3.173:443 www.mediafiredls.com tcp
FR 13.39.145.251:443 g.ezoic.net tcp
US 8.8.8.8:53 ad-delivery.net udp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 216.75.22.104.in-addr.arpa udp
US 8.8.8.8:53 110.52.16.104.in-addr.arpa udp
US 8.8.8.8:53 251.145.39.13.in-addr.arpa udp
US 8.8.8.8:53 73.25.226.44.in-addr.arpa udp
US 8.8.8.8:53 otnolatrnup.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 translate-pa.googleapis.com udp
US 104.26.3.70:443 ad-delivery.net tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 130.211.23.194:443 api.btloader.com udp
GB 142.250.179.234:443 translate-pa.googleapis.com udp
US 216.239.32.36:443 region1.analytics.google.com udp
GB 142.250.200.3:443 www.google.co.uk udp
US 130.211.23.194:443 api.btloader.com tcp
GB 142.250.200.3:443 www.google.co.uk tcp
US 8.8.8.8:53 go.ezodn.com udp
US 172.67.142.121:443 go.ezodn.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
GB 142.250.178.2:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 bshr.ezodn.com udp
BE 64.233.166.155:443 stats.g.doubleclick.net udp
US 104.21.87.79:443 bshr.ezodn.com udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
BE 64.233.166.155:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 ad.crwdcntrl.net udp
IE 52.215.98.156:443 ad.crwdcntrl.net tcp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 2.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 155.166.233.64.in-addr.arpa udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 ghb.adtelligent.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 8.8.8.8:53 prebid.smilewanted.com udp
US 104.26.8.169:443 script.4dex.io tcp
NL 185.64.189.112:443 hbopenbid.pubmatic.com tcp
FR 185.255.84.150:443 hb-api.omnitagjs.com tcp
DE 18.157.230.4:443 tlx.3lift.com tcp
US 172.64.151.101:443 htlb.casalemedia.com udp
GB 185.83.69.58:443 ghb.adtelligent.com tcp
DE 51.89.9.252:443 onetag-sys.com tcp
DE 52.222.236.4:443 hb.yellowblue.io tcp
NL 145.40.97.66:443 prebid.a-mo.net tcp
US 104.22.30.209:443 prebid.smilewanted.com tcp
GB 142.250.178.2:443 googleads.g.doubleclick.net udp
US 104.26.8.169:443 script.4dex.io tcp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 ghb1.adtelligent.com udp
DE 51.89.9.252:443 onetag-sys.com udp
US 23.227.151.242:443 ghb1.adtelligent.com tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 6be8fa55412c3f9cc644b3682e84ebe4.safeframe.googlesyndication.com udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
GB 172.217.169.65:443 6be8fa55412c3f9cc644b3682e84ebe4.safeframe.googlesyndication.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 101.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 112.189.64.185.in-addr.arpa udp
US 8.8.8.8:53 58.69.83.185.in-addr.arpa udp
US 8.8.8.8:53 150.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 252.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 4.236.222.52.in-addr.arpa udp
US 8.8.8.8:53 209.30.22.104.in-addr.arpa udp
US 8.8.8.8:53 242.151.227.23.in-addr.arpa udp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 s0.2mdn.net udp
GB 216.58.212.226:443 googleads4.g.doubleclick.net tcp
GB 216.58.204.70:443 s0.2mdn.net tcp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 dsum-sec.casalemedia.com udp
US 8.8.8.8:53 ib.adnxs.com udp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
DE 37.252.173.215:443 ib.adnxs.com tcp
GB 142.250.200.2:443 cm.g.doubleclick.net udp
GB 142.250.200.2:443 cm.g.doubleclick.net tcp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 download1510.mediafire.com udp
US 205.196.123.198:443 download1510.mediafire.com tcp
US 205.196.123.198:443 download1510.mediafire.com tcp
US 8.8.8.8:53 226.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 215.173.252.37.in-addr.arpa udp
US 8.8.8.8:53 198.123.196.205.in-addr.arpa udp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 id.a-mx.com udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
NL 79.127.227.46:443 id.a-mx.com tcp
DE 162.19.138.83:443 id5-sync.com tcp
US 8.8.8.8:53 visitor.omnitagjs.com udp
US 8.8.8.8:53 eb2.3lift.com udp
US 8.8.8.8:53 ssc-cms.33across.com udp
US 8.8.8.8:53 csync.smilewanted.com udp
DE 3.71.149.231:443 ups.analytics.yahoo.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
US 67.202.105.22:443 ssc-cms.33across.com tcp
US 76.223.111.18:443 eb2.3lift.com tcp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
US 67.202.105.22:443 ssc-cms.33across.com tcp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 8.8.8.8:53 dis.criteo.com udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 8.8.8.8:53 um.simpli.fi udp
US 8.8.8.8:53 triplelift-match.dotomi.com udp
US 8.8.8.8:53 46.227.127.79.in-addr.arpa udp
US 8.8.8.8:53 spl.zeotap.com udp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 creativecdn.com udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 jadserve.postrelease.com udp
US 8.8.8.8:53 api-2-0.spot.im udp
IE 52.212.235.85:443 match.prod.bidr.io tcp
IE 52.212.235.85:443 match.prod.bidr.io tcp
US 64.74.236.255:443 b1sync.zemanta.com tcp
US 64.74.236.255:443 b1sync.zemanta.com tcp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 id.rlcdn.com udp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 image8.pubmatic.com udp
NL 35.204.74.118:443 um.simpli.fi tcp
US 8.8.8.8:53 bttrack.com udp
NL 185.184.8.90:443 creativecdn.com tcp
IE 52.50.65.213:443 jadserve.postrelease.com tcp
US 172.67.40.173:443 spl.zeotap.com tcp
NL 185.89.211.116:443 secure.adnxs.com tcp
US 52.46.151.131:443 s.amazon-adsystem.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
NL 178.250.1.9:443 dis.criteo.com tcp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
US 8.8.8.8:53 ap.lijit.com udp
NL 89.207.16.204:443 triplelift-match.dotomi.com tcp
US 80.77.87.162:443 cs.admanmedia.com tcp
US 80.77.87.162:443 cs.admanmedia.com tcp
US 8.8.8.8:53 gum.aidemsrv.com udp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 54.147.216.107:443 sync.srv.stackadapt.com tcp
US 52.223.40.198:443 match.adsrvr.org tcp
US 34.234.226.97:443 cs-server-s2s.yellowblue.io tcp
NL 89.149.193.116:443 ssbsync.smartadserver.com tcp
US 104.17.43.93:443 gum.aidemsrv.com udp
GB 185.64.191.214:443 image8.pubmatic.com tcp
IE 52.16.203.89:443 ap.lijit.com tcp
DE 18.245.31.19:443 api-2-0.spot.im tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
US 192.132.33.67:443 bttrack.com tcp
US 35.244.174.68:443 id.rlcdn.com udp
US 35.244.174.68:443 id.rlcdn.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 192.132.33.67:443 bttrack.com tcp
US 8.8.8.8:53 ow.pubmatic.com udp
DE 141.95.33.120:443 id5-sync.com tcp
NL 185.64.189.116:443 ow.pubmatic.com tcp
DE 162.19.138.83:443 id5-sync.com tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com udp
US 8.8.8.8:53 sync.smartadserver.com udp
NL 89.149.193.121:443 sync.smartadserver.com tcp
US 8.8.8.8:53 ads.avads.net udp
US 34.128.133.112:443 ads.avads.net udp
US 8.8.8.8:53 22.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 85.235.212.52.in-addr.arpa udp
US 8.8.8.8:53 204.16.207.89.in-addr.arpa udp
US 8.8.8.8:53 116.211.89.185.in-addr.arpa udp
US 8.8.8.8:53 93.43.17.104.in-addr.arpa udp
US 8.8.8.8:53 198.40.223.52.in-addr.arpa udp
US 8.8.8.8:53 255.236.74.64.in-addr.arpa udp
US 8.8.8.8:53 116.193.149.89.in-addr.arpa udp
US 8.8.8.8:53 131.151.46.52.in-addr.arpa udp
US 8.8.8.8:53 162.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 89.203.16.52.in-addr.arpa udp
US 8.8.8.8:53 107.216.147.54.in-addr.arpa udp
US 8.8.8.8:53 19.31.245.18.in-addr.arpa udp
US 8.8.8.8:53 67.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 120.33.95.141.in-addr.arpa udp
US 8.8.8.8:53 121.193.149.89.in-addr.arpa udp
US 34.128.133.112:443 ads.avads.net tcp
US 8.8.8.8:53 sync.targeting.unrulymedia.com udp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 8.8.8.8:53 token.rubiconproject.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 ice.360yield.com udp
US 8.8.8.8:53 casale-match.dotomi.com udp
US 8.8.8.8:53 s.company-target.com udp
US 52.46.151.131:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 csync.loopme.me udp
US 8.8.8.8:53 u.openx.net udp
GB 2.21.188.239:443 ads.pubmatic.com tcp
IE 54.73.231.133:443 ice.360yield.com tcp
US 8.8.8.8:53 us.shb-sync.com udp
US 8.8.8.8:53 cm.adform.net udp
US 8.8.8.8:53 s.ad.smaato.net udp
US 54.89.40.69:443 rtb.adentifi.com tcp
US 34.96.71.22:443 s.company-target.com udp
NL 35.214.154.11:443 csync.loopme.me tcp
NL 63.215.202.169:443 casale-match.dotomi.com tcp
US 35.244.159.8:443 u.openx.net tcp
US 8.2.110.33:443 us.shb-sync.com tcp
DK 37.157.6.243:443 cm.adform.net tcp
DE 13.32.27.108:443 s.ad.smaato.net tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.8.8.8:53 sync-tm.everesttech.net udp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
US 151.101.130.49:443 sync-tm.everesttech.net tcp
FR 178.32.197.56:443 rtb-csync.smartadserver.com tcp
FR 178.32.197.56:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 match.deepintent.com udp
NL 69.173.156.149:443 token.rubiconproject.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 8.8.8.8:53 cm.adgrx.com udp
US 8.8.8.8:53 tr.blismedia.com udp
US 8.8.8.8:53 dsp.adfarm1.adition.com udp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 8.8.8.8:53 bh.contextweb.com udp
US 8.8.8.8:53 wt.rqtrk.eu udp
US 8.8.8.8:53 dsum.casalemedia.com udp
US 169.197.150.7:443 match.deepintent.com tcp
DE 85.114.159.93:443 dsp.adfarm1.adition.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
DE 57.129.18.109:443 wt.rqtrk.eu tcp
US 34.96.105.8:443 tr.blismedia.com tcp
US 172.64.151.101:443 dsum.casalemedia.com tcp
IE 52.215.155.11:443 cm.adgrx.com tcp
US 8.8.8.8:53 cs.yellowblue.io udp
US 8.8.8.8:53 rubicon-match.dotomi.com udp
US 172.64.151.101:443 dsum.casalemedia.com tcp
IE 52.209.21.214:443 cs.yellowblue.io tcp
NL 63.215.202.140:443 rubicon-match.dotomi.com tcp
US 8.8.8.8:53 sync.outbrain.com udp
US 8.8.8.8:53 exchange.mediavine.com udp
US 8.8.8.8:53 crb.kargo.com udp
US 64.74.236.159:443 sync.outbrain.com tcp
DE 52.57.233.108:443 exchange.mediavine.com tcp
DE 35.156.3.104:443 crb.kargo.com tcp
US 8.8.8.8:53 a.tribalfusion.com udp
US 8.8.8.8:53 sync.aniview.com udp
US 96.46.186.182:443 sync.aniview.com tcp
US 104.18.24.173:443 a.tribalfusion.com tcp
US 8.8.8.8:53 image6.pubmatic.com udp
GB 185.64.190.78:443 image6.pubmatic.com tcp
US 8.8.8.8:53 ad.mrtnsvr.com udp
NL 35.214.154.11:443 csync.loopme.me tcp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
US 8.8.8.8:53 ipac.ctnsnet.com udp
US 35.186.193.173:443 ipac.ctnsnet.com tcp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
US 8.8.8.8:53 d5p.de17a.com udp
US 8.8.8.8:53 p.rfihub.com udp
SE 213.155.156.165:443 d5p.de17a.com tcp
NL 193.0.160.131:443 p.rfihub.com tcp
US 8.8.8.8:53 simage2.pubmatic.com udp
US 8.8.8.8:53 11.154.214.35.in-addr.arpa udp
US 8.8.8.8:53 133.231.73.54.in-addr.arpa udp
US 8.8.8.8:53 108.27.32.13.in-addr.arpa udp
US 8.8.8.8:53 243.6.157.37.in-addr.arpa udp
US 8.8.8.8:53 69.40.89.54.in-addr.arpa udp
US 8.8.8.8:53 49.130.101.151.in-addr.arpa udp
US 8.8.8.8:53 33.110.2.8.in-addr.arpa udp
US 8.8.8.8:53 56.197.32.178.in-addr.arpa udp
US 8.8.8.8:53 8.105.96.34.in-addr.arpa udp
US 8.8.8.8:53 109.18.129.57.in-addr.arpa udp
US 8.8.8.8:53 11.155.215.52.in-addr.arpa udp
US 8.8.8.8:53 7.150.197.169.in-addr.arpa udp
US 8.8.8.8:53 140.202.215.63.in-addr.arpa udp
US 8.8.8.8:53 214.21.209.52.in-addr.arpa udp
US 8.8.8.8:53 104.3.156.35.in-addr.arpa udp
US 8.8.8.8:53 159.236.74.64.in-addr.arpa udp
US 8.8.8.8:53 173.24.18.104.in-addr.arpa udp
US 8.8.8.8:53 6.163.102.34.in-addr.arpa udp
US 8.8.8.8:53 173.193.186.35.in-addr.arpa udp
US 8.8.8.8:53 108.233.57.52.in-addr.arpa udp
NL 198.47.127.205:443 simage2.pubmatic.com tcp
US 8.8.8.8:53 core.iprom.net udp
US 8.8.8.8:53 cm-supply-web.gammaplatform.com udp
SI 195.5.165.20:443 core.iprom.net tcp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
US 8.8.8.8:53 s.tribalfusion.com udp
US 8.8.8.8:53 green.erne.co udp
US 8.8.8.8:53 image2.pubmatic.com udp
FR 141.94.161.190:443 green.erne.co tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 104.18.24.173:443 s.tribalfusion.com udp
GB 185.64.191.210:443 image2.pubmatic.com tcp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
US 8.8.8.8:53 matching.truffle.bid udp
DE 23.88.86.2:443 matching.truffle.bid tcp
US 8.8.8.8:53 pixel-eu.onaudience.com udp
FR 146.59.148.16:443 pixel-eu.onaudience.com tcp
DE 23.88.86.2:443 matching.truffle.bid tcp
US 8.8.8.8:53 sync.crwdcntrl.net udp
US 8.8.8.8:53 131.160.0.193.in-addr.arpa udp
US 8.8.8.8:53 165.156.155.213.in-addr.arpa udp
US 8.8.8.8:53 20.165.5.195.in-addr.arpa udp
US 8.8.8.8:53 190.161.94.141.in-addr.arpa udp
US 8.8.8.8:53 210.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 16.148.59.146.in-addr.arpa udp
US 8.8.8.8:53 translate.googleapis.com udp
US 8.8.8.8:53 simage4.pubmatic.com udp
NL 198.47.127.20:443 simage4.pubmatic.com tcp
US 8.8.8.8:53 yts.xyz udp
US 104.21.1.222:443 yts.xyz tcp
US 104.21.1.222:443 yts.xyz tcp
US 8.8.8.8:53 dan.com udp
NL 23.62.61.146:443 dan.com tcp
US 8.8.8.8:53 cdn1.dan.com udp
US 8.8.8.8:53 cdn3.dan.com udp
US 8.8.8.8:53 cdn2.dan.com udp
DE 52.222.236.17:443 cdn2.dan.com tcp
DE 52.222.236.17:443 cdn2.dan.com tcp
DE 52.222.236.79:443 cdn2.dan.com tcp
DE 52.222.236.79:443 cdn2.dan.com tcp
DE 52.222.236.79:443 cdn2.dan.com tcp
DE 52.222.236.17:443 cdn2.dan.com tcp
DE 52.222.236.17:443 cdn2.dan.com tcp
DE 52.222.236.17:443 cdn2.dan.com tcp
US 8.8.8.8:53 widget.trustpilot.com udp
DE 52.222.236.17:443 cdn2.dan.com tcp
DE 52.222.236.17:443 cdn2.dan.com tcp
DE 52.222.236.17:443 cdn2.dan.com tcp
DE 52.222.236.107:443 widget.trustpilot.com tcp
US 8.8.8.8:53 s.go-mpulse.net udp
BE 23.55.96.141:443 s.go-mpulse.net tcp
DE 52.222.236.17:443 cdn2.dan.com tcp
DE 52.222.236.17:443 cdn2.dan.com tcp
DE 52.222.236.17:443 cdn2.dan.com tcp
US 8.8.8.8:53 222.1.21.104.in-addr.arpa udp
US 8.8.8.8:53 146.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 17.236.222.52.in-addr.arpa udp
US 8.8.8.8:53 79.236.222.52.in-addr.arpa udp
US 8.8.8.8:53 107.236.222.52.in-addr.arpa udp
US 8.8.8.8:53 141.96.55.23.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 c.go-mpulse.net udp
BE 23.55.96.141:443 c.go-mpulse.net tcp
DE 162.55.120.196:443 matching.truffle.bid tcp
DE 162.55.120.196:443 matching.truffle.bid tcp
US 8.8.8.8:53 196.120.55.162.in-addr.arpa udp

Files

\??\pipe\crashpad_3624_STBFSUCEGHJKSBLD

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 849cf6c49e4536ea22565e8ba4c7ec5d
SHA1 569ade058bd034b41c4b635b33d231753bfb8598
SHA256 6187814f4dc7fc06d654b339054bae05b6ba11e007fe0514974c2e6a4643888d
SHA512 bb11a5e0ea3763686acc7bd26959f4d897dedc1cfcad4bf2da565e4d6cbdd01b4b6642a46262f6e3cf9e40718c69088e04d0a2ecda8e615f3967ab33d294e763

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e08effe8e48accaa695034c31330f83f
SHA1 57544c1f217f4a8c05a2946f6c709dde5f7cfc1e
SHA256 a1d1e41d9fa439d992e4c2d078249b1734f078ec5bfc38d4b4a5849248e2bf3f
SHA512 4095281ac8ea817ac62e522a16fa30f59d5c60c1d84fa8d44aa320bd8b3c128b946e22aa8ab979437481fe20ceeee47c1e14e3fd36a1e93b5a8f21b1cd882c41

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 aec13d95595fa0eb7623dac9dabc37d7
SHA1 f5cb8528bac3e5fbac490bc7ac7dab9ebe8eafad
SHA256 8a7552fcefd74c64ebab9f69f5b92fbf7b9a2dd5ba30b16ac54426bd3a81d9d8
SHA512 68c9fdf48fe426eff9cd95c8eddd6dc8f4f1307d0eef588566d799b3af7344fff99bed9c98c155a50347408711c08ca64a30937ce86477b732b6eb580dc7a8d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 bdada2e956f81f8052edd77e96d2f5f7
SHA1 880d2a0cbeb6295dc386873804a78a7a8515b959
SHA256 027055782a9b1c1d5fc42463d93ad6f4ba52e26a8e42379f2bb02c4cab607ee4
SHA512 a1ccc35f1ef87ab14417910afdfb577c7b96b6b6038778a141022d0e37b949fa5df81a6c5dd3d4d8db0edcc0220ddb1897b8cb4f78f82083adaf38edbfba34a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fc40b1f5aacf1ce937655e055a03f54a
SHA1 c7a5dd679ce8d0517e7c0f599b1fef3bc74632ff
SHA256 6eff96c9260c3880092c9af02f87139f4f975875b1d4e61b432cf729c6677e6e
SHA512 29160d413e9b94410540f8fe3344d9e974d3d19046409b17604d8bcd0be581c72370f78854294c5979ad107e1e71fa5e7fb31f15c74e3a6a24802a5b1e131798

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e699242efba1d272f6a166d6bf11b420
SHA1 c3eb0cf5c3f629a23e21bc1677035ae1e3d6d238
SHA256 5e0356dc98399fc8638c2abe0c6473011b49101b9b15993b222b75c52d959087
SHA512 b73782686c7460074a79e6d4eccb08fa976773f0e64fb9461818b72758dcedfbe326f1b5f8d529c48d20328f172661d56d3bf4750e2c238bc015497b9a45e8fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 04baa19051c2011b50aad3765435d3ef
SHA1 7ece181e582b557245e378202a4745c7d2b187e4
SHA256 d9dabd3f7b50fd5c5292a061342d5d8507458d1f1229c43b0a9081925fd3270d
SHA512 a75986b2bb467aacb0b0919943da09f72e1524bb432b7c107bd505c39e13f49f55932ec021830fd5e8428f523949c7778355b6dc2a11206cccb39e293509d2e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57faac.TMP

MD5 48b79fafd78970e6e704a4daf1b34a95
SHA1 5a9d491515b4372a374e83e295d5915d898fcff3
SHA256 d01a1c0db2bd2504030d9e8a32b763ce5e87a8618879efabfe97c63ff2f43fce
SHA512 bd818589bb00f9171285d0dd50730010e555af8d450826a15eef0013426be368a6dcbe09dd7547df60ad0a2f80e6d9aec20fb41a94d05dca3cdd125dc3ee547a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 294e3020cbf4d53ce77fa2dde75fe858
SHA1 6010125969de3ca2fe5ac79572e2c1eeb34fb97c
SHA256 e982673b28dcd5e887712f16fcdd683fc052c278bbce3ab145bfe0953e97b8a2
SHA512 0c4630f4a47f2e31fac3730aa8b600b53f700420f34cd43abb699ceeb8eb91c221490cc6099c584aa822f6793f3f25407508af2f9268c58a3471a0c981560aa6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 94275bde03760c160b707ba8806ef545
SHA1 aad8d87b0796de7baca00ab000b2b12a26427859
SHA256 c58cb79fa4a9ade48ed821dd9f98957b0adfda7c2d267e3d07951c2d371aa968
SHA512 2aabd49bc9f0ed3a5c690773f48a92dbbbd60264090a0db2fe0f166f8c20c767a74d1e1d7cc6a46c34cfbd1587ddb565e791d494cd0d2ca375ab8cc11cd8f930

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe580ae8.TMP

MD5 7bf27e36522132dc8af81942e3ef98b7
SHA1 5954836df2f1192d6807cdb3cbc9bd1b454215a9
SHA256 48b64c096a2784b634b455dfc42a799c1ded41ee3533b09f969ea35f182bc122
SHA512 3537c78fd063e8d61e4d82b34069570599e4f1690a9c28b8b0dd746115bc83d69a0a1b7ad918fe86b288efe2dc549d01b2a1f4f8759fb19794fd7658971d311d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 f254bfa6cd04cffd1ca10fc5f65e190d
SHA1 4267dd894a420da0745c27cd72750d3dd36896b4
SHA256 63857cb548dd7f948d8c96c086eda023a1f7308a3b3ebf5170d37c3fe9bf6f7e
SHA512 5d37fe145f6efde51225db3334035b7ce804dec841ccd743e7a4ad01e8d17f42e6810ef0ff685b6b76b5dd5ec590d95ad32000cd05f21c3ee2450e3d4bc5bee0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7c0b02e08ae2c741eee959f4897abf72
SHA1 ac7c4aa77bfc64a04508edcedaeb050662d70266
SHA256 e4cba2b520ba3e1590c9df3dace5102fd7dfdb25637bda70b7083ecd6a0e3d43
SHA512 816302cc4c88663e18372029ca49693fe86f63fcd942512619008ef152d063e9ce2b2cc9be887306e685f7e73c15510274147703b15fb4b11d3aa22d468c79a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d0f5207d2981ba5a871341665a8d8413
SHA1 cab7bc886e897848ec5469f21d8010f18c21011c
SHA256 dbf13c59161941e4a64dc9b6f88c00f3aa22587dbd10bbaba9c3d412d1e554eb
SHA512 dc9126430088d382001950169e5114a52d10c5bd286306ec4d43883e724854c4797ef9dab355e81d63ffc77b95cfff8228b572553cda10fcc79b6fbe8c8fa966

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8ede6a8579f7f01ad0584b286c1deb66
SHA1 fa3c4c7cb60c1c15865b3c65ae37961e0993bdc1
SHA256 6378b3f74664e30171d3718275c05ac976a01ea86453c708a9bce78409993aaf
SHA512 364fe96e4125ff4ba1f5b238d835b343e789d2704fcbc8906e2d189326eea6a6bcde400255cd9c45617634cccf8ac1ee8b8440db5315b4936885e8e4d514df83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 921df38cecd4019512bbc90523bd5df5
SHA1 5bf380ffb3a385b734b70486afcfc493462eceec
SHA256 83289571497cbf2f2859d8308982493a9c92baa23bebfb41ceed584e3a6f8f3f
SHA512 35fa5f8559570af719f8a56854d6184daa7ef218d38c257e1ad71209272d37355e9ad93aaa9fbe7e3b0a9b8b46dfc9085879b01ce7bb86dd9308d4a6f35f09e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 87c2b09a983584b04a63f3ff44064d64
SHA1 8796d5ef1ad1196309ef582cecef3ab95db27043
SHA256 d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
SHA512 df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

MD5 5d4114cb033dd9abefa79daa8bb1fce3
SHA1 403170941671bb5c568c2a535cfc5d3e0c6798f2
SHA256 6d6e9e73e627d6becbe74b55cd632ced17a11df4e70a99ea305e76184e13dc2e
SHA512 8df0ac9df4d07c8d5572e5cfbd94f1d30fff4a8346bc6807f864550c78fa3293595eabdada7e669192d6b0fac47c06032bc94120ee9a3d4445791e865b54bd28

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

MD5 989f75e894f728b36d6b1608a96fb908
SHA1 c5c82edad1b5668b151799a74e017a16732072ee
SHA256 32a2da14d39f556bcd2747be3b2599227b6feb35c4e06d5ea5402c03562b4d1b
SHA512 8f1aac4b0841caa18302b2313629ce7002d251a4e4e2f2839a987667501a43f2785863c647dd87139a3bb866a103aae2fb423425e258bb9ddfd912f499b7b97a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 e2a6f14ab0fe56066354c044f38ca181
SHA1 1f3dc8d14c53eb0461c0ed69f35a6d9d6650b160
SHA256 a6c188950d9df621d984842d295652c5f21e5f7e6836c3247483efd319b2f969
SHA512 7a5d55a96cd5a5cf65545db3a217b752526b1a4d7311f93090d8d1f9465c859e4c2605ee9cd073b9df2aed6033dd3ecade0be35e71892135eabd74895fac6ce3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

MD5 30d982e828b5c524980da42245ee9e90
SHA1 7364e3f1f7ed95e2d772ec151b49b73e4972fee6
SHA256 c41244b589eae8e53d412f7da31782c1b6389dbef2d422a58971e5f32346adb0
SHA512 c40ad603cfae96e89e4b852dc29a0ddd8f8bd259c2b7acb4fdc2d9100d039a05b6624d533851a375267e8d4bc55aed0b079651129477bcba4b32cedbfe901100

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 4208df5d2b73a3163264492f9cb6e02f
SHA1 52892444bf0344f28a9b011e2ea5287d0e48ba35
SHA256 52b7dbc5d5b727a3ad9feeda092fe08e7335fed1fe7589b9217c1a2dc48d6239
SHA512 586f0c8ba5b873224a27b44945de8657d165dd9d244104090987217b020bb149a33466553c8c0580dc133d085a10544e63b71f1cb674c28a15d87d98ff271e39

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

MD5 b05a4b509bc2599903f3ca63bcbc8ebc
SHA1 5709e2014ab82f8a6d460bfb8b3fc5d6488c4889
SHA256 9dd2fd33862e07b7f3024f97c2ed1fcc0607b44f6d4eee94966ab09d5ed6a68a
SHA512 7bfa3f4fdcdc1159176c9b40010c8122bfa8125f0519f77934bd12fbf26a984f5e5f7317ac8a3b4d8ed337e31acdd6a95e107338069b29be1bedffaa4410a4d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 7df2968009aceb5c0f687fe187225db2
SHA1 3ca854702f70fae3e6f73ebe962f34efbf5bd478
SHA256 93d9fcae60de6aa77b42f71c08f2c1ae27ffc33f8c6b628d350e91feb93be068
SHA512 049ac585241d2ca41a474480c9a394ea33662fa7560c492ea0db4c9e517369ed2e06be9f1b10b8144fa6d5aafb4f091dc57229245fa10a9b0d66a1f100128556

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2e001a9f282ef7a754e4f2a81fdba224
SHA1 208b5509c822c0ea146071294eb169cd9bd61565
SHA256 90370efc907dc661d855570b9308b486d9c1f627520f2d9dd7fe0b12936de308
SHA512 e6bb8fc59ae0ea0a30ec596362b91ac71fb1ce567f3dddf8aaf01e9256c85e5e7fa2eac18480530344667fabf40e7628ae5b96866aa00f4a633454596eaaa7a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000053

MD5 015c126a3520c9a8f6a27979d0266e96
SHA1 2acf956561d44434a6d84204670cf849d3215d5f
SHA256 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
SHA512 02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000058

MD5 bb30ea3b46964f49ba85f475efd1fb6f
SHA1 1bb4aae7781af8b933e1dd4dee56879a3ef92d38
SHA256 7a5bfdc2463dfde6b169ca4555ce9f5a0fb21c15c3ac807967590df27dd800e6
SHA512 bc52e8de4712d416aebf1d403d6ee8dcb6386a93dfc6727613af487f73de69db90913a9e9781660d8dec121d720ceec9c84b260c76f0f6f565ae80967eee7474

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005c

MD5 34d417511bcc66045487a4307a08579d
SHA1 e2161accac890a2632bd6eaa7faaefc204cff6a1
SHA256 fcf96f427eebab9ffb97cf4ece8a7f3b37f9756d211164112371ce5950b58e4a
SHA512 a626a957f521fe0cccaa14ff22f08a26a968a6dc6633f5020fc668d0807ea98bba450fe76d9dd867ddff207b324ea68e0fe4b0dd7c85e2dcf39cf307a86e18c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004a

MD5 bf69712ec4ee8f080bb309c2d80ae924
SHA1 fbd6276c71b803c5660eb8cbbcc23364c403d32e
SHA256 cc984f035b838a742829b702efacd49edf20d33bc6c28d16dbceae84b95b8753
SHA512 e0f941a773967fae01bf631427122ceb7b8bb3cdf44e6c003fe063952674a78d82e7774d6bd546da04ccc100d536b98710cbb9a5e6db27e75f59bcab47783517

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bb9f77b1c1f69e1e5c14a124ba8ffcfc
SHA1 fb02ac1cfbbda13fee12a57dbf0b3c70be8623c2
SHA256 fdab1e468ecc89d454d29ad4f39cccd090edd9e36a30620b624e4143e5137649
SHA512 45ea0771683788ff1bd027fe440b05ad96ce93f0a260ddfae1fe47561dfd5ae292cc254c4dc8548e27a884f80b44dc5053807391f49e2db1d43168134e1e6f4a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a3aa934f3aebe9259cb2f47db10cb800
SHA1 c80610b9dc1e9fdcccb8450edc8fca1def208bb4
SHA256 65cadb58693df09a3d09ffde058cd85d27f76d32651bef7f776e8c318ab783af
SHA512 b9d50d1b5f54e0a198af5082771caeae730bc798536c0adce47ed404133d06a01860538f72738396c1ec694d9738cc45e768dd88ff4aec4b9d156158b62842c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 13bd7a21f9c3bb29e39ed36ca3a02da3
SHA1 75ffc13c95cd071330d545b98c1dc54e9442bdc0
SHA256 e1798f869d837969a83db120867251eed83cc9bfd4c71e7ff8a5b72c1950df08
SHA512 3b984255536df91aa9869315d81886db185c413dddf08b2b6b1db21961eee853b9321ac1fb6091a922e33cb2c978c9c4c3d6cbe37b4896c54a45838758b3b991

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004b

MD5 85900664aa3f69b5b8c3e0f1d0201060
SHA1 b26da11d852dd2bcb66b69ed3c6787671a5dae69
SHA256 d4e1363630c20dfe6d866c8f8072d6d7c47e5e1d469331c237c4460e60fc8554
SHA512 1f5b0237cb786c2dfca4d8c8295e5b332cb0b81ce5f10094ce1aaaed549ae1065353d3bf64ecf286b99f5d9a66eac4842c971d886b84fbb7a29d953eca0efaff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006f

MD5 26b5a95b929d32076230044a1319d6cd
SHA1 fb94ce7a467613652bcc7362ef70425cf97481a9
SHA256 a8f660baec87e38c0b312ce3fa9724e66aec9cdd267d6eaf5433ba07b3a5f1e4
SHA512 1d3234d0a88f94b7d0c9d8e9ce08164ee1b6e70ee7a42e461feabeeff99dd9ed16285a7645184b692d6d6a259e6f1ef6381460eba4ed244e60a52325cc621a76

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 38b556bdd0c46f8d9aac609529ce7705
SHA1 164f8014dcee8618cd6965256f3ad99ea2a90c55
SHA256 8dac5d17a8bc6ea9c2a4f8407dfaedb869be91291a330d60e00b2a5ae4d0a6fb
SHA512 40367162caede3447bcb940c4822afbc9f85f17895a046a47511794becaac4673b00497a15d86b31a142f186883d62c4a1b5f8a319679f2f53af086c8d185cb9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000063

MD5 164734967954e5a8480e88e087a5d48f
SHA1 f4258c100f36e8f1051653df84e31cf098aa8b0d
SHA256 1080a1c382b015a8d7a0f3d84fffcba303cf6b4a18889333ff1fe8236b58e9a6
SHA512 71b540e426b1374a04c11f36cb627031c887018c48c0bc998ece3160e63a8aa2f07a36cb087bac271cf28d62a7117042cd3d7002c2c54bb7db140c4bb3130a32

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 93ecb46df889755da7b9b0f8f143b782
SHA1 876233afb28a7e61bed41d619d20c013305cf47a
SHA256 270fb1136a4b5d2bc1eab0d8772ebd057c12c97e3e751f7ac3f3b7c686c21077
SHA512 be15f38c22defaaaa4de592241d77112b95c398fc260eb7fc7743d619bf5679b0a23f9dba3207796741b40c250f1ccf7e811f23b683738575670bacb50134013

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 71bdc28dcb194b761edb9407e3ddea67
SHA1 92e8ff943ba06c85996e056b22d20c24f7b4ac54
SHA256 c9dd0aeb1a6686f884772c986010984a371f2e1cd5d4cdd58beb6aa8d0566350
SHA512 f2159b5226a6b418368d02ca1ebad2f47caa8da2000da1b62d8482b1aea3ce061c5a58a2f7ede8b9c4646973c4dee01c1de579936497f7610f31be17bd349d51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 caaa5222d179a24ca5540080c7018b99
SHA1 1f415a7a73a12a4c16f25709504f4e4e4beae9dd
SHA256 b729255f2e984a20fa0f0eb07e08368cf468fd17ff27a7d1dbb4042ec261d8cf
SHA512 71b4f878aa154ba4a8523c2e36faa8dbe3cfafa082b18796d8b69539dee9506253b9e55fc9b71cc2c9027d22ae08587b0e2ddadbc8d3395dbb73584d1ca1ebcc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 957232b283b30b10680a9aa6d0cb5916
SHA1 dd859777ab73f1e60b6a78a2b3018d3ec8c4837e
SHA256 83004bcf243dddcf2bbc018080d47c5b772e11196c5bec894cbdaa4fe9e38966
SHA512 4e0237c71bb01d68ea04adf18b96e0fb16b2468ccc18a9c7d6e059afe1c16ff659928f95302afdbaf4deaf030de2f79d768f53dc8f33e5d8ef571cd724e90f8a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\733a5af1c26d2801_0

MD5 161257ccf326cef84af971dc8575576c
SHA1 5b9433edf0fb7d48af13dfba54709bbcf3eabf99
SHA256 968e43464c67bb9a4ab5a0b010395705759118d3f4195db296272a9772a9795d
SHA512 603d26c5b1ebb7fef1f4f9aef2e67872992b60afee1aadc36d096927736ffd82aba4e3805158e86b82a8379f59d96a98f3cff865bac83b143f22b1bc6e62f6ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\70faf906ee2b1c1e_0

MD5 795d57cb86f58c66f53d4de7b17e21ea
SHA1 20cd6c571ca897bd9fa1203b1c55f5e28f4090e6
SHA256 4e8e0b83a0fbc623493d86ea794a1a345e478597bba23713e05449da1f859913
SHA512 d7aef772cb06bd4674d74c07006c5ef02fbbddecab6cd8fcb8a3e4f1107588482494626e68b6adb217601d08177211aeb6a9826f3fdf8bb3fe22b848add071c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 64ab9291431b8dc0013a028e39c64502
SHA1 9cf83db14f4003b39b6da9ff8d2588931c82927f
SHA256 1590c64145894f3ef3123939297bbd488f41dd001185fa8cc3429c9e5aa9a2b1
SHA512 1c659bdd19393baa3cd2aa9774f979f711c344d0ee3c7d611c4dfce39684746a4ce3dc98917bb1be4c20d0e0681d99d6781d13dd2b4592c92543ddaa00749763

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1f7e42ebbcfe0af70989781bb338a16e
SHA1 b3a8b3cbcd1521ef9830f1b7cfa450a8031428b4
SHA256 06d2b4eb7243254b6b9c5d0504e7ed1201dc67989d88f424624ea77e062dae7b
SHA512 b5cd6ed45013d4c8eb898e3e3060b89533120dd34cca4e0443e657a169b9aa9ff99fc80e0d51eecae38348ace065b16b214f51747f200187b1245d5d411093a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5b4245cc8e284dd2587e351aeec6b96d
SHA1 2d466841069da6760a77103dcdc1414de19eabaf
SHA256 5743d9b271c778bc008d2f9656d954a47f5460a0b824355588ccee95792e04a2
SHA512 0123986f97bc30b7b5e8a9cf8337e00434bee5054bc76b7a1ddd3182d426cf787709ca207375af4dddeec9b5aa65106091bc6ccdd2ea425b650b08b890588394

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 efdf336c3d3a1adb92b2ad84b9e0ddf8
SHA1 d12684bf46d8efdc7fe65d72974a64f8cfc83aae
SHA256 a3b64fe67ea4be6fd1cad4f43ab347f08f3c05afd11552101ddc5f80fd3e31cc
SHA512 d47956132f95e0f8c31b0d8e8b23a7748b4fd39b6acf746e65600499bb6dac8bf3ba64843a090e41066de86eadd02aeb9c1ebd3ab9cdee4bd9d7867febbb696e

C:\Users\Admin\Downloads\buildbox.exe

MD5 4ad9acdf92195fd6e8567d06919d2097
SHA1 5ba62be43f77bd42d13a162df00d64ac0c5a6acd
SHA256 3a090f602be3dcb1c8b03b0efc9e114d10ff278ed651f42a144aa919b11b7ba9
SHA512 32d0ff0c9cc5aa076baec93e08b17ac64f377883224e807bd6571c7d639138a0e8a2a5146b440ced8b67c7b3628180e51fceb603aec4f8b14e2b7f806a7f0c6d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 82c8b41edec6ceb0c72789641d43cd1e
SHA1 818bb5165a3becaea27ab85c356e68340ed52b71
SHA256 f8c891ad7dab823b0f2f43e7d980fa60b274351d0a09280efb619c3905ec65fe
SHA512 0a2fd56139e2c9c7e738c8f03eaf7c0b64d9973877aeeed596054310f56fccdf40b45468e15d742c171347381f1855fdd4af2c5d26ce7d6df2a37cb8ac68070a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 06763e07377d77e5a831aa5a8602469b
SHA1 7a90f6e7d2c3253429a3f3c185310ca6e132f9e1
SHA256 f11662319093c873bece285b84ba90b65516511c7c5d2ae1bcc275e524fb1132
SHA512 60302dcc73cea4d75deb792c85a82151abe42e0fc8badf86e705840540642381099246d9ce76c36fb42ca9ad497453b38a40a4cea89de555735c092b7d598c89

memory/1472-1462-0x0000000000400000-0x0000000000414000-memory.dmp

memory/1472-1465-0x0000000000401000-0x000000000040B000-memory.dmp

memory/6724-1467-0x0000000000400000-0x00000000004BD000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f5277050348efeb4fc64face98abed53
SHA1 06c2d1389fff269674f09a70ddad7cd9865120ca
SHA256 8cef90b6ac6f5d8b7db918325dfc2395c438dc0eaca9ac9d183383cd170e0263
SHA512 a72b1ed0eb9d5ee429ef05050b178bc90942c756608174c854a04624f48d499d8a1386f27dcba34aeda8145f66001f298d1693d163bb0e624685f69fe880038d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 f6dbc6dce5782b62802e93804690151e
SHA1 878dc0236129babbfb36a433e91c5f6bfc0f79a9
SHA256 498f086822fdd18413d7159555797f2be1fdec0c3dca992f0aaf4ad41fa5aa85
SHA512 99f776bd7a358c7749555ae219e16e4b64b3e009e582f0fd12c41d14202f01701bf29abed2566d718d21c5c4be928acd91771a24b9b4ef2249a44795a7c943ca

C:\Program Files (x86)\Buildbox\Buildbox.exe

MD5 8cac3cd0ed2217c4db549ae5c021669e
SHA1 97fbf9d695b2caec2a903398e7ea0930c724685a
SHA256 50894e0058b2cfbc682f8a9515211f56931be58ba2079d091181bd9403e07edb
SHA512 f13ee09eb780b3245428536eae7a20bae5cc554e49f2462b41c1ec1cf3b44b0acf59be4d74441a0cb6a5e8bda47188794a1780d099bce3c5e21d3db9e0dbcf64

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 8890c98879e2356e23fbf6048d1cbf08
SHA1 83553be9994b3b992f9a27474641fe906a3e36d7
SHA256 b3953c25321725f01e73ce6d0f3ef748c1f2e514440467caaeab9be5d8754b4e
SHA512 338142eed43eceab58feceace606b175b079a5746d0a2461994ff7d0e48870688e66d6f9600d7fff0dce9dbe153eb5a9a063610302e8116c7c87ea315a441015

memory/6724-1579-0x0000000000400000-0x00000000004BD000-memory.dmp

memory/1472-1578-0x0000000000400000-0x0000000000414000-memory.dmp

memory/3096-1862-0x00000000025F0000-0x0000000002603000-memory.dmp

memory/3096-1865-0x0000000002640000-0x000000000276B000-memory.dmp

memory/3096-1863-0x0000000002610000-0x0000000002621000-memory.dmp

memory/3096-1860-0x00000000024B0000-0x00000000025D5000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 284d94a707f88d0c450de7ce86a7cc3c
SHA1 6f45a788ffeb25d381b7bb6d34e03f6252a587dc
SHA256 675eab592635976bde7c945b81e800a515352184c503ebbe40884346971790b8
SHA512 6af8985f2fc050ac2ad696075a19c6181651025a16c57062c81a627e4f3f80d6bc001b9ed43ce7ae3c67bad8d7359a17b1c72c197fd8f23e3376fb55222fd381

memory/6724-1878-0x0000000000400000-0x00000000004BD000-memory.dmp

memory/1472-1879-0x0000000000400000-0x0000000000414000-memory.dmp

memory/3096-1883-0x0000000062E80000-0x0000000062EA2000-memory.dmp

memory/3096-1921-0x0000000062E80000-0x0000000062EA2000-memory.dmp

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 1f01b877bd6085e2b6a6a429d407e2be
SHA1 8fb505ea9d11379637e9fd1edcae627107621247
SHA256 c3d93512e2dec1e868d71c9a244c432f6c8420da410090fab127acca85537b0b
SHA512 2a76414b253211df04b240a5f9390ecddb8dbaa056971766a9f4db0b042eafbcb26ea34f5a6e1462609d54b3e9b5e97383b1032593b7b3d9be4da87c11246f97

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 cac337a50c5115e72a8f342f2ed27d6c
SHA1 cd3b958c9e2e97179ce5abd66b200208b091d344
SHA256 745ed576e2518aac4b9a207302d232ac2951ce51ba785bf63f10ba48b670c227
SHA512 d253d5753e9850f1802ee6cba20dbd642aeaaec7489dc646f9111da058e20044b6b11ff65ced4b745bd265bb6cce87688a8f1c0303ae45b356129b467a88539a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000032

MD5 cfd2fdfedddc08d2932df2d665e36745
SHA1 b3ddd2ea3ff672a4f0babe49ed656b33800e79d0
SHA256 576cff014b4dea0ff3a0c7a4044503b758bceb6a30c2678a1177446f456a4536
SHA512 394c2f25b002b77fd5c12a4872fd669a0ef10c663b2803eb66e2cdaee48ca386e1f76fe552200535c30b05b7f21091a472a50271cd9620131dfb2317276dbe6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000093

MD5 536de60587177aa8a6d83cf8a96a9cd9
SHA1 66c0cde28acd7507ea11d8c955bcd2ea5d584bfa
SHA256 cdf3b516109e7a14e5f0ed5578c6a94f78c49b1b075c9263a7302b7072b7a67f
SHA512 e1aa352f90326c83fe4edc8d05cfab287283d345bdd35735f2c9aca8fcdb881c2f1ac22a790e5741bd12d14b3e4b6ff9fae3a08f42168baaeffd0595c67dd486

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a7f76ba0c2cf4db683c2c1b0eb800081
SHA1 73630b22b7ebdb1502799e34f46f752886cfa6ff
SHA256 a65c8cc5c8eda637948fbf9fb6591f4c6bcfcbe3f570bae14289e68fe0e108a6
SHA512 f0c03e9ea4e556ff26271ae6e61b5f84828b3b7948aa1ec05009b8b5f975573b5cab9cde175997b65cb08b8ece9bbf02fb6721f504b22466f8f1bb18f2e9b880

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 de66271a9aabb54749b01a3e9aaddf42
SHA1 ebc05a99afd2f350dc59537286e947a24142fb78
SHA256 1de4cd6b6e0f6f4b269710bdd0642a4ee9081930bd91189c96db3f13c8b692ad
SHA512 0524dc1e1e4014c068ebc7d344c9142e7ddb338b345e676b065c6d55965c96177a4c0b03932947f5dbfa6f2ffd97153c57b2751f20a38afd6d00ba695c737f8d

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 1661964d905df32278b503f58e9333a1
SHA1 d0c3e66535a0604dde75d321047ec5bf400ea0de
SHA256 1ef07cd0245a5b91b30122a9a55c77d1561546abacb0a3ff89ec89cce812cf54
SHA512 573f576f40deea439f65ad878d735df5cf3c064bf2dd55f243341ec650cbf97e87f653e8071969dcd42969cd06efde4ce8a52582aa304451f328695420f35173

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7f4535cec31736f8026454284346f164
SHA1 77220c1feb4c7c49ea348346acfa58e5c34f401d
SHA256 4d13cdaa89977eb09202507839eab8cf02a20f3c1a506abf1f3b54d614709765
SHA512 348e881229a6e6678f149f551037dc1dcb027b9c8d1955350fcba587312303a40ad17dac9981285468d591a78560e679726375f160bb3f39f20b6fa91f77ae9c

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 d45e383a531ea745a531b0841ac1060b
SHA1 a73836c1588a249c665af13a63fdfa87bf7681d4
SHA256 5fe46a31dd69062d74c3b42cdce632fe275764838d80ba1650142837eea22409
SHA512 b0a5599831a5a3769d7de782dae64f60431e2e4ba4673ef03276a2e30c834ef11eb11c8fda87c385d2a27d43ca4957931e6393a9853b7ded859977c31c80200c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ae99f75d71dff8c9ecfad9fcc4ce37a7
SHA1 dffd58faacbe412a4dc3abc82eb10314d1e8b883
SHA256 56ac2455619b5145e5d1d9bb624039043d44d6a507bec31b27872f504b1ae733
SHA512 fe5fe7da32c2b7726b59d3b7646b002ef48dbdd8db8d5baad54c0d785002a318c290481cf48a312241a22ba63e566fbb395d8c47cdafc97d4ddc8ddcb71d4910

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dd8f84c251c0bd9bd71c5f002327b07b
SHA1 9986995c3bebece69460ae0134415d241d38321f
SHA256 1390fa06fd34ce24531dea2bac5461b085292ae2d8f29e2cea12fc46ffa7258c
SHA512 cb5b208798cc03fc50228cf747cfbc3647b3457e9b768241b77856e060f343cc3eb98a28df264ba0405494b32d01e3a9d3313f1bbc522967e51ca8685781b2f5

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 404abe52119cde57a06efd9451624e2b
SHA1 e8b05a4366b78318b4462f2abb996ebb3739f3e8
SHA256 549b7b96f8339b2f6cd399db68271f5955b6913f0ae6209f668b1bca7ab69b04
SHA512 b44fa6955304669c728635bf8d543c197abffa0b9f012846cc2ff3bc2fb7f6d8c1f306aea0fa4f4db1ea825c14c5c49536ff4c596fdc6b7145f965e8ab021f36

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b410780a22670dd90890540e1de2aea4
SHA1 06f5b1a52ccaa4b3679f9eaec29fc7fe5d9a7361
SHA256 dc9bf7edf7e4017f7222959a2268aa1f75c326bd3703471d8b5ab057bb82ebb9
SHA512 1c3e0f1f31203700ccad6ed2119b2932f4f94057e340ca3112cf53b60ebd9d52cbaf1c65860fcecc39556cb56ae16d30e090cd05cbb39501f9f82c840e16d45c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b30c85f749727d7ac1890c8c659cb4da
SHA1 1667c2ff02f3f721d4162f144e34260ccd12af83
SHA256 c50957db6d2d3810219dc14a1eb13b2c9705a654788319c84fa7d7694a285d91
SHA512 26cc5e166f67449eb71df317fb523dc04f16467a1755f7c71579d717ea511c2b9e9634d56327af1f103a2dc56ca73f9c78eb48d65cc3b7e8742a31a820d9d2ed

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 ce33d0cb429de608973d3f14333f42b3
SHA1 65094534d6c552fae2a35830b05d0dfe5d60b3cb
SHA256 986d5baf52451aa9af0b0ea51382b592b6d92d956456be09e1ee82639fd5c3b8
SHA512 cbcc0235eb93a1b58e48b1cb1424abf6c5141d4e225aae5c09a4c7811fa8f5df09f4f7de31b60984de3b97c4040486718d41c36154a16ed64b1be8ad3748791e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 854f63ef3d81fab2f2fc02a011ea4299
SHA1 2352a67fe45ba9ec9c983b66ed13dc9e0d47851d
SHA256 ba9afc94b4a3d1ffb2c7161a5a13fe397bbb9e3c43c48b858db758b807332eb9
SHA512 6b9efca9db54bae225e0c299fca50312d7b77ed806822988a92c9b8e32344a4394f39109f5562800ccf7e3d72440a25f2026acc269a1b2c9cc784433f25ff728

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d4d50d4c108e5eca47e48da82bfe0bac
SHA1 4c3e77d41e22a35e3a1402a52f494a14fc7fab53
SHA256 00993115fe8e5c765a5d12cc506366f18b313d205cb8ac12b6610b3c61b585ae
SHA512 0be2bba4a4c271f630902d1f04d7f294803a00bb86d461838be74841b5ec15be36e7e8e74567ed39b33ba7e74ba87719734fdbe751d273948eda6ae6f6c1ca13

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1e1cce646778a6c557331513b9b9e461
SHA1 bd8439aa8693a342567a8f525cf9276367057f00
SHA256 b0f8a97d1d8d0102b80a5dc6a2dc516bd82d7e076adedbd1d34b2d8387cbe8de
SHA512 7ad8e76ff9eba9f2b58a50627dbe8abb8e7d49984b5d93e195b55f72a237823b8b739121dc527bfe193c4b3a5ba12a7f7a5aaed9871e0d823a2bb89af92d92bc

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 6c02a2ea6b8c60b5763157530f988874
SHA1 0ee9fc322ed7886eff4ba15f62fe860686a2a860
SHA256 7cdb23c598b69f44ad7a648b4dc5c23c8b00178535a94c24d022bd16dd25d6ed
SHA512 313e2a57f6d7f107e53a2bada2024faac2f6fa5f4759a53c44bbb5926ccf5ba914fcb5d3ccfb6846d01a4aa4e6a9f355d08b8e0c8eb1d1f56598ed7942230225

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0e24b99610d57f96a32e8df3d7d74b46
SHA1 87d1b1e00c0e241c28e75fd2de1ddd6b3c690b0f
SHA256 941d31fe6f3031f10a1a85c2aff88136f916b0ea7c38ae8b93fce26fcbbac329
SHA512 8ac000af860b50551e8bf8af60aedb140a42c6f84f22aa83076b5f9fe4382dadb7657e8f7b69b2fae43769f378387780af992640dca87de70c1a1e81644cff74

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 62d0cc8370507161f8de09394f3caebb
SHA1 3b6d7b6254e8c20120b9da1d620d0ddc43be6837
SHA256 5fb2f6c8fd0ac0da83b735ab95da86d2e50c191af1f0cf74dd85081067aa664d
SHA512 db8443437459f9f48fb13a97df4afd4a2614cc36567358c7163d46105f00b13d1fa2622484fdc767a6f21fcf876282aae5ada08330154f3f73c1785b825e285c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d551265919e5382c48d4ccfa8ce6d03a
SHA1 584fd68c4ed9d3420df96156aa8dfcefd2aced35
SHA256 a9ac6696dae1fb12e978e378ed5b449a0750a3331e8be286430c12d2ae6a605c
SHA512 2de504680f12babdffb897fd986431166cad88769f12019066ff596e0c57d95dc624adb4e2bfcbb2e2f7d9bdf656df9c27be62f7870235caf200d6390a0a7004

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 2819a69d0bf70e5abfe2d1d3baf5bce1
SHA1 bf82cd4aa202a0d86e72e3740c96d323c6a994a9
SHA256 6c22132bb1ba8e25c3188445f374047db14ea1da054f382e3a498b6ad0cce66d
SHA512 469a15f26d1b5b2b602af6d4e6c1da3b955de788cbd0f72a23dfcbecee4d5d076bd0d1126cd55bc08cb5d1b1fe2bb0d4ee9db98a26de6d0ef3a3457c4bca0388

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7366f48108c4aa373aec7829cac1e903
SHA1 4fdc4eb9969d62dd5d9357a8a670e451fb4028d2
SHA256 bc59493a383a23d813f3ac98fa0a6c32a544bba6c4c1dda43a20651c205058a8
SHA512 7703c4ee4a189735bdb2675b9677ce2410a0d6f7460c07e8699bbdfa7835eb8aa182b62a57ce4a134ebadd3bde10667d720926f60a37571185f0fe2a70c1bc15

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7ce30deb1a7331a9fa56031698f6dd8c
SHA1 973bd5bb95c19364468329c5a397f0b87a81f6c1
SHA256 0ad7e5fde49e83895174e980de10c409946e7f6cc8fbef223141f9fbb0108df3
SHA512 f2eb4b5ce49ef2f8aa43d97df5216a76ab6c2b8c1af32d2b98d6e2a9c9b5012708d193299baa39232c0b56d4af8fe2ae8e9ccde96e80a9269a69e4d6ea00a1f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3f9b2b9f8e82067aa010618344acb98f
SHA1 1332c3cd01eb2030561e29f92d1b7c56f3682466
SHA256 2546d92f9ca4b0f663ced88ce73d0ae557e3763d0740b31710d9a8f9ddb56011
SHA512 fe87a9219b20d4074e02bf7708806fcc797355a6fafc4f98ccc84a69954beb881cd6531abb2a67b3dd25d6323c2e3655b4f6ef3e5f169ee795ed7537f1ddcb19

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 4bfefee0304f32f8652c8e66933b661c
SHA1 f6bc17bb14a0e422e562d1b51cb0f6dfd76857f8
SHA256 be4ef598a482f290b6cb29464218690c0b2f6f75a61be54701a6865d492a4edd
SHA512 caa306bbdc3258ada36937cf4b090394e6216b2bc63011832ebfde8e0abac45313a5b49e20e37b82d9d452cd08db265d124f72dc9a4599a02c37537287beed5d

memory/5852-2605-0x0000023537790000-0x00000235377A0000-memory.dmp

memory/5852-2601-0x0000023537750000-0x0000023537760000-memory.dmp

memory/5852-2612-0x00000235403E0000-0x00000235403E1000-memory.dmp

memory/5852-2614-0x0000023540460000-0x0000023540461000-memory.dmp

memory/5852-2616-0x0000023540460000-0x0000023540461000-memory.dmp

memory/5852-2617-0x00000235404F0000-0x00000235404F1000-memory.dmp

memory/5852-2618-0x00000235404F0000-0x00000235404F1000-memory.dmp

memory/5852-2619-0x0000023540500000-0x0000023540501000-memory.dmp

memory/5852-2620-0x0000023540500000-0x0000023540501000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 745e4d93e49d6d11788e0b231f0bc7bb
SHA1 07fff42fdaa1b8d96afbd35212114447b292b43b
SHA256 80784f712c1efc44383b5c37fe1a25920c996464401be75a702dbca6f436ac33
SHA512 99eb1028debfd2f57f3172f241c7a8e1b3d8de824b0fd723274a73287fa02d4cd237127d9364a89f6c720e6eb2f4ddf20bb52ffeede0b5a7e614f69ecbaca1a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dab88b1c0700f0578172e39eb0f1b95b
SHA1 221ee817e9747850739b7a0dce609745ceb8d197
SHA256 1f864ce2d52906881a9f23d3e138cf2424e07b8857fc05adab1e06dac8e9fc07
SHA512 45046aad694ae17cb985e5221986682a35f3f1665c2ae42b850fdd9ae7614dffc7e16da828485de2d6a92d283c68e843a5211f465a1388fda3c44fd693659ae5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 494244f4a500c3edbeea3c1d33ff640a
SHA1 c037ed6eddea0d3e1148eee91268dae7b361eb2a
SHA256 09e1bb3700516f7b306ecbe7a84fa2e99bbc61f094e4ca17c040cf92a0a64287
SHA512 064d15acd6728b3d3cbff1f8fc4384473d1d259f4e870e889e4d3d1d9a46947bf76329b52d479821619e1c1673b201e9a1c70a38c6b19c3d11bd742c0e69281b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 ed10c91daeebd868f5ed3c8d799e157c
SHA1 553b613f53fbe0ae88f16a9ef89612f8965ebce8
SHA256 2d0543876ffe6ce79cc0527bd3075385e66bacc625f19f13815b007c09b357df
SHA512 7b2816d784aa3589f6a10b1e1d65e656818abf26bd741f19218f21af342b9a5be5e7771cc06a7a41052b55d8cccd7b0b001f1a1e9024499078920c150e503b95

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0508fd9ea2b414887535d49a34a75b96
SHA1 f01c8dd6e6e83f30ab2b736cdd102ba890f22f11
SHA256 688177f9b2f6425b1a394c07d487724374cf3fb86dbc497d2973df3c4f3bb649
SHA512 4be1cfad0a6c577159e4dd42f0d74333b9fd3e0cb596e003039ca44c42d4611c937e98c5018c45890de900eaaef7d16e5409fd3fbc3efb277f88bf0391d52576

memory/216-2687-0x0000000000400000-0x0000000000422000-memory.dmp

memory/216-2692-0x0000000000400000-0x0000000000422000-memory.dmp

memory/6200-2693-0x0000000000400000-0x00000000004CB000-memory.dmp

memory/4388-2696-0x0000021C24A00000-0x0000021C24A01000-memory.dmp

memory/4388-2695-0x0000021C24A00000-0x0000021C24A01000-memory.dmp

memory/4388-2694-0x0000021C24A00000-0x0000021C24A01000-memory.dmp

memory/4388-2706-0x0000021C24A00000-0x0000021C24A01000-memory.dmp

memory/4388-2705-0x0000021C24A00000-0x0000021C24A01000-memory.dmp

memory/4388-2704-0x0000021C24A00000-0x0000021C24A01000-memory.dmp

memory/4388-2703-0x0000021C24A00000-0x0000021C24A01000-memory.dmp

memory/4388-2702-0x0000021C24A00000-0x0000021C24A01000-memory.dmp

memory/4388-2701-0x0000021C24A00000-0x0000021C24A01000-memory.dmp

memory/4388-2700-0x0000021C24A00000-0x0000021C24A01000-memory.dmp

memory/6200-2708-0x0000000000400000-0x00000000004CB000-memory.dmp

C:\Program Files (x86)\Buildbox\Qt5Network.dll

MD5 b84f378d998a8204ccf944cdec165206
SHA1 a7a4baf6d2c9267bcb66e7151e168543aa764529
SHA256 6c565440ce4b13f4d52772742ea88a65c3e7b8d856600a22dda86705e2b6dc7a
SHA512 24cbdfdf5d3eb5ce40520124348de9d4cc1ceba1814694fee7d71a66b2beeaba47a82a2dde538e4e5500381137bb1b847fb43ebcda99a12e29f9675bb6f31daf

C:\Program Files (x86)\Buildbox\msvcr120.dll

MD5 084997c2165e30db2ae3fd804469a9d3
SHA1 ced6dab01fb11fa386fe06fff3f5a3f46af49a18
SHA256 ca2bd30e5483237c2352a8a96b7aabef8087d8242e11127365377e430667fc26
SHA512 914edd89c68ebe0b561253269efb2c5d12e45e261d1243ac91913333f1ec02588800cf5bec0ecd8326d1a4468109e8e52209fe4634596a1fb0e035430fc40906

C:\Program Files (x86)\Buildbox\Qt5Core.dll

MD5 b5b60cf9989ab6925edf99f6fcf53f8a
SHA1 5a317086c0fa008420cdd56f64c5044b7c9e4569
SHA256 b2c944b9464b2f84b2992a2667a5a0318cb6ed9ca190b86ba97028bea45983bd
SHA512 3bb9e98db956ca2517330a1537f1f094d258f195724226fd1d5d5fc262ba0ecace558336074fbc4461430be7c2573019410b949043ff11e5ce4c13181c47c7f6

memory/6200-2728-0x0000000000400000-0x00000000004CB000-memory.dmp

C:\Windows\System32\drivers\etc\hosts

MD5 37360caf0905591b87ee1aa8e94f0f78
SHA1 823197adf1bae6a628746e8dd1a5ca74083c2257
SHA256 e6ef4718f413b09e9afa6e5b44841b6578ce94e41d8b4750967563251e8d493a
SHA512 2f7bda1dd33f35bfe977a01823c26918707f99b697ab69147c4c3d01eefb0ca5ba98c2ee336191259eef2118dcc90d3964c794d9e6ea737c1b0a0f096f540f4b

memory/6200-2740-0x0000000000400000-0x00000000004CB000-memory.dmp

C:\Program Files (x86)\Buildbox\Buildbox2Loader.exe

MD5 58679a14f55cdc9d4f043ad271cba6bf
SHA1 04de4c633f1d8539cc5fe0548a57a692c1bc2e74
SHA256 c1bccf7d0ce3f3591899d0c191ca07342f4918fd3b3a82ead6c87ef05b0703ab
SHA512 a43eddf402daee691747be40157b162f3d5a4add508e38e9931471863ee92091e24b69ef8bb625852119318f35dedd966a9515753163eb6d029afd51de5d94dc

memory/6200-2750-0x0000000000400000-0x00000000004CB000-memory.dmp

memory/216-2751-0x0000000000400000-0x0000000000422000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 4ee1890a17e46ed91e65bcfdab7b4cc3
SHA1 375290ef7c8cc164e9bacc2331b573ddc3330e25
SHA256 1cb933860127d0d13de825abdafb6d9838242286b809b6010fc7870632c22eb6
SHA512 0d43ce29ef03c97b797fd7c6e30cc89308640eb0d42449faad7f07ba556c4b545f07b1c86b41458f52a5c81d12f464306efef77dd92a277fb480c32dfceb1d18

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0b98857902212c9d8977ab3b900f2988
SHA1 9708d9516baa3f03ff572823e559257dd39c47d2
SHA256 d68ad37393844ee44562ee4881cbb6ba30d29c1718eba4695ede7f8a1e0ae93b
SHA512 bce100e96aed6fdbbef4941aacc0a5ff68b4c65410b1c29a789f5df2320dbbab546f7a6235c7ceb979f3baa8ff3b51e487d4a8208b38863afeb7d372ea602bec

memory/6836-2852-0x0000000000400000-0x0000000000422000-memory.dmp

memory/6836-2857-0x0000000000400000-0x0000000000422000-memory.dmp

memory/3888-2858-0x0000000000400000-0x00000000004CB000-memory.dmp

memory/3888-2878-0x0000000000400000-0x00000000004CB000-memory.dmp

C:\Windows\System32\drivers\etc\hosts

MD5 505e528adc99beceb00db3e5370cfff0
SHA1 b40a53f7c1211d6425200e6a831c4d17e5485c31
SHA256 66d6738b7d5005d0fb1fe8d37a50c1685ec2c057548730ea6ee67c09fcb6ff02
SHA512 bbc88a74f6beeddf6ba3fe14fb07c32eabe3ab615d299da037e38630761d4ba40af80fa7f86ee41351c92ccda0903ea0dcb37d744f408fb8220718856cbdb2a8

C:\Users\Admin\AppData\Local\Temp\_iu14D2N.tmp

MD5 3169c062d29d09007b22c469290e0ca6
SHA1 6861600ef75d5e6cda2befa97ad878b4f478835d
SHA256 0feb375b60115bc2b9d51387408f3128f3b8d80bfe5f4bf5c3232a2b09bbee5a
SHA512 f19918ffa22e4b7c2617ed8844a21818033edc5d8c2b892101f4e23cd3b09773e9fdfe35ce5f41022952ca77935872b4e18cf20183164a6237b3636db91050d6

C:\Users\Admin\AppData\Local\Temp\is-UL6Q5.tmp\_isetup\_setup64.tmp

MD5 e4211d6d009757c078a9fac7ff4f03d4
SHA1 019cd56ba687d39d12d4b13991c9a42ea6ba03da
SHA256 388a796580234efc95f3b1c70ad4cb44bfddc7ba0f9203bf4902b9929b136f95
SHA512 17257f15d843e88bb78adcfb48184b8ce22109cc2c99e709432728a392afae7b808ed32289ba397207172de990a354f15c2459b6797317da8ea18b040c85787e

C:\Users\Admin\AppData\Local\Temp\is-UL6Q5.tmp\_isetup\_shfoldr.dll

MD5 92dc6ef532fbb4a5c3201469a5b5eb63
SHA1 3e89ff837147c16b4e41c30d6c796374e0b8e62c
SHA256 9884e9d1b4f8a873ccbd81f8ad0ae257776d2348d027d811a56475e028360d87
SHA512 9908e573921d5dbc3454a1c0a6c969ab8a81cc2e8b5385391d46b1a738fb06a76aa3282e0e58d0d2ffa6f27c85668cd5178e1500b8a39b1bbae04366ae6a86d3

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\jhlyxaos.default-release\activity-stream.discovery_stream.json.tmp

MD5 7c6b0d15ea49e6e9360ed654de95559e
SHA1 c93bc404d7ba6239252a2f4c11070614b0eca354
SHA256 9e15473d39573be215442b3b395a2e8249784b3867687302cbc48975d90ec8da
SHA512 e24265580dfb47dd419513324eb718bde71a8ef1c7f597b5b20191d820a0a69fb15c09703a18b20915e9391a9eb5d94c45783f7188ed0cf7cfc63cfa50056bc0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jhlyxaos.default-release\prefs.js

MD5 c4f5028a4005d66ee54fcbad5eb74e8f
SHA1 dc223fe901e9f4b3126c5b47e2ef8575bdf96e4c
SHA256 103b6e984bc54b8991229fdae327c94fa56cb56432e98018628fec5c73adb1d4
SHA512 e70214180046aef84eb11ce734c781a7881e3b5ccf969bb84113cee6563cb84196c70366a939cb34bb89d63ffe55ff4ac57fc9c27bb8e69023119df5355417c4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jhlyxaos.default-release\prefs-1.js

MD5 8ce894966a82c558d98667b0f04a8cae
SHA1 1cafaf7ddca15e777f1b9d96325dc2f559e1b865
SHA256 67b85c440e7ba7b7a944372dbe55dbe25da864d3627c87b289181d8bc8ec9654
SHA512 cab31e462d9085d3f3dc472568c11447cdb329aaf01e508f3a0bbe39dfa0dcbe7a7f540260fdc7ebe7bef431b1361b9c394fa5816df19ecc8e93858bdc0e1c09

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jhlyxaos.default-release\sessionstore.jsonlz4

MD5 ae2370915d5a8f94f205e68f87f81842
SHA1 a75d3427ce1fb969155b8657900ec20357bbd41e
SHA256 1c0fb7f268b597ed142cc907b8099f006c089ab3ba0031f965f1a32e50b9a660
SHA512 128a22f6688176d4700bf89781f1323c17cd4633b3e6eddadf66b86d22b44b954812d0d5ab86a967f43fa0be10f049f9bebe4767be7b5fbb31c841a7947d3fe2

C:\Users\Admin\AppData\Local\Temp\is-BHC7E.tmp\Buildbox_2.3.3-1986.tmp

MD5 45086337c414f5a811acfafd1d30ebf1
SHA1 6bebabb52d4ec2978307eeb9fe52894cd94d50c5
SHA256 6dc029d8b17090783e2733392bffe3b16febc4badb2721db059c6150fa9315e1
SHA512 a7f7394f8d1f344c89fb946f6e508f23a8453074f1747130a9b242e253d7816880dac0cfac12eb8858e7b741c827e432e77141b708cfe03f481b1c71f8174f73

C:\Program Files (x86)\Buildbox\Buildbox.exe

MD5 29211004fe19a0b2d549dc7e09431e30
SHA1 6ec77df7afe978c0be258a71c64cb0ae9a5da80a
SHA256 87259f60583c8efd5a9f496c68b9aa8e0f700d4efa6c0f094cc821c781ffad00
SHA512 5f0c330bcc75904b9b6bf3d46dc1913209c11eb9984e3e8dca3804c0df39360daae9e6dd843323ea00e3524eb73e3c223381c8de3836c2b8d42d0a2a6ddab598

C:\Users\Admin\AppData\Local\Temp\is-864EK.tmp\vcredist_x86.exe

MD5 2fe9702861e9f93a53be8dab361291a6
SHA1 17b381d3adb22f00e4ab47cbd91ce0a5b1ccbc70
SHA256 4ff07492947c3e52607aa8de0c241898aa35c439c442de1cea5d17de5b7c7f01
SHA512 dbd4023d3919ffcca2d21ff01bece68bc58004b966f0484eeef54fac0192ced1601859dd72f2214a38dc53c2c18582b74711d8b80e4bac60b9a6ad03b72fe803

C:\Users\Admin\AppData\Local\Temp\is-BR9EL.tmp\BuildBox-2-3-3_Loader_Setup.tmp

MD5 bf2f40b3ef26293972ae05a112c2f15c
SHA1 84656cc88b61450fefa1ca3589af916285ecd0fb
SHA256 ce58c94531faedbca16e1cb6beff233b5506276a86ab00effbe7a73fd3ae3e86
SHA512 87f65ecede50253d48b58a740c86b13b00f4410f76294b5b0ded47e47daea4cd9611d2691d0f56881b153b99668bcb6bea9260b8a9ba9ec7dd9ffba30b7a11f3

C:\Program Files (x86)\Buildbox\Qt5Widgets.dll

MD5 0db5c6782a6d931bc12d2700f9bbbfc2
SHA1 8aebce653dc6fbcad6c084ad3459d634e4a5581a
SHA256 8140ba373b4a87d898572d20f7080f74da6848d71c5e9fb35e505bc073365e7d
SHA512 4dd8a787bb69885ad41d761404e361417f4cc4dc635d78b5c3994e035b55565388030930ce5bfaf781ac7f096a80acb7675cd42a0c0e8dce1d245955e1c23285

C:\Program Files (x86)\Buildbox\Qt5Core.dll

MD5 845531781aa9ab846e3f7b6910a23a54
SHA1 820fd3b44098f89a46addd9a40bdc90cc1f00ae4
SHA256 907262164fbb508ebc34b2b471876e6aacede64344d437c3c65eb9532f0d8cd1
SHA512 552396e613c53b50196ec80da61bb8c06cc2e2ee7a6131b401e988db63a6859d53519373493b7d61913e97123f3b0814ae3676c361ffb2cc9386283014e8496d

C:\Program Files (x86)\Buildbox\Qt5Network.dll

MD5 9ea9b60e0ff61e2f3f98624627dce45b
SHA1 3ac5d17c3a396d5f1f8b1d33b5e612e5fb8098c1
SHA256 2febcb30fe393de5c486ea4e4b82b2ff1a5182b943dff8d56f2abd908c02eed8
SHA512 11a52bf542d0bcb2f11cc6bfed59715434715df278d7557311c684810c829c29d9291c5b8ad76069c39a420aecbe922c9a75581929ea2505f4ec9bb9e9ab101b

C:\Users\Admin\AppData\Local\Temp\com.eightcell.buildbox\debuglog_2024.06.23.txt

MD5 b53d384ee3f6968efc34bd611ab7e037
SHA1 d7e834e5769cbf6e0017c78e72085789f6e83033
SHA256 bea3c9b7be99dd022eadb018518c38cd23c9c4bfa0df9acb66b7f50d6d1b558f
SHA512 da3e320766a5361b73a9747b1eff68d71b06dcf045e775381a72033e425f94ada8d04f19c5243b2f736ed89d891264b0ff7728b4f898021da69b963959876ee9

C:\Users\Admin\AppData\Local\Temp\BsSndRpt.ini

MD5 d6e54566b1615ee018182ee867ccca48
SHA1 143d3a224ac73d1b95eb78327305b3cf629fba78
SHA256 06952351946b1d132640b5050a6f602ab4cdc9f4a5352d88405d87003e927564
SHA512 85a5eceda50d544bcfcd3a86342fdfa7e7f25056e7754b14f3e63746c313f3e264da3265a444d720919044fbd92d0d81bc984b1d81497bd44151bb0b7aa79978

C:\Users\Admin\AppData\Local\Temp\bugsplat.log

MD5 3351bf590960ce57c25d729e775a0479
SHA1 f550afb9d8df6c65c7e404e720014b6021b43bb3
SHA256 f19f3fde7ce517647be4f8b4e83ec9b8e2f2c0ef2cffa862bfc11c3b62b3ec0f
SHA512 57ea5a0f47748043b823b892a56dc4302eb70c9cecb8a105a1994279ff51c72507ca73d9115a25924aa07bd30ea6046bda1eed3ccb191e2fb5657aa0ef7f639a

C:\Users\Admin\AppData\Local\Temp\com.eightcell.buildbox\debuglog_2024.06.23.txt

MD5 fa49c58cb8cb042f63c65a51718cfd54
SHA1 7e4518891dd054e457d6382d9cea332438879198
SHA256 96e629f21a5051615f13f202fbdd30bbcd40e4614014e129e65defe6abccf940
SHA512 ea51b4d1a6babf56f6ad268f63f50b6e03f556ab3fb3551c7f4b0228f60ca694346298faafb9fc8ad7a94cd31bcd0bea60ce505525d548eb2e0e7e973e30b2ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\52d15379-d661-47d0-8b90-1a94a821118c.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ba

MD5 15191232178cf3fdbe4edbf8065e9827
SHA1 5950bc953796fe534519aa28cb3445e82af37337
SHA256 7b50d426395070e8fdcb3dcae55bbc7a819d07b83cfa64e5ed67172dcc70df3d
SHA512 dc523001d30fd95349f671c4c58aa7effad4c81cfb3fa1391284953272f677fce72b1ff74ff7cccb52c9d04ec325445721d6651f703c73455abf961dc079973e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0f07743098479e1252c98120e7df180e
SHA1 b5bd334da24e3cdf6a0f6ca307051e49c52ab267
SHA256 4e4102a1572852ef03ecbdd11e18e457581d5464bf01aeabf92922692b1d0081
SHA512 a51abca2962417bf3007224df6ae79cfbc51c65ac56984ad070b4723683cd86ff66916f0950599aeb086b97471c6a4b40a527678168cf06693ed41457aa92c93

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5c5f26b1f97e4962df5df19eceb8b792
SHA1 b2c178d8c904262a4784dd9f7ca24ca5165761fe
SHA256 71e2579169b52b1d90daaebbbf9a5b8d42b5021773cd3de231f8e7f5dd876af1
SHA512 f922349d4669d311960d70da2d15b7c151585c382eba3414633dd178ad22a637f77698c9cb4a3aca496b3efdb594b0eefa0c73c06ad4f356f0eb54cf48595464

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 807cb51e4f3ff0cf2cc57e3062f056d5
SHA1 05b77b065634eae4b464c44d4fd3b61aefb7777d
SHA256 34f0c39a9a314b7e57a53cf4bfd4b75977f0d0700bb1d5545e7c6f1d537856e4
SHA512 f20f9a58c7165abc6e4a68786aa9b3788b5d4e8c57bd42ff266dfb519680154d234f2ffa1bb8d1193c1cfa7cf57e5692d3456834e5c0d8301163159fca4d2ed1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 48ea01ec4b8ee981795bed824b469ead
SHA1 0dbfca1ace80c03707943490ad7c1249d73e49bb
SHA256 93a0c2807fd571ea189bcea79290c613a6503b7587a5f9d9e4166ddb2e0fcfd4
SHA512 8d12dc920524ea388af07fdab400ec583748b12061fef8f75f86d8fadd123d4eac771d64e3cf81149243a7580d7ee160e5ac9b24bbbc7c5d5e64ee549493bd87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 052b798025c431c15d66557dac22520b
SHA1 e6ea046d4aa8bdeb82d1cfaf8ffe62acdc6b8a94
SHA256 41091307903b130dade8d692653e9c5c36747b3192d0006cfae6a5b2a6353f03
SHA512 fa03d394e2baec0d73546d84294842b7008f26916f82f44e7169a6efc4e40ae86d1eb5109d1cc563bec0b8db6616baae91fd8441086c66d5067ebd7efaf0555b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ec6c5c777d001ead90eefdef16d72bc1
SHA1 063a56be4217d8f43805c013cac0ee3ba8b43757
SHA256 084bfdeee13c667254b99faefd127253c2a0ea4ce1726660466f0a0afd120ee8
SHA512 c0ddb1ae09c7955e4d329511e7978f55586635f596b3467849f547d4f1cf052699f1982be82d3973fd8fb7752b9cccb9db730429fb5065e16c61106475bc7fac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d14100007e14f48d2bbe463396b62f8f
SHA1 1448db9ab7656b3985b61468be8ad7d2f55f9ebb
SHA256 1081ede3c7e0d4de54d119151e192e932e8a6288c99af126543dbc65c6d43843
SHA512 df28b2f77aaeb1f998db2da620dc49aa79113f3db5b562820cb287c4d73fa753fe1b688061564f1bbb5e8080dc84f3dc9b35bfae668655885511fdeb8c425705

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1f9fb9a32345da9b9359c648e4200fe6
SHA1 87f98e16121a693847101fb49095ce13fd8cef50
SHA256 ab2dde8e17480358d4689baa81c161055441eb0678ffc0ba21a9108aad6a5119
SHA512 467fa2974a03b0b5b4ce305024cf930b98aa158a3f440acd681dd0f7acaf06691becf09693f887514096c6893e8f65040b87099657a6f7d02ccb7f956ef6615d

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 8ccc405ad3cde0408e2c11cf4eb34be8
SHA1 8b544b586702c025f1cf66bf496a035049291d8e
SHA256 8e5ae44e83f56218fbf341de66d3efdc0d32c0a0f6f5f482125af2635d030426
SHA512 5037788f9dd6a34e8f5e80fe3f17eca207ce737d08dd52774931ba735b743620316e35a6055c868ca1903a52c7213c718d5358ec167eeb938b26aa0e4e23f507

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1b128b1cd7e11a2f01ceddfab1562158
SHA1 24361313f4e5eda145f31695098fbe7ff572fb67
SHA256 bc6ecf98de13d8f1cb2797fcb1a18bbcc24ee5a2da402c859d9ddd3dc3a3f350
SHA512 b3527911ac199f90221ba68bda1e7d70de589a3111fe9f297bc1223923f8921224ac7c46091aadcc2ae7c6cc1c2ced8a2edea3ea3b033b8cdae5b15232b008e8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 2cdc8aaff96cb5a1256008699b5d08bf
SHA1 8506bbaeba6864e0d18df6ed3373a7fe72d02219
SHA256 a08e9f61f0da9eded448b8dcd0447f2acd6b9f73d3d38e3f1f0fd0a78b616e4d
SHA512 a35078089cdeeb7c285b55ef23a2ecef4ef5d064a6df53ad6d799d32376a8d6efb21b72cd54f2c1d43c7c61e16cbe49c7fb3236a98a5bdf73cfba61898d70533

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 617a5456a82b0bd9e4adf01f5e1b5be2
SHA1 9ac9886005196630441533e992a9e5d87b1667b1
SHA256 a9b4c4bc5682e7839c717887f3347790dceb136acf5387d30d72491fa84c0944
SHA512 96a7891fd7be83c4950f257ce968d90971acbbcfb5ea947d8cb03b5aca07df0ac349d673dd5519589fd2d554da04cd4130d6f79c87d811b40bed5fe177a8596d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 be88f42b874c355820bd261f90b5ddc5
SHA1 98043f446a3109e7b28e3483ad845723ec0b8064
SHA256 e672916b26c96ae65e5805f75d400a8b94f8a18917a621438704029259b93256
SHA512 9aa3e1e9a676a7d607d116ab913fd4cea1116db9b03f9f28b8a5c8409a27e51732f432f8b91ba37a4ca3c3fdb670a65b67985e78d965f0310fb5179931e8ff53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3dfce98b928bab034788c3234f171f77
SHA1 4ac4ceb1b8c60eccbe10c4a2712ab384e3240598
SHA256 957b94ff0aaf423f1cecac651cf4928b4d89641203e37d1fdded817d60f91d7f
SHA512 55b7dcc0781d933ecfebb6cc95b32d7d9d9f29fa74b4aea992db853971ed09983a7e1d530b4a6783c38e00e8128296ba73b523b3d00074b6a0a790967057209c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 461e96939aef15c08fe7140a10ba73f5
SHA1 9226e44a737d0a1ca05a7ebf03113c5f21964444
SHA256 1ab7b16af0ffb2dda7c52bb2b875e418602f353951e9891af55c9fa3f436e46d
SHA512 e2474c81ac67b03542ed08392219b391a2fcc60fc1dc56a0e71d298a5407d7caffe84acb6abe993ec9813dfbfddaca83b8715505fcbcb051294d28f3a494ce34