Analysis Overview
SHA256
e766bc3bd8513eadc0d54e511049f1d35bc5c503aeef6cd38aa500d39d66da11
Threat Level: Known bad
The file Nursultan NextGen Crack.exe was found to be: Known bad.
Malicious Activity Summary
Detect Xworm Payload
Xworm
Command and Scripting Interpreter: PowerShell
Executes dropped EXE
Checks computer location settings
Adds Run key to start application
Drops file in System32 directory
Drops file in Windows directory
Unsigned PE
Enumerates physical storage devices
Uses Task Scheduler COM API
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of WriteProcessMemory
Checks SCSI registry key(s)
Suspicious behavior: EnumeratesProcesses
Suspicious use of SetWindowsHookEx
Suspicious behavior: LoadsDriver
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
Suspicious use of SendNotifyMessage
Modifies registry class
Suspicious behavior: AddClipboardFormatListener
Opens file in notepad (likely ransom note)
Scheduled Task/Job: Scheduled Task
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Checks processor information in registry
Modifies data under HKEY_USERS
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-06-25 12:32
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-25 12:32
Reported
2024-06-25 12:44
Platform
win10v2004-20240508-en
Max time kernel
659s
Max time network
660s
Command Line
Signatures
Detect Xworm Payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Xworm
Command and Scripting Interpreter: PowerShell
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\Nursultan NextGen Crack.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Roaming\Nursultan NextGen Crack.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Nursultan NextGen Crack.exe | N/A |
| N/A | N/A | C:\Users\Admin\wininit | N/A |
| N/A | N/A | C:\Users\Admin\wininit | N/A |
| N/A | N/A | C:\Users\Admin\wininit | N/A |
| N/A | N/A | C:\Users\Admin\wininit | N/A |
| N/A | N/A | C:\Users\Admin\wininit | N/A |
| N/A | N/A | C:\Users\Admin\wininit | N/A |
| N/A | N/A | C:\Users\Admin\wininit | N/A |
| N/A | N/A | C:\Users\Admin\wininit | N/A |
| N/A | N/A | C:\Users\Admin\wininit | N/A |
| N/A | N/A | C:\Users\Admin\wininit | N/A |
| N/A | N/A | C:\Users\Admin\wininit | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wininit = "C:\\Users\\Admin\\wininit" | C:\Users\Admin\AppData\Roaming\Nursultan NextGen Crack.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\BIOS | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133637924908387428" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4124900551-4068476067-3491212533-1000\{84AC0484-476B-447C-9A39-FBB25A85BDDC} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Scheduled Task/Job: Scheduled Task
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\schtasks.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Nursultan NextGen Crack.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Nursultan NextGen Crack.exe | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\Nursultan NextGen Crack.exe
"C:\Users\Admin\AppData\Local\Temp\Nursultan NextGen Crack.exe"
C:\Users\Admin\AppData\Roaming\Nursultan NextGen Crack.exe
"C:\Users\Admin\AppData\Roaming\Nursultan NextGen Crack.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Roaming\и.bat" "
C:\Windows\system32\chcp.com
chcp 65001
C:\Windows\system32\choice.exe
choice /c 12 /n /m "Enter your choice:"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\Nursultan NextGen Crack.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess 'Nursultan NextGen Crack.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\wininit'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess 'wininit'
C:\Windows\System32\schtasks.exe
"C:\Windows\System32\schtasks.exe" /create /f /RL HIGHEST /sc minute /mo 1 /tn "wininit" /tr "C:\Users\Admin\wininit"
C:\Users\Admin\wininit
C:\Users\Admin\wininit
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffe9531ab58,0x7ffe9531ab68,0x7ffe9531ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe9531ab58,0x7ffe9531ab68,0x7ffe9531ab78
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\DenyUse.css
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1592 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:2
C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
"C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\Desktop\RepairDeny.xlsm"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1748 --field-trial-handle=2000,i,646236753749252047,3437767256995764731,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2112 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1956 --field-trial-handle=2000,i,646236753749252047,3437767256995764731,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2964 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2972 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe9531ab58,0x7ffe9531ab68,0x7ffe9531ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4364 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4368 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4084 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe9531ab58,0x7ffe9531ab68,0x7ffe9531ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4864 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4928 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5208 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5376 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4280 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5492 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4724 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5112 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --reenable-autoupdates --system-level
C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x238,0x23c,0x240,0x214,0x244,0x7ff658a6ae48,0x7ff658a6ae58,0x7ff658a6ae68
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5172 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Users\Admin\wininit
C:\Users\Admin\wininit
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5416 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5036 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4556 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5248 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4080 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=2008 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Users\Admin\wininit
C:\Users\Admin\wininit
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=1568 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=4964 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1548 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:2
C:\Users\Admin\wininit
C:\Users\Admin\wininit
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4372 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=2268 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=4116 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=3144 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=2276 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2468 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5492 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=4132 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Users\Admin\wininit
C:\Users\Admin\wininit
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=3440 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=3232 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5848 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5996 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=5940 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Users\Admin\wininit
C:\Users\Admin\wininit
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=6444 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Users\Admin\wininit
C:\Users\Admin\wininit
C:\Users\Admin\wininit
C:\Users\Admin\wininit
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=7152 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=7064 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=6880 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=6324 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=6600 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=6588 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=6288 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=3440 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=4788 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=5044 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=5028 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=3012 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=5468 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=3152 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=7320 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=7592 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=7820 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=7964 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=8116 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=7292 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=8712 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=8704 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=8640 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=8884 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=8956 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=9244 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=7996 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=9580 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=9568 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=9820 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=9844 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=10048 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --mojo-platform-channel-handle=10500 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=10532 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=11108 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --mojo-platform-channel-handle=10520 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=11132 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=11332 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --mojo-platform-channel-handle=11372 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --mojo-platform-channel-handle=11388 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --mojo-platform-channel-handle=11404 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --mojo-platform-channel-handle=11520 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --mojo-platform-channel-handle=11548 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --mojo-platform-channel-handle=11772 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --mojo-platform-channel-handle=12784 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --mojo-platform-channel-handle=12328 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --mojo-platform-channel-handle=12564 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --mojo-platform-channel-handle=8680 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --mojo-platform-channel-handle=13024 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --mojo-platform-channel-handle=10872 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --mojo-platform-channel-handle=10668 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --mojo-platform-channel-handle=6540 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Users\Admin\wininit
C:\Users\Admin\wininit
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --mojo-platform-channel-handle=6292 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --mojo-platform-channel-handle=5756 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7968 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8228 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --mojo-platform-channel-handle=8500 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --mojo-platform-channel-handle=9660 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --mojo-platform-channel-handle=7664 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --mojo-platform-channel-handle=3472 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=11016 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=10724 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --mojo-platform-channel-handle=5956 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Users\Admin\wininit
C:\Users\Admin\wininit
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --mojo-platform-channel-handle=13304 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3fc 0x498
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=13200 --field-trial-handle=1900,i,16663129452270646947,6198869669572621093,131072 /prefetch:8
C:\Users\Admin\wininit
C:\Users\Admin\wininit
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | seems-poet.gl.at.ply.gg | udp |
| US | 147.185.221.20:30996 | seems-poet.gl.at.ply.gg | tcp |
| US | 8.8.8.8:53 | 20.221.185.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.197.17.2.in-addr.arpa | udp |
| US | 147.185.221.20:30996 | seems-poet.gl.at.ply.gg | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.28.109.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | roaming.officeapps.live.com | udp |
| FR | 52.109.68.129:443 | roaming.officeapps.live.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.143.182.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.73.42.20.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| GB | 142.250.180.14:443 | encrypted-tbn2.gstatic.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 142.250.187.227:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | en.wikipedia.org | udp |
| NL | 185.15.59.224:443 | en.wikipedia.org | tcp |
| NL | 185.15.59.224:443 | en.wikipedia.org | tcp |
| US | 8.8.8.8:53 | upload.wikimedia.org | udp |
| US | 8.8.8.8:53 | meta.wikimedia.org | udp |
| US | 8.8.8.8:53 | login.wikimedia.org | udp |
| NL | 185.15.59.240:443 | upload.wikimedia.org | tcp |
| NL | 185.15.59.240:443 | upload.wikimedia.org | tcp |
| NL | 185.15.59.240:443 | upload.wikimedia.org | tcp |
| NL | 185.15.59.240:443 | upload.wikimedia.org | tcp |
| US | 8.8.8.8:53 | 224.59.15.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 240.59.15.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | e2c55.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | e2c11.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | beacons2.gvt2.com | udp |
| AU | 34.129.38.245:443 | e2c11.gcp.gvt2.com | tcp |
| CL | 34.176.211.24:443 | e2c55.gcp.gvt2.com | tcp |
| US | 172.217.204.94:443 | beacons2.gvt2.com | tcp |
| AU | 34.129.38.245:443 | e2c11.gcp.gvt2.com | tcp |
| US | 172.217.204.94:443 | beacons2.gvt2.com | udp |
| US | 8.8.8.8:53 | 94.204.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.211.176.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 245.38.129.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| GB | 172.217.169.3:443 | beacons.gvt2.com | tcp |
| GB | 172.217.169.3:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.227:443 | id.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.178.14:443 | google.com | tcp |
| US | 8.8.8.8:53 | e2c5.gcp.gvt2.com | udp |
| KR | 34.64.233.111:443 | e2c5.gcp.gvt2.com | tcp |
| KR | 34.64.233.111:443 | e2c5.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 111.233.64.34.in-addr.arpa | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 84.203.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.youtube.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | ru.wikipedia.org | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | google.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn3.gstatic.com | udp |
| GB | 142.250.180.14:443 | encrypted-tbn2.gstatic.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| GB | 172.217.16.225:443 | lh5.googleusercontent.com | tcp |
| GB | 172.217.16.225:443 | lh5.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| IE | 209.85.203.84:443 | accounts.google.com | udp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.178.14:443 | google.com | udp |
| US | 8.8.8.8:53 | seems-poet.gl.at.ply.gg | udp |
| US | 147.185.221.20:30996 | seems-poet.gl.at.ply.gg | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | beacons3.gvt2.com | udp |
| US | 172.217.204.94:443 | beacons2.gvt2.com | udp |
| GB | 172.217.169.3:443 | beacons.gvt2.com | udp |
| GB | 216.58.213.3:443 | beacons3.gvt2.com | tcp |
| GB | 216.58.213.3:443 | beacons3.gvt2.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.178.14:443 | google.com | udp |
| US | 147.185.221.20:30996 | seems-poet.gl.at.ply.gg | tcp |
| US | 8.8.8.8:53 | wikimedia.org | udp |
| US | 147.185.221.20:30996 | seems-poet.gl.at.ply.gg | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.178.14:443 | google.com | udp |
| GB | 216.58.213.3:443 | beacons3.gvt2.com | udp |
| US | 172.217.204.94:443 | beacons2.gvt2.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 147.185.221.20:30996 | seems-poet.gl.at.ply.gg | tcp |
| GB | 142.250.178.14:443 | google.com | udp |
| GB | 172.217.16.225:443 | lh5.googleusercontent.com | udp |
| US | 147.185.221.20:30996 | seems-poet.gl.at.ply.gg | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.178.14:443 | google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | www.webmd.com | udp |
| US | 172.64.153.18:443 | www.webmd.com | tcp |
| US | 172.64.153.18:443 | www.webmd.com | tcp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | img.lb.wbmdstatic.com | udp |
| US | 104.19.177.52:443 | cdn.cookielaw.org | tcp |
| US | 172.64.150.196:443 | img.lb.wbmdstatic.com | tcp |
| US | 172.64.150.196:443 | img.lb.wbmdstatic.com | tcp |
| US | 172.64.150.196:443 | img.lb.wbmdstatic.com | tcp |
| US | 172.64.150.196:443 | img.lb.wbmdstatic.com | tcp |
| US | 172.64.150.196:443 | img.lb.wbmdstatic.com | tcp |
| US | 172.64.150.196:443 | img.lb.wbmdstatic.com | tcp |
| US | 104.19.177.52:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | img.webmd.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | polyfill.io | udp |
| US | 172.64.154.8:443 | img.webmd.com | tcp |
| US | 8.8.8.8:53 | assets.adobedtm.com | udp |
| US | 8.8.8.8:53 | img.wbmdstatic.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| GB | 23.36.168.235:443 | assets.adobedtm.com | tcp |
| US | 172.64.150.196:443 | img.wbmdstatic.com | tcp |
| US | 8.8.8.8:53 | preferences.trustarc.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| US | 104.18.51.3:443 | polyfill.io | tcp |
| US | 8.8.8.8:53 | ssl.o.webmd.com | udp |
| IE | 66.235.152.156:443 | ssl.o.webmd.com | tcp |
| US | 8.8.8.8:53 | privacy-policy.truste.com | udp |
| US | 8.8.8.8:53 | 18.153.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.177.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.150.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.154.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 235.168.36.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.152.235.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.51.18.104.in-addr.arpa | udp |
| US | 18.245.199.75:443 | privacy-policy.truste.com | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 18.245.194.122:443 | c.amazon-adsystem.com | tcp |
| US | 18.245.194.122:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 75.199.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.194.245.18.in-addr.arpa | udp |
| US | 147.185.221.20:30996 | seems-poet.gl.at.ply.gg | tcp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| IE | 52.49.219.73:443 | dpm.demdex.net | tcp |
| US | 8.8.8.8:53 | mynt-test-privacy.my.onetrust.com | udp |
| US | 172.64.155.119:443 | mynt-test-privacy.my.onetrust.com | tcp |
| US | 8.8.8.8:53 | 73.219.49.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | webmd.demdex.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| MX | 23.41.25.82:443 | contextual.media.net | tcp |
| US | 8.8.8.8:53 | d15kdpgjg3unno.cloudfront.net | udp |
| FR | 18.155.129.126:443 | sb.scorecardresearch.com | tcp |
| IE | 79.125.35.115:443 | webmd.demdex.net | tcp |
| FR | 52.222.153.178:443 | d15kdpgjg3unno.cloudfront.net | tcp |
| US | 52.21.170.218:443 | preferences.trustarc.com | tcp |
| US | 8.8.8.8:53 | dyv1bugovvq1g.cloudfront.net | udp |
| IE | 79.125.35.115:443 | webmd.demdex.net | tcp |
| FR | 18.155.129.126:443 | sb.scorecardresearch.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 3.165.112.149:443 | dyv1bugovvq1g.cloudfront.net | tcp |
| US | 8.8.8.8:53 | launchpad.privacymanager.io | udp |
| US | 8.8.8.8:53 | launchpad-wrapper.privacymanager.io | udp |
| FR | 18.155.129.89:443 | launchpad.privacymanager.io | tcp |
| FR | 18.155.129.80:443 | launchpad-wrapper.privacymanager.io | tcp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 216.200.232.253:443 | sync.mathtag.com | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | sqs.us-east-1.amazonaws.com | udp |
| US | 8.8.8.8:53 | geo.privacymanager.io | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | hbx.media.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| MX | 23.41.25.82:443 | contextual.media.net | udp |
| US | 8.8.8.8:53 | fid.agkn.com | udp |
| US | 8.8.8.8:53 | bh-eu.contextweb.com | udp |
| US | 8.8.8.8:53 | tag.tapad.com | udp |
| US | 216.200.232.253:443 | sync.mathtag.com | tcp |
| US | 8.8.8.8:53 | d.turn.com | udp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 82.25.41.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.153.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.170.21.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.129.155.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.35.125.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.112.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.129.155.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.129.155.18.in-addr.arpa | udp |
| DE | 37.252.171.21:443 | ib.adnxs.com | tcp |
| US | 3.236.169.45:443 | sqs.us-east-1.amazonaws.com | tcp |
| US | 3.236.169.45:443 | sqs.us-east-1.amazonaws.com | tcp |
| US | 34.160.46.1:443 | fid.agkn.com | tcp |
| US | 35.186.225.155:443 | tag.tapad.com | tcp |
| US | 18.245.199.98:443 | geo.privacymanager.io | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| NL | 208.93.169.131:443 | bh-eu.contextweb.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 35.244.174.68:443 | idsync.rlcdn.com | tcp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | tcp |
| NL | 23.46.72.29:443 | hbx.media.net | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| US | 35.186.225.155:443 | tag.tapad.com | tcp |
| US | 8.8.8.8:53 | cms.analytics.yahoo.com | udp |
| DE | 3.71.149.231:443 | cms.analytics.yahoo.com | tcp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | udp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| FR | 99.86.95.185:443 | cdn.prod.uidapi.com | tcp |
| US | 8.8.8.8:53 | global.ib-ibi.com | udp |
| US | 8.8.8.8:53 | 955d10d246c0861df7b275a84b098a44.safeframe.googlesyndication.com | udp |
| US | 69.169.85.6:443 | global.ib-ibi.com | tcp |
| GB | 172.217.169.65:443 | 955d10d246c0861df7b275a84b098a44.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| FR | 52.84.174.40:443 | config.aps.amazon-adsystem.com | tcp |
| US | 18.245.199.156:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 8.8.8.8:53 | thrtle.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 54.243.152.231:443 | thrtle.com | tcp |
| NL | 23.46.72.29:443 | hbx.media.net | udp |
| US | 8.8.8.8:53 | hb-pb.media.net | udp |
| GB | 23.53.174.156:443 | secure.cdn.fastclick.net | tcp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | ats-wrapper.privacymanager.io | udp |
| US | 54.243.152.231:443 | thrtle.com | tcp |
| GB | 23.53.174.156:443 | secure.cdn.fastclick.net | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| FR | 18.155.129.21:443 | tags.crwdcntrl.net | tcp |
| US | 34.120.135.53:443 | oajs.openx.net | tcp |
| US | 34.107.148.139:443 | hb-pb.media.net | tcp |
| DE | 162.19.138.83:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | cdn.marphezis.com | udp |
| GB | 87.248.205.1:443 | cdn.marphezis.com | tcp |
| US | 8.8.8.8:53 | cdn.doubleverify.com | udp |
| US | 8.8.8.8:53 | 253.232.200.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.225.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.46.160.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.199.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.52.22.104.in-addr.arpa | udp |
| FR | 18.155.129.21:443 | tags.crwdcntrl.net | tcp |
| BE | 23.14.90.89:443 | cdn.doubleverify.com | tcp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.72.46.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.149.71.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 45.169.236.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.35.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.95.86.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.85.169.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.174.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.135.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.199.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.174.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.148.107.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.205.248.87.in-addr.arpa | udp |
| DE | 162.19.138.83:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| IE | 52.215.98.156:443 | id.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | hblg.media.net | udp |
| US | 34.120.135.53:443 | oajs.openx.net | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | xch.media.net | udp |
| US | 34.107.136.65:443 | xch.media.net | tcp |
| US | 34.107.136.65:443 | xch.media.net | tcp |
| US | 34.107.136.65:443 | xch.media.net | tcp |
| US | 34.107.136.65:443 | xch.media.net | tcp |
| US | 34.107.136.65:443 | xch.media.net | tcp |
| US | 34.107.136.65:443 | xch.media.net | tcp |
| US | 8.8.8.8:53 | compass-v2.deliverimp.com | udp |
| US | 3.94.45.118:443 | compass-v2.deliverimp.com | tcp |
| US | 3.94.45.118:443 | compass-v2.deliverimp.com | tcp |
| US | 3.94.45.118:443 | compass-v2.deliverimp.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 67.220.228.200:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | c21lg-d.media.net | udp |
| US | 8.8.8.8:53 | medianet-match.dotomi.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | i.liadm.com | udp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| GB | 23.36.168.202:443 | ads.pubmatic.com | tcp |
| NL | 89.207.16.140:443 | medianet-match.dotomi.com | tcp |
| ES | 23.60.223.190:443 | secure-assets.rubiconproject.com | tcp |
| US | 44.214.226.155:443 | i.liadm.com | tcp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| FR | 3.162.38.8:443 | ats-wrapper.privacymanager.io | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| FR | 3.162.38.8:443 | ats-wrapper.privacymanager.io | tcp |
| US | 8.8.8.8:53 | similarsearch.net | udp |
| US | 8.8.8.8:53 | www.media.net | udp |
| US | 8.8.8.8:53 | cs.media.net | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | cdn.topsrvimp.com | udp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | amazon-tam-match.dotomi.com | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 8.8.8.8:53 | sync-amz.ads.yieldmo.com | udp |
| US | 8.8.8.8:53 | cs-tam.yellowblue.io | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| IE | 52.209.21.214:443 | cs-tam.yellowblue.io | tcp |
| FR | 18.164.52.46:443 | s.ad.smaato.net | tcp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | tcp |
| US | 64.202.112.223:443 | b1sync.zemanta.com | tcp |
| IE | 99.80.191.128:443 | rtb.gumgum.com | tcp |
| NL | 63.215.202.172:443 | amazon-tam-match.dotomi.com | tcp |
| DE | 18.158.98.19:443 | match.sharethrough.com | tcp |
| IE | 54.229.31.146:443 | sync-amz.ads.yieldmo.com | tcp |
| GB | 87.248.205.1:443 | cdn.topsrvimp.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | compass-viewability.deliverimp.com | udp |
| US | 8.8.8.8:53 | compass-events.deliverimp.com | udp |
| US | 8.8.8.8:53 | lg3.media.net | udp |
| US | 8.8.8.8:53 | 21.129.155.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.98.215.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.136.107.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.45.94.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.228.220.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.152.243.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.220.33.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.168.36.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.223.60.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.226.214.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 34.98.64.218:443 | u.openx.net | tcp |
| US | 44.193.192.49:443 | compass-viewability.deliverimp.com | tcp |
| US | 3.217.136.69:443 | compass-events.deliverimp.com | tcp |
| US | 3.217.136.69:443 | compass-events.deliverimp.com | tcp |
| US | 3.217.136.69:443 | compass-events.deliverimp.com | tcp |
| US | 3.217.136.69:443 | compass-events.deliverimp.com | tcp |
| US | 3.217.136.69:443 | compass-events.deliverimp.com | tcp |
| US | 3.217.136.69:443 | compass-events.deliverimp.com | tcp |
| US | 8.8.8.8:53 | 8.38.162.3.in-addr.arpa | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 34.98.64.218:443 | u.openx.net | tcp |
| US | 44.193.192.49:443 | compass-viewability.deliverimp.com | tcp |
| US | 44.193.192.49:443 | compass-viewability.deliverimp.com | tcp |
| US | 44.193.192.49:443 | compass-viewability.deliverimp.com | tcp |
| US | 8.8.8.8:53 | lg3-a.akamaihd.net | udp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| IE | 67.220.228.200:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.52.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.191.80.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.21.209.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.31.229.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.98.158.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.112.202.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.192.193.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.136.217.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 34.107.136.65:443 | xch.media.net | udp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | udp |
| US | 2.20.12.104:443 | lg3-a.akamaihd.net | tcp |
| IE | 67.220.228.200:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 67.220.228.200:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 52.46.155.104:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| DK | 37.157.6.254:443 | c1.adform.net | tcp |
| US | 8.8.8.8:53 | tps.doubleverify.com | udp |
| US | 8.8.8.8:53 | adx.adform.net | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | apex.go.sonobi.com | udp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| DK | 37.157.2.229:443 | adx.adform.net | tcp |
| NL | 145.40.97.67:443 | prebid.a-mo.net | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| IE | 52.50.194.100:443 | ads.yieldmo.com | tcp |
| US | 130.211.44.5:443 | tps.doubleverify.com | tcp |
| IE | 63.33.156.76:443 | ap.lijit.com | tcp |
| DE | 3.125.188.154:443 | btlr.sharethrough.com | tcp |
| DE | 3.125.188.154:443 | btlr.sharethrough.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| DK | 37.157.2.229:443 | adx.adform.net | tcp |
| US | 8.8.8.8:53 | eu-u.openx.net | udp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| IE | 63.33.156.76:443 | ap.lijit.com | tcp |
| IE | 52.50.194.100:443 | ads.yieldmo.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | udp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | prod.us-east-1.cxm-bcn.publisher-services.amazon.dev | udp |
| US | 54.235.152.162:443 | prod.us-east-1.cxm-bcn.publisher-services.amazon.dev | tcp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | casale-match.dotomi.com | udp |
| NL | 89.207.16.201:443 | casale-match.dotomi.com | tcp |
| US | 8.8.8.8:53 | 104.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 254.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.253.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.178.182.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.9.89.51.in-addr.arpa | udp |
| US | 35.244.159.8:443 | eu-u.openx.net | udp |
| US | 64.202.112.223:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | 67.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.44.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.2.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.156.33.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.194.50.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.188.125.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.155.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | dmp.adblade.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | pulsepoint-match.dotomi.com | udp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | pixel.tapad.com | udp |
| US | 34.199.73.116:443 | dmp.adblade.com | tcp |
| GB | 185.64.190.78:443 | image6.pubmatic.com | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 63.215.202.169:443 | pulsepoint-match.dotomi.com | tcp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 34.199.73.116:443 | dmp.adblade.com | tcp |
| US | 8.8.8.8:53 | ad.turn.com | udp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| US | 8.8.8.8:53 | media.net | udp |
| US | 8.8.8.8:53 | related.focusedbuzz.com | udp |
| US | 8.8.8.8:53 | 162.152.235.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.113.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.73.199.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | compass-allbids.deliverimp.com | udp |
| US | 35.153.220.166:443 | compass-allbids.deliverimp.com | tcp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| NL | 185.89.210.90:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | 166.220.153.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| NL | 198.47.127.205:443 | image2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | simage2.pubmatic.com | udp |
| US | 8.8.8.8:53 | image4.pubmatic.com | udp |
| NL | 198.47.127.20:443 | image4.pubmatic.com | tcp |
| US | 8.8.8.8:53 | sync-pm.ads.yieldmo.com | udp |
| US | 8.8.8.8:53 | um.simpli.fi | udp |
| NL | 35.204.74.118:443 | um.simpli.fi | tcp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| US | 8.8.8.8:53 | match.deepintent.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 54.166.206.131:443 | sync.srv.stackadapt.com | tcp |
| IE | 54.74.86.51:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 52.44.76.179:443 | sync.ipredictive.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 38.91.45.7:443 | match.deepintent.com | tcp |
| FR | 217.182.178.229:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 90.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.74.204.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tpsc-ew1.doubleverify.com | udp |
| US | 8.8.8.8:53 | track.adform.net | udp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| DK | 37.157.5.133:443 | track.adform.net | tcp |
| US | 8.8.8.8:53 | ox-rtb-europe-west2.openx.net | udp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| US | 34.102.143.98:443 | ox-rtb-europe-west2.openx.net | tcp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | brightcom-d.openx.net | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| US | 151.101.65.108:443 | acdn.adnxs.com | tcp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| US | 54.166.206.131:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | yieldmo-match.dotomi.com | udp |
| US | 8.8.8.8:53 | sync-openx.ads.yieldmo.com | udp |
| NL | 63.215.202.137:443 | yieldmo-match.dotomi.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 131.206.166.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.178.182.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 179.76.44.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.45.91.38.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.5.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.143.102.34.in-addr.arpa | udp |
| US | 54.166.206.131:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | cr.frontend.weborama.fr | udp |
| US | 54.166.206.131:443 | sync.srv.stackadapt.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | tcp |
| US | 8.8.8.8:53 | mwzeom.zeotap.com | udp |
| US | 104.22.51.98:443 | mwzeom.zeotap.com | tcp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 8.8.8.8:53 | 51.86.74.54.in-addr.arpa | udp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 8.8.8.8:53 | sync.targeting.unrulymedia.com | udp |
| US | 8.8.8.8:53 | pubmatic-match.dotomi.com | udp |
| US | 8.8.8.8:53 | uipglob.semasio.net | udp |
| US | 8.8.8.8:53 | pixel.onaudience.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| NL | 89.207.16.137:443 | pubmatic-match.dotomi.com | tcp |
| FR | 141.94.170.77:443 | pixel.onaudience.com | tcp |
| DK | 77.243.51.121:443 | uipglob.semasio.net | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| DE | 91.228.74.159:443 | cms.quantserve.com | tcp |
| DE | 91.228.74.159:443 | cms.quantserve.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| DE | 91.228.74.159:443 | cms.quantserve.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| US | 151.101.66.49:443 | sync-tm.everesttech.net | tcp |
| IE | 52.212.235.85:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | 108.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.129.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.51.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.170.94.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.51.243.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 34.111.113.62:443 | pixel.tapad.com | udp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| US | 52.46.155.104:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| US | 8.8.8.8:53 | live.primis.tech | udp |
| IE | 34.253.176.232:443 | ce.lijit.com | tcp |
| FR | 52.222.201.14:443 | live.primis.tech | tcp |
| US | 8.8.8.8:53 | beacon-ams3.rubiconproject.com | udp |
| NL | 69.173.156.130:443 | beacon-ams3.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 49.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.235.212.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.176.253.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.201.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s1.adform.net | udp |
| DK | 37.157.2.250:443 | s1.adform.net | tcp |
| US | 8.8.8.8:53 | 250.2.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.confiant-integrations.net | udp |
| US | 104.18.43.90:443 | cdn.confiant-integrations.net | tcp |
| US | 8.8.8.8:53 | simage4.pubmatic.com | udp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| DE | 3.125.188.154:443 | btlr.sharethrough.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| DK | 37.157.3.26:443 | cm.adform.net | tcp |
| US | 8.8.8.8:53 | 90.43.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.3.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | usersync.gumgum.com | udp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| US | 8.8.8.8:53 | cs.yellowblue.io | udp |
| US | 8.8.8.8:53 | dsum.casalemedia.com | udp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | dsp.adfarm1.adition.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 8.8.8.8:53 | ad.mrtnsvr.com | udp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| DE | 85.114.159.93:443 | dsp.adfarm1.adition.com | tcp |
| US | 8.8.8.8:53 | 198.233.247.34.in-addr.arpa | udp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| US | 104.18.43.90:443 | cdn.confiant-integrations.net | udp |
| US | 8.8.8.8:53 | 6.163.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.159.114.85.in-addr.arpa | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | tr.blismedia.com | udp |
| US | 8.8.8.8:53 | openx2-match.dotomi.com | udp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 34.96.105.8:443 | tr.blismedia.com | tcp |
| US | 8.8.8.8:53 | 8.105.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 8.8.8.8:53 | ipac.ctnsnet.com | udp |
| US | 8.8.8.8:53 | d5p.de17a.com | udp |
| NL | 35.214.226.31:443 | csync.loopme.me | tcp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | tcp |
| SE | 213.155.156.183:443 | d5p.de17a.com | tcp |
| NL | 35.214.226.31:443 | csync.loopme.me | tcp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | tcp |
| SE | 213.155.156.183:443 | d5p.de17a.com | tcp |
| US | 8.8.8.8:53 | core.iprom.net | udp |
| US | 8.8.8.8:53 | cm-supply-web.gammaplatform.com | udp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | cm.adgrx.com | udp |
| US | 8.8.8.8:53 | green.erne.co | udp |
| US | 8.8.8.8:53 | a.tribalfusion.com | udp |
| US | 8.8.8.8:53 | matching.truffle.bid | udp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| FR | 141.94.240.143:443 | green.erne.co | tcp |
| US | 104.18.24.173:443 | a.tribalfusion.com | tcp |
| IE | 52.215.155.11:443 | cm.adgrx.com | tcp |
| DE | 162.55.120.196:443 | matching.truffle.bid | tcp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| US | 8.8.8.8:53 | match.adsby.bidtheatre.com | udp |
| US | 8.8.8.8:53 | 173.193.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.240.94.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.24.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.155.215.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.120.55.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.165.5.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.226.214.35.in-addr.arpa | udp |
| NL | 134.122.57.34:443 | match.adsby.bidtheatre.com | tcp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | udp |
| NL | 35.214.226.31:443 | csync.loopme.me | tcp |
| US | 104.18.24.173:443 | a.tribalfusion.com | udp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| US | 8.8.8.8:53 | pixel-eu.onaudience.com | udp |
| FR | 141.94.171.216:443 | pixel-eu.onaudience.com | tcp |
| US | 8.8.8.8:53 | 34.57.122.134.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.171.94.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s.tribalfusion.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | qsearch-a.akamaihd.net | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 52.44.76.179:443 | sync.ipredictive.com | tcp |
| US | 8.8.8.8:53 | pm.w55c.net | udp |
| FR | 217.182.178.229:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | sync.adotmob.com | udp |
| NL | 188.42.63.48:443 | dsp-ap.eskimi.com | tcp |
| IE | 54.77.130.68:443 | pm.w55c.net | tcp |
| US | 8.8.8.8:53 | sync.teads.tv | udp |
| FR | 45.137.176.88:443 | sync.adotmob.com | tcp |
| BE | 92.123.51.152:443 | sync.teads.tv | tcp |
| US | 8.8.8.8:53 | stx-match.dotomi.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 80.77.87.161:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | sync-adform.ads.yieldmo.com | udp |
| US | 80.77.87.161:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | 48.63.42.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.130.77.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.176.137.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.51.123.92.in-addr.arpa | udp |
| NL | 23.63.101.177:443 | qsearch-a.akamaihd.net | tcp |
| NL | 23.63.101.177:443 | qsearch-a.akamaihd.net | tcp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| US | 8.8.8.8:53 | 177.101.63.23.in-addr.arpa | udp |
| US | 34.102.143.98:443 | ox-rtb-europe-west2.openx.net | udp |
| US | 8.8.8.8:53 | protected-by.clarium.io | udp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| IE | 52.215.149.193:443 | protected-by.clarium.io | tcp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| US | 147.185.221.20:30996 | seems-poet.gl.at.ply.gg | tcp |
| US | 8.8.8.8:53 | 193.149.215.52.in-addr.arpa | udp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tg.socdm.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| JP | 211.120.53.205:443 | tg.socdm.com | tcp |
| JP | 211.120.53.205:443 | tg.socdm.com | tcp |
| US | 8.8.8.8:53 | 161.87.77.80.in-addr.arpa | udp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 64.202.112.223:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | 1x1.a-mo.net | udp |
| DE | 18.157.173.136:443 | 1x1.a-mo.net | tcp |
| US | 8.8.8.8:53 | 136.173.157.18.in-addr.arpa | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | dm-eu.hybrid.ai | udp |
| US | 8.8.8.8:53 | match.justpremium.com | udp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| US | 8.8.8.8:53 | rtb.adentifi.com | udp |
| US | 54.89.40.69:443 | rtb.adentifi.com | tcp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| US | 3.236.169.45:443 | sqs.us-east-1.amazonaws.com | tcp |
| NL | 81.17.55.172:443 | sync.smartadserver.com | tcp |
| NL | 37.230.131.16:443 | dm-eu.hybrid.ai | tcp |
| DE | 3.123.186.242:443 | match.justpremium.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| US | 8.8.8.8:53 | 172.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.131.230.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 242.186.123.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.40.89.54.in-addr.arpa | udp |
| US | 54.166.206.131:443 | sync.srv.stackadapt.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| GB | 142.250.180.14:443 | encrypted-tbn2.gstatic.com | udp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | udp |
| US | 80.77.87.161:443 | cs.admanmedia.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | hbxlp.media.net | udp |
| US | 34.160.55.127:443 | hbxlp.media.net | tcp |
| US | 34.160.55.127:443 | hbxlp.media.net | tcp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| US | 8.8.8.8:53 | 127.55.160.34.in-addr.arpa | udp |
| NL | 185.15.59.240:443 | upload.wikimedia.org | tcp |
| US | 147.185.221.20:30996 | seems-poet.gl.at.ply.gg | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.180.14:443 | encrypted-tbn2.gstatic.com | udp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | udp |
| US | 147.185.221.20:30996 | seems-poet.gl.at.ply.gg | tcp |
| US | 8.8.8.8:53 | en.wiktionary.org | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| US | 147.185.221.20:30996 | seems-poet.gl.at.ply.gg | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.187.246:443 | i.ytimg.com | tcp |
| GB | 142.250.187.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | rr5---sn-q4fl6n6r.googlevideo.com | udp |
| US | 173.194.140.138:443 | rr5---sn-q4fl6n6r.googlevideo.com | tcp |
| US | 173.194.140.138:443 | rr5---sn-q4fl6n6r.googlevideo.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 246.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.140.194.173.in-addr.arpa | udp |
| US | 147.185.221.20:30996 | seems-poet.gl.at.ply.gg | tcp |
| US | 8.8.8.8:53 | rr1---sn-q4flrnle.googlevideo.com | udp |
| US | 172.217.131.102:443 | rr1---sn-q4flrnle.googlevideo.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 102.131.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr1---sn-5hne6n6e.googlevideo.com | udp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | udp |
| IE | 209.85.203.84:443 | accounts.google.com | udp |
| GB | 142.250.187.246:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 172.217.169.74:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 74.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| NL | 172.217.132.230:443 | rr1---sn-5hne6n6e.googlevideo.com | tcp |
| NL | 172.217.132.230:443 | rr1---sn-5hne6n6e.googlevideo.com | tcp |
| NL | 172.217.132.230:443 | rr1---sn-5hne6n6e.googlevideo.com | udp |
| US | 74.125.157.136:443 | rr3---sn-a5msenes.googlevideo.com | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.132.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.157.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.200.46:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| GB | 216.58.212.206:443 | consent.youtube.com | tcp |
| US | 173.194.140.138:443 | rr5---sn-q4fl6n6r.googlevideo.com | udp |
| US | 8.8.8.8:53 | 206.212.58.216.in-addr.arpa | udp |
| US | 172.217.131.102:443 | rr1---sn-q4flrnle.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr4---sn-q4fl6ns7.googlevideo.com | udp |
| US | 173.194.191.137:443 | rr4---sn-q4fl6ns7.googlevideo.com | udp |
| US | 8.8.8.8:53 | 137.191.194.173.in-addr.arpa | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| GB | 142.250.187.194:443 | googleads4.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | ade.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| GB | 142.250.200.2:443 | ade.googlesyndication.com | tcp |
| GB | 142.250.200.2:443 | ade.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| GB | 142.250.200.2:443 | ade.googlesyndication.com | udp |
| GB | 142.250.200.2:443 | ade.googlesyndication.com | udp |
| GB | 142.250.200.46:443 | youtube.com | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 147.185.221.20:30996 | seems-poet.gl.at.ply.gg | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 147.185.221.20:30996 | seems-poet.gl.at.ply.gg | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | udp |
Files
memory/2220-0-0x00007FFE98213000-0x00007FFE98215000-memory.dmp
memory/2220-1-0x0000000000E50000-0x0000000000E8A000-memory.dmp
C:\Users\Admin\AppData\Roaming\Nursultan NextGen Crack.exe
| MD5 | a9aee64b701db5f8cfc3c963872403b4 |
| SHA1 | 48079f6822d84ea354f301cdb97d2ecb59552e06 |
| SHA256 | f46d7ae8973b42a0cb892c6aa8d6a559b4cc1d0c67b1d5df3072c4f7f77b53fb |
| SHA512 | 696e745d488841c3b1a55a350d754b69a1d6b0d83fd9eac247229239951b12bfd98d8cbbcbfffd567966495a10950040edd77398702763071f6eeb50f13a3a1e |
memory/4880-15-0x00000000009E0000-0x0000000000A06000-memory.dmp
memory/4880-18-0x00007FFE98210000-0x00007FFE98CD1000-memory.dmp
C:\Users\Admin\AppData\Roaming\и.bat
| MD5 | 9885bc1f632421f329efe28818361344 |
| SHA1 | 9d0838fa885728361703a6e2b36e2aa3603b05ce |
| SHA256 | 6a218880f23edb2a809ee20919f355f80ef4a0b545c3d79ffa8c848441eced7a |
| SHA512 | ddb5252457e9e02a91073f58662cd2eb72d670827f5173e8705c9e41d55a4ba4efdab80f24371ff61573d250f7b8463ce05f9cec7c48085dcacd38cd21e65203 |
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_olddudim.sza.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/3204-29-0x000002566B240000-0x000002566B262000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\powershell.exe.log
| MD5 | d85ba6ff808d9e5444a4b369f5bc2730 |
| SHA1 | 31aa9d96590fff6981b315e0b391b575e4c0804a |
| SHA256 | 84739c608a73509419748e4e20e6cc4e1846056c3fe1929a8300d5a1a488202f |
| SHA512 | 8c414eb55b45212af385accc16d9d562adba2123583ce70d22b91161fe878683845512a78f04dedd4ea98ed9b174dbfa98cf696370598ad8e6fbd1e714f1f249 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
| MD5 | 77d622bb1a5b250869a3238b9bc1402b |
| SHA1 | d47f4003c2554b9dfc4c16f22460b331886b191b |
| SHA256 | f97ff12a8abf4bf88bb6497bd2ac2da12628c8847a8ba5a9026bdbb76507cdfb |
| SHA512 | d6789b5499f23c9035375a102271e17a8a82e57d6f5312fa24242e08a83efdeb8becb7622f55c4cf1b89c7d864b445df11f4d994cf7e2f87a900535bcca12fd9 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
| MD5 | 67e8893616f805af2411e2f4a1411b2a |
| SHA1 | 39bf1e1a0ddf46ce7c136972120f512d92827dcd |
| SHA256 | ca0dfe104c1bf27f7e01999fcdabc16c6400c3da937c832c26bdbca322381d31 |
| SHA512 | 164e911a9935e75c8be1a6ec3d31199a16ba2a1064da6c09d771b2a38dd7fddd142301ef55d67d90f306d3a454a1ce7b72e129ea42e44500b9b8c623a8d98b4d |
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
| MD5 | a9451a6b9669d49bd90704dff21beb85 |
| SHA1 | 5f93d2dec01a31e04fc90c28eb1c5ca62c6fff80 |
| SHA256 | b2ff191507379930b97a212f869c3774c20b274e8fc9fcc96da5c154fb0e3056 |
| SHA512 | 06634cb578f6ce8d721e6306004082073fc224b91ceea37ef870df87b12b2d5f59e7d08b20b520787a1d13f3edbbb004197bf70f180f86dd7f401a5ad289ccb5 |
memory/4880-67-0x00007FFE98210000-0x00007FFE98CD1000-memory.dmp
memory/4880-68-0x00007FFE98210000-0x00007FFE98CD1000-memory.dmp
memory/4880-69-0x00007FFE98210000-0x00007FFE98CD1000-memory.dmp
memory/4880-73-0x0000000001330000-0x000000000133C000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 23e6ef5a90e33c22bae14f76f2684f3a |
| SHA1 | 77c72b67f257c2dde499789fd62a0dc0503f3f21 |
| SHA256 | 62d7beeb501a1dcd8ce49a2f96b3346f4a7823c6f5c47dac0e6dc6e486801790 |
| SHA512 | 23be0240146ba8d857fc8d37d77eb722066065877d1f698f0d3e185fcdae3daf9e1b2580a1db839c1356a45b599996d5acc83fda2af36840d3a8748684df5122 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | f732dbed9289177d15e236d0f8f2ddd3 |
| SHA1 | 53f822af51b014bc3d4b575865d9c3ef0e4debde |
| SHA256 | 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93 |
| SHA512 | b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4 |
\??\pipe\crashpad_5012_ATUYWBKATXVDBESN
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 890130ef1a69f01ea3ba07d66b3ef00c |
| SHA1 | 1cb1651fe9a8a0abee5e6ed97f4e6371004a7fe9 |
| SHA256 | dc4a3c83b03361507a4773f8d24c6fea00a9501f20a80a9f8853c959bb4ea1a2 |
| SHA512 | 56cbe50834e4238e18b588bb92e21b48bf9ed066315ca7f15c796d80fc75adcf5603b0c40a6a4cc3021b3b7e622057212f5dc6223ace13c886b8fe0edb2b4af1 |
memory/3692-142-0x00007FFE76310000-0x00007FFE76320000-memory.dmp
memory/3692-145-0x00007FFE76310000-0x00007FFE76320000-memory.dmp
memory/3692-144-0x00007FFE76310000-0x00007FFE76320000-memory.dmp
memory/3692-143-0x00007FFE76310000-0x00007FFE76320000-memory.dmp
memory/3692-146-0x00007FFE76310000-0x00007FFE76320000-memory.dmp
memory/3692-148-0x00007FFE73FD0000-0x00007FFE73FE0000-memory.dmp
memory/3692-150-0x00007FFE73FD0000-0x00007FFE73FE0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Log.tmp
| MD5 | bd495a118f868f85e95bd81ce9143a09 |
| SHA1 | 56f0fe9867316bf8dba31050d7dccdcb0212f5b8 |
| SHA256 | 95c7441cee17d7658d9d74997e97b146db51270c2086a0d38e93a9020f0e7ff7 |
| SHA512 | 71c7ffb7b1e8a862c43297759212d2d4ce242833d841792295adb73f906dad686d84bf8075aed7948c249342cf5720439429273cad0b9274f2225062fe01c4e0 |
C:\Users\Admin\AppData\Local\Temp\Log.tmp
| MD5 | 0f1e967a898c3720832db86198a12890 |
| SHA1 | e7f0f569e41de29ba8037ccbae58cef6a3bc457c |
| SHA256 | d8491796ca9e5a5d5d2ea6d48bf83c6337b1003de0a7559770e0effb1a22a035 |
| SHA512 | d927488aaa48c1ad5d5e3da522971435fcaf0de38b595f7ca5767621cf90ce9ece96d1d3f4123e53b6393b360b56ee35e95ad91cb747392d7047778b896bc6b0 |
C:\Users\Admin\AppData\Local\Temp\Log.tmp
| MD5 | fa2abf3a905e096503aba72022cb94e6 |
| SHA1 | d69f16ab27c9cb3d4706f2092551ab34ea44c664 |
| SHA256 | 8137b9d16ec9b8bc36df3aaea0135705632a5c00958823c13e90141b56e193de |
| SHA512 | 616617753758aaffe5433860bfb203bc555028d8145d7f6bbe464799187a9ec8de78d3b322704e38f96f5d961d3d50e15b517016e41694fa936c91bfc71f0f2e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | d999f7aa9b84f0847f95f09a0e295f23 |
| SHA1 | 041aadbaa82c8a1b5a442a0b500ba128b6940bf2 |
| SHA256 | 815b91c09c5b17c5310afbf1166e1ec1b050756e83488769ee4bf58c04c21933 |
| SHA512 | d2a80053db389a486b92394805f452299cd6240f863dc5b98fca4e591f8bcc91defd35a90fcdacf695d2d337a1a07251b85ca1ddde491d67093318dd57e259ca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 28b1af7f29cb418e4dfabf788b77678f |
| SHA1 | 039d42b4bd791f0f2b03f1bb6324076c7830b101 |
| SHA256 | 2eb9c74f67af2d23d6525a044ba82c6e3a9889b67fd5353e8cfbd0662a5fc965 |
| SHA512 | 6141edebf2b3de236aa2c6ebbefdc3844237d834938103b92aec858d1674ee02471e3c39a3ae769b4d31db02e797914b504bc2f4715e5794cf04051702056d17 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b97eb0d6a43341e20b4bcf09508a63aa |
| SHA1 | eddce6a96144fd9892d53974220bde49f8708b1e |
| SHA256 | 5d87c3454da02675aee236c16c4ed4301b266340adf296b8fdfffd3e471e5e6e |
| SHA512 | 2d356d596dc46450fe1583ca1ceddc1b312003fa0a30bc1a7c2187d7246a1bbdd4694bffc91195a748f4365791e46f914eaefc1124be301650f635634b85d266 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 100b40a08af2671517ec8744ea7d59e2 |
| SHA1 | 8ee8597b1ad97762db6bb48bca2cf3bcd0568ee9 |
| SHA256 | 4fdf6a70d283dc61bc398c986d11fea4dee77615eb10ac3f83d19818be6a9091 |
| SHA512 | 9b69d9922d6cf656a1550564ed02e8baf2fd33f8a993ca4e42c886424efcdf2c7b5d247cbf4f1e9c4bb461de696b3fa7d39616e78ce20ca9614822c9a4985f1d |
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\wininit.log
| MD5 | 2ff39f6c7249774be85fd60a8f9a245e |
| SHA1 | 684ff36b31aedc1e587c8496c02722c6698c1c4e |
| SHA256 | e1b91642d85d98124a6a31f710e137ab7fd90dec30e74a05ab7fcf3b7887dced |
| SHA512 | 1d7e8b92ef4afd463d62cfa7e8b9d1799db5bf2a263d3cd7840df2e0a1323d24eb595b5f8eb615c6cb15f9e3a7b4fc99f8dd6a3d34479222e966ec708998aed1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
| MD5 | 87c2b09a983584b04a63f3ff44064d64 |
| SHA1 | 8796d5ef1ad1196309ef582cecef3ab95db27043 |
| SHA256 | d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0 |
| SHA512 | df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
| MD5 | 2280e0e4c8efa0f5fc1c10980425f5cf |
| SHA1 | 1d78ccb26fef7f1bf5bf29de100811e1ac8bda23 |
| SHA256 | b9225cb1f0df94ebe87b9eb2ad8c63cf664d2dfdb47aeaff785de6c7ce01aa74 |
| SHA512 | b759fcbf578947c0290ab703652df9f37abb1f9f5cf6140acaa8c4d4ee655ee0ee1f9bee9d4fd210d9e12585a51358b52e0e9c0878abf2713e6fd69a496ac624 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 87614c24968c59fa0d4c344f7842c606 |
| SHA1 | aa80141b22622be3de46c137a2687490547637ee |
| SHA256 | 05b8fa6db15bc27e1d99ee7e40fb01e9bbd0a8f3cbd8ecc6892e0c0577c6ebac |
| SHA512 | bc28555cce156f76b6e35a108df0cc55bd7d1d5f218271ac72527fd974386d9c877bf02e6fb86a0c088c5a10bb3c6229c656e16d71849d45d67ee11c4e0ffd84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 78c1ecc7aeb6f4dd25d75537d0d2c5b1 |
| SHA1 | 7122289f9e216f4b5590b50dea07393fae8cbfce |
| SHA256 | 291a7aa2372370a86c183b489039fa4a38f4de060bd3778614af35d8b128fe7e |
| SHA512 | 2c5b1b8f841731e22890b49eed82796da246f9e762a709625f7630710d01f3e564fdc3c58c64bff536f82c1023baa86b0647a76eab3919b5d9eee7467dd9ff63 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 48bb9d7bc7b4eaed20291a78ea1c0adf |
| SHA1 | 4a5789579690b2e1fd27fd08089abd140dcb58c2 |
| SHA256 | 548bcb4f918a525249656acdbc5f042324ad7ff1bf2dea4ef1055189cb8e86c6 |
| SHA512 | 9717c4ae84d165d0c9aa51da0281d4ecf1b252c49f3b3aefd4e6d898941cdce4fd5bd0cf1e25ddbcc99725ed54b6631e42553f4733aefa9d464a72d7ee34c6d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fd8c389a5e57b719cc0e7acdbbb59eb1 |
| SHA1 | f3088dc685f01e7521c046ee7cbcd63ad6197215 |
| SHA256 | a7704bc2220630688a70038b17934c13323f60ea611069f1f9741a909c9bdb30 |
| SHA512 | bc359450e4773a5e21abbafd61272c3617e46f29062a9aff89052bbf8c4ec2ae4d7d0bfc2f48508610b5a1a551d5bf004d2f214bf976eaaa13e3e9934cca49ee |
memory/3692-493-0x00007FFE76310000-0x00007FFE76320000-memory.dmp
memory/3692-494-0x00007FFE76310000-0x00007FFE76320000-memory.dmp
memory/3692-492-0x00007FFE76310000-0x00007FFE76320000-memory.dmp
memory/3692-491-0x00007FFE76310000-0x00007FFE76320000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 683268494e83abfd6f7c3f4faf254102 |
| SHA1 | 4d6e5ba1bb2ce44070d8ddd87d4c964956d527af |
| SHA256 | 10a92ce555ba6a38be96b8d3cea0ca0ef3649fd2d33847c42361b37237ef6818 |
| SHA512 | 8622cc985d288e30307ed54c2d952bece0c1d365991c3317cb58963dd17b8fa0786f27272865625acf48cdd312a12abe62751a48e55c863015f4959e3ed59c8f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0b6d79485854f917172f3c8b932f24c0 |
| SHA1 | 466dc3e07c441486faaf630bc2d730a4f49fe1c6 |
| SHA256 | 9149eb19217048dbc6f69e8c75e2a70f6eaca311a12db824886927ccdbe4e0cc |
| SHA512 | 7fdb2e4e089e7f4f156c28d9fefc61919cd3fe1f247e39f5d8829c73547df454556c64dc5418d9daee5faaa16b8458bbeaf5bfc153bd85558b7f24357d23469b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cec1cd39525ff3add341def7e430c61b |
| SHA1 | 693f1036a8eafaf87a6ac017413ae7e96b4451f6 |
| SHA256 | 2340631d223c3b33bf9a82f939ec7bbb8f19028fd680ec02d2ab5cf37fe716d7 |
| SHA512 | 564cd0792919d7ed66ee5f5768f3d1b2381baf598bd8ff56d9f9617b378c6054a35364f4c2a397be314da53f23f059559af8b0418e84b7415571bd5ae6bd519e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b6d5473df8b01d51e05cc773ab9f6f26 |
| SHA1 | 450e2aa769dda98dfac83af403809c3c2fe6d0eb |
| SHA256 | 12fcd1989a88eebda5bde629afc68303b3ea84ad98cd322759947822bbcb07a2 |
| SHA512 | d65b8ccba4555081855a3974595a7e644ab54c1ce2f9dae10890a5b58c62ae58bb94de50d3c57abf3a8662cdc15472f701cdfd430bda6efa08a6cc23ddf15d70 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 54d266fbe267377931b6381169629cd6 |
| SHA1 | 1151979dd2cd921f78f133f9d3f0c51237783580 |
| SHA256 | dbb7d662c8cc533db764b7fd5ee9055cfa681c3b7c21e5f124243c4eb6a70fdc |
| SHA512 | a9df848841b8922021cee182ffa2fb54abb406c872a43c7f65e0e506c4b528c6a9c59eaa350f8d0d8a01a326e6f0bac1c11d99e14aab4928903345e5c4a67141 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dc5f7d92c0c081547d2244c239c7acc6 |
| SHA1 | 5b55231f76daf08853e3aab93703f87657603f70 |
| SHA256 | 2c32ed647de0bfaf3bba985ab08716e4f85216f708d5fd76bf6f97f180181fe9 |
| SHA512 | cdda0ea291d319ffb537ddbd482f43dc7630bffcb82e11a6eb9b5ad36091c39605c8d5ddeff5f5267fa94c32bc7cb2d44e2047ce02d2e22defb22f64e116b12a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b7057fda412df004996d27385cecabe6 |
| SHA1 | 2d170a146e967708ad99ade7c284bb5ee9f87719 |
| SHA256 | 9dedeb6a8f8c625ab10efcdde93f861faa0afc62d13874c7bf8d00076914932f |
| SHA512 | f0f0a722d335deee930d4384c46249b2f216aa47c19e7262211984bea646bfd2266689bfbeb3d0364b74742c615840d1f9b07c7f18e347775f8661e2cbcdcec2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 486a434e93b48e083674f7dc81bbd4e4 |
| SHA1 | f0ba64529b989c55bea8ed08a518841bba9ae630 |
| SHA256 | cf77eb5afcc8e4c9d51fa9866b8f0da6b04a45555c0ed1d9e72bd4373e19dfd6 |
| SHA512 | 7fc3e1d20c699c11c514bdc2c782c2b5c892036a11017229d8671ead8f85080b322a535b3438b9595776dd50374a21362d247693061e7f5fab1327346963bb9f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 77326d3861a5121bf1cf9e7064988675 |
| SHA1 | f1e77220ed645fa6ded590af1585a3acb73e8a05 |
| SHA256 | 58605d148c5b7a029ba422564ad4342f733ad8150ce3a9a4ce0f4f363f5658c7 |
| SHA512 | ca32ae380a648dc1a9238956538f7a141b2f4370797649b1b5b28832ce5f0151b3328a1805c33c3d9bdce9b4403d4a43ec8225c547000d1956de2908d7ab4da1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 0beb05769a612a828541be24b4ba1cfb |
| SHA1 | 2c3a0d7e8c458a4213879390144ee8937c1c0550 |
| SHA256 | 8598b33045cd2b1edd2c1db6d71eee200897d337b2dd06cc41716288b6f5b48f |
| SHA512 | b64e383a438a460430409bbb5a731ae980631a63541aca44efd98dadd1063882c2a26fcf0d0df2b7f21c5351ead97bca1a5b2171b9bb052d435cb554b1f82e4c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6e172d7bd8d4a0ed_0
| MD5 | 5960c5ef169822009fb1d2d42645f011 |
| SHA1 | 25986ac6063b691eea2f8c25b15c7de157a43191 |
| SHA256 | 5f2b3af2baf4ec3d9ea8214814cf78bc2dc7e9754693312a7257d16d8f746b43 |
| SHA512 | 911a6b2f4d42f723fc638c7add2c3107fe1d6ce6811ac572121ff54dbabc69c6d8ecfd6bf20f3c335aa560ccd14e3486c7231848d85f310191c4a4894af27fba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d0e8caaa10047fd8_0
| MD5 | 4e96f18176926c4827939564239dd987 |
| SHA1 | f7f239cd739db18ba6338776a221f5f236fd831b |
| SHA256 | dcd172021bcf77e79c6be1dea2cb008af5c8289c0838728068fdd9c9f2b5fd4c |
| SHA512 | 928e5e82e1c19099e2cf8cac7cfac6d2c7c3c6e93a10c23b2207d307db9d0ffb1ba4c5f9cb728306d33b24057f6bbcd0317e2f006751da9f22931e4c21772652 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e7b57b0115e1d5a686748802201c796d |
| SHA1 | 85a62e6a651cfd3fec6ec1fe7d53710d6f54b076 |
| SHA256 | 11f1c317f7b75648e010689c7587127dcf01f46c17e028fd224adb09fa330181 |
| SHA512 | a81e5db2c8ea9344d8f057c1396bcf81dd726f1e4e881f0a50f8929e5e043eaee421678630dd355be10048ba58db965f3cc33121fd5da241c2da84ac1bb71765 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f86277d667ef7d32cc20cafef25ec6a7 |
| SHA1 | c7f7d359cc24d0d0bfd06d6d38fbe1d9c44a33f8 |
| SHA256 | d1dc6c7d555e2e254a2ed0b888792526076677f202e7d420de10f9a63f3ddc09 |
| SHA512 | adafcf6e6eba3a7806205f5a0e2c25e7b2cfc2459c2fbbf94bf859ae9d9474a19a031f62f577f02c410f4e63adbe8d8e31e609bafcd020fc83be5a202488acd5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0f52f8879caa3fea6ac0f28b3cb9e1f1 |
| SHA1 | 204e471224a5fdf18c2e9f5b08ab20fac9831f84 |
| SHA256 | 84377c84b06ab3b5f87b9bcffa32721232f0a1dc04899fbd0bfb45e768366fef |
| SHA512 | 7e3dbab96354001d04bf06c92972f2f0c841d7b04612fce13c930836157bb1603ff223af132ba68528ae2b5a20d972c48789ffc1d59c08fc0af65820c0d28feb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 941c582633f455d5628ea6734495a1b9 |
| SHA1 | aa7a20ff0575a0210c18fa1379506827536f2bcf |
| SHA256 | ee894ac8cfa016766a9a2f29f57e849957ab6b09afbac798e9c09b122320dd30 |
| SHA512 | 2b7aa955ca1f8c4c800f3d569727657844d631ed41f12839a2dd1468ecc7bbe508bc3b990264c52a2b0af49afc3ed3d0baea686af1f82386c940ec55c22596d7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d588f2ebe7f1661150843dcc57e53168 |
| SHA1 | 80774b398e54008f6eecfae05b24e91d1b405944 |
| SHA256 | fa673cffff7c9bc4ef1d14e14d287eb896c953c9e6ecec87315b074f0b303982 |
| SHA512 | 426e88a4d12a55dae15d79b38a4ec9d72c241cde9c4e0a1d4ea37906b0af159059b87dc37838261ed25c2248ab6b3cc28da1b76883803954002ecbadd2d1651f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5e607ea824b0b5633376aa72acded69b |
| SHA1 | 00190119aa928fecac676f39c4fe1c72521f4596 |
| SHA256 | b824bffcc18d5662f7cc8add16b02a07a671f92168d4e20451ca88427fe2edf2 |
| SHA512 | 82962761bd8b26e218acbe84d7d6cc0c872101cd8f44e20f8f748572f63fb0698498d36eac63f8310166a7c3e5265393f3f9f3ac6e24fc3d7292790cddf17b55 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 56efec68f4c46683af955025cb14dccb |
| SHA1 | 52d04b9b30f9ee01661725afdb80efc0a7e567dc |
| SHA256 | fd9c3c7b2282d2d3014eef7a8377fa28a0c993f042b7ef2537920fda5701e536 |
| SHA512 | 40f5b0ada9ef4ababe8aabf1869dc22b101056d710fa3b32f550d561f45bf040ecc879e2d61913b9828e09233e7479754703b57f29fb7c84bfcdba1b106d5870 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012
| MD5 | abb9d86c188694e9b4653db664761a7f |
| SHA1 | 2f76cf2fd498204a8e976ecea265fa273cb2efcd |
| SHA256 | 2616ee3ec1cf18ee59c3319e9fd7192793b8e8bcabe153a2c838e7e79246342e |
| SHA512 | ea7bc8a75123c23c9a5e2a885103f6de0223dbd4d39adc669f4d43ab3b3118e9f1105c469b7e7c9ce135c47c4e068d698c4a4e8f49838e410f35c4fc6b9bc730 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014
| MD5 | 3d5c8e1b74df37b7b9e494c0edd218fc |
| SHA1 | 97ec95282cf9abb63e5818e2ece014be3bb4d055 |
| SHA256 | 6a3e37e40182b7cd51f0debb86633a115643da1f7b488acfe37dcb6d88be0c58 |
| SHA512 | 35d29ecd35c09a6dedcd158569974db485f9cfa88df3c8955899306f4bbaa69e6681b9fae3b00559c06b1b586ddfadf09125c225091c27b018dd043791cbbcd1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013
| MD5 | 27fb9736d5310f84bd492922191baf1d |
| SHA1 | d37ee71c06ad5eef0fbe101978fb3b4115b86ca1 |
| SHA256 | 9b99ebf1dcd2097dd301e6e4aa7aa5668a9b6c1675a7c58479f623923a3fad21 |
| SHA512 | 4290da78c81c2a5de927fe839b6324bc16ec45a0f4704c0d5691e226045331dbfafe1b5a7e01013276012a8322147478fe78850090976536e9f3ffeb72958765 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015
| MD5 | 27c67486bdbd4fc0500eb66c161abf3c |
| SHA1 | b0cc11e118d0104bd5086c5a9175760132afd1f0 |
| SHA256 | 8a4af9e527d4b06ee541b90ae418ff58ad4697bbc8a8a887d6c83db0f6dfe240 |
| SHA512 | 08f2631fb8513f657d471996f2da3aa19edeb64ba71d73bfb0711fd55e7879715f041f88456a5b09035336236756a6f6d7cc792cc7641e47742b2c6fe5efed6b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016
| MD5 | 3b9990a2e08289c15bef63fdcb7f8c13 |
| SHA1 | 2296774684ca38953498fb49e9f7028ca6282ca2 |
| SHA256 | 2ce977df5ab50b4a6e2ea28cbac8d0e582491b65741b291f6baf6e07cb083453 |
| SHA512 | 90460b5899e4935b59d76318b9ef148bf2bb83dcb5ed8a73bd1ee2c5921024b30280237035887daf4e21c6198fd56c4a1e0a013070e78b496bde095829570462 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 23b507b296900a860aa7bf6c273457db |
| SHA1 | 93b845259bbe226e8b283c942881fd0ca80f34b6 |
| SHA256 | dc84dbe36ea60a7d56d3144846d451c4c5aeaac46ec72a1bf63a682200a63e05 |
| SHA512 | 80de15db295ee779376875e61e13c3f90233d51c8138f82d85536fda06d91e6876f6c1ab541127c9b83458dbc43d27182a87aee9d0bd16b27adaa4443dd34596 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | bd9b72e001fce0fc77bb5cef412ecf28 |
| SHA1 | ace25cbf3afa32e6703eeb3c60c9edfb8bf9b06d |
| SHA256 | 5e2f6dff06a0cf33df9084cbc025e5f921f8639b645cff805d677125a0baa096 |
| SHA512 | d00366b2bd8535ea642440cf9cae762c9eab78274124d1c54da21e06d1c08d7a98c9e52ed2a0dd251e3afb1f952e94333cb824faa9f0f245b2136e1f6c903ecf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a1cff2a10851637e65e11244f7759f45 |
| SHA1 | be7e6d12abfc89357af994a454f57f8f873499d2 |
| SHA256 | 920578f474a49038563e90da90696d20e250d202305217b1fb3c5f6cdc0ff871 |
| SHA512 | c06409d17f76e8025a0148c70b9b5b058e0a7619cfc68e964f8052fc1cd900b5fd7bcef84d4d83f3adf6dce4a6eb97cd413a32e7858e1eb5b543e90a508f52d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 14bd26ac2bdeb9a27b0862dee5774bdd |
| SHA1 | e240ff1d9612a024b490232cf4292075c7e23bf4 |
| SHA256 | a032cfa165871e771c51dc5288493cb5278bd7c35ddb2f2f099070f3b5fb4edb |
| SHA512 | 110d518d436124ae0f9ed067d8a563917df6da405e46371f23ea9a0316b8d251932cae2fab0001e1b9203446320f5908c68a531b9e142e78123eccf469717d24 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5b0135.TMP
| MD5 | e378b6f12e2702dbf1bdf1ac334306d5 |
| SHA1 | 71bc0324730f98eba2c78ec317d6736588461040 |
| SHA256 | 6bf4fb7488334fda3341be4b4bba33ef6cb68386307be9bf96dfd68fefad490e |
| SHA512 | ec169dd09e3c0626561ed9f7840d2583cb5d1e183a7d79f3637dbb6450835524b5213c241dc2c4b8b26bbd8fabca661245819f697cff269dd93b85f1975f76f0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 060bbdf0803931ce0893d44a6298e4ab |
| SHA1 | 33e5a943eb1fda9fe4a51bc3c5b0177151c257d4 |
| SHA256 | bfb6c6c22280feb5fbbbee9c5bcbf0363045787716afb1bfb7f5eb5a67c15d87 |
| SHA512 | 80705adbef5b15963814cf96292411d0b071cf167fcaf7f46b34efa21e1ebe225f869b4087e543a44739ad3c9d78f225edfa1724680ade59eb9bf109cab55648 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a50a1173434f5920209059361905354f |
| SHA1 | 522cb8ea6caedc40bf920af00c39cb45927b5bb8 |
| SHA256 | 804b3362a6976fc6ba81e1cc57dc567028f89ffc09621bf1098ecaa3eee10d90 |
| SHA512 | 827e133036f444aac550c5eb44055c604d132adc44f2da4443f04bdce178063452e058a2e4c2eacd049d429c7bf1789abd47310b72a51833fabeb33b2ac88dd6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 584cf3eb1784073232fb4b462ed2e59c |
| SHA1 | 8c334bc3e3a187dac9d1f5a48963919a583908b6 |
| SHA256 | 85358318bb2a0d9ebc6a8f14ec4b69869d7b249f7bf282b4d2cbea0e2c044ff5 |
| SHA512 | 319c0d73cc052b072fbbc26ad0a8dbe3e427eb9da061aebd4ed788bb07c0efe36e2d60560430c35db39756b7362c14a40956b3971789e1a4ce5a4165de82955b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7d510aa2c4ba2cf80ca8501a9ea65507 |
| SHA1 | fc91dbdfc972e3a1f68fd9d61b2ab904d3dde443 |
| SHA256 | a5954c2d31ab74d1aee4eb2c6e33491895c0f2198f4fc4c212e0b81767784025 |
| SHA512 | 698b00dd49e27c50a09d043e1defa9bcc7e4aca13307604058f86e0cd9c26680e9bf72f9c7ba194e329b7b71a59dd20ef4602166fd25f8edb9c952af583b7b1a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ffe7ef11a316ffbb8650d479c95e74b8 |
| SHA1 | 204aef45d0ea79c33361a956971a1cb9715036c3 |
| SHA256 | f0d946fb911d659fdf2df43dff10ad26c826eb40f752d732dd5f753a1c4ebd1e |
| SHA512 | cd9f5c837750d3721fe78c1c5f098ec3a5cb8af28b8f0c74e31d7569763d14212ca83b71f1e1666f506586619c7bcb24014a3d3c8b357c1aeb6cf89237e6ede4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 906d03524f57902547ec3826579d9bc2 |
| SHA1 | 12b35e71c1b9b66568e564c71b7af159d87502b9 |
| SHA256 | 53b2842c3e1d84ad87e149d1135729c025cee550d5f0ff7c8bd717bf5c08304c |
| SHA512 | 13822365fed61c8e1800d76a23bc8d03757870d1b3505d31e4de3a87bb98b59e6c79763af3a4f1120a641c7bd6b54bc19d0d6cb0730046deef89e92f8e6283fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | a4df08ac1e362763f10329f5ee32a559 |
| SHA1 | 09aa01cc0f28037ea76f040bc12998764c391950 |
| SHA256 | a6ec36fc20153bbe72cb84989fdba2a428d8edcff9279c1ec7d9d3db9d482ceb |
| SHA512 | ad9a3e84fa4258952d1ac05a105393f5baadc7c20043915f6c3488d9ecacbd12f44080a19a0d7cd0289e3df108f54b2561ef1f12ff2d2bf34c4b0e7e649666ea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ae33d663908dbef1d939309185de9ff4 |
| SHA1 | 9f84e2351816487f8ab5ac51c74e8c91cd23beeb |
| SHA256 | 586ad0a8e587dcce61e825f7c3978f46121ad6d56ea02b55028398629c02f5fa |
| SHA512 | e11d60f6b19ab9fd0fb0fce28be880678c0ef9b5008c14d64cab083d6adcb141c1b8f0dde66e9a4cc12e2186233851b86d71e7cee79b3ef74e6a819f1bfe65f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | 1d5f57b36984d3bc13513937212f7c85 |
| SHA1 | 6962d480bc6216080b90505c9f25c8a3ed4c8df0 |
| SHA256 | 7c5544c2101aa4a9ab3bd0ed98d6d1126457f802c8073333d2e7fb7be273dc30 |
| SHA512 | dcb01342a2eb9ff3ed03a23b7e0914ccb626e1136c2a24dc4e8144cd785c90acdbffc877408a922519055f0a375b4a31172e3120744de656d55dcd83b84a4f4a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 76cfb34dff96d3a83e5bacfc25ff6bdc |
| SHA1 | e008c6ebbfce2199b35436c408336998be4c9ee0 |
| SHA256 | 5fdc6d62dfa27a1349b0ba261524e5d783150e67879bfe7f68b1ce8cd6950d56 |
| SHA512 | 4689032c023de27456f60a8cca79d01c5bed94156e472d78db97630d9ebb3d0c6c969fe0740938838194175cdf542d7df8e0299c8dfb7462aa5cf014bc02b79d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\38505160d1c64aa9_0
| MD5 | 206d3cbf8c445eecaecbd3d576b08af2 |
| SHA1 | 69256df9a55e885ce495a310e3cf5b4c04ff1e10 |
| SHA256 | ea1283b7702348d1fd7e1de8ad3ad6fed34a0c01d844cfabb358ac8f2c7ac51b |
| SHA512 | 7bd42b4fc51b1878faa359a381b80028ea6dc623445ab76fbad984efe3a99218f758141879971401ffa1f7dac0290845a0c93705919d69ff3bd7a4d34ca07d9a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d43be996bab16a06_0
| MD5 | a4f03d3e8152a78d1ae27883605a8a81 |
| SHA1 | 80811a64fbcfaae3db216a4edb56a25d896dda4e |
| SHA256 | 2bbea8a4374be57cc7dbd15cae601a444e8d881dbf06b46a0f49741b4972bc48 |
| SHA512 | 02ef3ed053e7b62fc6acf97c3732f578831cfa5571ee40108ce8d11a9dd83f3a0d173557d1ad09c05eccb9587b2ea47aefbf456b15eca5d7992a89265dfc7ccc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f4f1cabae3bd0871a33c4db2e0a160eb |
| SHA1 | 1e0eaad1053487447a944156faf493f6ea04418a |
| SHA256 | b884eaa553a5ca214ae7762fe540e41f643e3ff9047ada53c49970e6b6a04b7a |
| SHA512 | 30f2080a73611a6cd5347b809dd527e89908d89a44ad7443f1d38626770fe52828b2f0acd9ac7ef1bf9df122cf5b282da6b1aa71a3e8479d02f5a91d67468ea3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | ffc4ebc441981d51be44fb73477fee6f |
| SHA1 | b0fe3b1e7356e0d3d1fa73e69fd64eb8d069bf67 |
| SHA256 | 04f6bbcc46ecd8e2acd8e1cab292bb1a85c1fca87e718f4464844ff74c81e1c4 |
| SHA512 | 7c2e265d8688ed4822f0cdc675a19485b527dc045858f81149f0e6033c900c9b8c5627aff4c82ed197aa4779268558d9afb574ffa8bd5470a473ea15b3da69c4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 232d6cf8cfc71630f0a82a85e5f15ee4 |
| SHA1 | ae0427356fe60095f5387e66b2575b59e10f1e6c |
| SHA256 | 9a6d3c0758ed3458691c45eda9c48b025b960484f7e08770581312e4b447af67 |
| SHA512 | 5450688abb053f608d578528e2a3f1f32d2cf649c55a53ad3e4f1fd5012e904ecad4f77f51cec9b0483d26419d4b33af26deb60daa2d94e4676768fd300f5e98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e20f0ad4a9a8d503_0
| MD5 | 65a9a32df18397c171bb25e1dd6db8b4 |
| SHA1 | d73c644cb37b3175b3f00768098e8de1eee8b8a0 |
| SHA256 | 4b048054afcb722e7e17657baefb606636c867c1187e47a9fe055870d16df236 |
| SHA512 | 86cef2d8452b99055f737cefb0ee2a87bc08af38d6abf6f219cd0ce8c35f49d8f76d80780a394fb7885d891e20367c723f725f538682c5fe54d1ad3348c37c2b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4a8255feed4a8c07_0
| MD5 | f76713864abf8e4e2ba4eefbde61d299 |
| SHA1 | b351c52f0d882fc619baa8d7fa31d01fa75c4306 |
| SHA256 | 3941f8c24340e3d8e15dd054254d857498bf43aabf73f2aea0111822fdb340eb |
| SHA512 | 1dbd15209041b36ad2e2bc495884891ffa516712627c7d9e810b232c3c5e9dae6b323b20203fa01ba8005442689da13f77669e86bbc9a1aa91455aa9b822a74a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4cb68ac472ad03ebc2e718690f627f9b |
| SHA1 | 438b968b354bd284e900ba1a0a9bb2b139c564f5 |
| SHA256 | eee9380028893734b388513e03abe3924f8de4b56559d3809358ac20a0db705b |
| SHA512 | 785b7a0b1c39ec12cceea04169d3209d9b4566f7f0e944c23f1c989f5002d014379fd80609baf063e8fbee2c856145faf06a1329fed20ed6d1f06ad79ae3414d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 571e092a83f8acafa319e1ebe0fc34a6 |
| SHA1 | 37ebca482f39de0bfc2507e5284cffbd7bc314fb |
| SHA256 | 5f70b1ab2fdaa42c95805f28fed660fd7e8be568e7da12104c87a035362073c1 |
| SHA512 | 4d8fe2fa4f41b6b0de3d8ed492242f3654db773190921ae01072ef4599630f933320b0ced53dd869239be67d3f31b428115e727350f97bef2b9b79512442319b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 457f581d7a63de0395a5054a1329408a |
| SHA1 | 5d5cd0e482b06d58b2ec8976d745e1b16a56ec0e |
| SHA256 | 62ac4eeff059a591121ffd88d0b7194432f789f84458406fe2c62ff00bc167b5 |
| SHA512 | c7adfeb674ae2185fd9a9d838847fec9518e5d260df5bc9eb6690203740c2521c771871487e7e2daa9b78c31953d521dcfb8a2080535f85c33f8c40f59218a08 |
C:\Users\Admin\AppData\Local\Temp\Log.tmp
| MD5 | 77fed057f0c0b96fbe57883b4c30a672 |
| SHA1 | 700c38eac498aacf9eb7f0fe4bc2c3b64d5cccf6 |
| SHA256 | d54d7955879fc6d8c84ab0a8f7fb7925b4dcf990560458fe7ec20bc4aabeb210 |
| SHA512 | 17b395b7c3b3d65eede72386e31a297be8b04d0ecf832eadfc649efc4e12555a53f7c97d3edb87c19d10f5c5ec59827523b4350d847a464ed1b193470582de0d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | c7273ffa15aaf96b86ac0ef2ec214537 |
| SHA1 | a122a8c149a75cb6c2dbf8ba72d148204997c80c |
| SHA256 | 9bf1bb91f7559ce4d6fb12e8a86ba8b3c269fd264b7df3b4c5ada38aff52ecbb |
| SHA512 | 187ca7114dd8e3d1810316b6bc4c65d8aa41a2d5413f60cbad63f4b04bf7b7fb90a3c5b91515cb100f4ed6f07af803d753f356f77d810424b14f85a034f778e6 |
C:\Users\Admin\AppData\Local\Temp\Log.tmp
| MD5 | bbf7eabc9f8f5a3f7605a527488389cf |
| SHA1 | 6c38df9cf41776ede8df6e34d2c7b3e1b8d8b227 |
| SHA256 | 15ac99c30d1d2628cfbab8e969e124817f618cd300745ed470cd2df5a94f5fad |
| SHA512 | 46f97ca5b1f7955d0e5a22dfcccf2414173936bc988c99b4599658dfeb318b4e00b879a99ae53548f4f6f164310b0df5b71f0b3ef3ffa78239da1ad658aaaff2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a1defe264b22c61d1130219fffe1dc69 |
| SHA1 | 1e89de59d2ecb578bf8c45103ac6fd26e7a15002 |
| SHA256 | 640e4b49486bfd9cf42e2823b6079a84b46b51349d18f81bf15dc287dc144a0d |
| SHA512 | ee7fab39a5ba3cc9bcf96d391e8fe200f8152209fe54271f28ed4c89ae562e4fb3541a0bf2bcf4260b603100aa234b82df547c8d28211a559466f1ae72421c17 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4b025181b85f97d5_0
| MD5 | 19454c3a2824790533f2491bfea14a1e |
| SHA1 | c3bef0070e0a0d48b69a7d7c8cce255432b35f82 |
| SHA256 | be8611a592627c33e2aed2fb43f2ee133fb0c9218fd5673dd9681ae720188323 |
| SHA512 | 778763ee6198cbfc83db3cd9dd46e2c3734e609390c36e2b118b2b1a46ec7b333fdc644f3a892c5f6a0d848eff2e5e69ab5f35695829f93393c840652ee2f755 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 07c9001a860c0b153161a89d31df36d1 |
| SHA1 | ba31d23c171c9af33b0315615c43e5315763dab9 |
| SHA256 | fa7889d935890cbfc2bc44345eb2df9cd6c5ba6dea68b0c1960e8ee20abc727e |
| SHA512 | 9acd122f02ff51c8cc3ebf3102bec297e4dd907d7175070f4f751aabe88ccac5ba86f96603d86dd2cd2b26bd696d689ce19711e9b1c80981584d69931a14ff14 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5ffb97a64f4a5453_0
| MD5 | 03acbb6935df17a2f87b6f5ededb5d3d |
| SHA1 | c4761c1533d1179e2a701825a29eeb336d363572 |
| SHA256 | 3912c93df914ceb189874a4f3c9be08eba4d8ae36e6630831949b2ac3a735a12 |
| SHA512 | cb212c4a7c0e877194081d1325ff15a5850f44c590ba315ca3c86729fd6e604fab8515ed1384bcb00baa4f4f6e49d4577ad08d7f7dbbcaf02b97318451ed161d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000051
| MD5 | 55aee9d5b84d725b801f3ab1fb7d7132 |
| SHA1 | 66377e4fa6f6a545df9c10122258ed39fa28c326 |
| SHA256 | 803b1a938f60762cc79dd904f5d284ba0148de931e72edc11cc15cfcf617f64a |
| SHA512 | 3e870fdd8ca12b8487d1570fb0754be3e3d9ded60b519724ba0e6b998b0a24b195dd52f7371a946217166ae85e24d291284f8c7e4ed15bd57f679a9014e8729c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000052
| MD5 | 30d982e828b5c524980da42245ee9e90 |
| SHA1 | 7364e3f1f7ed95e2d772ec151b49b73e4972fee6 |
| SHA256 | c41244b589eae8e53d412f7da31782c1b6389dbef2d422a58971e5f32346adb0 |
| SHA512 | c40ad603cfae96e89e4b852dc29a0ddd8f8bd259c2b7acb4fdc2d9100d039a05b6624d533851a375267e8d4bc55aed0b079651129477bcba4b32cedbfe901100 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000053
| MD5 | 2078cecf6e1cb55e505651668169fa0d |
| SHA1 | eec7020c2cb9b6b68eabb5852b1c629a5517ad81 |
| SHA256 | cfe71823765aa71a9674c6ea411b1660f9851e074ff2fd5f90bade6abaa38d6c |
| SHA512 | ab1da5da4f443e32f26e507fd3190e30ff63c6f4a454d68eeb2fbcb9b1a9bf61ef3f80ba1ae881291387b0fa420a185880527a2bcc61c564337b4486cccc90e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000054
| MD5 | b05a4b509bc2599903f3ca63bcbc8ebc |
| SHA1 | 5709e2014ab82f8a6d460bfb8b3fc5d6488c4889 |
| SHA256 | 9dd2fd33862e07b7f3024f97c2ed1fcc0607b44f6d4eee94966ab09d5ed6a68a |
| SHA512 | 7bfa3f4fdcdc1159176c9b40010c8122bfa8125f0519f77934bd12fbf26a984f5e5f7317ac8a3b4d8ed337e31acdd6a95e107338069b29be1bedffaa4410a4d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4cb5ec98570e8287b98fd9916a6152f0 |
| SHA1 | c050e01e8a7d896b542c248acd4d63e04886afa7 |
| SHA256 | 2ec94e9c2658c60caf446190feb8439807c561a042f592c065a9e34908491c84 |
| SHA512 | cabac9a4205a2e319ec7958ac407177c0c6ba5a55674ddb9a5553b9fe8aea78664d27007d722c8683f0efec845aeb5012800fd385998e5dc7c17a1eff95763d5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 49814dc665ec4f0645ff1a3d4311d7e2 |
| SHA1 | 03b1642442230335cdb17f5e7b1fb510b1cd402f |
| SHA256 | 585f881297e8b3f639ebe8544e007d4748141718caa540521bed826ce13450d4 |
| SHA512 | 3bbbc89bc19869d9ab71fcce93602374f6a11128c9b99182d6d5372eebf026dbdedb2f83dd24d0093b11ad603c6732cd0e95dc0fe5e94a989d388baa2c77e7e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000067
| MD5 | 8d3f9a60d4d791a547847ad7124d2bf7 |
| SHA1 | 9821661901c8a986d290a6a040c376d451bc7cdc |
| SHA256 | 022eaf9a2628babc05dd75114c9df49cc700092522a43242eb1ad8068f3b7b3e |
| SHA512 | 0df52bb967829ae833dee0527d51eb5beb032dc13fe2b409d0b39ea4e728fe5ebafb8f0535d03802596a116a08a81914564a6e74c02dbfffdd49903155766dcd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d21eab4cf1b8f65cddea19f1b56855c3 |
| SHA1 | 7a78c4eefd6ddac239e721e0f8d27df13ec1005a |
| SHA256 | 12e5229d0953ea5402d031cb0e2c86cf10ddb82e62afb091f42ac870e8aeb5c6 |
| SHA512 | 52b92337a8c64f118149b0e034309d4e72796ce950ea1efe310708f0043bc1a588891265091ba204cccde20200f89795c64a0cff42f863c5e7bb96f487540c6b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f
| MD5 | b8a83fa136c3ce58fdea659dce391b75 |
| SHA1 | 7d9e52177466cc4966eb3c33f9b0469cb2e49e7e |
| SHA256 | d94a376e4ecca8cf54288ed9981fef9ead70acf284f91e314de1a4eb95cbded2 |
| SHA512 | e42ee389f8c5a95476e5dc1e44e2fce7d8ed10d70f7b0c86a2e872ffb728bb2d78b473834f1d161da0947e217394dd1224192a2303532775ec435d12b3e42ac6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | db496434c5bd3096aefb898fa4b03312 |
| SHA1 | 331f25659b059cbaac4e72a5858089134b18f3d1 |
| SHA256 | a07927933d92884e75ebc96de7a8d1b76d98f2163c4caf769fe2ac3b2f18505d |
| SHA512 | 2481077c679bcd07106b74474d7c1b47bad6064e3fa922cfdc22f9d10a015ccabb027cc0243f957ec9e05f0ef6c65f2a43464a31d363ad2b5f6391ad898c8820 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4d26a1e995af2cc61bffa703b6d07cf8 |
| SHA1 | c857ee05559f3bfca59659d55881b7457c177424 |
| SHA256 | f29d15b786783d256b16ac93845f053664e7d34c7f84d82ba0926a7d414c1cd8 |
| SHA512 | cc2a49316b5e63cf75fb567d652e0088d0a933f3a52d51872db734044ae2bdccb4310871a79774038b8c37bf19427f4b0a14037d63de6dd945f068976a3303a6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c3f0698bdabacb4b8f8b49f0883b7fe5 |
| SHA1 | 82ec82b598991ae0df8631273b337822a761f4d5 |
| SHA256 | 3aa5c61a7b09f8f120a4d4fa90d6b77a0b583a79d494c73f70c4d6f9519f4019 |
| SHA512 | e6b90a84450845be3db935e6c192973b4161b92f4f6f9076484f54e9db514f71ff0fa95fa6fa68de6ab8bcf25ed144e4ba76dd075894537f86feb16dac8da070 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8fb648deaa7985612dd13476c3f19295 |
| SHA1 | 21a60ff403221b7a4d9d4285b924ed613d73476a |
| SHA256 | 70ab5cd30bcee83600103ff1b5784956e32bbedec778cf2b66815a8e55954158 |
| SHA512 | 48ff77ece6257f90f1f91ab0ec62b08be0b33134635a0b456efb46c9b24301f7267549ed349ba196fb568ff49a2c130447dc44f4bd0721a633bcc0049d188776 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 35b58a1ada14bb05cc1f6ee8219d9554 |
| SHA1 | 557be6622c4672bc2484c3d7a6f0ea6c63ee8cb0 |
| SHA256 | 410659c9fc44e27881d04c7848e48a7323ab5fa170db18dfd778690faf780c20 |
| SHA512 | d9a1fa98109148c306288627f360aa05172a921129826b05a6179e422997f50059294f3e4c3d26c35162c54e807c7ea917517a3f828094d40a19990eed6b5856 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | fd5b1d1ae743ee3c4ad2ceb6674507a2 |
| SHA1 | ed91bb9a2c562fcb3d1d4262790ef90d1e9300d8 |
| SHA256 | 53c91bf17cba981cc1ed6699c3f1ec18758f1deea4bc9bf1d70f459498428ec7 |
| SHA512 | 2450ebf757fa07430d24701cb175d250b17055e220a42c8e52a474acc83f1a0faa848a8274da278132b3cfb541a8d52b501fa06d79dccd73302e6de5dfe7f6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 60b9f4021d23387173ab0a7e11da5e61 |
| SHA1 | 1cfffb45cbef5053020fef150c8770cd62f70f76 |
| SHA256 | 0bc84f122f116e78c10c1bbc84d427394667737baa2ae55b8db39df1592fc089 |
| SHA512 | 87c6bbe36e38c00e0b986f8d99171008a833abae178760155a48cff5023ce8f9404e0b0269b0f6a2b4b915ba7bbe50243024929e9ede3b138e0c4c031229ebc7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 09396057a60556fccacffc96ef943cab |
| SHA1 | a136653c701c0235331512a15bfb8ce0776a03bd |
| SHA256 | b58b620335990b277a1c88f7c0c56d004b2b6ee6d0c2d43fbff30d72feac88a8 |
| SHA512 | bfa34defa403a46ef587e1b1a41464b733e84d23ccfb78044624fcd50409b49f11daebe79295f6cc824d018aeef79de1d76b03ec1848c96216da884db2b54847 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 53a9e69bc1ca4a3cdb503a4a8b71750a |
| SHA1 | cf99a969878b51b431cdd7c21b7413fb13ae6456 |
| SHA256 | 4d3190639e3fd4d846c3ee23bcc66d3f95a9dcfec4f84e15bd1b66174618e705 |
| SHA512 | fcf38534600d36c4c044b2ec09cd16c88cd1feb88fbfa08845f0fddb9cbf4e54646421e5216db27b1d0f836090da415c0bcd4bf324bb3d3ea65d9055390e6c11 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 36e4cbc436defe42fbd7009ff2c19dfb |
| SHA1 | 961248a0f7c293d7303c09cab8d4c1c020554c0f |
| SHA256 | ed0102a046721823a127d73349a03f2b2bc3a1757d3c177da7ba4ec43d125d9d |
| SHA512 | 409fb2e8b4075d7093671e1acdb1b03743ffb2c73181f057879147c567542d0ea79fdb8e1a60081a93cf71ee0307f992c7d513497b09fe1ab10e845de987a532 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\69355178d22832fb_0
| MD5 | a9c3c999529114fa83bb5adcb4c526d0 |
| SHA1 | 0d9cca24c359fdfa5980b9eae4cbd7f882d903df |
| SHA256 | 5e67ba32b7b26e9f3afe7f4cbf34ad3dfa81b3d136abc7e643a0ef369f67887f |
| SHA512 | 805eb3476d89b47f7cb7fe4c88357d5bc94af3c0be80aaa3d1534fbf001bed047127948ec191c8989efb1c51aea037aa7fbb812a34b4117eaa40bff98138ec3b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 30c65b53d387687fb570bb3a470a95df |
| SHA1 | 64271bb1469772e42bef296909f4c901aa022558 |
| SHA256 | 04f7949c0136062409d72a74fcb0ddbd2eaf8a245ab09574e74bd8af5b33b6ef |
| SHA512 | 4d15047a4ec14b13ec06d54793c3d64a40322b9fee9133d11bca5476a1a6a75ed144e1d59a3891f9959050a8a76308c9159eded59529a3132b563b7a0258b740 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 768d1349f59322e384d35835e45b7a72 |
| SHA1 | 0b21d84ae9d8fe2e1085c895ca8f4bb691c16b09 |
| SHA256 | b423c7bbf51b922383ef7d559d035b4a9d20eee91710008c16f1070abdfb7e06 |
| SHA512 | b97ef3593aee9756d4c930a6acc63aa797cce305ef225d7a45af4cda2346a04b378610988711139d85673d0dfbac5c155fb44a07a53c34a1d1a83d0ef93ec621 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | bc7706ec112bb61fdfe628300ddc3192 |
| SHA1 | 3830f0efb735497b2903664e87158e5e53ef30b0 |
| SHA256 | 6b419ae77e6e07ca4b3787c52a8ca6f9d6e4821516d0636cbb3c42a7e42173cf |
| SHA512 | 5794f072b218af1f65cd9b6ddb90582517fafd587aef3a2c7964883f1da07020580a3d87b998c70fa22d7adea987a954a0cba6a6e3edb995868893ede331936e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b521fd1f66623896ca9efebc74b3f064 |
| SHA1 | b4b3e5aa6c48c3a3dd63f9951ab1a730c26cf346 |
| SHA256 | d907b33f4a6c6f568abea7b286db26da127ea676a7bd6de0e74239da0159ff95 |
| SHA512 | b15502f9a3aeedd7a2aa86ee3db3ac66cadaf4cc54bf4d5e035581c0236de63f4bf2f80ca6b6def3c380c231efeedadda0f3913136ad249891c092d094800bdc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ab
| MD5 | fa6dec603465492da16070c7ea3d2907 |
| SHA1 | cf8876a90b539111aeffd408d15029f5239bd54b |
| SHA256 | 149bc49a69f6f50402b10c044d51d1925ae3666c0188f33a0a8de1eff903084a |
| SHA512 | a513ffe85a6a881afee809f1c40e546cd44ba0dceb9e8e72af62b69a366613f65d8be4d40019783a7c7f19d8a8579340021cfd29d21c2fd57a4f9825162942b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a65ac9bba05da1e2746f11d4e3bab462 |
| SHA1 | 5a24a33b1594239dff57e0fd47ee28bf5a127204 |
| SHA256 | 37634140bf599c22446786144dce3f4bd4e8bbf7eda3b0ffed6aa825f1ce1bd3 |
| SHA512 | ea51fc936d94200325af4a8fd3c3061a65a4e0859f6a7e473ba258fdb8fad614541fff709e370991d22f44632df2e8281a6d96d1177abe3cee88ff6ca12459e4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ac
| MD5 | 7820201f0db0c706a0ea5bb7ce018ef2 |
| SHA1 | 6d116650afbb3b25bfd6226c7d5ee00dd1fe4515 |
| SHA256 | 04f262a5cce0399379de17e5635f1e1acaf4371afe981edaaf792625a682c44a |
| SHA512 | bfecb88d8852c413525e1e1bdb3eb69c97a10e4ff67ae3ca5eb97fff5a2ee369a1b80a0d314440a375d0f9e950e0e970a6de6afed09062d8523ca28ac878946f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b1
| MD5 | 89a574ff00e6b0ec61d995d059ce6e65 |
| SHA1 | aea09e96808ab77165ffa712eaa58b8f056d0bb6 |
| SHA256 | e5c29c139842fd487473d0824f2c01b374680fb35d22fa929686d17896602a44 |
| SHA512 | 30d0d40bd680e61968273155b740901cdfa66670fc2af6f23e44c6b998b67cc1fcd0b51bd5f9470f209f188e75d071355e592b2a7c97f4bfd15d07d455e0909d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000be
| MD5 | 6fb26b39d8dcf2f09ef8aebb8a5ffe23 |
| SHA1 | 578cac24c947a6d24bc05a6aa305756dd70e9ac3 |
| SHA256 | 774379647c0a6db04a0c2662be757a730c20f13b4c03fe0b12d43c0f09e7a059 |
| SHA512 | c40f4771c10add1b20efb81ee3b61fc5ede4701587f29a1c2cdde8b6faabd1c76d769bf8b99aa19082012f95d99ba448a472463fb9056acd2e43542e14e605cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a4
| MD5 | 6169398735e663f3649d639e8400e9f4 |
| SHA1 | c375d467303025ede026085a9653e19822d4236b |
| SHA256 | e481a6256086e84d612a7fe1fd4efc3abd2a7e544d9e81c84bce59ab8f677bc6 |
| SHA512 | 26dc270bb0c7834862735c48be3b6c45e7357f6c7329ef7c72044f047d9be1bffba91d895d4462066c3b6e8bddf8a58aa36d090347a9254e7b3dd91d9c5ee597 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b7
| MD5 | a1a1f839449fef1babb91fd2ff6ba047 |
| SHA1 | 4e470637f1a55a3e420363fafab8fe2619237d9b |
| SHA256 | 2f2448feedd5d31841f03c23a06979e24c730c2520a2122b3de9546e54023f6a |
| SHA512 | 97d1850c8a099c517278e2ec430cb44e543eeaf9edc121c356b3e83d3ddd7442b5bf5e252cf2de0b3abb88438d034d1ec95475c29d0fb039d95edca59e113640 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6d3868555d7a7dbe18580dd35fda6fc2 |
| SHA1 | 3aa50aade278d1ad390ca8bfae0264d547cad777 |
| SHA256 | 6257aac9b7c0c2a1cb965fddf056ae957b639490c70624cee7f8ea2fb6f6688a |
| SHA512 | 900418ec8d4295cb08a222d288f76384e7f53cac29d0a7715317ba082adde12dbe4ee6b0253a3b652ce19b9d3fd9993b5f9774dd1db7feb0150c8c64aacbb5af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9f726c0926c3b209_0
| MD5 | 2eb52199e4e636059dc7d9de623850bd |
| SHA1 | 27aa906a48730ada3451475d7839c511582943db |
| SHA256 | ad452276efdd4759093d702be6b633d16f2d4ad613d6cd62b3f1f8ca75cd863c |
| SHA512 | 20af47539aedaa8ca5c13a7e694eaba94e37d111ab081650906044be0e4fbc2f7c6a26cd1f1191b5079fb7a38c22121367d4775c5cc33c602429bd6582c56d41 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a5660e8242e76d05_0
| MD5 | fcb6dad6a4ab1ef868f47784e4a11f97 |
| SHA1 | 004cc7080894d7946987efe1c94d798f4e0246af |
| SHA256 | 6e9b2b23e246ea74ddde270aa2302d5d28cdfd1d1a5730e0922f92454a0e63c9 |
| SHA512 | 675b14384fa1ab978ff7e8ed09ba998740cc9ab4094b23385ce54f16211a412bde0bf298986a377462839c0bc0c37f54ec2cc4c2f426ff265e543a2b011d3069 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a8
| MD5 | 06f6cadeb72f21fea2b6baafa80a7d3f |
| SHA1 | 6e702f40092ff9bb667015a5afa8d202c64fa107 |
| SHA256 | 3930cb4778d56b24816847402cae4926ee8cd9a4a413d7113960f10f9731266c |
| SHA512 | b68d09fcd7fbbac65983a0709fb570973837552c3e2579a2c1fb3ab3f2bcf4d58a60912a13a686806ddbd0dcea989905c547c3771f0efd239b0143f95e3df489 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\876e0ca6c7de4562_0
| MD5 | 6763e131e788b94aff24d23ba3396a83 |
| SHA1 | e972f878379afdd434fc9219a209b5dfef44a9c6 |
| SHA256 | 8f59428e0bcaaa6c87b319c18c7d894ec56d7ca49f19640edf2f1612e0796f7b |
| SHA512 | da17255cb6a44f0e0b871ed7d01fe91d8e748091bfc801a6f709dd57b2bf4056531f9696188e5b21de0fb08789b1a1332f4e98fed9105651502817d6628a3d14 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\eacf11734247635b_0
| MD5 | f42b64e47d3629816f7a0f3c17d6eee5 |
| SHA1 | 7a6450b9dec1e0a39ba585465e441676160e5ad8 |
| SHA256 | ec0eb1fd0b15dc60c96401b1b633a1d6d6e3cafbe7d296e1feea9e284d7fd2cf |
| SHA512 | 57caf87e984464567f72dfd842ddd96d8ee4aed5b6201504fac9f7ff139b301a6ab2a90a31c1e478253658a47d062d30dfc6324e947f63ccbf75fb64c481ec17 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\41c09a3ac73e6014_0
| MD5 | 785f67da2cd460d6adfe969d77e58a9c |
| SHA1 | 5afe5eb53095d86ec967438fd552abe09099fbad |
| SHA256 | dc124a530a17233df45a147583a58078ac7c0587f1b653c6e1947c593836efa3 |
| SHA512 | 288efe155c542f612a0fd14b9b555b04dae2e9179e671609bf0eceb96cba369769781746204d88b9c8afe9fea54e350859df2c2dde635119c0d8db5760ffc835 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\683e68c2f40357f4_0
| MD5 | 62712628af3001ec124d39e7b280091c |
| SHA1 | b89838a7e83a705277d9dfbf730c0d2647019119 |
| SHA256 | 59eb3426972312a59738c492215ffc636e3bf3bf539a748f48c53fe4df4051bb |
| SHA512 | 44445138f886dc2049a4db9d50be3d48c54f7dfca14d7f51b39ec915692e869ccc9f1764563f70b08694dc30dcac913b0952e3eaa8ecc79b0e2159978a67be74 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c0
| MD5 | 9c6b5ce6b3452e98573e6409c34dd73c |
| SHA1 | de607fadef62e36945a409a838eb8fc36d819b42 |
| SHA256 | cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc |
| SHA512 | 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c1
| MD5 | eeeedd514b79ec1e786c85c744569984 |
| SHA1 | 2a471a9388cc343eb15ebf24626cae2ee4c806f1 |
| SHA256 | 5e588e71fa451932b8ada9372ccb56fbb4c18be2f9dffc47b979e7b5c99f27ed |
| SHA512 | a3bb71a7a0d02cbda47e3d196a48691f7e95b02bf74644f4934c6b735a085c3183faf933b889973d9cda5ba14b3f2eda7f9485dbb5621b52aa38ccb3b7a6f90a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c6
| MD5 | 4496a4adfcb2b23691e0c5d2144addc0 |
| SHA1 | fedde8fac19d2d7c77a0621677b79b9f448cc34f |
| SHA256 | 6267cbcbc8ff44d7c27d5ad6ddcf5e7e77cbcd5e6fe3cc7568fe9dfa19fde88d |
| SHA512 | 7f08f81ab3907de251e90b7b56dc7b837f19eceae4a9d6ce10524d07193e1146547a8d23e3dc4022d51c10f8cbfe0dd991b79532dce272b1c8f915a9e893eafc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 35701c919b099c412c15a56334a455bb |
| SHA1 | 5e50d1cfbe2a186db829d561d9de40321d68d1dd |
| SHA256 | f571e36c36e8124715e7994114a5863f3333f047a748043a47cf62200e3c7282 |
| SHA512 | b46dc3c1edf41100bd409646bafd53c5d8b8209688396eda182cd9c0a2d80f8950ef4f0c16eb73dee05520d175e9bf80626ff28f758a04d58a48e67e17554a9f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | ff3c01c24b5eae08b6c403e3db47753d |
| SHA1 | 920183a6bd5bef77c389a2db7a4d61c2bc5c0a30 |
| SHA256 | 43198df44ad439e4f90ff5907f6d1298dcdf03c4bbcccebaca95ffd6cd41b468 |
| SHA512 | 665b7fcf0e4ab70c53bb65033f9dd7c20cc85fecd292235f7ed4e9f0de55e85ff2f363f0930aef7663a31ffbfc8c110b3628619ab2b5b8e401e026128d9e13e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9602801b9ef70e84_0
| MD5 | cca786b497a75865eb403c6631c22f93 |
| SHA1 | e99fc425c30187449619633f34010464cae0354b |
| SHA256 | 7395fb35e247892f0e7916f0046c01e933eb46bb4af96989a5541bbfaedfff1f |
| SHA512 | 8d4f6c400f60e01027d2284fc9cdb81b55d904d1091d0ddcc08d5b12ba43829cf37ec806952e9ad127e574d9d40c99be49e64cd2d9567cc3432c5c8bd28340b2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9effad768acbdeb7_0
| MD5 | f763d8a8a13ce790b3e09652f33b9128 |
| SHA1 | c620c447f617f713f9be782badda9e03938e94ee |
| SHA256 | 81bf726d6e4e2c9814d7228b8c27bf4a7fb41de938dcf2f2cfcae1cdd8fbf5f4 |
| SHA512 | 6dea8955b14cc86cda96e8394612f42c368df2d8305bbdd9aa5b277c34feaa1a5220e1e444dcc02d5a01a7b61cdd33feb595d865bbf2f0ad81bc3871e1410a13 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c43a6686f448f978_0
| MD5 | 7168dd9bd856401b20617ff95292ad20 |
| SHA1 | d78b3e79ac2753ea0303aab35ef8a6a04ae59deb |
| SHA256 | 9be7e30674c2d52c253fbe7768946c9079a8dfa87021282f58dc09ffdf4f454f |
| SHA512 | 7bcd211b81a7c2e65011a1cf425af683a783a0a32ac9aceb196c6943756fde69b6de90e1f28294bc16eb687d0c5e35f5bc86eee02e642155e0d8e48f8466a70a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5101d0e3e761d285_0
| MD5 | eccd702d9f3cdb035dccc89632b348ab |
| SHA1 | 72c267c37240062933b4ad058739540f6bdf612a |
| SHA256 | 5285c4f6cfe6f93e8ca62cdee941b8e592eb3a0874549ffdd92ae99bd3b79c31 |
| SHA512 | 6b1d0519c62c9e342fcef1d68be828a14fce773405c6ffa7220fba3577e062bf213bdd4162607953741a0f234c640456393e47473a54020b8a41447402a74a32 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9cbfb83987318adb_0
| MD5 | 1244aacc8ef654006d8a9ba261e700b0 |
| SHA1 | a29c4fc6461652d83638550991870b576eac99f5 |
| SHA256 | 6f633b9f4d016755cfde0924144d3eb42f166b949f99a369f977f1ac56bec250 |
| SHA512 | 0b3ffb41d2a22d68de36386d21104be58c5e5514b4dbaba203a2ca6db885f2383d75a6f98513fbffb97001e0d5c4dc27a949a5272439815c96eb6f6c6f38910b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\364e827a81edc9f6_0
| MD5 | 1bf950165303da6a6e0e6e12cfcc9d44 |
| SHA1 | 8108de7afdefe5b488f56a667d09ae741e7719aa |
| SHA256 | 976566bd0193ec6af9dc28ac809bcee3bbeeaba64346a3ec7bcfea2749537e82 |
| SHA512 | 3e4d8af6a0c27b0589d8b2edfbbf01224643a8de554127ecb9c90e1229177f968c13b75c3a03f75189f41cb065eea8c9b186a36035f7638d9bf950a618312fd6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\404cef15c446b9a5_0
| MD5 | 67833755d72fe094eecb4ed87be73add |
| SHA1 | 503475588050c4cb7227c805966c9b71c35fb139 |
| SHA256 | 48e2d08a0a973ae6d9d83f9777d0e935d21c8891b9d7704ec9db28adc4d64901 |
| SHA512 | f682b24e911fbf6d58f25f1f8a7b0abb2972ab31537c92173a76afdd7fd5f434e139808e282507b589d3e5dc57994fb30a6a1994dd10a80420532f1709647540 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a62da7c7a2128d0d_0
| MD5 | dd670ca6466621b2ec7a460a860f3856 |
| SHA1 | 3a7998043c8a7fdc2c0702ff57f93e3124607472 |
| SHA256 | 487c3a624324dbda0c9740f00509a8ebbf586d658e321bb773b5185c93851593 |
| SHA512 | e7a59af74abaf925fd54de246bcfeb146f6e063b45ebb56191c5bb422fe133ce1550b8b116b425f0389ea1bb4a719b5d69f234dd3e0ef2c992496e2a2ded2798 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\63fae8d57ed5d6e3_0
| MD5 | 3ddc7bd0fb7bdbee3770726b1b0960c9 |
| SHA1 | 895f420d28ddf42e4fa740cf31464eeb08b17b4f |
| SHA256 | fc6bc309da9f6d33e95914dc9c7b2277236ad77fc97ea2167ce0b1d3b5910cf6 |
| SHA512 | 827cc9297d736905448ec72821ec23fab9c2ad0069bfc6d73e19319fe4031b842105f929a8cc0bcc042d802a3768e08d35cddfdd4f308e6fba7f4b4c507ea1a7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\08cc2d0e9fff97f2_0
| MD5 | 9521b3aabe7de6e65a933c1c1453c41f |
| SHA1 | 24b64fef0bfa847bfe191eb1cee147d011d0f44e |
| SHA256 | ef25cd1015eeccb1c101bb06742d3439d5cf6e5d356c9e7cd06f131969ec8145 |
| SHA512 | dc1b952c9434965a17b1cedb2d7e20db3467f104cae87690533ed2e040eee344fd77d6c399c932afdf8171543aa1c9a594f92c2f2aacca908fa4b531652cb033 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023
| MD5 | d7272926843884316a0142acda87264f |
| SHA1 | d331f01ee11941ffbc4b56c997f648a9e5b07cb4 |
| SHA256 | 2c4a54ca703e086cc9b665de9d383cfc8be30d45cac97672211ac94f63bb5713 |
| SHA512 | 3ec5c5956124e00d580694444e725a13937d3d0cf19df954fb118ef416811bd663e296d8fddfaa035e8b706f8a346db7e6d47375f001918d2197cf108c370303 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f1f463e27ac8feab20bb5dec1a4bf188 |
| SHA1 | d7aa688f51c2b662dd3fada1857358d888334e4b |
| SHA256 | 24e1793f4cb58a8fc37b8e964b64f1a130982d228718f12d7180f7e2612092be |
| SHA512 | e1e3ab57fc95b573ffea603a9814a4ae42c1a2f1e976a0d5b51cef9f26d7c62422f4ce8317a8d682498db52452fae55fdba12d9ac66a5fb4291d34d835ea35bd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003a
| MD5 | 88fe00be1a53198e81563e8d370945b5 |
| SHA1 | 8b60b3a51782e7b50a7edc6633def2368e06ede6 |
| SHA256 | 530f259bce868d91408b51ef70872d52d2927f053802a5c00b62424ea55e6896 |
| SHA512 | 082a5b31e55bdf6859944291e02c3587b563a553e311e5600cfaeaec2ffc0d5932a4a85b0d5b530b808394f723109ef4ae7009207fa055e9992fbe50ed546a4f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0176217bf8afdb6302e5791893376948 |
| SHA1 | 9fd835801d2a520eeed6c670e8154ab5e1dd9aca |
| SHA256 | 7f378481c66b97d243207a59bf5a2608cae7b1bea52093dc98f65be06b8dbdaf |
| SHA512 | 826aca94944e58d8efc944ac61b18a7c47c05f5aed1733b6ac2510ae9b6009771bb01f79204060226fc9dba3015f3821cb0ea05fa679e419446559a246da1c3d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 796ffac67bf8fd09ba2b68557c2212b0 |
| SHA1 | c6266f9a32d09b807af8582dc408dc8c93467479 |
| SHA256 | 69689a7a75060a4d2413004a08aa0d4a6889cb725d5df5c5dd427daeea497608 |
| SHA512 | ed3ddd26762d06b39fea8661fb3196664bec2d5946c7616ced6ca06c033f9f8de6adccccbbc444630766e7bb376716ba0817253f77cca1545fb475799795c8a2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5a3742f2b053a0b73ee35e7709180ca5 |
| SHA1 | eb014e68cd2184a0aac9245c833667a6eb6fad13 |
| SHA256 | dc9e2732186b534356f443bff65fb209bfeb2d42c37ec4478e123aa7a50abb5a |
| SHA512 | b97ba934dd2d61b22d8ff465659e5da04116a0735909ac012e14dd7a5ce19d5959874fa23d06d3cd4ada032d2c780d28dc40c4947446ff7f9ccdc7fb3d947fc2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
| MD5 | cfd2fdfedddc08d2932df2d665e36745 |
| SHA1 | b3ddd2ea3ff672a4f0babe49ed656b33800e79d0 |
| SHA256 | 576cff014b4dea0ff3a0c7a4044503b758bceb6a30c2678a1177446f456a4536 |
| SHA512 | 394c2f25b002b77fd5c12a4872fd669a0ef10c663b2803eb66e2cdaee48ca386e1f76fe552200535c30b05b7f21091a472a50271cd9620131dfb2317276dbe6c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 181f197f9f2a0a2c0111573b0b4d1424 |
| SHA1 | f8b19056833fd6a4e785cd2226509c336a7d9292 |
| SHA256 | 989970777a8c1f4291a0096ea6e6434c35d261336b000a8fb27f2ff782909396 |
| SHA512 | b770a79aa6f26d4cf017dbb58339ac58f044a8b68638e66bba4f0a2b17449936bb4b54cebdb962089daa2686090ae21927ce00aeb4470e1b1bdc5467c60f8881 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 9c9cbb8fe178693c7bd27cad540e1133 |
| SHA1 | f1953c725774340f1af5223581815b43b3453043 |
| SHA256 | 6fd7e6bcc28ec298254b6eb431581777d72c5fca7f55d245cfc806a3be95c14a |
| SHA512 | 07596f18bf0ca7a8d66f790c559b45e560255910600ecd6ab5c05690ebb9cd91d8a0243d238e9c0067b081e5d9fcc4ecaee2a9c582854cd49641b950acf62ec7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8269df3b02d9226fbf034d56e3d8571f |
| SHA1 | 278e5bec9e1ae7f2f3a24d3d7649dd4ef74f26d6 |
| SHA256 | 3564bbecd2cb0cf14a8de6c6949d8f32a9fb4009f18764ff948f6b7d70777387 |
| SHA512 | 73c789a808cd15580a139b93290c0748fcd86be23aa7ee2f65ff838b2dc447b29e5785b4ea26aa05e6e53ccb57a58cb0c03395e621940be5ea3d6b03d9a2b535 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3254dc12a5addbbf9ca453bd77d2ae1d |
| SHA1 | 524337f82b373dde2790680fe339af31565c103f |
| SHA256 | 3716584a071e5a91f318183448d556fe6d4c4f501f50299b62d00e4cbb5f42fd |
| SHA512 | 79e332a6377a721c8dd0c5a1fbcff5ad8efd1c8292ebbceed2dfaf498234287641039907301fb6a39b96bba95a1dcd45acaf38422dc0311a8e528810f6eb479a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | ac75de9b04fa3e37d10c8682ac4716d9 |
| SHA1 | 558e54203731bb8bb1be798ffc918058f4c42466 |
| SHA256 | 0106c6be6769fd4d1576e5ec6c9f69960af16e99b9c060ce1079d5b20ee98a59 |
| SHA512 | e6c51793a1e352d0839200bf259cb0c557cf941acbb3f143226ec208db9c7c8abec99ae68ae42e7bee55f391a800674982ac84e48a90a4a32aa5947fd6f548fc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b905afbea0fd52aff7cc9b4ce7de017f |
| SHA1 | e6190074df3f022f1922dfd282f2c034d029d628 |
| SHA256 | cbdcb8757735df88cebec7fcc7ce2ee60ac80fef93ec8a2a7297f1a024184f25 |
| SHA512 | 4299654989f6a85b37e8dcc2ea8a11201eabeaf769e6fd71eee86b7eefc681e9382f1084f9a61d19257ff4c1126c565a8c82ff60d9ad75ee8cb5f5b8e749c903 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ca2d95b02aeccbf3ac84ed5ef261b60e |
| SHA1 | 9e8c15539465bb3e58af0dd8286425ecf57e55e8 |
| SHA256 | 0deeb1a6ac05731b2c4daa2a9e4f62c5f4d7e2ac6338187bf6ed953bd0686d35 |
| SHA512 | 1fd0fb8e109251a6d4974ddf827d6f0e243eff285355b633ffa2ff9973a77474b832a77f40ffe8b3fb39921436f63d99cf6179dc360a478bfc087e055d3414a0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | ab3eb40d8a63583ffc0d784ff7774bec |
| SHA1 | 255f381f8452baea423cb5e2f8f926388876f785 |
| SHA256 | 55d847ba873a61e4a2d5e6b638ca09fede3cfb234b377ee06fcdc4e9da9aff71 |
| SHA512 | 0963e484c365f4f96889597a7e1cb5bc1efc343c8ef78a376faff2bc9c8bc95079c0180e5cc65f718030d5907d312b665d18781872325e1cd081323858c76db4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000de
| MD5 | 6ee632ef6264b72530b38ed3414ef99f |
| SHA1 | 6ab0e4fae75eb253d9703baf52bae2021d60baaa |
| SHA256 | 49929e01b886e836bcc7b6cc628adf3767646eb529cdd93cba3ea5901111969a |
| SHA512 | 1a2e5c2727dff43824e7e983f2718c76d0796cfb018f66dd2153d9000f6524042e02f36e3f586c1b4f0c4e07b341757ecfd17914bbfe5354138e77e18342f337 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e2fe8ebd76126049070944ee489bb654 |
| SHA1 | e15997c59afca9d15fcfc77df2b1b78d573747b7 |
| SHA256 | db402f36ba8a85c13663ceeffd675ecf988118d048da334e5f665d713ffb32c4 |
| SHA512 | e70f21ab1a9a75a8ba495db54c15ae4c30e6a0c63fa90d4235ba9a7427e4c922cc869acab4b2d1582c8299f0409e2a4a682fb78c21018e01db1c4933b66b01cb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 3d33be1bcae0290d5376d81510d8e907 |
| SHA1 | f1aeafaf4f4dffd7da50e4e51469a2dc14da4110 |
| SHA256 | adfdf8bf176b726a1268dcb7292c21d90e1309b4f3ffbf0c8f01cad5b1668eb7 |
| SHA512 | d4baefb61b27fd7cb65ce354bd3c5262b834b40fa82138af7c07b23c8c2c8cb6a17af18eadbd4586f97d50ff1a16560b291fd61bfbfff1d9f8af5235c3540e0f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 6f3b77c84e0e74bc1c7174f9cddd1b60 |
| SHA1 | 1a97d66a639f16b4642fd683dff02925cf3e98a1 |
| SHA256 | e92cad6a7be05a2d0de9ad2a85a77627a022e8d37053105da51ac07d111a9144 |
| SHA512 | 9377fbb61f7aa5c4091e2b64f2b356939ee9e8eb4673f328affe8a1b3d08699fab950d03ad4d04a69e981ace4a05a53b7d70ca78ec5450c34be9e64960e53ddf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe60447f.TMP
| MD5 | 07d6fb509e488757dc8dc2fb47aa86a8 |
| SHA1 | 8a5cd25440fd72d56a8384dea41e54f48c6a4a83 |
| SHA256 | 908d523b8348fae46ebc4f7c1e1ec5bb0c0a97a905a532aaeed2faa0d8c96d07 |
| SHA512 | 8cd91603854ce7907a85af8dbbcaeca40eee072540992b288ed75d31b754d8883f04be0158abe2dae25013f2a66c50d5acea76acb5903fb8ba95b1fe71b9fa68 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir5012_69920670\Shortcuts Menu Icons\0\512.png
| MD5 | 12a429f9782bcff446dc1089b68d44ee |
| SHA1 | e41e5a1a4f2950a7f2da8be77ca26a66da7093b9 |
| SHA256 | e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37 |
| SHA512 | 1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png
| MD5 | 7f57c509f12aaae2c269646db7fde6e8 |
| SHA1 | 969d8c0e3d9140f843f36ccf2974b112ad7afc07 |
| SHA256 | 1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f |
| SHA512 | 3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\cfb42958-ae17-4d6f-a45d-6d3a55228bd1\index-dir\the-real-index
| MD5 | 1baec190bb4d30066427664a8ad327c6 |
| SHA1 | 82c169e2b064966f8e4979232e5c8e046534c719 |
| SHA256 | e983b95f2c7ed1351263fea095ac82b879a5c5f82d17f8aae173b4e7341bd7fd |
| SHA512 | 4260cf50f9fc0274dd2b919c4ef13ecae2b54703a3c83a052af2fbf13dffa709b313593c82066a42412a10b2dd552767175a503eda5cbac37310e3b503ae0daa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\cfb42958-ae17-4d6f-a45d-6d3a55228bd1\index-dir\the-real-index~RFe605a1a.TMP
| MD5 | b24c055938a510029e0341018d093e00 |
| SHA1 | 118dd6fb13e68c45deb381a67bee25037cb90b72 |
| SHA256 | 3f5787b0b291b23d57f1ef72431012d888408f7481fb6b47dedd87c11bd54654 |
| SHA512 | 7f9661ab4d9244583c9504fcb3152a864d8305a7544838774897fa090629d624e2ecd11319d6b2c2ab716dd5fed2afbf9fb5247cb4e61244f2680be33b3870f4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e0
| MD5 | 3dda883b89b1f31dd1e8e0be2d4250e9 |
| SHA1 | ff69000e8307afcb2b4db7d6117b47975f9de06a |
| SHA256 | e60268695e6c66a62ad318850e45954bb22d21f2ae62fe9f0c5490dcb1e69f9b |
| SHA512 | 25176c5acc9cf658129508ccc1b7fc8e93777cc59a404caf06a0e0eeb7c10b5276923aa51d56a99ebfd45d9f05b16f598794fb31ea0aa39565770b3c3b8c8c43 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 665fb27bce4d371a3fbcfc60002794dc |
| SHA1 | 5c11008557f6f7972cc9f92e3e5cbd6705ec6350 |
| SHA256 | 3a4fc2698286ed410a503c39cd23df0ef665fe4e38099ee80ed0654c4cebdbe0 |
| SHA512 | b9098139d8947b5273179061ca0cecd44195880faa3f6af18e72957d2bf3e020d4d45f567041011e8fed1ab8aca8da765274cff7fa88a4c58e1bfce630c45be9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\707a8045-e4d0-4456-b668-53f18357cdf4\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 45044656ca708291e6a5250802c03770 |
| SHA1 | f1d6ea91ac31fabb181ad86984465fee615ff31b |
| SHA256 | 5a934cdb7e7d270ca20efe384e772a249ad38104d0350f1949273c766a2c4660 |
| SHA512 | 7f8c8177291a0591d8528dcd72e423a3d738ccfab64fb0a919df016f56f1872eec906f6b72c6714e4afdd5494749aecebefc8b07031755162ebabcd95b7f7b22 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ea
| MD5 | 0e598b4e0838f1540edaaa0ebf6d1e68 |
| SHA1 | a69cc56bc59a19d8e0da1b74db64b0f6c319e095 |
| SHA256 | 4ed8eeb9c3e8abd8a3ae9a6e4a0da56d3bb513938555795256d73cbd578bbe17 |
| SHA512 | 4a00bd10f567a45b9a3332a50803002f4a089bc38b065657e2a921d505c0a10c4275add2d6c9b4c3ea6a5ba87ccff47140aad0222bef3fceac331de97cb1f273 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 67291f44c6d5cefde3102e4c37e841ac |
| SHA1 | 5a7539a5cfd7ba12f6b46f043e4c9c12c4a2731b |
| SHA256 | 7d7181c28343266b4dc8945dd0781ffdb9f2c0adbe0cb38db61dbd71e9a82228 |
| SHA512 | 52ae9a1f94720f25317af85493b93ee97d1b97ada06553538a862bbbad3441118a1a50ae801e0468e26fcc66fe11909bf05f1943a0cc399aaf754b69d8363ac5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e1
| MD5 | c6dbcc0422f27944f253081832cf771d |
| SHA1 | 7b07daa1c6a885eb59f208f213a76a367e3fc6a2 |
| SHA256 | a6127ea5e3388c4addec8a8529720e9b951101240ec4c3dc9f19979c751c6618 |
| SHA512 | 88bc43b7fd7273fa7717fe9e4cdf847e827f4f1aa2217bb3e78ba491c7814adc8ee3fbefcc71051b90f5301d8ab5f646977d6485f20081b5e6837a10d66619b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | afd9d736b73a142a2a8ead0b1b409a65 |
| SHA1 | 7b181d57b2a2e2934e0c0e8c650b9194273e32ed |
| SHA256 | 374a7967f02130cf4a2e99483188dc5bd65215fe144c5c5b51a0ae4f0bd4b56d |
| SHA512 | 424535b2969b55d2b5974955268a351399b61c774e789dab18ccd0ee2eb4c1be09d9770bd203fb5983144ebc9bab511fcca50b17a6ecd0adf0caab029727e02b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e7
| MD5 | bc0357f63ec3897144287298696287be |
| SHA1 | 4b7f00f75e9aa603ffc9631a1fb1cfe86be4cf6e |
| SHA256 | 91d8faa9456e69908520f2675e0867046f01333ac4659d0e541def0c866f35d7 |
| SHA512 | e1c44a213d2efb09f3e7ce3ebc1ffc6b3dd170506c36a72f2d14a701d8fb331f7543fe6d3684e8a9eeb9a6e43bd26991e47e364482215cf228464773e94bc09d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b70821717b952a54c09ae678c552f975 |
| SHA1 | 2cc46d220514dc670d1841e8054f4b011bee2364 |
| SHA256 | 5b5dcfe2c5d2ddac202d363e270a7d7a0267fdcbf3d2cfe44b5e0aadf6401a8a |
| SHA512 | c8c6c34fd3b431ba3e3390cd317cd5f0d81620ccb9f43861f58fbf7b16490cdaa8b84b46e9409facf47af3ec78c9c2fb17b68c4e4516f62b9b9b34d914158982 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e6
| MD5 | fc48cf248229ad8686eb77300a78daec |
| SHA1 | 296a0ca8f11e043acf0b005e8ade51656fb2af6e |
| SHA256 | 63bd216b1612653bcbd661cee187b56f2ec2f3587cba7e638793ffe6d48a1429 |
| SHA512 | 3fa41693e2824711e981cbb0945ae7b99299689946bfe30b722bbc2a6e14701743dbd3801c1edd9a5f83da2f23a01b5f4c4de30e8b2f08cdad0d9d0ca666cf4e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e8
| MD5 | 20adea22eec53811cc6bb3e6fb9648a1 |
| SHA1 | 89ccfb989609bb343bff0f260fbc28e78b0ae16a |
| SHA256 | d1b7f4208210049da4739648765e40bb8d8f0a7fd4e942df1d736e803739f5ea |
| SHA512 | 24342b4e909b88faa4b028aba8428bf4b3fac6203a61e74890a4c3439817444826c6d4785f0cef484b73c6116a9913c2980be3c59abaf2b3711942e1e53e6b55 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\0c9472b5-9495-4cf5-b6c2-feb42eaf1590.tmp
| MD5 | 28deff297495fae6c991a623fc1c2712 |
| SHA1 | 218d00192be9f71697587ec0568fa2db03c8892e |
| SHA256 | c1c582207f7a9e9d839798a8965b34578ea14d3080a7fd66121363d65bb9d9df |
| SHA512 | 36d8005cc7fbcdf24951b9b2582bf48de294624338e7c1a99c642e0760f433eb47b41870fd86268d59e1f6639b8fe3477c175ec2392697344078618d7763c5cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7b8eb6faa829d86562609805d2ede8ad |
| SHA1 | 2b3a6fde45ef1125e04c6e938ccc8f66c245f93d |
| SHA256 | 2ad92cefd6090b2fc7e36985664f1dcccad99ab815efc7808d38108d6830fd4e |
| SHA512 | bafa126da6839bfd0c4e0c0e77aa28a88d0eadfa63d3c746428104328b5c5dde43bbd4f941d40052cad9d37e3669ee9f3dde311045d4266071fe467d2dae197f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | af86dc80d7cf44099d0aaf7890a7987d |
| SHA1 | 552d4bab1504e7bb8e466f45e53c827e090b5ef5 |
| SHA256 | bca6764d3f59acba5e6ecae1b8d81b69c739995c7c1d14f8ef3183353d02dcef |
| SHA512 | 574f83bfa1454d48eb31256552f064f9eaada6eabb297df2f3096702f2d07317f4047abdfdd521372cee67938824e4d76859f7957661bfc26d2853c3bc6e4a3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe60b7cb.TMP
| MD5 | a1e037df256bfd00251bbcdd521c21f4 |
| SHA1 | ef4cfbbfea0546c6b4e63cc6dc6afc88b5877be1 |
| SHA256 | 2ea94709507c4f0231bae39c83783149b7729d3f73a7bc21baf9946e622158aa |
| SHA512 | d0828d1c8ec8d111fb68337264952ec3bd5a614c0a316b1254592d3ac4579ca70eaeeebbbf7b210aa86e9f8ece437397d25a3ba56ce207806e0074118cf14b40 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0cbfa1907541ae38b55360f2b9fa48ce |
| SHA1 | d612a810b021afa09b08502433107092fa6aa66b |
| SHA256 | 5ed2fbd2188cd49a0fb9951f5a34c08667ac3ac5dc177cf9ea21b369c90f98d6 |
| SHA512 | da6f24f1d611adf90dfe2ae1b28c8afe36901e8d15c001537bc466a7082082b29dd17139a8ad9e6903051acc0a4c939531bec0eef19a4ac59446f4ff517fc821 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\86d7688c-bb30-4cda-ae3b-160d4af6b8b6\index-dir\the-real-index
| MD5 | a027bab93ee3b962eb8b8b2148079037 |
| SHA1 | b62636d2ab61f33704e78884bfa006fe4334d8bd |
| SHA256 | 0b3be3c4c06d0e20e7c6614b3e32afb4d2969abbc959f4e3bcee9e940a160a9a |
| SHA512 | 5c2aba12743e09ac49fb6f1c6483142cf1693d58810b25f24e57c3f0b16862a1cde607a44eb948a118108be67c55ac79d17b50930c20a86a45820824d20b103e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\86d7688c-bb30-4cda-ae3b-160d4af6b8b6\index-dir\the-real-index~RFe60c383.TMP
| MD5 | 6b6e8f3c585ba7498df160fa5e94519a |
| SHA1 | b207f34684587fefbf317ee91c36090cc88ecd3a |
| SHA256 | 775ebc852cfc9f6b46fe3e54751916c3b90e0d2ee9a32df072a8b340c53a3e42 |
| SHA512 | 0df8ce2e1f1864bb9a5dc7820a430bbc616b04fefa59900e4ad5e6f66318eceba95978ca04c1d08f997416a58805ce0d4ebfa70ad3ac6c0f828852f4102a7b6f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 17c4e1029ceee19a79fb70bf317bd047 |
| SHA1 | fda54dd147e819e0d39a1d5921fbcb75eb371416 |
| SHA256 | f75f6db22711e84aaef457f218548d8106f8849f03245e388e29be5f928d68fa |
| SHA512 | aa81e5eaa2411be8dcc08074fc3ad17558050ce95a8e643234bdc02bce3b8486a7c5e786196388185e23af336e4607793616bfbae6364f62168437f908468135 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7af8f177c0f22fd17d5f401402a2ea6f |
| SHA1 | 83712d916269f45c30e9060c3e950d93798ab611 |
| SHA256 | 74357859cc042cf15789ef811a27b8b0d19080cd875bd56da58d75863db7dd39 |
| SHA512 | 3393dee8c0b769e055bfd5dbe6298c8d9e02ee576c030728b86c989dbf2f8b1346e65fd8b583071c6f8285347a242aa49152568d651eb9741bbdc76e8644e7b2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\cfb42958-ae17-4d6f-a45d-6d3a55228bd1\index-dir\the-real-index
| MD5 | 1dca40ca14ede1ebf2c5c048ce40ba8e |
| SHA1 | cfb64a5729f4bb1a9b351c7d280053e2169dd643 |
| SHA256 | ebf9c0e670bd54e51c807597260c15f45bd5d364ef1f6013685f0dcca96c8edf |
| SHA512 | a0b9a512ce3c8f4d36b1b9ee658ab2054eaa230f135fe722211f1f0efcec41d08c098a8b18ae9a337e662f873b915b6a77248849c1d6a7253bf6e1482656fbc6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 2a728ba8c586674d7df76754cf981656 |
| SHA1 | 6bbcebe58e86f8ff56892dd00921f40cccaf7ad1 |
| SHA256 | ee7c97329f60c267e735b036a9ceec7b8a27369c79c2cb225e2373c3c51ba3f3 |
| SHA512 | f1e985260fcc3f17ec11af0370ba6ebac2ee6a878a76889a4b52d133b423a54a2d8df05a30a5560e4e285203477ad5a585dc1cfa527343b0f395bf1b3fd217d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\cfb42958-ae17-4d6f-a45d-6d3a55228bd1\index-dir\the-real-index
| MD5 | df78f1eabc025e51be608d9ef3979891 |
| SHA1 | 4cfcb960b819410e62735191534ebf1c494647d1 |
| SHA256 | a975b5f5d7224754f2b57a52fa6a3c44c13fd37a01d9242b3ebbc6dd50120fcc |
| SHA512 | e8c9507e2390a27c00e5279af57da41e65f6133f832806831a0471cfe41041b4a9c54dc41516f62f73ad06413109be97adab13e93528916fd1e6a262e6c0b0ca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | d8a44fbcab7dee51147fc37430a60fd3 |
| SHA1 | 5bc0cb912c0b139046e20c2fcae321f8fbaf5533 |
| SHA256 | 2b045dcaa3cfb88023ebd4a3fb56b5401831d9b01e9517a2a076e719287144dc |
| SHA512 | c4bd8646321182917d2aef0f5d0f8040abf0af764dafd56b21d2c36b91247d485c17253d7f48c9f31f11c51d4fe6d0aced2abc15d7f05450370cbea99e14afdf |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-25 12:32
Reported
2024-06-25 12:34
Platform
win10-20240404-en
Max time kernel
65s
Max time network
66s
Command Line
Signatures
Detect Xworm Payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Xworm
Command and Scripting Interpreter: PowerShell
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Nursultan NextGen Crack.exe | N/A |
| N/A | N/A | C:\Users\Admin\wininit | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000\Software\Microsoft\Windows\CurrentVersion\Run\wininit = "C:\\Users\\Admin\\wininit" | C:\Users\Admin\AppData\Roaming\Nursultan NextGen Crack.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\System32\ras\SSTPProxy\ProxyConfig.xml | \??\c:\windows\system32\svchost.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\rescache\_merged\1601268389\715946058.pri | C:\Windows\system32\taskmgr.exe | N/A |
| File created | C:\Windows\INF\netsstpa.PNF | C:\Windows\system32\svchost.exe | N/A |
| File created | C:\Windows\INF\netrasa.PNF | \??\c:\windows\system32\svchost.exe | N/A |
| File created | C:\Windows\rescache\_merged\4183903823\2290032291.pri | C:\Windows\system32\taskmgr.exe | N/A |
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{afd97640-86a3-4210-b67c-289c41aabe55}\0003 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\CompatibleIDs | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\Properties\{4340a6c5-93fa-4706-972c-7b648008a5a7}\0008 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0008 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{80d81ea6-7473-4b0c-8216-efc11a2c4c8b}\0004 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Mfg | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\0038 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\Properties\{3464f7a4-2444-40b1-980a-e0903cb6d912}\0006 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000A | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{656a3bb3-ecc0-43fd-8477-4ae0404a96cd}\2003 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\CompatibleIDs | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{80d81ea6-7473-4b0c-8216-efc11a2c4c8b}\0004 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\004D | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\ConfigFlags | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\Properties\{656a3bb3-ecc0-43fd-8477-4ae0404a96cd}\2003 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\0052 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0008\ | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0005 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0004\ | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{3464f7a4-2444-40b1-980a-e0903cb6d912}\000A | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\0054 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\004C | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{3464f7a4-2444-40b1-980a-e0903cb6d912}\0006 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0004\ | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\0034 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\0055 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0008 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{80d81ea6-7473-4b0c-8216-efc11a2c4c8b}\0002 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\0065 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\000A | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{656a3bb3-ecc0-43fd-8477-4ae0404a96cd}\2002 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Capabilities | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0005 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0018 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0008 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\0054 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\0052 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{3b2ce006-5e61-4fde-bab8-9b8aac9b26df}\0008 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\0008 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0008 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\0055 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0002 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0005 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\0055 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0002 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\004C | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0004 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Mfg | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Capabilities | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{656a3bb3-ecc0-43fd-8477-4ae0404a96cd}\300A | C:\Windows\system32\svchost.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4288567808" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292311040" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365271" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292311040" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache | C:\Windows\system32\svchost.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = a6d8ff0076b9ed00429ce3000078d700005a9e000042750000264200f7630c00 | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365271" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections | C:\Windows\system32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent | C:\Windows\system32\LogonUI.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings | C:\Windows\system32\taskmgr.exe | N/A |
Scheduled Task/Job: Scheduled Task
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\schtasks.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Nursultan NextGen Crack.exe | N/A |
| N/A | N/A | C:\Windows\system32\LogonUI.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\Nursultan NextGen Crack.exe
"C:\Users\Admin\AppData\Local\Temp\Nursultan NextGen Crack.exe"
C:\Users\Admin\AppData\Roaming\Nursultan NextGen Crack.exe
"C:\Users\Admin\AppData\Roaming\Nursultan NextGen Crack.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Roaming\и.bat" "
C:\Windows\system32\chcp.com
chcp 65001
C:\Windows\system32\choice.exe
choice /c 12 /n /m "Enter your choice:"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\Nursultan NextGen Crack.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess 'Nursultan NextGen Crack.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\wininit'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess 'wininit'
C:\Windows\System32\schtasks.exe
"C:\Windows\System32\schtasks.exe" /create /f /RL HIGHEST /sc minute /mo 1 /tn "wininit" /tr "C:\Users\Admin\wininit"
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\wininit
C:\Users\Admin\wininit
C:\Windows\System32\SystemSettingsBroker.exe
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
\??\c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
\??\c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe -k localservice -s SstpSvc
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k netsvcs -s DsmSvc
\??\c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe -k netsvcs -s NetSetupSvc
\??\c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe -k netsvcs -s RasMan
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x0 /state0:0xa3a9c855 /state1:0x41c64e6d
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | seems-poet.gl.at.ply.gg | udp |
| US | 147.185.221.20:30996 | seems-poet.gl.at.ply.gg | tcp |
| US | 8.8.8.8:53 | 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa | udp |
| US | 8.8.8.8:53 | 20.221.185.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.169.36.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.72.42.20.in-addr.arpa | udp |
Files
memory/3080-0-0x00007FFA2E873000-0x00007FFA2E874000-memory.dmp
memory/3080-1-0x0000000000B70000-0x0000000000BAA000-memory.dmp
C:\Users\Admin\AppData\Roaming\Nursultan NextGen Crack.exe
| MD5 | a9aee64b701db5f8cfc3c963872403b4 |
| SHA1 | 48079f6822d84ea354f301cdb97d2ecb59552e06 |
| SHA256 | f46d7ae8973b42a0cb892c6aa8d6a559b4cc1d0c67b1d5df3072c4f7f77b53fb |
| SHA512 | 696e745d488841c3b1a55a350d754b69a1d6b0d83fd9eac247229239951b12bfd98d8cbbcbfffd567966495a10950040edd77398702763071f6eeb50f13a3a1e |
memory/3936-11-0x00000000006E0000-0x0000000000706000-memory.dmp
memory/3936-12-0x00007FFA2E870000-0x00007FFA2F25C000-memory.dmp
C:\Users\Admin\AppData\Roaming\и.bat
| MD5 | 9885bc1f632421f329efe28818361344 |
| SHA1 | 9d0838fa885728361703a6e2b36e2aa3603b05ce |
| SHA256 | 6a218880f23edb2a809ee20919f355f80ef4a0b545c3d79ffa8c848441eced7a |
| SHA512 | ddb5252457e9e02a91073f58662cd2eb72d670827f5173e8705c9e41d55a4ba4efdab80f24371ff61573d250f7b8463ce05f9cec7c48085dcacd38cd21e65203 |
memory/1412-18-0x0000024B76CE0000-0x0000024B76D02000-memory.dmp
memory/1412-21-0x0000024B76E90000-0x0000024B76F06000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_tiwcg4sy.4nx.ps1
| MD5 | c4ca4238a0b923820dcc509a6f75849b |
| SHA1 | 356a192b7913b04c54574d18c28d46e6395428ab |
| SHA256 | 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b |
| SHA512 | 4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a |
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\powershell.exe.log
| MD5 | 8592ba100a78835a6b94d5949e13dfc1 |
| SHA1 | 63e901200ab9a57c7dd4c078d7f75dcd3b357020 |
| SHA256 | fdd7d9def6f9f0c0f2e60dbc8a2d1999071cd7d3095e9e087bb1cda7a614ac3c |
| SHA512 | 87f98e6cb61b2a2a7d65710c4d33881d89715eb7a06e00d492259f35c3902498baabffc5886be0ec5a14312ad4c262e3fc40cd3a5cb91701af0fb229726b88c3 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
| MD5 | 12ce32cdb860ea27c099070bd8739917 |
| SHA1 | 0316c3dcd8f5926dc125427a2220526e53b2b1c6 |
| SHA256 | cea8621365f1e4a19ccdbc46ef431635352d68753fc939f7412df3181080f6bd |
| SHA512 | 69da9c85c8068dfcef7267154215047aa3743a80724b60558f22c66237e04b24737d14dea19b7d8d8a7236da32d4fe9b4a48af04f22f61f54c5a69af1bc0ca95 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
| MD5 | fb6b64deea4445c121679e036fc13dee |
| SHA1 | 6593f0e9d74e2ae1f0ec77453c3dd87a477c5613 |
| SHA256 | 6da7ec37fdf868840e54b50cceeaa04032f72edfccdb8529b81dc281c0b9f73c |
| SHA512 | f40a76c8647415fcfe9a981f4df859f488c6c6efa322d83a88158e57858cd66e9aac9c1b1922272a9590fee20c8460f65f658279a3529997c34e6aa98ab7afdb |
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
| MD5 | 3bcbf6342024a05b802f3cb7cd7cd25c |
| SHA1 | 462acfb1ddab09bfd40a7380ab91c7b41b5f43b1 |
| SHA256 | 2eaca320e58da69ba5c49f9aab231a29a7e27cf00c9026f5cd5fdc56aca5f31a |
| SHA512 | b0a890ed73c861c8ce9680ccc43b80e67ce9e8f142506144c4e3018e16c6110d7e339cf1dcb4ab26fb59968b6fa7ea52cdbc9d1134140ff1f9301bf1e2b1bc1a |
memory/3936-190-0x00007FFA2E870000-0x00007FFA2F25C000-memory.dmp
memory/3936-197-0x00007FFA2E870000-0x00007FFA2F25C000-memory.dmp
memory/3936-200-0x00007FFA2E870000-0x00007FFA2F25C000-memory.dmp
C:\Windows\System32\iv1hm7.exe
| MD5 | e79cbf4b8cef12fc28460c57083f1186 |
| SHA1 | 3ef31989b8d2199edd8e01997656ce4e0dd5e18d |
| SHA256 | d95c7b2e5cac794ad6116e26a9bd394164c2f29775cd8d419d57b513ab974bc2 |
| SHA512 | a43193ff935df9dc4ac0cd1c1d3f51a50d8a17f518af18a47ce67a825b0e6065a5b8cb05cd2d44e746c863bc4b5232facffd250d836a13ca7417ee4d50f4e06d |
C:\Windows\INF\netsstpa.PNF
| MD5 | 01e21456e8000bab92907eec3b3aeea9 |
| SHA1 | 39b34fe438352f7b095e24c89968fca48b8ce11c |
| SHA256 | 35ad0403fdef3fce3ef5cd311c72fef2a95a317297a53c02735cda4bd6e0c74f |
| SHA512 | 9d5153450e8fe3f51f20472bae4a2ab2fed43fad61a89b04a70325559f6ffed935dd72212671cc6cfc0288458d359bc71567f0d9af8e5770d696adc5bdadd7ec |
C:\Windows\INF\netrasa.PNF
| MD5 | 80648b43d233468718d717d10187b68d |
| SHA1 | a1736e8f0e408ce705722ce097d1adb24ebffc45 |
| SHA256 | 8ab9a39457507e405ade5ef9d723e0f89bc46d8d8b33d354b00d95847f098380 |
| SHA512 | eec0ac7e7abcf87b3f0f4522b0dd95c658327afb866ceecff3c9ff0812a521201d729dd71d43f3ac46536f8435d4a49ac157b6282077c7c1940a6668f3b3aea9 |
memory/3936-213-0x00007FFA2E870000-0x00007FFA2F25C000-memory.dmp