Analysis Overview
SHA256
c13a0cd7c2c2fd577703bff026b72ed81b51266afa047328c8ff1c4a4d965c97
Threat Level: Known bad
The file release.zip was found to be: Known bad.
Malicious Activity Summary
Discord RAT
Discordrat family
Checks computer location settings
Executes dropped EXE
Legitimate hosting services abused for malware hosting/C2
Unsigned PE
Enumerates physical storage devices
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Suspicious use of FindShellTrayWindow
Suspicious behavior: EnumeratesProcesses
Enumerates system info in registry
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Suspicious use of SetWindowsHookEx
Modifies data under HKEY_USERS
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-06-28 18:22
Signatures
Discordrat family
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Analysis: behavioral4
Detonation Overview
Submitted
2024-06-28 18:22
Reported
2024-06-28 18:53
Platform
win10v2004-20240508-en
Max time kernel
449s
Max time network
1175s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\dnlib.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.15.104.51.in-addr.arpa | udp |
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-28 18:22
Reported
2024-06-28 18:53
Platform
win10v2004-20240508-en
Max time kernel
447s
Max time network
1171s
Command Line
Signatures
Processes
C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\release.zip
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.117.168.52.in-addr.arpa | udp |
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-28 18:22
Reported
2024-06-28 18:53
Platform
win10v2004-20240226-en
Max time kernel
1793s
Max time network
1802s
Command Line
Signatures
Discord RAT
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\Release\Discord rat.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\Release\Discord rat.exe
"C:\Users\Admin\AppData\Local\Temp\Release\Discord rat.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4120 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1408 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | gateway.discord.gg | udp |
| US | 162.159.133.234:443 | gateway.discord.gg | tcp |
| US | 8.8.8.8:53 | 234.133.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| GB | 142.250.187.234:443 | chromewebstore.googleapis.com | tcp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 8.8.8.8:53 | i.pki.goog | udp |
| US | 8.8.8.8:53 | i.pki.goog | udp |
| GB | 172.217.169.67:80 | i.pki.goog | tcp |
| US | 8.8.8.8:53 | 234.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.12.20.2.in-addr.arpa | udp |
| US | 13.107.246.64:443 | tcp | |
| US | 8.8.8.8:53 | 80.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.16.208.104.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 164.189.21.2.in-addr.arpa | udp |
Files
memory/868-0-0x00007FFDB9F93000-0x00007FFDB9F95000-memory.dmp
memory/868-1-0x000001E3DFDB0000-0x000001E3DFDC8000-memory.dmp
memory/868-2-0x000001E3FA3C0000-0x000001E3FA582000-memory.dmp
memory/868-3-0x00007FFDB9F90000-0x00007FFDBAA51000-memory.dmp
memory/868-4-0x000001E3FAD00000-0x000001E3FB228000-memory.dmp
memory/868-5-0x000001E3FA1F0000-0x000001E3FA2F2000-memory.dmp
memory/868-7-0x00007FFDB9F93000-0x00007FFDB9F95000-memory.dmp
memory/868-8-0x00007FFDB9F90000-0x00007FFDBAA51000-memory.dmp
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-28 18:22
Reported
2024-06-28 18:28
Platform
win10v2004-20240508-en
Max time kernel
319s
Max time network
327s
Command Line
Signatures
Discord RAT
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\Client-built.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Client-built.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133640727228371047" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292311040" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "137" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4288567808" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292311040" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = a6d8ff0076b9ed00429ce3000078d700005a9e000042750000264200f7630c00 | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365271" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365271" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" | C:\Windows\system32\LogonUI.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\LogonUI.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\builder.exe
"C:\Users\Admin\AppData\Local\Temp\builder.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=3760,i,13035806169561352434,1332896185314862791,262144 --variations-seed-version --mojo-platform-channel-handle=4156 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffcb7edab58,0x7ffcb7edab68,0x7ffcb7edab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1752 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2288 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3132 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3140 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=1740 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4524 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4644 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4756 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4940 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5104 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2392 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5068 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3400 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4244 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4476 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4356 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=3384 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=3144 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=3408 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=2460 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5228 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5348 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5500 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5544 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=5832 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5920 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=6260 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=6404 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=5788 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=6712 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=6880 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=7036 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=7184 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=7396 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=7536 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=7388 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=7392 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=6988 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=6980 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=6976 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=4796 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=5332 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=7308 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=5652 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=5544 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=5312 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=5824 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=7008 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=5876 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=7380 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=7368 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=3380 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=5172 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6412 --field-trial-handle=1940,i,13304559130201144305,15558506323926235876,131072 /prefetch:2
C:\Users\Admin\AppData\Local\Temp\Client-built.exe
"C:\Users\Admin\AppData\Local\Temp\Client-built.exe"
C:\Windows\System32\shutdown.exe
"C:\Windows\System32\shutdown.exe" /s /t 0
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa390a855 /state1:0x41c64e6d
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.142.211.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pastebin.com | udp |
| US | 104.20.4.235:443 | pastebin.com | tcp |
| US | 104.20.4.235:443 | pastebin.com | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.17.2.184:443 | challenges.cloudflare.com | tcp |
| US | 104.17.2.184:443 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | 235.4.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.2.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | services.vlitag.com | udp |
| US | 172.67.21.227:443 | services.vlitag.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 172.67.21.227:443 | services.vlitag.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.21.67.172.in-addr.arpa | udp |
| GB | 142.250.187.202:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | dsp.vlitag.com | udp |
| US | 8.8.8.8:53 | cmp.inmobi.com | udp |
| US | 8.8.8.8:53 | s3.vlitag.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| GB | 18.244.114.32:443 | cmp.inmobi.com | tcp |
| GB | 54.192.139.162:443 | c.amazon-adsystem.com | tcp |
| GB | 142.250.187.202:443 | imasdk.googleapis.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| GB | 54.192.139.162:443 | c.amazon-adsystem.com | tcp |
| GB | 18.244.114.32:443 | cmp.inmobi.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| GB | 52.84.90.40:443 | config.aps.amazon-adsystem.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| GB | 18.245.220.173:443 | aax.amazon-adsystem.com | tcp |
| GB | 18.245.220.173:443 | aax.amazon-adsystem.com | tcp |
| GB | 18.245.220.173:443 | aax.amazon-adsystem.com | tcp |
| GB | 18.245.220.173:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | px.vliplatform.com | udp |
| DE | 141.101.120.11:443 | px.vliplatform.com | tcp |
| DE | 141.101.120.11:443 | px.vliplatform.com | tcp |
| DE | 141.101.120.11:443 | px.vliplatform.com | tcp |
| DE | 141.101.120.11:443 | px.vliplatform.com | tcp |
| DE | 141.101.120.11:443 | px.vliplatform.com | tcp |
| DE | 141.101.120.11:443 | px.vliplatform.com | tcp |
| US | 8.8.8.8:53 | api.cmp.inmobi.com | udp |
| DE | 52.28.237.142:443 | api.cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.139.192.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.90.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.220.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.120.101.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.237.28.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.114.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | prebid-eu.creativecdn.com | udp |
| US | 8.8.8.8:53 | shb.richaudience.com | udp |
| US | 8.8.8.8:53 | exchange.cootlogix.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | useast.quantumdex.io | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| NL | 185.184.8.90:443 | prebid-eu.creativecdn.com | tcp |
| NL | 185.184.8.90:443 | prebid-eu.creativecdn.com | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| DE | 157.90.0.38:443 | shb.richaudience.com | tcp |
| DE | 157.90.0.38:443 | shb.richaudience.com | tcp |
| DE | 157.90.0.38:443 | shb.richaudience.com | tcp |
| US | 143.244.153.54:443 | exchange.cootlogix.com | tcp |
| US | 143.244.153.54:443 | exchange.cootlogix.com | tcp |
| DE | 141.101.120.11:443 | px.vliplatform.com | udp |
| NL | 185.89.210.141:443 | ib.adnxs.com | tcp |
| NL | 185.89.210.141:443 | ib.adnxs.com | tcp |
| US | 172.67.42.201:443 | useast.quantumdex.io | tcp |
| US | 172.67.42.201:443 | useast.quantumdex.io | tcp |
| IE | 52.48.138.35:443 | ap.lijit.com | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| US | 143.244.153.54:443 | exchange.cootlogix.com | tcp |
| US | 8.8.8.8:53 | a.teads.tv | udp |
| BE | 104.90.25.54:443 | a.teads.tv | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 8.8.8.8:53 | connectid.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| GB | 18.245.255.11:443 | cdn.prod.uidapi.com | tcp |
| GB | 18.245.162.16:443 | connectid.analytics.yahoo.com | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| US | 8.8.8.8:53 | e6b03b8a7c48b780e2393cd528a18637.safeframe.googlesyndication.com | udp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 172.67.42.201:443 | useast.quantumdex.io | udp |
| GB | 18.245.143.118:443 | tags.crwdcntrl.net | tcp |
| GB | 172.217.169.65:443 | e6b03b8a7c48b780e2393cd528a18637.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| US | 34.120.107.143:443 | oajs.openx.net | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| DE | 162.19.138.83:443 | id5-sync.com | tcp |
| IE | 52.49.45.15:443 | bcp.crwdcntrl.net | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 34.120.107.143:443 | oajs.openx.net | udp |
| US | 8.8.8.8:53 | 8proof.com | udp |
| US | 8.8.8.8:53 | storage.googleapis.com | udp |
| US | 52.116.53.150:443 | 8proof.com | tcp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| GB | 216.58.204.91:443 | storage.googleapis.com | tcp |
| GB | 216.58.204.91:443 | storage.googleapis.com | tcp |
| US | 34.98.64.218:443 | google-bidout-d.openx.net | tcp |
| US | 8.8.8.8:53 | 169.8.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.42.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.0.90.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.138.48.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.153.244.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.25.90.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.23.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.255.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.162.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.35.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.53.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.143.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.107.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.45.49.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | adsystem.pocpoc.io | udp |
| US | 8.8.8.8:53 | px.pocpoc.io | udp |
| US | 104.26.15.167:443 | px.pocpoc.io | tcp |
| US | 104.26.14.167:443 | px.pocpoc.io | tcp |
| US | 52.116.53.150:443 | 8proof.com | tcp |
| US | 8.8.8.8:53 | static.vliplatform.com | udp |
| US | 8.8.8.8:53 | odb.outbrain.com | udp |
| US | 151.101.190.132:443 | odb.outbrain.com | tcp |
| US | 8.8.8.8:53 | widgets.outbrain.com | udp |
| US | 8.8.8.8:53 | images.outbrainimg.com | udp |
| US | 8.8.8.8:53 | mcdp-chidc2.outbrain.com | udp |
| US | 8.8.8.8:53 | log.outbrainimg.com | udp |
| GB | 2.21.190.8:443 | images.outbrainimg.com | tcp |
| GB | 2.21.189.145:443 | widgets.outbrain.com | tcp |
| GB | 2.21.189.145:443 | widgets.outbrain.com | tcp |
| US | 50.31.142.31:443 | mcdp-chidc2.outbrain.com | tcp |
| US | 64.74.236.223:443 | log.outbrainimg.com | tcp |
| US | 8.8.8.8:53 | 91.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.53.116.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.15.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.14.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.190.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.190.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.142.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.236.74.64.in-addr.arpa | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| DE | 162.19.138.83:443 | id5-sync.com | tcp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | sync.quantumdex.io | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | sync.cootlogix.com | udp |
| DE | 162.55.233.28:443 | sync.richaudience.com | tcp |
| US | 151.101.193.108:443 | acdn.adnxs.com | tcp |
| US | 192.81.208.46:443 | sync.cootlogix.com | tcp |
| US | 8.8.8.8:53 | c3.a-mo.net | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 79.127.216.47:443 | c3.a-mo.net | tcp |
| US | 8.8.8.8:53 | ssp.disqus.com | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 3.222.168.221:443 | ssp.disqus.com | tcp |
| US | 8.8.8.8:53 | sync.adkernel.com | udp |
| DE | 3.65.142.90:443 | match.sharethrough.com | tcp |
| GB | 108.156.39.126:443 | s.ad.smaato.net | tcp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| DE | 162.55.233.28:443 | sync.richaudience.com | tcp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 3.86.75.19:443 | cs-server-s2s.yellowblue.io | tcp |
| DE | 51.89.9.253:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | tcp |
| US | 8.8.8.8:53 | ads.betweendigital.com | udp |
| NL | 188.42.34.65:443 | ads.betweendigital.com | tcp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | udp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | 47.216.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.208.81.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.57.245.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.142.65.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.168.222.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.75.86.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| GB | 2.21.188.239:443 | ads.pubmatic.com | tcp |
| DE | 51.89.9.253:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | eexsync.com | udp |
| US | 80.77.87.108:443 | eexsync.com | tcp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | trace.mediago.io | udp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| DE | 162.55.233.28:443 | sync.richaudience.com | tcp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 209.54.182.161:443 | s.amazon-adsystem.com | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | vid.vidoomy.com | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 35.208.249.213:443 | trace.mediago.io | tcp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| FR | 154.54.250.81:443 | ads.stickyadstv.com | tcp |
| FR | 154.54.250.81:443 | ads.stickyadstv.com | tcp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| FR | 154.54.250.81:443 | ads.stickyadstv.com | tcp |
| US | 50.31.142.255:443 | b1sync.zemanta.com | tcp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| GB | 89.187.167.8:443 | vid.vidoomy.com | tcp |
| US | 80.77.87.166:443 | cs.admanmedia.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 74.121.140.211:443 | sync.mathtag.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| FR | 5.196.111.69:443 | ssbsync-global.smartadserver.com | tcp |
| US | 172.67.40.173:443 | spl.zeotap.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| US | 209.54.182.161:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | crt.sectigo.com | udp |
| US | 8.8.8.8:53 | cacerts.rapidssl.com | udp |
| US | 104.18.38.233:80 | crt.sectigo.com | tcp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 8.8.8.8:53 | cs.yellowblue.io | udp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| IE | 3.248.68.207:443 | cs.yellowblue.io | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| IE | 54.229.168.32:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 54.144.178.48:443 | sync.srv.stackadapt.com | tcp |
| US | 54.144.178.48:443 | sync.srv.stackadapt.com | tcp |
| US | 54.144.178.48:443 | sync.srv.stackadapt.com | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| NL | 198.47.127.205:443 | image2.pubmatic.com | tcp |
| NL | 198.47.127.205:443 | image2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 52.94.223.167:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 8.8.8.8:53 | simage2.pubmatic.com | udp |
| DE | 91.228.74.244:443 | cms.quantserve.com | tcp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | cr.frontend.weborama.fr | udp |
| US | 8.8.8.8:53 | mwzeom.zeotap.com | udp |
| US | 8.8.8.8:53 | um.simpli.fi | udp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | tcp |
| NL | 34.91.62.186:443 | um.simpli.fi | tcp |
| FR | 178.32.197.57:443 | sync.smartadserver.com | tcp |
| IE | 52.213.140.249:443 | match.prod.bidr.io | tcp |
| US | 172.67.14.119:443 | csync.smilewanted.com | tcp |
| DK | 37.157.6.233:443 | c1.adform.net | tcp |
| FR | 178.32.197.57:443 | sync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | image4.pubmatic.com | udp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | udp |
| NL | 198.47.127.20:443 | image4.pubmatic.com | tcp |
| US | 8.8.8.8:53 | idsync.frontend.weborama.fr | udp |
| US | 34.111.131.239:443 | idsync.frontend.weborama.fr | tcp |
| FR | 178.32.197.57:443 | sync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 65.34.42.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.188.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.233.55.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.250.54.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.167.187.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.62.75.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.40.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.111.196.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.182.54.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 255.142.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.140.121.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.249.208.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.68.248.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.168.229.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.178.144.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.223.94.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.129.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.197.32.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.62.91.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.14.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.140.213.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | vpaid.vidoomy.com | udp |
| GB | 89.187.167.3:443 | vpaid.vidoomy.com | tcp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 8.8.8.8:53 | a.vidoomy.com | udp |
| ES | 212.36.83.245:443 | a.vidoomy.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | pixel.tapad.com | udp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| US | 8.8.8.8:53 | 239.131.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.167.187.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 245.83.36.212.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.113.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | simage4.pubmatic.com | udp |
| GB | 185.64.190.81:443 | simage4.pubmatic.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 81.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csm.nl3.eu.criteo.net | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a47df0730987c98c7f85d865655f95aa.safeframe.googlesyndication.com | udp |
| US | 104.26.14.167:443 | px.pocpoc.io | udp |
| US | 104.26.15.167:443 | px.pocpoc.io | udp |
| DE | 79.127.216.47:443 | c3.a-mo.net | tcp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 79.127.216.47:443 | c3.a-mo.net | tcp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| US | 8.8.8.8:53 | z.cdn.adtarget.me | udp |
| US | 8.8.8.8:53 | nr.bidderstack.com | udp |
| US | 8.8.8.8:53 | inv-nets.admixer.net | udp |
| US | 8.8.8.8:53 | cache.betweendigital.com | udp |
| DE | 195.201.240.61:443 | nr.bidderstack.com | tcp |
| NL | 81.171.9.38:443 | z.cdn.adtarget.me | tcp |
| DE | 116.202.167.133:443 | inv-nets.admixer.net | tcp |
| IE | 52.213.140.249:443 | match.prod.bidr.io | tcp |
| US | 50.31.142.255:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | triplelift-match.dotomi.com | udp |
| DE | 151.236.71.142:443 | cache.betweendigital.com | tcp |
| NL | 63.215.202.140:443 | triplelift-match.dotomi.com | tcp |
| NL | 212.7.203.129:443 | z.cdn.adpool.bet | tcp |
| US | 8.8.8.8:53 | exchange.buzzoola.com | udp |
| DE | 144.76.119.17:443 | exchange.buzzoola.com | tcp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| US | 8.8.8.8:53 | sync.bumlam.com | udp |
| DE | 31.172.81.146:443 | sync.bumlam.com | tcp |
| US | 8.8.8.8:53 | x01.aidata.io | udp |
| RU | 89.108.120.76:443 | x01.aidata.io | tcp |
| US | 8.8.8.8:53 | 38.9.171.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.240.201.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.167.202.116.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.71.236.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.119.76.144.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.203.7.212.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.81.172.31.in-addr.arpa | udp |
| US | 8.8.8.8:53 | an.yandex.ru | udp |
| RU | 87.250.250.90:443 | an.yandex.ru | tcp |
| US | 8.8.8.8:53 | yandex.ru | udp |
| RU | 77.88.44.55:443 | yandex.ru | tcp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| ES | 23.60.223.190:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| BE | 104.90.26.20:443 | eus.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 90.250.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.120.108.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.tns-counter.ru | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| RU | 194.226.130.226:443 | www.tns-counter.ru | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 209.54.182.161:443 | s.amazon-adsystem.com | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 34.111.113.62:443 | pixel.tapad.com | udp |
| US | 8.8.8.8:53 | live.primis.tech | udp |
| NL | 145.40.97.66:443 | prebid.a-mo.net | tcp |
| GB | 99.84.9.59:443 | live.primis.tech | tcp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| US | 209.54.182.161:443 | s.amazon-adsystem.com | tcp |
| US | 52.7.6.175:443 | sync.ipredictive.com | tcp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| IE | 34.253.176.232:443 | ce.lijit.com | tcp |
| US | 8.8.8.8:53 | 55.44.88.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.223.60.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.26.90.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.130.226.194.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.6.7.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.176.253.34.in-addr.arpa | udp |
| FR | 178.32.197.56:443 | sync.smartadserver.com | tcp |
| FR | 178.32.197.56:443 | sync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 56.197.32.178.in-addr.arpa | udp |
| NL | 185.89.210.141:443 | ib.adnxs.com | tcp |
| IE | 52.213.140.249:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 8.8.8.8:53 | trace-eu.mediago.io | udp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| NL | 35.214.152.46:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | sync-amz.ads.yieldmo.com | udp |
| IE | 54.229.31.146:443 | sync-amz.ads.yieldmo.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | pm.w55c.net | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| IE | 54.195.105.36:443 | pm.w55c.net | tcp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| FR | 91.134.110.132:443 | ssbsync.smartadserver.com | tcp |
| IE | 52.94.223.167:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 52.94.223.167:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 52.94.223.167:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 52.94.223.167:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| IE | 52.94.223.167:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | ums.acuityplatform.com | udp |
| US | 8.8.8.8:53 | data.adsrvr.org | udp |
| IE | 54.76.50.31:443 | ads.yieldmo.com | tcp |
| IE | 54.76.50.31:443 | ads.yieldmo.com | tcp |
| IE | 54.76.50.31:443 | ads.yieldmo.com | tcp |
| IE | 54.76.50.31:443 | ads.yieldmo.com | tcp |
| NL | 154.59.122.79:443 | ums.acuityplatform.com | tcp |
| US | 8.8.8.8:53 | ad.turn.com | udp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 8.8.8.8:53 | sync.targeting.unrulymedia.com | udp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | 80.168.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.152.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.31.229.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.105.195.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.110.134.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.50.76.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.122.59.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.164.228.46.in-addr.arpa | udp |
| FR | 164.132.25.185:443 | sync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 185.25.132.164.in-addr.arpa | udp |
| NL | 185.89.210.141:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 192.178.49.163:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 163.49.178.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | adsdk.microsoft.com | udp |
| US | 8.8.8.8:53 | cdn.adnxs.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 13.107.246.64:443 | adsdk.microsoft.com | tcp |
| GB | 2.21.188.221:443 | cdn.adnxs.com | tcp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | 221.188.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.61.62.23.in-addr.arpa | udp |
| US | 192.178.49.163:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | gateway.discord.gg | udp |
| US | 162.159.134.234:443 | gateway.discord.gg | tcp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | geolocation-db.com | udp |
| DE | 159.89.102.253:443 | geolocation-db.com | tcp |
| US | 8.8.8.8:53 | 234.134.159.162.in-addr.arpa | udp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | 232.137.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.102.89.159.in-addr.arpa | udp |
| NL | 185.89.210.141:443 | ams3-ib.adnxs.com | tcp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 162.159.137.232:443 | discord.com | tcp |
Files
memory/3332-0-0x000000007467E000-0x000000007467F000-memory.dmp
memory/3332-1-0x0000000000280000-0x0000000000288000-memory.dmp
memory/3332-2-0x0000000005230000-0x00000000057D4000-memory.dmp
memory/3332-3-0x0000000004C80000-0x0000000004D12000-memory.dmp
memory/3332-4-0x0000000004D30000-0x0000000004D3A000-memory.dmp
memory/3332-5-0x0000000074670000-0x0000000074E20000-memory.dmp
memory/3332-6-0x000000007467E000-0x000000007467F000-memory.dmp
memory/3332-7-0x0000000074670000-0x0000000074E20000-memory.dmp
\??\pipe\crashpad_5072_QFZJWWCBMRSDQWBC
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | aa61f86792b92fabc8d76a3c51fd00d3 |
| SHA1 | 80cc45b36001349b710c7804fc1388fb97a26878 |
| SHA256 | 273939a63eb41fdeaf743fdf7f71fb2125797b80e7e6bfb0114b44911962d3dc |
| SHA512 | 62f86b819294e8384eda6cfcb5f99e42946f4c9583689744e1dfa2aea0c2089da59c9895f40e707a86b48083f6dd0b0aa28dd5c3b0c1fe971a0d8a715afb33db |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8632e86284f4e7fd7a18595db600823f |
| SHA1 | de5cfa4bf7b9a4ba4f852485453e97bbe0e43b7d |
| SHA256 | 26fe8517105a759f1ebc70a77e38a05cd126252655da6238812482ed9eb8de19 |
| SHA512 | 22effe777f9c742c31f6f015c1eccef1b01659eedd024f5e48af8d205c28cb85c4a621149099f5a619c485c89f78752ef5168f5d792b2bd95fba296475f815f1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c3caa35a482254f8a2b62e1559b8f1d3 |
| SHA1 | 567d3a7285c0333951aec6b40df2ae737aa66d59 |
| SHA256 | a8ca305e30fd498e1b9db4c414a2540fbee17745e9c72ff9d882ce3202aae8b7 |
| SHA512 | 9f39eeea2c1757d6b198e266d4bb3e648e693325c2b3de9a22889fe518544b1092dd24f8dbc145e91c3993ac475a3e6ad3994d04f3d34a8fbb54855ad4ae675e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | c7281bc3a1de362c9c6163e04d8b0655 |
| SHA1 | 347b149ba4e5c427585d0fd22be5cc8497180fd1 |
| SHA256 | c3a43c4090aea0b068ff1461d74632d44e1cc57d72db453fc37a86c7d9f490f0 |
| SHA512 | 7da802a2111966413acafa06fde48959e2ee14aadca24a0ee30394cd3be79d0e17fa64481692f1b798c9f100b037112f4044553cd30981ff8801c692e1cfc291 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fa846d2ab7a86ae36fad3b11e8142652 |
| SHA1 | 876baf4e20bc506d0d867071d83ddcdd806bb874 |
| SHA256 | 9fc0cffbb13e93b6ca2cb66fdee3cd571b9d017ce2dcafd8e66bb23779e83f4e |
| SHA512 | d00584caba5f142565e916cc066e797ee0689df84be61a04986bde9e62cb3209d5b88450552329cf44c1aed09abbc7afcdd75582287932bd85b50b32a3f3d907 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | e8cd7f178ece403ea23ed7013e073f4b |
| SHA1 | 77aeb1bad363373368d3192d8ca47e95804ac9a0 |
| SHA256 | 3645555477975bbe121c358cc0b20c416bd47f939f20a4aa3fd3f4c19be9f863 |
| SHA512 | ba0fd9fa65402ad8ea76570d75acc93fe239becf4b7755f3b5d2e7c3267ebbd0875ceacb3f1c52d3733bec852e1d2330fbb99d395305a6fcbb0cc12d816e125e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5a8f22.TMP
| MD5 | af259d720d0fd49051eac3818398b14e |
| SHA1 | 24a666e27c34dad9eab7d8530c680c890b08dd20 |
| SHA256 | b45ae04ed1d99dfb7ce4140b4682352791341b21db422d16ac7625d1bfff87b5 |
| SHA512 | 711e6cccd1bad95141f7ae46605b784cf49b02965f88b10e8d9e9586482fefb2bbe591117d721e8be4ad5bd046c02e95391191a76909c675a817990451556cae |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2e5977919ba024f87db20c5f84bd443b |
| SHA1 | c90ca62423e012e20590722458ca233492d59500 |
| SHA256 | c82bbd522937764b6b93da0542d0b2299a884e2abc8b930347008948d5b84f93 |
| SHA512 | eb2f37dbc0d46359e6441ca2a07818d5aec67d85f56b0964f477489b7ce4be17ee6342c8d2fdb6def78e88f1ce31cf539a21277c67364edb7b93e13a7d1552f1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 809c89e1aeb6cb3f2e03d4a484b0c134 |
| SHA1 | 1b44df38cfcf1c8b5240f6d01df5174dcacc8c14 |
| SHA256 | 67ef32e9b26576acef3da4658e614e9e57dda9cae661c82146793cdd69ce62fe |
| SHA512 | 2d9febb0fe4c28d4ccbf4746f1b28b7057cbd2af471d16492b0713d9dd8826bf5533d49c948620f9938d3894a6c6975140cc84873ab90951ee7f2ae5f961b9f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4537659c2200c975acef2d5ab8c95739 |
| SHA1 | bd293a446a0f3de6fcbb0d2625ef4529fab96824 |
| SHA256 | a3e85be179d6af7e815f4838591b89da1c13cd6b8163da73add5123251e631a0 |
| SHA512 | bcebca88ca89fd9979e87de78b7d1adc5fedbbeab5eca079d70dc6e03e860e24d472bf0e6991adef9ffdfb1833af479f33743cc0c8b3980df7a78d045133a69f |
memory/3332-410-0x0000000006110000-0x0000000006232000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 663eac0ac1e97c8395eb429872351f42 |
| SHA1 | 1715270897e9d180ad7c4f900486f5aa32b461b3 |
| SHA256 | 82ca9241dc3f3014ec5fc31c53b4756780f9713377f8d4e6b4cc69beb5a932c5 |
| SHA512 | 619e9eed3bac2851ba6b70b3b28aaf3133a766bc3f7680c928fb730cd46b42bdd8459f5304147211a32168bad6586db296b8183fab110f754d3937ceed9c5b05 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 73b6376a2b2a8fde2288d70e379aaf2f |
| SHA1 | 93afffb304d94b373de19834090be5524e2d1b84 |
| SHA256 | a7c4be6bc14f21c497a77a17fa8138480efd960f4ebe7230fb1bf49b3e2e800c |
| SHA512 | 02b4b719c1397b66063d43db86ac22971d74d9e1657b55cb88ffe4aa5bd748340fd2bc464fdb45dbaacd81a53741f672b8f8c555e27420f5ea6aac8b10497acf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 01740179f81a74da8963fc7d149a890b |
| SHA1 | 4deab82dcc05c22d95d26a78ec2b24580d7abddc |
| SHA256 | 59ef47981ad4a6decd976c75bb786c8c61e859fb731407b25e226402bd64da11 |
| SHA512 | 69c020c5a0e6332ce2b3982b5107f1e61f6a04f4a1f354d9999122712bc45a9c0acd33520fd0d6a5c04758b00940e2e6af3be6406b7df860006102d81551f7a7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 998893332904efa8f77f79ec110b8bae |
| SHA1 | 66bf534df10b5043eb862f0a43a6f3bdccf5ac28 |
| SHA256 | 82a39a919ee13504b8a3369dcf0dbd72da12038ce23a56d0ffdf8cb8659c62eb |
| SHA512 | b9ec36ecdc1ccf9c7fbb33087527dbaf4d5b9826ea180678dd4e1153d7f6a1de4ace4188a27849186d6062cab8f48beaf1a5790bea9b077cb1c9d5fd7014b45c |
C:\Users\Admin\AppData\Local\Temp\Client-built.exe
| MD5 | 9f8192bca777a039d99372a530cdb635 |
| SHA1 | a2556acb2ef8989c7d1b07d1744a0b5fd7f58a68 |
| SHA256 | 9d75cc219fc049368f2dcd1a0e2b6d770c5c00e25e9fcaa43cbffb64beec2f4f |
| SHA512 | 9e32db23374ac09ef4833fd1b5e603c294842dc380daca3aa6f2cf27d5be9df081634c589b97f7850c7eadbf672bf3ad5a2f580b6dbb570a68f7280524de3f81 |
memory/5080-475-0x00007FFCA45B3000-0x00007FFCA45B5000-memory.dmp
memory/5080-476-0x0000024BBA350000-0x0000024BBA368000-memory.dmp
memory/5080-477-0x0000024BD4A20000-0x0000024BD4BE2000-memory.dmp
memory/5080-478-0x0000024BD5220000-0x0000024BD5748000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2797923086797b813717842144938d17 |
| SHA1 | 5047812ff248bd26e3d350d1f213610a602b7264 |
| SHA256 | 0a8a51934736ae3eac692695c4ba9da22978ac1c8434a78221d5c8656cb76956 |
| SHA512 | 76c1b51b8c6680dc1806fe5ef424c5ef8fece740c66e0a230ca607866c867ce4426d732bbaf3a1ee7aa6f6d033019211f8ba2cb8794331a6d00fe7beda438b17 |
memory/3332-489-0x0000000074670000-0x0000000074E20000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 972741555518e090854413295cf79786 |
| SHA1 | eb1f0b398522d94f0c4ed1b0f9a59514e9d20059 |
| SHA256 | d56f36e6836c98f9bde63a7e01aa8c228d8e51904c8bb3640dab3ec53549df66 |
| SHA512 | 9342d954ea84801497583862546ddd0a7c49fa652c40d5679c7fa871575b2da7740550aceb2eb29ef1d375bff427689f32bc890fd6287858d91383bf55c6a1d8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 40eccd77253af2aff9778ac14c22afd3 |
| SHA1 | 7eeb6287421dab31d3171af7ee91b5207d7e39de |
| SHA256 | a926badf56a81dfa35ae1d764b0a24ddd4be1ac909aa84daa1f0540af59dea28 |
| SHA512 | b65d8264d4df13419c8404e55ce0d9aa6b25c3185384d5ae1211ac80490533b0cfc605533e6bba5792b739d4542ce287b0aedca867a295b563529eb46cff43f4 |
memory/5080-510-0x00007FFCA45B3000-0x00007FFCA45B5000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b416e0cda74565ad6cd665e80f2a649c |
| SHA1 | e91a4bccc9dfc73c49f8226ea3aca31af1f5f74a |
| SHA256 | ae086ed122ff34deef948bfeb3abc4c659af6d1c921db5c0f2eac5a4efbbe218 |
| SHA512 | 386d77ce61ee3f0b66c63e7cffe5f11dd14a2622d9e6a4acc9a86c5fbb6be53703362e88f9535f6900f69a09c80fefd37fd5acf2c2c43283de47a69bfaf10e3a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 312b6ba6cc7af0de6e2e65eeb5e3b21f |
| SHA1 | d7b697284212862469d42f30a22001b51dd3ec2d |
| SHA256 | 2902ff4c071094fc068f56c4685a4820bf58c2eae67d49d208e066cbaa43f6e0 |
| SHA512 | 692cc90e6b030dfacc5920c5cb94c26e1b981002179c5e9c939c4954c4b1fd779f2e4d586c45fa62261b38855272687cb5a12ff2a4b70502424ffef0195963a0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | 5218eb512f4575570c4f3be17a3b532d |
| SHA1 | f359cf1b93c12becdbd05bafeff9ba956357cbcb |
| SHA256 | 08824d5a7d3a6f7b986892a4a30185820fd333cecb969a4e20dbbd4514868ff3 |
| SHA512 | 11c566dc50c1d3b0e74b7f30011ace4b96f0075ee7c805e8885ed66b99e990fa9dd651133da08227764aeaaf11e7d2827eb30846c8eb8d2f3d3006a6bdd4aee0 |