Analysis Overview
SHA256
1cdafbe519f60aaadb4a92e266fff709129f86f0c9ee595c45499c66092e0499
Threat Level: Likely malicious
The file AnyDesk.exe was found to be: Likely malicious.
Malicious Activity Summary
Possible privilege escalation attempt
Modifies file permissions
UPX packed file
Reads local data of messenger clients
Legitimate hosting services abused for malware hosting/C2
Downloads MZ/PE file
Adds Run key to start application
Drops file in System32 directory
Event Triggered Execution: Component Object Model Hijacking
Drops file in Windows directory
Checks installed software on the system
Drops file in Program Files directory
Executes dropped EXE
Loads dropped DLL
Enumerates physical storage devices
Command and Scripting Interpreter: PowerShell
Enumerates system info in registry
Suspicious use of WriteProcessMemory
Suspicious use of SetWindowsHookEx
Modifies registry class
Suspicious behavior: LoadsDriver
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of FindShellTrayWindow
Modifies data under HKEY_USERS
Suspicious use of SendNotifyMessage
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
Modifies registry key
NTFS ADS
Checks processor information in registry
Modifies Internet Explorer settings
Checks SCSI registry key(s)
Suspicious behavior: AddClipboardFormatListener
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-07-02 22:37
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-07-02 22:37
Reported
2024-07-02 23:22
Platform
win11-20240611-en
Max time kernel
2700s
Max time network
2702s
Command Line
Signatures
Possible privilege escalation attempt
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
Reads local data of messenger clients
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000\Software\Microsoft\Windows\CurrentVersion\Run\Discord = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\Update.exe\" --processStart Discord.exe" | C:\Windows\SysWOW64\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000\Software\Microsoft\Windows\CurrentVersion\Run\Discord = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\Update.exe\" --processStart Discord.exe" | C:\Windows\SysWOW64\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000\Software\Microsoft\Windows\CurrentVersion\Run\Discord = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\Update.exe\" --processStart Discord.exe" | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000\Software\Microsoft\Windows\CurrentVersion\Run\Discord = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\Update.exe\" --processStart Discord.exe" | C:\Windows\System32\reg.exe | N/A |
Downloads MZ/PE file
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_sr.db | C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide_alternate.db | C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db | C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_1280.db | C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_2560.db | C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_1920.db | C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_exif.db | C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_48.db | C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_96.db | C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_768.db | C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide.db | C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\System32\SettingsEnvironment.Desktop.dll.BAK | C:\Users\Admin\Downloads\sunlock11.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_custom_stream.db | C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe | N/A |
| File created | C:\Windows\System32\SettingsEnvironment.Desktop.dll.BAK | C:\Users\Admin\Downloads\sunlock11.exe | N/A |
| File opened for modification | C:\Windows\System32\SettingsEnvironment.Desktop.dll | C:\Users\Admin\Downloads\sunlock11.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db | C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_32.db | C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_256.db | C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Checks installed software on the system
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\Notepad++\autoCompletion\tex.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\coffee.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\java.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\ada.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\typescript.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\Deep Black.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\gdscript.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\plugins\NppExport\NppExport.dll | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\localization\english.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\Hello Kitty.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\vhdl.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\javascript.js.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\nppLogNulContentCorruptionIssue.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\vb.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\BaanC.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\contextMenu.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\javascript.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\typescript.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\contextMenu\NppShell.dll | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\python.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\actionscript.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\asm.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\inno.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\readme.txt | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\sql.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\vhdl.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\raku.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\Ruby Blue.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\java.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\Zenburn.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\khaki.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\Solarized.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\DansLeRuSH-Dark.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\cs.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\rc.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\sql.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\css.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\powershell.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\hollywood.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\overrideMap.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\Plastic Code Wrap.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\contextMenu\NppShell.msix | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\go.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\gdscript.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\cobol.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\langs.model.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\powershell.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\LICENSE | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\DarkModeDefault.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\Black board.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\Twilight.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\MossyLawn.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\python.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\lua.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\batch.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\updater\GUP.exe | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\change.log | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\perl.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\plugins\mimeTools\mimeTools.dll | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\notepad++.exe | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\Mono Industrial.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\cpp.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\uninstall.exe | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\ruby.xml | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\SystemTemp\chrome_url_fetcher_2856_874465456\oimompecagnajdejgnnjijobebaeigek_4.10.2710.0_win32_ad2kbvs6jks3au5dsxn7cqflsiiq.crx3 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6932_1858601361\_platform_specific\win_x64\widevinecdm.dll.sig | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagerr.xml | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2856_1652476856\LICENSE | C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_url_fetcher_6932_1707351150\oimompecagnajdejgnnjijobebaeigek_4.10.2710.0_win64_adsurwm4gclupf32xdrpgdnapira.crx3 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6932_1796542651\Google.Widevine.CDM.dll | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6932_1796542651\manifest.fingerprint | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2856_1652476856\_platform_specific\win_x86\widevinecdm.dll.sig | C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2856_1652476856\manifest.fingerprint | C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6932_1858601361\manifest.fingerprint | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setuperr.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2856_1652476856\_platform_specific\win_x86\widevinecdm.dll | C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2856_1652476856\manifest.json | C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2856_1652476856\_metadata\verified_contents.json | C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6932_1858601361\manifest.json | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagwrn.xml | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_url_fetcher_6932_570559562\neifaoindggfcjicffkgpmnlppeffabd_1.0.2738.0_win64_kj4dp5kifwxbdodqls7e5nzhtm.crx3 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6932_1858601361\LICENSE | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setupact.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6932_1796542651\_metadata\verified_contents.json | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6932_1858601361\_metadata\verified_contents.json | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6932_1796542651\manifest.json | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6932_1858601361\_platform_specific\win_x64\widevinecdm.dll | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Command and Scripting Interpreter: PowerShell
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\System32\Taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\System32\Taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\System32\Taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000\Software\Microsoft\Internet Explorer\TypedURLs | C:\Windows\System32\Taskmgr.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133644335814843535" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Windows\System32\PickerHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4" | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\2\MRUListEx = ffffffff | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\LogicalViewMode = "3" | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell\SniffedFolderType = "Downloads" | C:\Windows\System32\PickerHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259} | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Discord\ = "URL:Discord Protocol" | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell\SniffedFolderType = "Pictures" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Windows\System32\PickerHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 010000000200000000000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16" | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\windows.immersivecontrolpanel_cw5n1h2txyewy\PersistedPickerData\windows.immersivecontrolpanel_cw5n1h2txyewy = 14001f50e04fd020ea3a6910a2d808002b30309d3a002e8005398e082303024b98265d99428e115f260001002600efbe1100000018848e965fbcda01e783c6abd2ccda016a5dcfabd2ccda0114000000 | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 010000000200000000000000ffffffff | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\3\0\0\MRUListEx = ffffffff | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell\SniffedFolderType = "Downloads" | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupCollapseState = 00000000000000000000000000000000000000000000000000000000000000000100000006000000000000000600000054006f006400610079000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 020000000100000000000000ffffffff | C:\Windows\System32\Taskmgr.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 020000000100000000000000ffffffff | C:\Windows\System32\PickerHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2 | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell\SniffedFolderType = "Downloads" | C:\Windows\System32\PickerHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257" | C:\Windows\System32\PickerHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell\SniffedFolderType = "Pictures" | C:\Windows\System32\PickerHost.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616193" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\9\ComDlg | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell\SniffedFolderType = "Pictures" | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257" | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\IconSize = "16" | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff | C:\Windows\System32\PickerHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14" | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\9\Shell\SniffedFolderType = "Generic" | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\GroupView = "0" | C:\Windows\System32\PickerHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\windows.immersivecontrolpanel_cw5n1h2txyewy\PersistedPickerData | C:\Windows\System32\PickerHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202 | C:\Windows\System32\PickerHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\FFlags = "1092616257" | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\FFlags = "1092616257" | C:\Windows\System32\PickerHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings | C:\Windows\System32\PickerHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings | C:\Windows\System32\PickerHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Windows\System32\PickerHost.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupCollapseState = 00000000000000000000000000000000000000000000000000000000000000000100000006000000000000000600000054006f006400610079000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-952492217-3293592999-1071733403-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1 | C:\Windows\System32\PickerHost.exe | N/A |
Modifies registry key
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\sunlock11.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\setpm.bat:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\H2cKeD_BY_XxX.jpeg:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\H2cKeD_BY_XxX.png:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\FreeVK.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\DiscordSetup.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe | N/A |
| N/A | N/A | C:\Windows\System32\PickerHost.exe | N/A |
| N/A | N/A | C:\Windows\System32\PickerHost.exe | N/A |
| N/A | N/A | C:\Windows\System32\PickerHost.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\FreeVK.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe
"C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe"
C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe
"C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe" --local-service
C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe
"C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe" --local-control
C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe
"C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe" --backend
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004E8 0x00000000000004E0
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
C:\Windows\System32\oobe\UserOOBEBroker.exe
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xe0,0x10c,0x7ff880d6ab58,0x7ff880d6ab68,0x7ff880d6ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1592 --field-trial-handle=1804,i,1441648008056637921,17252772851457603570,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 --field-trial-handle=1804,i,1441648008056637921,17252772851457603570,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1544 --field-trial-handle=1804,i,1441648008056637921,17252772851457603570,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3088 --field-trial-handle=1804,i,1441648008056637921,17252772851457603570,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3180 --field-trial-handle=1804,i,1441648008056637921,17252772851457603570,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4228 --field-trial-handle=1804,i,1441648008056637921,17252772851457603570,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4412 --field-trial-handle=1804,i,1441648008056637921,17252772851457603570,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4544 --field-trial-handle=1804,i,1441648008056637921,17252772851457603570,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4700 --field-trial-handle=1804,i,1441648008056637921,17252772851457603570,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4688 --field-trial-handle=1804,i,1441648008056637921,17252772851457603570,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4928 --field-trial-handle=1804,i,1441648008056637921,17252772851457603570,131072 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff87fe23cb8,0x7ff87fe23cc8,0x7ff87fe23cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,7180547862846004143,6661460191344776200,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1924 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1912,7180547862846004143,6661460191344776200,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2368 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1912,7180547862846004143,6661460191344776200,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2796 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7180547862846004143,6661460191344776200,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7180547862846004143,6661460191344776200,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7180547862846004143,6661460191344776200,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7180547862846004143,6661460191344776200,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1912,7180547862846004143,6661460191344776200,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4140 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7180547862846004143,6661460191344776200,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1912,7180547862846004143,6661460191344776200,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5776 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7180547862846004143,6661460191344776200,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4780 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7180547862846004143,6661460191344776200,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7180547862846004143,6661460191344776200,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7180547862846004143,6661460191344776200,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7180547862846004143,6661460191344776200,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1912,7180547862846004143,6661460191344776200,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3620 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1912,7180547862846004143,6661460191344776200,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4704 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7180547862846004143,6661460191344776200,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4852 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff880d6ab58,0x7ff880d6ab68,0x7ff880d6ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1512 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2204 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3048 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3180 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2120 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4412 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4556 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4564 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4780 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4824 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4816 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4496 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5324 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5336 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4312 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4360 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3356 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4116 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2356 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1548 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5456 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2360 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Users\Admin\Downloads\DiscordSetup.exe
"C:\Users\Admin\Downloads\DiscordSetup.exe"
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
"C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe" --install .
C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe" --squirrel-install 1.0.9051
C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:4 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9051 --annotation=plat=Win32 --annotation=prod=Electron --annotation=ver=30.1.0 --initial-client-data=0x560,0x564,0x568,0x558,0x56c,0x982bcc4,0x982bcd0,0x982bcdc
C:\Users\Admin\AppData\Local\Discord\Update.exe
C:\Users\Admin\AppData\Local\Discord\Update.exe --createShortcut Discord.exe --setupIcon C:\Users\Admin\AppData\Local\Discord\app.ico
C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2144,i,13897421813163263185,11118308084373563515,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2136 /prefetch:2
C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=sentry-ipc --field-trial-handle=2440,i,13897421813163263185,11118308084373563515,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2436 /prefetch:3
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord /d "\"C:\Users\Admin\AppData\Local\Discord\Update.exe\" --processStart Discord.exe" /f
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /ve /d "URL:Discord Protocol" /f
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /v "URL Protocol" /f
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\DefaultIcon /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe\",-1" /f
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\shell\open\command /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe\" --url -- \"%1\"" /f
C:\Users\Admin\AppData\Local\Discord\Update.exe
"C:\Users\Admin\AppData\Local\Discord\Update.exe" --processStart Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe"
C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:4 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9051 --annotation=plat=Win32 --annotation=prod=Electron --annotation=ver=30.1.0 --initial-client-data=0x544,0x548,0x54c,0x53c,0x550,0x982bcc4,0x982bcd0,0x982bcdc
C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1924,i,3684100322972683551,5590319907318720364,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=1912 /prefetch:2
C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --field-trial-handle=2664,i,3684100322972683551,5590319907318720364,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2660 /prefetch:3
C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=0 --gpu-device-id=0 --gpu-sub-system-id=0 --gpu-revision=0 --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2700,i,3684100322972683551,5590319907318720364,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2688 /prefetch:8
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /ve /d "URL:Discord Protocol" /f
C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\resources\app.asar" --no-sandbox --no-zygote --autoplay-policy=no-user-gesture-required --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3360,i,3684100322972683551,5590319907318720364,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3356 /prefetch:1
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /v "URL Protocol" /f
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\DefaultIcon /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe\",-1" /f
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\shell\open\command /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe\" --url -- \"%1\"" /f
C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9051\Discord.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --field-trial-handle=4272,i,3684100322972683551,5590319907318720364,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4268 /prefetch:8
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe query HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord /d "\"C:\Users\Admin\AppData\Local\Discord\Update.exe\" --processStart Discord.exe" /f
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:4 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9152 --annotation=plat=Win64 --annotation=prod=Electron --annotation=ver=30.1.0 --initial-client-data=0x524,0x528,0x52c,0x51c,0x530,0x7ff71b2e9218,0x7ff71b2e9224,0x7ff71b2e9230
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2408,i,1235819491723798458,11460106098221595096,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2400 /prefetch:2
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --field-trial-handle=2680,i,1235819491723798458,11460106098221595096,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2556 /prefetch:3
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=0 --gpu-device-id=0 --gpu-sub-system-id=0 --gpu-revision=0 --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2744,i,1235819491723798458,11460106098221595096,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2740 /prefetch:8
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /ve /d "URL:Discord Protocol" /f
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\resources\app.asar" --no-sandbox --no-zygote --autoplay-policy=no-user-gesture-required --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3368,i,1235819491723798458,11460106098221595096,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3364 /prefetch:1
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /v "URL Protocol" /f
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\DefaultIcon /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe\",-1" /f
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\shell\open\command /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe\" --url -- \"%1\"" /f
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "chcp"
C:\Windows\system32\chcp.com
chcp
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\resources\app.asar" --no-sandbox --no-zygote --autoplay-policy=no-user-gesture-required --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=4016,i,1235819491723798458,11460106098221595096,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4080 --enable-node-leakage-in-renderers /prefetch:1
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --field-trial-handle=4084,i,1235819491723798458,11460106098221595096,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4072 /prefetch:8
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\resources\app.asar" --no-sandbox --no-zygote --autoplay-policy=no-user-gesture-required --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4252,i,1235819491723798458,11460106098221595096,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4256 --enable-node-leakage-in-renderers /prefetch:1
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --field-trial-handle=4232,i,1235819491723798458,11460106098221595096,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4236 /prefetch:8
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --field-trial-handle=4436,i,1235819491723798458,11460106098221595096,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4432 /prefetch:8
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --field-trial-handle=4584,i,1235819491723798458,11460106098221595096,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4572 /prefetch:8
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe
"\\?\C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe" nvidia
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe
"\\?\C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe" amd
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe
"\\?\C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe" intel
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c ""C:\Windows/System32/nvidia-smi.exe""
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://discordapp.com/handoff?rpc=6463&key=2bce3edb-dd29-4109-a2cc-068100db2aa9
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff87fe23cb8,0x7ff87fe23cc8,0x7ff87fe23cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1968,17410636183608736639,15308302986533284381,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2020 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1968,17410636183608736639,15308302986533284381,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1968,17410636183608736639,15308302986533284381,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2800 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,17410636183608736639,15308302986533284381,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,17410636183608736639,15308302986533284381,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,17410636183608736639,15308302986533284381,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4908 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6140 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:2
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe query HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord /d "\"C:\Users\Admin\AppData\Local\Discord\Update.exe\" --processStart Discord.exe" /f
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5828 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=3328 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3392 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4100 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=6048 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=5864 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5500 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5900 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6300 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=868 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3296 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5132 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /C "C:\Users\Admin\Downloads\setpm.bat"
C:\Windows\system32\takeown.exe
takeown /f C:\Windows\System32\SettingsEnvironment.Desktop.dll /a
C:\Windows\system32\icacls.exe
icacls C:\Windows\System32\SettingsEnvironment.Desktop.dll /grant Administrators:F
C:\Users\Admin\Downloads\sunlock11.exe
"C:\Users\Admin\Downloads\sunlock11.exe"
C:\Windows\System32\PickerHost.exe
C:\Windows\System32\PickerHost.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument C:\Users\Admin\Downloads\H2cKeD_BY_XxX.webp
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff880d6ab58,0x7ff880d6ab68,0x7ff880d6ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=5888 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Windows\System32\PickerHost.exe
C:\Windows\System32\PickerHost.exe -Embedding
C:\Windows\System32\PickerHost.exe
C:\Windows\System32\PickerHost.exe -Embedding
C:\Windows\System32\PickerHost.exe
C:\Windows\System32\PickerHost.exe -Embedding
C:\Windows\System32\PickerHost.exe
C:\Windows\System32\PickerHost.exe -Embedding
C:\Windows\System32\PickerHost.exe
C:\Windows\System32\PickerHost.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5868 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5660 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Windows\System32\PickerHost.exe
C:\Windows\System32\PickerHost.exe -Embedding
C:\Windows\System32\PickerHost.exe
C:\Windows\System32\PickerHost.exe -Embedding
C:\Windows\System32\PickerHost.exe
C:\Windows\System32\PickerHost.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=5868 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=6300 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=5580 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=4836 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=5736 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=5132 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=6400 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=584 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5728 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=6232 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=5812 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=6548 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=6504 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6548 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Windows\System32\PickerHost.exe
C:\Windows\System32\PickerHost.exe -Embedding
C:\Windows\System32\PickerHost.exe
C:\Windows\System32\PickerHost.exe -Embedding
C:\Windows\System32\PickerHost.exe
C:\Windows\System32\PickerHost.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=6992 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=6216 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6024 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6520 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6700 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Windows\System32\PickerHost.exe
C:\Windows\System32\PickerHost.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=4660 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=5956 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=6220 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=6328 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5348 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7012 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4392 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5840 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7360 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Users\Admin\Downloads\FreeVK.exe
"C:\Users\Admin\Downloads\FreeVK.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://freevirtualkeyboard.com/rhelp/?hl=09
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff87fe23cb8,0x7ff87fe23cc8,0x7ff87fe23cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1872,5417651961386745576,13086991604736373349,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1868 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1872,5417651961386745576,13086991604736373349,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2348 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1872,5417651961386745576,13086991604736373349,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2680 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,5417651961386745576,13086991604736373349,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,5417651961386745576,13086991604736373349,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3492 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,5417651961386745576,13086991604736373349,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=6108 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=6316 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=4388 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=6700 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=7808 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=7948 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8080 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8000 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=5584 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7956 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7792 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7928 --field-trial-handle=1756,i,13124220274424252037,856519633634275105,131072 /prefetch:8
C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe
"C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Program Files\Notepad++\contextMenu\NppShell.dll"
C:\Windows\system32\regsvr32.exe
/s "C:\Program Files\Notepad++\contextMenu\NppShell.dll"
C:\Windows\explorer.exe
"C:\Windows\explorer.exe" "C:\Program Files\Notepad++\notepad++.exe"
C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
C:\Program Files\Notepad++\notepad++.exe
"C:\Program Files\Notepad++\notepad++.exe"
C:\Program Files\Notepad++\updater\gup.exe
"C:\Program Files\Notepad++\updater\gup.exe" -v8.67 -px64
C:\Program Files\Notepad++\notepad++.exe
"C:\Program Files\Notepad++\notepad++.exe" "C:\Program Files\Notepad++\change.log"
C:\Windows\system32\launchtm.exe
launchtm.exe /2
C:\Windows\System32\Taskmgr.exe
"C:\Windows\System32\Taskmgr.exe" /2
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\Notepad++\notepad++.exe
"C:\Program Files\Notepad++\notepad++.exe" "C:\Users\Admin\AppData\Roaming\discord\settings.json"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://pastebin.com/raw/43NPpkMr
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff87fe23cb8,0x7ff87fe23cc8,0x7ff87fe23cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1932,3683341743287603646,16282003569850652625,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1920 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1932,3683341743287603646,16282003569850652625,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2416 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1932,3683341743287603646,16282003569850652625,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2796 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,3683341743287603646,16282003569850652625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,3683341743287603646,16282003569850652625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,3683341743287603646,16282003569850652625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,3683341743287603646,16282003569850652625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,3683341743287603646,16282003569850652625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1932,3683341743287603646,16282003569850652625,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5448 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1932,3683341743287603646,16282003569850652625,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5496 /prefetch:8
C:\Users\Admin\AppData\Local\Discord\Update.exe
"C:\Users\Admin\AppData\Local\Discord\Update.exe" --processStart Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe"
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:4 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9152 --annotation=plat=Win64 --annotation=prod=Electron --annotation=ver=30.1.0 --initial-client-data=0x508,0x50c,0x510,0x500,0x514,0x7ff71b2e9218,0x7ff71b2e9224,0x7ff71b2e9230
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2376,i,10039400415097517799,10205634100257124604,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2368 /prefetch:2
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --field-trial-handle=2636,i,10039400415097517799,10205634100257124604,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2508 /prefetch:3
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=0 --gpu-device-id=0 --gpu-sub-system-id=0 --gpu-revision=0 --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2752,i,10039400415097517799,10205634100257124604,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2748 /prefetch:8
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\resources\app.asar" --no-sandbox --no-zygote --autoplay-policy=no-user-gesture-required --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3084,i,10039400415097517799,10205634100257124604,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3080 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "chcp"
C:\Windows\system32\chcp.com
chcp
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\resources\app.asar" --no-sandbox --no-zygote --autoplay-policy=no-user-gesture-required --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3764,i,10039400415097517799,10205634100257124604,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3760 --enable-node-leakage-in-renderers /prefetch:1
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\resources\app.asar" --no-sandbox --no-zygote --autoplay-policy=no-user-gesture-required --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3792,i,10039400415097517799,10205634100257124604,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3800 --enable-node-leakage-in-renderers /prefetch:1
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --field-trial-handle=1980,i,10039400415097517799,10205634100257124604,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3852 /prefetch:8
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --field-trial-handle=3940,i,10039400415097517799,10205634100257124604,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3936 /prefetch:8
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe
"\\?\C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe" nvidia
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe
"\\?\C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe" amd
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe
"\\?\C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe" intel
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c ""C:\Windows/System32/nvidia-smi.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c ""C:\Windows/System32/nvidia-smi.exe""
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe query HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe
"\\?\C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe" nvidia
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe
"\\?\C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe" amd
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe
"\\?\C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe" intel
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord /d "\"C:\Users\Admin\AppData\Local\Discord\Update.exe\" --processStart Discord.exe" /f
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\resources\app.asar" --autoplay-policy=no-user-gesture-required --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=3404,i,10039400415097517799,10205634100257124604,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3408 /prefetch:1
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\Discord.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\resources\app.asar" --enable-sandbox --autoplay-policy=no-user-gesture-required --lang=en-US --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4176,i,10039400415097517799,10205634100257124604,262144 --enable-features=kWebSQLAccess --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4160 --enable-node-leakage-in-renderers /prefetch:1
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_hook-1\discord_hook\e8913d9c708673\DiscordHookHelper.exe
\\?\C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_hook-1\discord_hook\e8913d9c708673\DiscordHookHelper.exe offsets 274877908420
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_hook-1\discord_hook\e8913d9c708673\DiscordHookHelper64.exe
\\?\C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_hook-1\discord_hook\e8913d9c708673\DiscordHookHelper64.exe offsets 137438954948
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | boot.net.anydesk.com | udp |
| LU | 92.223.88.41:443 | boot.net.anydesk.com | tcp |
| GB | 195.181.165.153:443 | relay-79bdf984.net.anydesk.com | tcp |
| US | 8.8.8.8:53 | 153.165.181.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.88.223.92.in-addr.arpa | udp |
| IQ | 5.62.132.83:52682 | tcp | |
| IQ | 5.62.132.83:7070 | tcp | |
| IQ | 5.62.132.83:7070 | tcp | |
| BE | 104.68.66.114:443 | cxcs.microsoft.net | tcp |
| NL | 23.62.61.194:443 | th.bing.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.187.238:443 | clients2.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 23.62.61.97:443 | th.bing.com | tcp |
| NL | 23.62.61.194:443 | th.bing.com | tcp |
| NL | 23.62.61.97:443 | th.bing.com | tcp |
| NL | 23.62.61.97:443 | th.bing.com | tcp |
| NL | 23.62.61.194:443 | th.bing.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.187.238:443 | clients2.google.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | tcp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 104.18.52.172:443 | dl.discordapp.net | tcp |
| US | 8.8.8.8:53 | 232.137.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.52.18.104.in-addr.arpa | udp |
| US | 162.159.137.232:443 | discord.com | udp |
| US | 8.8.8.8:53 | cdn.prod.website-files.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | global.localizecdn.com | udp |
| US | 104.18.34.227:443 | cdn.prod.website-files.com | tcp |
| GB | 142.250.187.202:443 | ajax.googleapis.com | tcp |
| GB | 142.250.187.202:443 | ajax.googleapis.com | tcp |
| US | 104.18.5.175:443 | global.localizecdn.com | tcp |
| US | 104.18.34.227:443 | cdn.prod.website-files.com | tcp |
| US | 104.18.5.175:443 | global.localizecdn.com | tcp |
| GB | 18.245.246.151:443 | d3e54v103j8qbb.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 175.5.18.104.in-addr.arpa | udp |
| US | 104.18.34.227:443 | cdn.prod.website-files.com | udp |
| GB | 52.84.90.47:443 | assets.website-files.com | tcp |
| GB | 52.84.90.47:443 | assets.website-files.com | tcp |
| GB | 52.84.90.47:443 | assets.website-files.com | tcp |
| GB | 52.84.90.47:443 | assets.website-files.com | tcp |
| GB | 52.84.90.47:443 | assets.website-files.com | tcp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 104.18.34.227:443 | cdn.prod.website-files.com | udp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | 233.129.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 172.217.169.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 14.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 162.159.133.234:443 | remote-auth-gateway.discord.gg | tcp |
| US | 8.8.8.8:53 | 234.133.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 216.58.201.106:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| GB | 216.58.204.67:443 | update.googleapis.com | tcp |
| US | 162.159.137.232:443 | updates.discord.com | tcp |
| US | 8.8.8.8:53 | dl.discordapp.net | udp |
| US | 104.18.48.115:443 | dl.discordapp.net | tcp |
| US | 104.18.48.115:443 | dl.discordapp.net | tcp |
| US | 104.18.48.115:443 | dl.discordapp.net | tcp |
| US | 104.18.48.115:443 | dl.discordapp.net | tcp |
| US | 8.8.8.8:53 | 123.35.104.34.in-addr.arpa | udp |
| US | 104.18.48.115:443 | dl.discordapp.net | tcp |
| GB | 216.58.204.67:443 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| GB | 216.58.204.67:443 | update.googleapis.com | tcp |
| GB | 216.58.204.67:443 | update.googleapis.com | tcp |
| US | 162.159.137.232:443 | updates.discord.com | tcp |
| US | 8.8.8.8:53 | discordapp.com | udp |
| US | 8.8.8.8:53 | discordapp.com | udp |
| US | 162.159.133.233:443 | discordapp.com | udp |
| US | 162.159.133.233:443 | discordapp.com | tcp |
| GB | 216.58.204.67:443 | update.googleapis.com | udp |
| US | 104.18.48.115:443 | dl.discordapp.net | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 8.8.8.8:53 | discordapp.com | udp |
| US | 162.159.129.233:443 | discordapp.com | tcp |
| US | 162.159.129.233:443 | discordapp.com | tcp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.128.233:443 | discord.com | tcp |
| US | 162.159.134.234:443 | remote-auth-gateway.discord.gg | tcp |
| US | 8.8.8.8:53 | 234.134.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 192.178.49.163:443 | beacons.gcp.gvt2.com | tcp |
| US | 192.178.49.163:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 163.49.178.192.in-addr.arpa | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 162.159.135.234:443 | remote-auth-gateway.discord.gg | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 162.159.136.232:443 | discord.com | udp |
| US | 8.8.8.8:53 | 232.136.159.162.in-addr.arpa | udp |
| US | 162.159.130.233:443 | discordapp.com | udp |
| US | 8.8.8.8:53 | 233.130.159.162.in-addr.arpa | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| GB | 216.58.204.67:443 | update.googleapis.com | udp |
| US | 162.159.133.232:443 | udp | |
| US | 8.8.8.8:53 | 232.133.159.162.in-addr.arpa | udp |
| US | 162.159.137.234:443 | tcp | |
| NL | 35.214.159.172:50001 | udp | |
| NL | 35.214.152.244:50003 | udp | |
| NL | 35.214.138.117:50003 | udp | |
| NL | 35.214.252.187:50002 | udp | |
| NL | 35.214.203.155:50001 | udp | |
| DE | 35.207.188.57:50004 | udp | |
| DE | 66.22.243.157:50002 | udp | |
| DE | 66.22.243.191:50002 | udp | |
| DE | 66.22.243.169:50003 | udp | |
| DE | 35.207.151.61:50004 | udp | |
| IT | 35.219.248.230:50004 | udp | |
| IT | 35.219.241.191:50002 | udp | |
| IT | 35.219.235.195:50001 | udp | |
| IT | 35.219.239.85:50003 | udp | |
| IT | 66.22.238.35:50004 | udp | |
| ES | 34.0.200.119:50001 | udp | |
| ES | 34.0.204.193:50004 | udp | |
| ES | 34.0.209.159:50001 | udp | |
| ES | 34.0.203.32:50002 | udp | |
| ES | 34.0.207.111:50003 | udp | |
| SE | 66.22.237.139:50002 | udp | |
| SE | 66.22.237.8:50002 | udp | |
| SE | 66.22.237.155:50004 | udp | |
| SE | 66.22.237.144:50004 | udp | |
| SE | 66.22.237.146:50003 | udp | |
| US | 8.8.8.8:53 | 172.159.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.152.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.138.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 187.252.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.203.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.188.207.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.243.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.243.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.243.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.151.207.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.248.219.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.241.219.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.235.219.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.239.219.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.238.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.200.0.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.204.0.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.209.0.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.203.0.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.207.0.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.237.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.237.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.237.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.237.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.237.22.66.in-addr.arpa | udp |
| US | 162.159.129.232:443 | udp | |
| US | 162.159.130.233:443 | discordapp.com | udp |
| US | 162.159.133.232:443 | udp | |
| US | 162.159.129.232:443 | udp | |
| US | 162.159.130.233:443 | discordapp.com | udp |
| US | 192.178.49.163:443 | beacons.gcp.gvt2.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| US | 162.159.133.232:443 | udp | |
| US | 162.159.129.232:443 | udp | |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 162.159.134.232:443 | udp | |
| US | 162.159.134.232:443 | udp | |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 162.159.134.232:443 | udp | |
| US | 162.159.135.234:443 | remote-auth-gateway.discord.gg | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 172.217.16.225:443 | lh5.googleusercontent.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.133:443 | avatars.githubusercontent.com | tcp |
| GB | 216.58.213.10:443 | content-autofill.googleapis.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 162.159.134.233:443 | discordapp.com | udp |
| US | 162.159.134.232:443 | udp | |
| BE | 88.221.83.235:443 | www.bing.com | tcp |
| BE | 104.68.66.114:443 | cxcs.microsoft.net | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 162.159.130.233:443 | discordapp.com | udp |
| US | 162.159.134.233:443 | discordapp.com | udp |
| US | 162.159.130.233:443 | discordapp.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| BE | 104.68.66.114:443 | cxcs.microsoft.net | tcp |
| BE | 88.221.83.235:443 | www.bing.com | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 192.178.49.163:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| US | 192.178.49.163:443 | beacons.gcp.gvt2.com | udp |
| US | 142.250.69.3:443 | beacons.gvt2.com | tcp |
| US | 142.250.69.3:443 | beacons.gvt2.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | tcp |
| US | 192.178.49.163:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 192.178.49.163:443 | beacons.gcp.gvt2.com | udp |
| DE | 18.173.187.113:443 | convertio.co | tcp |
| DE | 18.173.187.113:443 | convertio.co | tcp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| DE | 18.173.154.101:443 | static.convertio.co | tcp |
| DE | 18.173.154.101:443 | static.convertio.co | tcp |
| GB | 163.70.147.23:443 | connect.facebook.net | tcp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| GB | 163.70.147.23:443 | connect.facebook.net | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | udp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | udp |
| BE | 64.233.167.154:443 | stats.g.doubleclick.net | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| GB | 163.70.147.23:443 | connect.facebook.net | udp |
| BE | 2.17.107.211:443 | cdn.fuseplatform.net | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| BE | 2.17.107.211:443 | cdn.fuseplatform.net | tcp |
| DE | 18.173.154.107:443 | cmp.inmobi.com | tcp |
| DE | 52.85.64.123:443 | c.amazon-adsystem.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| DE | 18.173.154.107:443 | cmp.inmobi.com | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| DE | 52.85.64.123:443 | c.amazon-adsystem.com | tcp |
| DE | 108.138.36.122:443 | config.aps.amazon-adsystem.com | tcp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | apex.go.sonobi.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | ads.servenobid.com | udp |
| US | 8.8.8.8:53 | prg8.smartadserver.com | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.154.173.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.64.85.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | 122.36.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.53.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | tcp |
| US | 104.22.55.206:443 | i.connectad.io | tcp |
| US | 104.18.34.178:443 | mp.4dex.io | tcp |
| US | 178.128.135.204:443 | brightcombid.marphezis.com | tcp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| DE | 37.252.171.52:443 | ib.adnxs.com | tcp |
| NL | 147.75.84.158:443 | prebid.a-mo.net | tcp |
| IE | 52.19.74.213:443 | ads.servenobid.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| FR | 149.202.238.96:443 | prg8.smartadserver.com | tcp |
| FR | 149.202.238.96:443 | prg8.smartadserver.com | tcp |
| DE | 108.138.36.23:443 | tags.crwdcntrl.net | tcp |
| DE | 18.173.191.98:443 | aax.amazon-adsystem.com | tcp |
| US | 104.22.55.206:443 | i.connectad.io | tcp |
| IE | 52.50.240.62:443 | bcp.crwdcntrl.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| GB | 172.217.169.65:443 | 6bba622e79773f7d8695866a180ebcf9.safeframe.googlesyndication.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| GB | 172.217.16.225:443 | lh5.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 252.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.238.202.149.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.191.173.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.36.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 204.135.128.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.55.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.240.50.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.75.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.169.217.172.in-addr.arpa | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | udp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | udp |
| US | 104.22.55.206:443 | i.connectad.io | udp |
| US | 34.149.20.76:443 | ssc.33across.com | udp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| FR | 149.202.238.96:443 | prg8.smartadserver.com | tcp |
| DE | 37.252.171.52:443 | ib.adnxs.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | udp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | udp |
| FR | 149.202.238.96:443 | prg8.smartadserver.com | tcp |
| DE | 37.252.171.52:443 | ib.adnxs.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 192.178.49.163:443 | beacons.gcp.gvt2.com | udp |
| DE | 138.201.80.25:443 | s143.convertio.me | tcp |
| DE | 18.173.154.71:443 | static.convertio.co | tcp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| GB | 163.70.147.23:443 | connect.facebook.net | udp |
| BE | 64.233.167.154:443 | stats.g.doubleclick.net | udp |
| DE | 136.243.174.103:443 | ws.convertio.me | tcp |
| US | 35.185.21.228:443 | e2c24.gcp.gvt2.com | tcp |
| US | 35.185.21.228:443 | e2c24.gcp.gvt2.com | tcp |
| US | 142.250.69.3:443 | beacons.gvt2.com | udp |
| DE | 138.201.80.25:443 | s143.convertio.me | tcp |
| DE | 138.201.80.25:443 | s143.convertio.me | tcp |
| GB | 216.58.213.3:443 | beacons3.gvt2.com | tcp |
| GB | 216.58.213.3:443 | beacons3.gvt2.com | tcp |
| GB | 216.58.213.3:443 | beacons3.gvt2.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | udp |
| US | 192.178.49.163:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| DE | 18.66.192.67:443 | cloudconvert.com | tcp |
| DE | 18.66.192.67:443 | cloudconvert.com | tcp |
| DE | 18.66.192.67:443 | cloudconvert.com | udp |
| DE | 54.230.228.41:443 | socketio.cloudconvert.com | tcp |
| DE | 54.230.228.41:443 | socketio.cloudconvert.com | tcp |
| DE | 54.230.228.41:443 | socketio.cloudconvert.com | tcp |
| DE | 54.230.228.41:443 | socketio.cloudconvert.com | udp |
| GB | 142.250.200.10:443 | content-autofill.googleapis.com | udp |
| DE | 54.230.228.41:443 | socketio.cloudconvert.com | udp |
| DE | 51.195.5.148:443 | eu-central.storage.cloudconvert.com | tcp |
| DE | 54.230.228.123:443 | socketio.cloudconvert.com | tcp |
| DE | 51.195.5.148:443 | eu-central.storage.cloudconvert.com | tcp |
| US | 192.178.49.163:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 162.159.130.233:443 | discordapp.com | udp |
| US | 162.159.134.232:443 | udp | |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 162.159.128.232:443 | udp | |
| US | 162.159.130.233:443 | discordapp.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 162.159.130.233:443 | discordapp.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 104.21.59.73:443 | freevirtualkeyboard.com | tcp |
| US | 104.21.59.73:443 | freevirtualkeyboard.com | tcp |
| US | 104.21.59.73:443 | freevirtualkeyboard.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | tcp |
| GB | 142.250.187.238:443 | clients2.google.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | udp |
| US | 104.21.59.73:443 | freevirtualkeyboard.com | tcp |
| US | 104.21.59.73:443 | freevirtualkeyboard.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| US | 216.239.32.3:443 | csi.gstatic.com | tcp |
| US | 216.239.32.3:443 | csi.gstatic.com | tcp |
| US | 216.239.32.3:443 | csi.gstatic.com | tcp |
| US | 216.239.32.3:443 | csi.gstatic.com | tcp |
| US | 216.239.32.3:443 | csi.gstatic.com | tcp |
| GB | 142.250.187.206:443 | redirector.gvt1.com | tcp |
| GB | 173.194.183.136:443 | r3---sn-aigl6ner.gvt1.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 216.239.32.3:443 | csi.gstatic.com | udp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 191.101.104.42:443 | notepad-plus-plus.org | tcp |
| US | 191.101.104.42:443 | notepad-plus-plus.org | tcp |
| US | 191.101.104.42:443 | notepad-plus-plus.org | udp |
| DE | 18.66.192.100:443 | cdn.carbonads.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 191.101.104.42:443 | notepad-plus-plus.org | udp |
| BE | 64.233.167.156:443 | stats.g.doubleclick.net | udp |
| US | 216.239.38.181:443 | analytics.google.com | tcp |
| GB | 159.65.211.77:443 | srv.carbonads.net | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| GB | 159.65.211.77:443 | srv.carbonads.net | tcp |
| DE | 37.252.171.149:443 | ib.adnxs.com | tcp |
| IE | 52.31.181.198:443 | segment.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 216.239.38.181:443 | analytics.google.com | udp |
| DE | 52.85.65.29:443 | m.servedby-buysellads.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| GB | 216.58.204.70:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| US | 8.8.8.8:53 | match.adsby.bidtheatre.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | an.yandex.ru | udp |
| US | 8.8.8.8:53 | pm.w55c.net | udp |
| US | 8.8.8.8:53 | gcm.ctnsnet.com | udp |
| US | 8.8.8.8:53 | um.simpli.fi | udp |
| US | 8.8.8.8:53 | ads.travelaudience.com | udp |
| NL | 134.122.57.34:443 | match.adsby.bidtheatre.com | tcp |
| US | 54.161.57.47:443 | sync.ipredictive.com | tcp |
| US | 54.161.57.47:443 | sync.ipredictive.com | tcp |
| DE | 91.228.74.159:443 | cms.quantserve.com | tcp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | dclk-match.dotomi.com | udp |
| US | 8.8.8.8:53 | dsp.adkernel.com | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 35.204.158.49:443 | um.simpli.fi | tcp |
| NL | 134.122.57.34:443 | match.adsby.bidtheatre.com | tcp |
| IE | 52.18.154.163:443 | match.prod.bidr.io | tcp |
| IE | 52.18.154.163:443 | match.prod.bidr.io | tcp |
| DK | 37.157.4.29:443 | c1.adform.net | tcp |
| DK | 37.157.4.29:443 | c1.adform.net | tcp |
| IE | 54.216.115.77:443 | pm.w55c.net | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| NL | 64.158.223.140:443 | dclk-match.dotomi.com | tcp |
| NL | 64.158.223.140:443 | dclk-match.dotomi.com | tcp |
| US | 174.137.133.49:443 | dsp.adkernel.com | tcp |
| BE | 23.55.97.75:443 | sync.teads.tv | tcp |
| BE | 23.55.97.75:443 | sync.teads.tv | tcp |
| IE | 108.129.22.139:443 | pr-bh.ybp.yahoo.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 35.190.0.66:443 | ads.travelaudience.com | tcp |
| RU | 213.180.204.90:443 | an.yandex.ru | tcp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | tcp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | tcp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | tcp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | tcp |
| US | 185.199.109.133:443 | avatars.githubusercontent.com | tcp |
| US | 35.186.193.173:443 | gcm.ctnsnet.com | tcp |
| US | 35.186.193.173:443 | gcm.ctnsnet.com | tcp |
| US | 151.101.66.49:443 | sync-tm.everesttech.net | tcp |
| US | 104.126.119.98:443 | analytics.pangle-ads.com | tcp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | tcp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | tcp |
| RU | 213.180.204.90:443 | an.yandex.ru | tcp |
| US | 104.18.36.155:443 | dsum-sec.casalemedia.com | tcp |
| US | 8.8.8.8:53 | 140.223.158.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.154.18.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.97.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.22.129.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.115.216.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.4.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.204.180.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.66.101.151.in-addr.arpa | udp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| NL | 185.89.210.122:443 | ib.adnxs.com | tcp |
| US | 104.18.36.155:443 | dsum-sec.casalemedia.com | udp |
| RU | 5.255.255.77:443 | yandex.ru | tcp |
| GB | 216.58.204.70:443 | s0.2mdn.net | udp |
| GB | 142.250.178.2:443 | googleads4.g.doubleclick.net | tcp |
| GB | 142.250.178.2:443 | googleads4.g.doubleclick.net | tcp |
| GB | 142.250.178.2:443 | googleads4.g.doubleclick.net | tcp |
| GB | 142.250.178.2:443 | googleads4.g.doubleclick.net | udp |
| GB | 142.250.200.2:443 | ade.googlesyndication.com | tcp |
| GB | 142.250.200.2:443 | ade.googlesyndication.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 89.116.109.121:443 | notepad-plus-plus.org | tcp |
| N/A | 127.0.0.1:58288 | tcp | |
| GB | 142.250.200.2:443 | ade.googlesyndication.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 162.159.130.233:443 | discordapp.com | udp |
| US | 8.8.8.8:53 | e2c78.gcp.gvt2.com | udp |
| US | 34.1.16.64:443 | e2c78.gcp.gvt2.com | tcp |
| GB | 142.250.200.2:443 | ade.googlesyndication.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 142.250.69.3:443 | beacons.gvt2.com | udp |
| US | 35.215.90.198:443 | e2c52.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | beacons3.gvt2.com | udp |
| GB | 216.58.213.3:443 | beacons3.gvt2.com | udp |
| ES | 34.175.83.78:443 | e2c71.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 162.159.130.233:443 | discordapp.com | udp |
| US | 104.20.3.235:443 | pastebin.com | tcp |
| US | 104.17.3.184:443 | challenges.cloudflare.com | tcp |
| US | 104.17.3.184:443 | challenges.cloudflare.com | tcp |
| US | 104.17.3.184:443 | challenges.cloudflare.com | tcp |
| US | 162.159.138.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.136.232:443 | discord.com | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 162.159.133.234:443 | remote-auth-gateway.discord.gg | tcp |
| US | 162.159.135.232:443 | discord.com | udp |
| US | 162.159.133.233:443 | discordapp.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | udp |
| US | 142.250.69.3:443 | beacons.gvt2.com | udp |
| US | 192.178.49.163:443 | beacons.gcp.gvt2.com | udp |
| US | 162.159.130.235:443 | tcp | |
| US | 162.159.133.233:443 | discordapp.com | udp |
| US | 162.159.128.235:443 | tcp | |
| NL | 35.214.191.224:50006 | udp | |
| NL | 35.214.191.224:50006 | udp | |
| US | 162.159.128.235:443 | tcp | |
| NL | 35.214.158.181:50002 | udp | |
| NL | 35.214.158.181:50002 | udp | |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 162.159.128.233:443 | discord.com | tcp |
| GB | 216.58.204.67:443 | update.googleapis.com | tcp |
| US | 192.178.49.163:443 | beacons.gcp.gvt2.com | udp |
| US | 162.159.133.233:443 | discordapp.com | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 104.19.229.21:443 | udp | |
| US | 104.19.230.21:443 | udp | |
| NL | 35.214.191.224:50006 | udp | |
| GB | 142.250.200.2:443 | ade.googlesyndication.com | udp |
| US | 104.19.230.21:443 | udp | |
| NL | 35.214.158.181:50002 | udp | |
| US | 8.8.4.4:443 | dns.google | udp |
| GB | 142.250.179.251:443 | tcp | |
| GB | 142.250.179.251:443 | udp | |
| US | 104.18.52.172:443 | dl.discordapp.net | tcp |
| NL | 35.214.191.224:50006 | udp | |
| NL | 35.214.158.181:50002 | udp | |
| US | 162.159.133.233:443 | discordapp.com | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 162.159.129.235:443 | tcp | |
| NL | 35.214.159.172:50004 | udp | |
| NL | 35.214.159.172:50004 | udp | |
| US | 162.159.129.235:443 | tcp | |
| NL | 35.214.181.166:50006 | udp | |
| NL | 35.214.181.166:50006 | udp | |
| US | 162.159.128.233:443 | discord.com | tcp |
| NL | 35.214.159.172:50004 | udp | |
| NL | 35.214.181.166:50006 | udp | |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 162.159.128.233:443 | discord.com | udp |
| NL | 35.214.159.172:50004 | udp | |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 162.159.133.233:443 | discordapp.com | udp |
| NL | 35.214.181.166:50006 | udp | |
| US | 162.159.134.232:443 | udp | |
| US | 162.159.134.232:443 | tcp | |
| US | 162.159.134.232:443 | tcp | |
| US | 162.159.134.232:443 | tcp |
Files
memory/2704-2-0x0000000000FB4000-0x00000000021EA000-memory.dmp
memory/2704-0-0x0000000000FB0000-0x00000000026F9000-memory.dmp
memory/2704-7-0x0000000000FB0000-0x00000000026F9000-memory.dmp
memory/4800-11-0x0000000000FB0000-0x00000000026F9000-memory.dmp
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | 65d0fd645fb12a330409774e08766664 |
| SHA1 | 89cdc7310308d7c58a14931be18d89a0444052bb |
| SHA256 | 5b1a4508c14b968e44ce71892206afbbb8d3c70aada7009633f59598e681b1e4 |
| SHA512 | 984c2da8d44274794522569f45f92d8b5b8e025be5d100072459996bea47ebd6566bdce5a234bcc9d451c6120859c06fe847867a9b59cb42b24d9920027ec639 |
C:\Users\Admin\AppData\Roaming\AnyDesk\ad.trace
| MD5 | 322f38c92f2458ccd69b12b030fde7b4 |
| SHA1 | 3c14ba44282ca4e3ac7d7a96ec2f82f548a1bae6 |
| SHA256 | b35fe490495ca689834f644e16249a836dd71559aab46264ba8110524c32ae38 |
| SHA512 | db1ab986246f89f3056640f5ecc6f1d3b2ab991d2fe5a3bb9bd6a942dd0003a057c99b10896242af1d4be12a44ab9d0337b1633dca002f62e6e35e417e880e69 |
C:\Users\Admin\AppData\Roaming\AnyDesk\ad.trace
| MD5 | f283e4444b767478c91147eef2ca146a |
| SHA1 | d7a6d7ecfcb29c6dc21d0bbbbd1365bf3b00f46a |
| SHA256 | dace8160af8809f871a96cf58842c3074dd8f9b5d379c32b3c7d6f1e9d776d56 |
| SHA512 | 6e7a4f04ab80d119dbe8d56602bb805e349788763961c1b6f06ec4a25d47e78b3f2ced4705eb0af06594e9316b345f1e23902d3cd11ea200f7d2f20d56b57091 |
memory/4696-12-0x0000000000FB0000-0x00000000026F9000-memory.dmp
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf
| MD5 | 0c04ad1083dc5c7c45e3ee2cd344ae38 |
| SHA1 | f1cf190f8ca93000e56d49732e9e827e2554c46f |
| SHA256 | 6452273c017db7cbe0ffc5b109bbf3f8d3282fb91bfa3c5eabc4fb8f1fc98cb0 |
| SHA512 | 6c414b39bbc1f1f08446c6c6da6f6e1ceb9303bbf183ae279c872d91641ea8d67ec5e5c4e0824da3837eca73ec29fe70e92b72c09458c8ce50fa6f08791d1492 |
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf
| MD5 | d0965a62185b669adffd41fc41beee8e |
| SHA1 | 6e5bef386f4532de51f4aa8310469684fad95189 |
| SHA256 | 6748f95a1351361cbad1143d4e2ddd99b4ac4e3de27c13ec34f7597feefc21d8 |
| SHA512 | 7fb1434370c4fe0a74174640dea74be9df8bf27e147ff04e2db07e3f3e8f3e7ebb2cf15c5dd825eb79cca3e5f5bd2cd1d028414b2cf5c8a2ccbc5472bad2134d |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | 92260ad59e9f986f831718ef2a588076 |
| SHA1 | a447ba80425156b6bd1897318f5b161da68c860e |
| SHA256 | e04d4638735e25ccd5bc064cf936855f27bed7c4ad7f36b9b8b21022a9579569 |
| SHA512 | f35b25d9b01506d4f7add6d197a5c14ca8a7d1c3858877698853b81d0fc0788ddb1dd8c725befc138bce3fb0b2181c04088062ce37df2d3f3449a56c893afc85 |
C:\Users\Admin\AppData\Roaming\AnyDesk\service.conf
| MD5 | 72365863dbd5f068947c55221aa7d4ba |
| SHA1 | f8e191d880b1971c5c15659f417d55289f34e4f8 |
| SHA256 | dcc58cd1cbb8819252f7898eb9e99ceadba9f765fb810aa708fb7816a4b09f55 |
| SHA512 | 4d61fde9a7ea256919424f1083995a52508ea7f51bb8ea8ec89b737bfc7db349cf243cc12ac51cd52797539bf41e3a1b2224dde523431277dccc1977c3893832 |
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf
| MD5 | 80891c012d1aec4c0c4580c9fbf5c0a4 |
| SHA1 | 12e04058cfeb1964de87bdb41f20552f4e9b9d12 |
| SHA256 | dabdb40ac33d141a7fdc9168d8fbaf5fca475fe5a646bbc232557d644535b554 |
| SHA512 | 7acd452cdb1ef8d19d94c4216c67670e70fb8bd343ff7b0c1c9a5845d940c6b93b3fd58beb73124bf0112d63bcf4084bcd80e9517c8bfb9777f60a065e87a9b8 |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | 5145405c81260d617fd8fc06f84c22f0 |
| SHA1 | 4b324a238908674ced2afcb2e3439d939e492c79 |
| SHA256 | 7c8c2c30c175aad75fb75faa16307ff89b1f33f15205bb627e38ab2fc121258a |
| SHA512 | 0e03a4c3b4b5683b0f868c61319f3673b4086f8bde3e42fa1c8264ab7c321a98636cfbd809221b6b8649973cc413ec9933e9ed62a2f5e4d58babd2907b89e171 |
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf
| MD5 | 956f52897cdf5fc5da226cf65b2fcda8 |
| SHA1 | d2be5db8f253e9739339e1d2ab8c57e54a9f76db |
| SHA256 | 06ebcb19d016d17dff1c1be2421d423b844bbc46b046e328218db2ccd6afcd35 |
| SHA512 | 858141a581328029ae995b09416456a39192b17ed980f07aee43ffcfbb0f1ddf4a624965193d3051d9f03c77e081b3b121594faccd5f1ec96e0184240348b6a9 |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | 60c11525b7fc816881ca7bc977b51b27 |
| SHA1 | 209efd7b5fd91e6e63cb24c6710aa25d986a67f2 |
| SHA256 | 51d7446b6a7fb5b1a0285ac0a1c198611a10c496c1dc721f0f5e4b7b5fc8bfe6 |
| SHA512 | 4f490af1eec13b13dfee0052fdbbdf9fcd767c2ac99389bf3781728ec367dacf6804dc3fc94382aad0afa7db99f93af1a6e22366b1d0d83a9b46685e46d56a86 |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | 1319cdccbc296517d1ba56d12890ada4 |
| SHA1 | b52ededec5475215fd7f3dc51db91a90063bc42a |
| SHA256 | 6668b58de1a9ef70a7d7a51ddf96d25bcdc5d7ff9816130e75f25f73b6269bf5 |
| SHA512 | 26172f597ac3f3491ef1c6c0d6853fd316898dbd890b60cae93046023fb6aaf330da9cec1f814de61f0cc8df5118ab770d9e3944ac258a2246e77c9c6d479f66 |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | 468ee097442d3f3db47a2aec2e6e12c7 |
| SHA1 | 8bedc180c755e015c44d0163ea9de556f1cf4d2b |
| SHA256 | b0e6af2f7c0bf341016acaa022fe78b927071764f4622c00ef2a963ac572fee5 |
| SHA512 | 0754e1e39c72842010ed6751ddad090e05c2cd290680d0846c70080a48dc9cc2dbafe68331350c13c0ad3a240a17f456298eb2a4beaeb456c2ef502b7eb92a39 |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | b85d8949e7da9fa9e71ea8918c305349 |
| SHA1 | d25a317e8178f07195f44baeeb7df329a3c2ebf6 |
| SHA256 | f615ceecf3d5384bc8825fa5ddf1e20e2ae6a18772c9b55fd73a3ef969a4e99b |
| SHA512 | da771bf06bef0b27470c738aea06debbd64c51e2b3da01dc7bdd6208d749fb7d1d0d8871f0868d0897c3afd2fecc1497d4e457ac13a69a398c5581cf9561e2c9 |
C:\Users\Admin\AppData\Roaming\AnyDesk\service.conf
| MD5 | e32a7aaee1c36df625d8c58a01f07087 |
| SHA1 | 1e9761e39f933a02f710529c9f1622b170ac9c08 |
| SHA256 | 19e4a6a023fd7b4afdee2db1932c137898f99ab8b534afd43bc6891206eea273 |
| SHA512 | 4797f11f23304a2b6bcc73aadc03a1b83489b3cdcbd5be12d3a757c6db6bd4a5ad09b29cfac6a7ecc47d922f221fb3b33748e06788393d22fb966c3518dfc5fe |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | e76273570f284ea9813d8627815465ce |
| SHA1 | f864583e7c0da01e47573fa08bddafcd6b863644 |
| SHA256 | d288c240e0ade7c9b1754358deb2eb6b010864a8c4f437d6b763c94c9a5ff55c |
| SHA512 | f32ae9fc37120c3740edc24a11936a6a07ade2fd6642ed8c42cfedea1d4c68c3738efb4d6603fd34fc80732730a78ec9099d2dc89e2a4f61cc91dd6afce30f28 |
C:\Users\Admin\AppData\Local\Temp\gcapi.dll
| MD5 | 1ce7d5a1566c8c449d0f6772a8c27900 |
| SHA1 | 60854185f6338e1bfc7497fd41aa44c5c00d8f85 |
| SHA256 | 73170761d6776c0debacfbbc61b6988cb8270a20174bf5c049768a264bb8ffaf |
| SHA512 | 7e3411be8614170ae91db1626c452997dc6db663d79130872a124af982ee1d457cefba00abd7f5269adce3052403be31238aecc3934c7379d224cb792d519753 |
memory/4800-222-0x0000000000FB0000-0x00000000026F9000-memory.dmp
memory/2704-221-0x0000000000FB0000-0x00000000026F9000-memory.dmp
memory/4696-223-0x0000000000FB0000-0x00000000026F9000-memory.dmp
memory/2704-227-0x0000000000FB4000-0x00000000021EA000-memory.dmp
memory/3212-234-0x0000000000FB0000-0x00000000026F9000-memory.dmp
C:\Users\Admin\AppData\Roaming\AnyDesk\ad.trace
| MD5 | 4600e70a3a760b1fe7d439769124f5dd |
| SHA1 | 830e39021440fb77dd8453719255fc35c39f37c2 |
| SHA256 | 8db56f267e35fb71b645042c28462076d2563139ae1f9e9403b9b5d96a736407 |
| SHA512 | 8dd746b444330f644bb909b48119f388a17fc6feacc29bfd8281e3d734b40822fc3986a376524c2ead370aa184d0c5d1628be5bec523b7cedeb3d0c4e928c7e5 |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | c641b71be70447f1e82b840a6eee57f7 |
| SHA1 | 95aa4eb822048eb8649f6cffb4eff060e741b83c |
| SHA256 | 37be0d5b2a376307aa4fab2345b3ff289b384df7d04c51e197e6e53327fc77c3 |
| SHA512 | f2a073a351ba569cd0a9e964125109a22908c6f43fcc253afddff9ff479216558ceb98de06d9976a8a868d14d0d764e27588b52d9ae1d4adf951eff6bd48899e |
memory/4800-245-0x0000000000FB0000-0x00000000026F9000-memory.dmp
memory/4696-246-0x0000000000FB0000-0x00000000026F9000-memory.dmp
memory/3212-249-0x0000000000FB0000-0x00000000026F9000-memory.dmp
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | 83274e5d48b2a758a6e3191119f15e8e |
| SHA1 | 08b0c308ff3cf11208f0e4fd4a5dcb468aa27924 |
| SHA256 | bd93003bfbd1f1888782d00a035cf47aadf3b822911bab5b3c4574a569c4da08 |
| SHA512 | 1ce0fd992ac08243ebcd64681a9a6aa868eb4b053bd59a1220419b4907800866ed11aaf2dcca0f08bd29c05925ff631e7be1800e532d8eaa743394858eec9774 |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | cbc36bc60c95e9a70bcfb706a4962ef7 |
| SHA1 | 12e1fa21758b4dbd41e393e1976078e52db983be |
| SHA256 | 4319ecb1f641a8ae94f5001eff2f94ba8d662f3c71f73cf1f0a13b8b50b42de0 |
| SHA512 | 988d353c9c5d0d95356e78824394ff65bc8017172313c6d02fef54e50f7ca0ad1eb4adad8e9b123f0d67a519f7226356f4eef1a9327dca200512832a4d38ccb8 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\75fdacd8330bac18.customDestinations-ms
| MD5 | cbc2497726f54bbb0f6ae76c56eb0ae6 |
| SHA1 | db8c877faa84175ee337c49487d38daf6d8d6a47 |
| SHA256 | d416045cedbcf79ac9df65e49e5c6f87f2c9167bc9b08a170b37f265a33d7853 |
| SHA512 | b02924d57da3ce4d038ecf2ba413f1feed6470341c482c2304006b5909a47614fd65fbcd7663580abc3402e2db2b2049e21379a4e43c7f0e1477a0852fb5172a |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\75fdacd8330bac18.customDestinations-ms
| MD5 | 1ceffd20ecc26957f4c756be738bd8c7 |
| SHA1 | 10139e9d0dfd6e6dd164e919ab494f0e8405832a |
| SHA256 | 867c041bc74a06e3088b23e02325450bab0b840c431322c85bcc4120d5a2d6a4 |
| SHA512 | ef6ed7c29a6456ba3ee54252d120f7034757c240866ad6ff7709da4f625b3da2b72bf5cd03f66d530c2d88e7a770e548d37a60ad10e9dd3ca02227ce481d4d32 |
memory/2704-289-0x0000000000FB4000-0x00000000021EA000-memory.dmp
memory/2704-288-0x0000000000FB0000-0x00000000026F9000-memory.dmp
memory/4800-290-0x0000000000FB0000-0x00000000026F9000-memory.dmp
memory/3212-294-0x0000000000FB0000-0x00000000026F9000-memory.dmp
C:\Users\Admin\Desktop\SubmitLock.wmf
| MD5 | 6632c16e44e4c7943eac83162186242a |
| SHA1 | f96d366b5d9717d1c56f3254df607d256dcfebff |
| SHA256 | 33d9286b10b680a6f6be29955db1b68a9378d9fb29a833e3ebc7935338dc19ed |
| SHA512 | acc52dc0fdee7795b9aad01dcbc538dfaf959912996c5b1132533acb3004570775214ee087a79fb3828f98a062583f4a710467612dbab8f2de1890a004a57700 |
C:\Users\Admin\Desktop\UnlockConvertFrom.wmf
| MD5 | 2d36cf6a759fe574de9b7519ffcf114a |
| SHA1 | c3e5d4a328cf02657c7ebba9cbe8dc32813d8b18 |
| SHA256 | 001dd2dd5e44344ddb71c336457b32905fcfdcace38d62d4ffd1a44a45fa45f5 |
| SHA512 | b7287ac9142e237f2263e86a76707877cdd0836b597121ff4fab17a40253482e02442142c339a505708c12b774979bbe63c6f1a00e7152740ac7cf1e55319d46 |
C:\Users\Admin\Desktop\WaitDebug.wmv
| MD5 | 303400ce68e5d2a1f796ba523f38464c |
| SHA1 | 8a67e0a3199474b42ba6f98452034c5577e271dc |
| SHA256 | f42a8c99028334c85ba93beeaaaf1f58d9fb7567be1f9047d590c1e8b5634bd5 |
| SHA512 | 393ed7268f55383baa5b3e510e13deab5beec7d9f1b6612161bc6947498cd3c0815099ca77a2e452f3e563216410afa6be064b1df9376328b4741e1146e36974 |
C:\Users\Admin\Desktop\StopUnprotect.jpg
| MD5 | 511f485c3b0a57dcbb56ce0c6b666f62 |
| SHA1 | 68d97ff07209a0e53144d2c9a7d8c9774e996ad9 |
| SHA256 | f18bd850a2e0763c4ee81d97f5ff350708950f8cad11e18633be2e9d83f5223d |
| SHA512 | e44a59e5f1405464ebb06cd8be66e4e4f4916b6c7bff76496ad9a18e492c88b75722db70969553e36760b7ff674c0fbfef0358097b5fa72e3b8b0a076c9799e5 |
C:\Users\Admin\Desktop\ResumeSwitch.ps1
| MD5 | 256ba6109d1f2ecad6a4f6affcb72b7a |
| SHA1 | 4dfcefde187f47c117501976bcc090ed0181bbbf |
| SHA256 | 508aacc1ffc223376f570167149e15a30b0f3d324e423b7d6e877c8106b59129 |
| SHA512 | 91bc5314647bf27245a3dcf4fbbf8b695b5449cf1a0743991f78a0158704a5955fb68a22ba5a023161f44085581d4c540dc039b264ebae0de9ce7060a4a8c8a4 |
C:\Users\Admin\Desktop\RequestOut.html
| MD5 | 56960f578fd98aaccc549e6f4316f774 |
| SHA1 | d9f9ac385aacab938b91c1580011f0df88d008a0 |
| SHA256 | 5cc8436980c0854b2f099d228326350d69ee792da728f4fc803b70b551b1c85a |
| SHA512 | a8ddfb1d3bb0e0d3c7b0615225d2785c3805432dc1a180f04d724588d9c5f946214c6b82468ea8c5125425de3f7321e172a623b9cc561a8c5b6724e7fc5c36f2 |
C:\Users\Admin\Desktop\RedoRemove.mpeg2
| MD5 | ad6c5d7870ef9bfc7e6995869317ab25 |
| SHA1 | 3bf8f81b244d56206a4ee79e50826cd65d795c94 |
| SHA256 | 7b4c19636fe21c047d8e1dad2ff3cd1577935d817c759bae1c9e6e156ecd7395 |
| SHA512 | 1862ac45fdb1c6d41868bded19a15d4af8f1c1c561e9f74854dfc39c7bf232be02ec86889b1e398944f12bb84d47b3f5644c1f72f74d023c95f24f42c1b9d2f6 |
C:\Users\Admin\Desktop\RedoGrant.rtf
| MD5 | 874c0a128caba93081279a125f4df1b3 |
| SHA1 | 42a0e8aa886fed57647b5a22e3d89bfe1f5a7b2f |
| SHA256 | 224332cc51c82a8632ef2fc20829c4f32ac93cb17ba4a0374e2916342ac02cbe |
| SHA512 | 76f980dac4d698e8d9dc99cc4ae9aa3000049b4b714300c4d08220212224c14b2d4fad5e8d25cb04a8cd3e9e43cb8df8efad036d0abf6df76597bbe5252249cb |
C:\Users\Admin\Desktop\MoveUnprotect.emz
| MD5 | 83ecf045a20f154a9b6c48d6f64bbc1d |
| SHA1 | 68fdc1c23004ca4a42e619b557f7426d003e8459 |
| SHA256 | 8db8110a77e5881af71b8dc5d8c7c0935c13c457e464bb088dfa0e1baadcc661 |
| SHA512 | bf6dd49fab00cbc6cba3207c01f51267035a1898e914346bc09b376a4353260b95d6a1a07a224066451fc35483ba22b876e0e7d602aef4831e35f1b2247b876e |
C:\Users\Admin\Desktop\MeasureWait.avi
| MD5 | b574651a2366e09039ff1b899a14bf2d |
| SHA1 | 2cc6eb82e3671922209f8e73cef90f362d8ff816 |
| SHA256 | 6b9140ed343c22c7ad7d61f35823ad39e3a3c7204c9fae72b18e21bb4984881e |
| SHA512 | 135c0f20802ff22389638460d2e289a5ef716912729af1af1d4783fd72805a14ac389fd71a50e727e08df1ee8beb9dd87da32250402904d9ddf568ddb40b598a |
C:\Users\Admin\Desktop\JoinRepair.dotm
| MD5 | 12d24ea172db7c177894ed58bddfcc1e |
| SHA1 | 7ee2950cde30baa13689995c19bbcedf6ebf3a39 |
| SHA256 | 3451f7eabef02f1e8f1e21ceb6fd399a4a76f2d577eaf8e44952939fb7444c18 |
| SHA512 | 5bf4649f83ab4759465d6e7f02b76d0d6f4ec58b541f698ddb75d068cbfde58a188377d0397b29ce5d12b9de367eb2ad8dfdc2627b7a316597729ddc267d7703 |
C:\Users\Admin\Desktop\ImportRequest.xltx
| MD5 | 0cec9f651b24965ebd153578ccab7866 |
| SHA1 | 9fad220350e2dfe73165d34fcddc4b78043ef746 |
| SHA256 | 03429f42a35aeb0f28ca6381dd47b1f426ce7367ea50cb6d5639a93d4c3f352a |
| SHA512 | 6d35a15b58d05bd6b28b7187d67ebd04a387af729b39e383e56c7db562fa1bdb8a9efdb7d5c91e922e8d3f230dfc20a52d029a9db4b267cc7af4b59c1932256b |
C:\Users\Admin\Desktop\ImportProtect.tmp
| MD5 | d7533f2d7c88df6d931d4fadb906ba4e |
| SHA1 | 8e79ac0b8559a94b33c68509173d67d26cd87d5d |
| SHA256 | 2affc6916c7f15d7a877fce230dcd9e3ca87d1183046a7b83247c3e2df405cab |
| SHA512 | dab88e0f31525f1b5d97098604405f9ae06f77c67a74db9934a8208c949c7ccf73bac54773f534e1b2bfba28c3d914524447b5473437fe76c6026dd65ce3895a |
C:\Users\Admin\Desktop\ConvertToAdd.odt
| MD5 | ab0f1680069701dae9351982a7a57ae1 |
| SHA1 | dbd1d4004d4bbc085cf0fe03fe6b04b6cdaeb7db |
| SHA256 | b89648a4a208aacc958c9ba7fcbf20b86cd6cb29591b767f1a55763eb4542445 |
| SHA512 | c4de85d9d7e79fd0a7403e3501d80d3863b7a2c48e509c0ec47b32e2259b467a24f5792e110a968fc0654112bba1db554d21ac51bf952347f7d00b4e87c349c2 |
C:\Users\Admin\Desktop\BackupRestore.dib
| MD5 | cf8aee92ea8d6f96dc907d909fa94279 |
| SHA1 | 53b30627a1931ff8c74ba0764d92c8b17320c406 |
| SHA256 | 6c21bcd49daca71d4ca14afd10b70137b7b5f8192ae00bed904eeb5ed849560d |
| SHA512 | 9d2bf58ba99ed6121d67fc0013abea0e08ee1a2738c600193db40757784b45b963d41c4ab563ac7f2ccd33dc2ecf5e74bbbbdc7186dab656e36060e8280cd56d |
C:\Users\Admin\Desktop\WatchApprove.pdf
| MD5 | d794eb4990e4689462c2c1a60bc999bd |
| SHA1 | f49481b97dd71b296a24fa222c0a3ecd6db1e6c5 |
| SHA256 | cf1742b0d46aad38491c161e646406a12e3584426f47505c3cf0ad2923602e17 |
| SHA512 | 31958681a359e5cb1322878d901f9aaca44a6ce8e67c57f80d90a9b1559491d441fa82cd3268a73b024db93ec584993ae8768d5dd6c7f252737e23d4b83c5046 |
C:\Users\Admin\Desktop\UseSearch.TS
| MD5 | 112036fc905f8a8797c6c1954fb88ff5 |
| SHA1 | 4f99f35dcc95d0478b61f5c2ecf9dae89d24929c |
| SHA256 | 24dfcab628c4aa3ee0369246795d558007bbf2e59b741c7f7e2d84a4f9ae602a |
| SHA512 | 29584399beeb287bbd4ce7d4b3bdae1e0d08b2a1bdeb7998facd7c91247600f9a1994b74c77159bd9d44fac904da0577aec331fc9d4a81ee4987079924697bab |
C:\Users\Admin\Desktop\UnregisterSet.xlsb
| MD5 | 5da399a47e2a2575ddd371a70b9006cc |
| SHA1 | 00cfc56b4a06362579c211edad164d5ad4ec0c06 |
| SHA256 | 5ec94d4888d4c43417d16da19a2a1f878124c75b186d988963f9e1edcedd2ca4 |
| SHA512 | 016675852b494368cb33ae809abea83a386ce799c588f52bd1032218c592d4b7283074c712ae4561048c42199000499c6d855566b197bd2c9f1b1b14ea4eab20 |
C:\Users\Admin\Desktop\TraceMeasure.pptm
| MD5 | 9ea803e73642394cd9ddd204ddd94b08 |
| SHA1 | ffefa89f9b56d298c4aaccad40db53234e2f6e0b |
| SHA256 | 53b7a02b7e0f31ab3561b8ace918425be0ed9c6f53b55a52bcf355d4db61f3ec |
| SHA512 | 93dfc3d79f3218c0f9e232eaa4110bf8c50fd46bf583904412f427afb09bd0bf04fcb0536bcd0ed576ed889f334874acd01c0c310e54ad689d5819a97af124a5 |
C:\Users\Admin\Desktop\SwitchOpen.mp2
| MD5 | 167d7bbbc00bf99d4ef745071dead024 |
| SHA1 | 0353e8326c75dca028ec93377f6932b8a51a93a2 |
| SHA256 | e35e4e00c8a1cd954b6894a3e148f432c30ef5859bd7972e29403f56922940c8 |
| SHA512 | 08e7c327babdc00b4d91394999cb3a999bb84622b2c01118ffc9ffbbe40108082de8a4bdca2fc72ffda41ba227fc4bc2628b1e3e3e775b22d67c20b05c7dce39 |
C:\Users\Admin\Desktop\SubmitSkip.M2TS
| MD5 | 3b10c6169489378787cfa9c7b36dfd1e |
| SHA1 | 08ef37944c4c05c7176d9aca9cc60bbd51005681 |
| SHA256 | 0415d8ef1c2ae33da11986d66269b8913c50c1366ffad5fe39f7a52807a9fdd9 |
| SHA512 | 0418eb8ea362c1ff31d96bdad3eae93330ca6240e0de5634170b2fc83fea13330cf668980c3affd4fab44a629b3f62181117f8d323723e623049a8beb72b4315 |
memory/4800-319-0x0000000000FB0000-0x00000000026F9000-memory.dmp
memory/4800-322-0x0000000000FB0000-0x00000000026F9000-memory.dmp
memory/3212-330-0x0000000000FB0000-0x00000000026F9000-memory.dmp
memory/4800-331-0x0000000000FB0000-0x00000000026F9000-memory.dmp
memory/4696-332-0x0000000000FB0000-0x00000000026F9000-memory.dmp
memory/4800-334-0x0000000000FB0000-0x00000000026F9000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
memory/3212-368-0x0000000000FB0000-0x00000000026F9000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 21ea0829736fc26a5975b2acf6753f99 |
| SHA1 | 24ef8dd79a1255687925f08021084e5c47bd54b3 |
| SHA256 | da6370a21fabe8b2f0b3f97c9bf43bb8bb8d87ba71581c6c38f4455edbb60fe1 |
| SHA512 | eaba4b9cce69499f1f26bac330cc52a82db2e493551adb520a5d5dd3329ba48ad07e0dd1f2d72b80f3aa5c7a4d988e19bda28b1d88517556d4a62a03fe86f220 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 64cedbd77a2fd3b96b1f727ceb658512 |
| SHA1 | 6886834780aaee8b7144a369781cd04b0cd5b2b3 |
| SHA256 | 3fa26d3f91ce5bcc85d3c1ef210d8f473ea33b48d9b796a28a91a77f48670819 |
| SHA512 | 185a64cc5b72712b6d8f32ee4ba6c7fcc9dfb3b3efa32257ca3be31c8a80d4ae70e57a7beb58ae99f37b278a01e0956bfc9a6cbc5700deb386cd55b6939d2e7a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | afd3633e0a87160223709727678630dd |
| SHA1 | 75c91e474c2f6a8b6f460a82fa54b6ed3e65927a |
| SHA256 | b8f8857029c4fff1ca6dbd32f974fe428d72bf02031b2fbb1f0a782f6b10eb62 |
| SHA512 | d49e4b0472443ef60f5ce51415c6ac47ce8f72f6961e0471765b6d277161d4479786d3457b60688893e0da3cdfae9178a5663fc0bba30fe9ed1bd580b6bc8438 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b16eb34d3663aec0f51e532bfa05023a |
| SHA1 | b1d439149f693864c951d07a874b294f716048e0 |
| SHA256 | 710997153ae6e86e52804aa58e4a2693c290c1e30087dcdf72abf79febb38d59 |
| SHA512 | 1d83085b1e2127a4453c6daa403330c17f1ee32afea4b7264ea35405cfb09c9b65cbb7b9b48b17b6cf4ca00391cc528c3bf917018ddd719cd735a0b45a2ae51f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | c46152fc6a2d4939812673d0eb12552a |
| SHA1 | fff96613dfd0ec1e7369b247e1f2795a345451b4 |
| SHA256 | 242387e95b30f0acae038d8db1aa593f6bfd14861441b100475109d5ee32427c |
| SHA512 | 2e551e7e07bc2777bc2fe8ded15bfb17d48524b1689eb3491fcae846126a69e34067437791bea2cebfb0404ce6048affd89570f795e03f27e54b26e33a05c27b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
memory/4800-473-0x0000000000FB0000-0x00000000026F9000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6486ee9e961a437dadb68ff1544d18a8 |
| SHA1 | 05f4daccca0bc1ce73fe71ad2325ba5dadd3df25 |
| SHA256 | 9a98b4686c9e90672a548c873943b3027fb111f7992263111d912318429f5834 |
| SHA512 | ee3659f68a46f37f340f98b85a7aa289e700c5ced2a4f0104673bb5f18cc82d1e9b838ec0278407213c6ed2073998e7aad78a7a39390b7e460c8e26dfa91d0e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 2dfecbb576ee9795c5284da8a2a3c7f5 |
| SHA1 | f1f0a6a97850aca2b4ab267a017564af02f24948 |
| SHA256 | dca6901942fa748fc01339192c0738a06847d8497c9c61298f1e5df1f8352fb0 |
| SHA512 | d664cc261113427810dd0b2d32763ddd08611a528fe6b285782d6b8ac03304b72a90fe7f3f7142e825ab8d948d5c9cf52f420546f3796b2ac23f3d00f3c17389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7617488a8d086dd5bc4913feb5991fab |
| SHA1 | b084b80ea3bff4f20831ba666ce3b7effa896c9d |
| SHA256 | fbba3d6a2d4fd29cfeb25c4637d3c06c7016861e3bb63fad014274e24b25fc58 |
| SHA512 | 7343168275608cc835018e224e424c4495c9498e4ea83fb4615390eb82ae65681b62c423f2c87ed2149e9a1cc02ff9d582f3ddd23b803c27cf830705ab9cad12 |
memory/3212-502-0x0000000000FB0000-0x00000000026F9000-memory.dmp
memory/4800-503-0x0000000000FB0000-0x00000000026F9000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 88f4c4418486be52e765bb810346d75f |
| SHA1 | 9a65d06abf23fd6eaeba539e7d45f6b406dcda82 |
| SHA256 | 25a5bf85d305739b0cd8b2365aad77ad8f97db923e49af9dbeddb381b77c3729 |
| SHA512 | eb5276f67850e2b3f29db551f52b40de056652dcea7ba436e03bc1399b6327080c08d527b712aa40ded96932fb7ae95f94ecdac526a8e502585b8372fc06fd2a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ab144b5cd3de5a4232fa8b5a7cb85cdc |
| SHA1 | efa33a863677a92b2043eb747c1521b8e84211c9 |
| SHA256 | 5d62443fc5832bfaa35847f4dc6f62928c6d392bd4923dbeff9231d0d30a209b |
| SHA512 | f5949dc6e827c8aefaa46a33a26f65f138979976478e84d7db61c2b2a82adaf2e8e161e015649020637cc2f3eedca88e27b585617d84e2c82ea1b2b06f958db1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9063ac2b3561e89d69a9381f487c11ab |
| SHA1 | 9e7c26f595de401faa0eb1bb6fe6d1b81c68cf88 |
| SHA256 | 79054715b62c20d3c021504935d12ebf2bd0d64d328bcd2ad591390c262d3f29 |
| SHA512 | 43cd0f022541537842e42205c7ac750cc2f59f167f00684dbcb4d7c74ea8686a3f926d513c768dda3f11c057495e4506d6a7393dcd869abf03fe74ccb330dbe9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e6c3212cda9b49aa559e0ed764136d0a |
| SHA1 | a38bda8fe2af8991d8182e29f18b930ff54228e1 |
| SHA256 | 6e4a44d4685f8907557373eb8a193d9cf2d91498a0ec606341eaf26b38fe1bd0 |
| SHA512 | afee845bfaa2c7a39eabbef6d8634ea450b2af12d103017b8be33fd3deb477ead99133ffedfe7776719af6777dba7f3a0f283fb051b76a8d85aa87d2f57da64a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 66fd923f6814b59c1f0b0aee63538cdd |
| SHA1 | 84aaec1d4c8301b2fc61dba21ed889dcb1570acd |
| SHA256 | d29b26dd9dec2e7a9f7b4b7f522b17725ed36faab13fd7f1fac6620a04f09ad1 |
| SHA512 | 8fa1217aa8de2d3314c440da40e9aa1bfca236c4409be5b75ee35a97d19d9a2c6178d2ae64fe255c420611b7ebc8c4087969f199b89e42dc5db2eb6a205b59d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 65880d43b97071214975e9b3356014f9 |
| SHA1 | df3780d6c3160174d7469b44d19d332b24db3510 |
| SHA256 | 5af9de7d2a15187462d6cd554f20100edb6a696f8cd7c41457380e39812b2716 |
| SHA512 | f01c769523bf73e948bf572f6cd4cd4c4cc68d128648a69e0f7036663a0bb47352046379b075d8399756e7c798acae3c03dbb7ccae1784688e9101b62beb2018 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e380140308a13fc4b06b2c9c07fc75fb |
| SHA1 | ec8aab4776c9083a3b679fc16285bce951d1cfe2 |
| SHA256 | 4ca0245504e135aa3e1bc76e7af94475e7c9a629862e9ea6d5bfb410d9ca778b |
| SHA512 | cc5729945325b20fc1f76e8aed84c62d9d9be4f6f84af44e02f571d97f5557615e6290aca60512eedfcbd31e53b784937bf2ff8684d68cd4328850351fbf701b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 902c087beaa2e8553652cc0d7c221ad3 |
| SHA1 | 2d4aa1214ec540bc88f25e922f43e89a2704fa56 |
| SHA256 | c1478e3b8cb7b317d141ed3e7473d934b40d473be49357ee081a626b0556faf8 |
| SHA512 | d190ba6049b01f1f5517b64ef1d5b33481d6b1f4ac6ef0633d8cdc18ba84a5927bdcf50a032e461a83dadac96e63c542ecfbb5260a742eff13a901b688995e90 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 397dd11e890d7497b9112daf7eff63c4 |
| SHA1 | a61d6030608f7f364cec47cbca1543bc94c1c455 |
| SHA256 | 95e044cd7aeef81c23be3a7e8e82a2070f3f2c4c53223276d92fbd5f881acc92 |
| SHA512 | e5f42079cbb883b3f670b536631506e12352f5b2034f7ee5f85ea2190d0732dd913675d7623352a731e3ffd927a90a03089acfb27e1b47a9e520504281c3aba7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\5a209bb9-d0e3-4ce7-96bf-f95d65264c2a.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 64cb609893b4888e179af3488e39885e |
| SHA1 | 2eb7f5aab1e54c7befad974138cbfd1b23d55c34 |
| SHA256 | a81e4297c874483798083a4048b28725bb8bf935d86694986787f79123c214f8 |
| SHA512 | f7bd0b33e3456a567344fd2fe885e62c5e065aa6a4b0c403d77c7082ce9d64094883babb0118b21e01ad5eb5cf2f03074dd193332e4bd253cfd7374549ca470a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e6d40fdd79d8b5c96756c2a204c83b30 |
| SHA1 | 20c7fffaaa68e6ff4049bb5291599dd6381df6b1 |
| SHA256 | 22b4c9885a2691ec6e5fef0d684164282e50865f4d6059ba2b3a9c9d5b892b2d |
| SHA512 | 11b615f3024111579fe6f2b58764e286fc26372093f931048423a4a48dc4ee7b0f2a4e8a6942113a2e0530dff35f57b9fa106f7bc0c17a79e3a47c0982acbc07 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 63c3ab60ccfe7c2a50eb2bd13872da3c |
| SHA1 | 03e19687046e73f62ffbc7b96363828b6bef18ef |
| SHA256 | f8b90657f27cb9b01667d3c2735e2eaffe5efa0c451920ac7418a70a693cecba |
| SHA512 | dba36f38d9a9a60e92babf839ad9b5bd6088820c587cdee6f2a4eed7fcf992966d79493333dbf8b21e43ef21c3fd3b46c582d1a8b20453a84013a304d02b1d61 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9c28953732df935e38a780610dc7f173 |
| SHA1 | 67ce9cfe98f8daa05a67493748260c9846256b6d |
| SHA256 | 8510069f7aabc53b1beece34d9be11028d87b8b0058038e2633e86cfaa720089 |
| SHA512 | 3110e09b593e6bc7aafcf61943d204b56b0692f3ec17f1bc112e404ed1272e97c2a6047430ed34c32c9027dd4998b8cd2ffb8bbf40b5c8bf9f39d3c13d3fda69 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6e75a0656c116941013a749c0e35d554 |
| SHA1 | 2d193bea289653ce21ebcc6d18cafa7d26b48b9b |
| SHA256 | 0791c8bda008f1c62e941f021fc58a585327f9ed2b2a58e83f981d7015eb0c11 |
| SHA512 | 15cd25d5c30feb19b2e11bbeb3e63b0b165d96f483659f7eb0814e4c9d744a69d6546c99d5bad2833f5ffe26f9f1e5a942ef2f394c8e73e49526f999e90255cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 492dc1f40f759ff409cbd79d2281582b |
| SHA1 | dc90b83a74891a1d8d3c30a53e389f9598f065bb |
| SHA256 | 67b5c520422df96448ef642faef525a2ee278edb72ffb7dcb3dbcb8ca99f8cfa |
| SHA512 | 81653567ba66e478273778cd52c79a004c7ce1a112c615ce9679290458415a78074fa029f6ecfdb1519351b5ff577e0b164694d643a807556ffa5c0d38b4436f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e1ce5f2bcfd0c262842a0a1ea3fd3dce |
| SHA1 | 44baa64f159e862680b24992b6b7823e86e0097a |
| SHA256 | 910962635aa60a6328b32f43e58b2c018545a72985ee4078cc5ea2cdfea06ab9 |
| SHA512 | 8a37c6a3d1393da7b3fb8cf21e64c1c21adec50611a18524859a8a1f9c1a956c16d91b0baf334043656c579ee29ce02f758e959fbd291ec5cf8026ff4f548d08 |
memory/4580-1245-0x0000000000950000-0x0000000000AC6000-memory.dmp
memory/4580-1284-0x0000000006F30000-0x0000000006F3E000-memory.dmp
memory/4580-1282-0x0000000006EE0000-0x0000000006EE8000-memory.dmp
memory/4580-1283-0x0000000006F60000-0x0000000006F98000-memory.dmp
memory/2112-1458-0x0000000002A60000-0x0000000002A80000-memory.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5ac99b.TMP
| MD5 | 289082657d563ddc47d9aaa494ff61b1 |
| SHA1 | a05e53209261134b678c543a10986bac8c415de0 |
| SHA256 | 112aba2e9bf4ec77dbfe6793f1ce78f31833863513c2134123703e06b8b89a00 |
| SHA512 | 2aa979080bfc8bfe30d277e8af6c2eb145c72528155166ecd361bef77761164a7c4318d1319421a95d47efbd6632ef8d79dd697666c00e3d5d65b483e3027d05 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | e1a0c0aa869b38490132034d4582734a |
| SHA1 | 3c135e4b7ab3a66935f13802fc3080015d04681b |
| SHA256 | 34b47774d2b67492cd7623446bea86ec238335b4385b975c34579c82600c4e33 |
| SHA512 | db4cbdc1c053d7cf846c095242460222bd665f7ba04b4c79a4300dd3e909b134f1177081b4e250ce4026fd23d93a29c7e7633b5a538f251e799c89083fc0fe91 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | cd8716df2c3beedf093642d4fd8528f5 |
| SHA1 | 88686a79bd9038b78b283b6320db2defbd7ec775 |
| SHA256 | 9108bb499089b66d83923d5f827be0dc243ae096795c671babeb9cba7add06cc |
| SHA512 | 0bfa8c34b4f4ebd9d1d38910ed63faeb6e5aa08ca67cb6f5c32ff52a05831fd7794089562d8e20692ad9aaada2ba3438801e7af4eb82c21915ae313694dbf78d |
C:\Users\Admin\AppData\Local\Discord\app.ico
| MD5 | 084f9bc0136f779f82bea88b5c38a358 |
| SHA1 | 64f210b7888e5474c3aabcb602d895d58929b451 |
| SHA256 | dfcea1bea8a924252d507d0316d8cf38efc61cf1314e47dca3eb723f47d5fe43 |
| SHA512 | 65bccb3e1d4849b61c68716831578300b20dcaf1cbc155512edbc6d73dccbaf6e5495d4f95d089ee496f8e080057b7097a628cc104fa8eaad8da866891d9e3eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0f2242c6577ffa01d75bd307e80f7865 |
| SHA1 | e93214661329f5c89ccc65f350ad1b71c0d252c9 |
| SHA256 | e26bde50487508951061c63d98bf885c45c5c68a48522367625c3e21303b79ec |
| SHA512 | d62ba3611cd29b3be9ace36566d77f5f88ad2753d38520d677f505420c8159f596574c2d2e1c00297e6267a796fde5f3f20bb3c1beb64ce9b9fe1c5affd10a90 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ca6f89884c5ae5789011e83ae7c4a42d |
| SHA1 | 1d3c9f919a746c4613f92fe2941de6080f78044d |
| SHA256 | d16c2cb032de91d19743a552220aea5852cdbd0bac002b27a1b78df2627240c1 |
| SHA512 | ae594d8bdd593fad8a04ba6f82c69f454db9561cb349fc9826690b18c901d4d5e97919e5f41fe6133f12f6698f1f326452ad6c8e51cc48140e1197a3806bd515 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2856_1652476856\manifest.json
| MD5 | 0359d5b66d73a97ce5dc9f89ed84c458 |
| SHA1 | ce17e52eaac909dd63d16d93410de675d3e6ec0d |
| SHA256 | beeab2f8d3833839399dde15ce9085c17b304445577d21333e883d6db6d0b755 |
| SHA512 | 8fd94a098a4ab5c0fcd48c2cef2bb03328dd4d25c899bf5ed1ca561347d74a8aab8a214ba2d3180a86df72c52eb26987a44631d0ecd9edc84976c28d6c9dc16a |
C:\Users\Admin\AppData\Roaming\discord\component_crx_cache\oimompecagnajdejgnnjijobebaeigek_1.2903aec9f77378fa19280af8ff89294fb9ce2caf8e0092c69e19973c0a9cc6fe
| MD5 | 5d9ad58399fbef9be94190d149c2f863 |
| SHA1 | 45f3674f0425d58d9ffc5d9001ff6754f357543c |
| SHA256 | 2903aec9f77378fa19280af8ff89294fb9ce2caf8e0092c69e19973c0a9cc6fe |
| SHA512 | 9a9532cce2de086d5934235d21d27b8a0863ae902a81151a728364aebe044faef5e5805d64efe68d67a5a5aaf408f74954d08f10c6a011dc9ea82c629339d3b0 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2856_1652476856\LICENSE
| MD5 | f6719687bed7403612eaed0b191eb4a9 |
| SHA1 | dd03919750e45507743bd089a659e8efcefa7af1 |
| SHA256 | afb514e4269594234b32c873ba2cd3cc8892e836861137b531a40a1232820c59 |
| SHA512 | dd14a7eae05d90f35a055a5098d09cd2233d784f6ac228b5927925241689bff828e573b7a90a5196bfdd7aaeecf00f5c94486ad9e3910cfb07475fcfbb7f0d56 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 90f4db9391e89f9ebe061ec7a6e0c0e7 |
| SHA1 | ddda8321ba068942e0fac95c5baff3d6c7fb2b29 |
| SHA256 | 7cb5d254146571d17ab5a070cc15e74fd02f82da37fa348c5f0a1326571d8a47 |
| SHA512 | 0dc41f814a56820486e1e859ee3ccfc29b1747d43a8d7317ea2816584852c7325dbced26614d994b6d86266016e28d7eafb7cac9a2c8df5f1993e27a087abc9a |
C:\Users\Admin\AppData\Roaming\discord\d87d61ee-84fa-40fb-91e5-c42d573da7db.tmp
| MD5 | 58127c59cb9e1da127904c341d15372b |
| SHA1 | 62445484661d8036ce9788baeaba31d204e9a5fc |
| SHA256 | be4b8924ab38e8acf350e6e3b9f1f63a1a94952d8002759acd6946c4d5d0b5de |
| SHA512 | 8d1815b277a93ad590ff79b6f52c576cf920c38c4353c24193f707d66884c942f39ff3989530055d2fade540ade243b41b6eb03cd0cc361c3b5d514cca28b50a |
C:\Users\Admin\AppData\Roaming\discord\Local State
| MD5 | 5bcfe462374872990f555ef8e24f0594 |
| SHA1 | 1c4880ddf5c0f960c2d8d1dd85d478ec39059841 |
| SHA256 | bfe3099bce503df68cf377a91e85ea75a060f59530d017b7506f39a165c145cb |
| SHA512 | 9b9bf09c3718d5b77c857d86b23b88085fc0d439c87178900321f767870ee030864588a29f0d4a1acc17f51a782b83255077b9f5ce26fd2b270f8e8746041220 |
C:\Users\Admin\AppData\Local\Discord\download\86e71d6f45c0cb489e2321ba73c5eccc64fb357451f2fc9ec23903184f3cab2b
| MD5 | 14944b8f52ef9004d577043bf838fb59 |
| SHA1 | 526446527fcf54c6f5479ea1032c405fe5d648ad |
| SHA256 | 86e71d6f45c0cb489e2321ba73c5eccc64fb357451f2fc9ec23903184f3cab2b |
| SHA512 | a48c3876adf563236d7831c3bc755824ca84fb0fc070339cb3e4227e12578ae490f2e7800ba5987944735ca587e7c15de10819aec53242fe0cef91dcc0b5ae05 |
C:\Users\Admin\AppData\Local\Discord\download\2f076e980994d14e782640ae3de7b50083e65007166aa4e8d4ca5040c609c179
| MD5 | a574ab98f7d1714239b56717bb12b592 |
| SHA1 | b59604ba52247861ba2ef370884c78e7f9c91232 |
| SHA256 | 2f076e980994d14e782640ae3de7b50083e65007166aa4e8d4ca5040c609c179 |
| SHA512 | 89aae260262144b601c5bca8adc213a1b134d25c3a214369f85f4fdb4b10764231a4f8c881744c48dd0c3cbca3777d77f7afaecb0427b3c349232c74f964cbb2 |
C:\Users\Admin\AppData\Local\Discord\download\fadbd3f392b8564c6d60faae7acb895350b6138d09860cdefffc5ed5567a1cce
| MD5 | b393d06dce31c04424de9d55d32f18d6 |
| SHA1 | eedf84f38d7330b540913f20699e97d2fab2595a |
| SHA256 | fadbd3f392b8564c6d60faae7acb895350b6138d09860cdefffc5ed5567a1cce |
| SHA512 | 40d5be4cdf1bce9b8a765004e182286c4554e874791d710ffd475b8ca6e340a0172e376a8eba33a087eea4339b5434b3fc81865f4e1d2248e63178dc1c601dc1 |
C:\Users\Admin\AppData\Local\Discord\download\ac67eb0fa11e60d81e4c2b353632ea4cc094dca2ee02104aa81b8e5b4d397592
| MD5 | 3d443c47f0316344c514533353b33100 |
| SHA1 | 9bac99dfe5350c6b1944636a1ab73eb3dd6d8b6d |
| SHA256 | ac67eb0fa11e60d81e4c2b353632ea4cc094dca2ee02104aa81b8e5b4d397592 |
| SHA512 | 445d558143ae6879cb814dc691804b964837eebe23db16714f456def45d166df44ed196adac6d8011b109b8254086952c684507cf55b62d417df6335903a595d |
C:\Users\Admin\AppData\Local\Discord\download\e22ad5a3a04d298873557c974a1f810aeadfc61edfff99d280f03db4305de4b3
| MD5 | 456ec3131b4cb4f4a42648150ff9fbb8 |
| SHA1 | 9fa5279d017507cc70d757ab09811b5eb8beb86c |
| SHA256 | e22ad5a3a04d298873557c974a1f810aeadfc61edfff99d280f03db4305de4b3 |
| SHA512 | 506f5a5d7b8062ce2f35ed968db85deaf83618a99c1b01fd727adbc46d0423cd3bf9391d783601b11207ef251b6197e6c91e617315c487b597c1e71e3578f9cd |
C:\Users\Admin\AppData\Local\Discord\packages\RELEASES
| MD5 | 934e4cd396f3e384cfebcf0464108ae3 |
| SHA1 | 72838d25a559d4e94a14fc1038011aff81b22ff5 |
| SHA256 | be2fc9c14b83f3e7123f7c319ff000b57af625ea22ddaa7d41834c78b2010c6a |
| SHA512 | b829d6894c0446fc264a890cc2e2df8da4e34a6650f74e1343623dec380c8985806de5172f89886878712a48f3bc0ba97a8e8551d5c317281ac524b9f927e11f |
C:\Users\Admin\AppData\Roaming\discord\.win_arch_transition
| MD5 | c4ca4238a0b923820dcc509a6f75849b |
| SHA1 | 356a192b7913b04c54574d18c28d46e6395428ab |
| SHA256 | 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b |
| SHA512 | 4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a |
C:\Users\Admin\AppData\Roaming\discord\Session Storage\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Roaming\discord\Session Storage\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Roaming\discord\DawnWebGPUCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Roaming\discord\DawnWebGPUCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Roaming\discord\DawnWebGPUCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | d0efee69d7dc6f79399c2242eee27f93 |
| SHA1 | 615c87fa11b689d19b45bd3e2008c5b2b2721fe7 |
| SHA256 | d6be1cdd77b17758929a74f371216e5ebae453bf575493d1c4008678788d6522 |
| SHA512 | 4d0c17d140acfe0836823f1eec8d4cb1658115b5f404adda467078bd8994c5e34e32b73a41130058db2d563172498f21bd40d4ba401f62dae60b5242ab5ed62c |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6932_1796542651\Google.Widevine.CDM.dll
| MD5 | 477c17b6448695110b4d227664aa3c48 |
| SHA1 | 949ff1136e0971a0176f6adea8adcc0dd6030f22 |
| SHA256 | cb190e7d1b002a3050705580dd51eba895a19eb09620bdd48d63085d5d88031e |
| SHA512 | 1e267b01a78be40e7a02612b331b1d9291da8e4330dea10bf786acbc69f25e0baece45fb3bafe1f4389f420ebaa62373e4f035a45e34eada6f72c7c61d2302ed |
C:\Users\Admin\AppData\Roaming\discord\component_crx_cache\neifaoindggfcjicffkgpmnlppeffabd_1.c900ba9a2d8318263fd43782ee6fd5fb50bad78bf0eb2c972b5922c458af45ed
| MD5 | f265d47475ffd3884329d92deefae504 |
| SHA1 | 98c74386481f171b09cb9490281688392eefbfdd |
| SHA256 | c900ba9a2d8318263fd43782ee6fd5fb50bad78bf0eb2c972b5922c458af45ed |
| SHA512 | 4fd27594c459fb1cd94a857be10f7d1d6216dbf202cd43e8a3fa395a268c72fc5f5c456c9cb314f2220d766af741db469c8bb106acbed419149a44a3b87619f1 |
C:\Users\Admin\AppData\Roaming\discord\MediaFoundationWidevineCdm\x64\1.0.2738.0\_metadata\verified_contents.json
| MD5 | 3e839ba4da1ffce29a543c5756a19bdf |
| SHA1 | d8d84ac06c3ba27ccef221c6f188042b741d2b91 |
| SHA256 | 43daa4139d3ed90f4b4635bd4d32346eb8e8528d0d5332052fcda8f7860db729 |
| SHA512 | 19b085a9cfec4d6f1b87cc6bbeeb6578f9cba014704d05c9114cfb0a33b2e7729ac67499048cb33823c884517cbbdc24aa0748a9bb65e9c67714e6116365f1ab |
C:\Users\Admin\AppData\Roaming\discord\MediaFoundationWidevineCdm\x64\1.0.2738.0\manifest.fingerprint
| MD5 | d30a5bbc00f7334eede0795d147b2e80 |
| SHA1 | 78f3a6995856854cad0c524884f74e182f9c3c57 |
| SHA256 | a08c1bc41de319392676c7389048d8b1c7424c4b74d2f6466bcf5732b8d86642 |
| SHA512 | dacf60e959c10a3499d55dc594454858343bf6a309f22d73bdee86b676d8d0ced10e86ac95ecd78e745e8805237121a25830301680bd12bfc7122a82a885ff4b |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6932_1796542651\manifest.json
| MD5 | bbc03e9c7c5944e62efc9c660b7bd2b6 |
| SHA1 | 83f161e3f49b64553709994b048d9f597cde3dc6 |
| SHA256 | 6cce5ad8d496bc5179fa84af8afc568eeba980d8a75058c6380b64fb42298c28 |
| SHA512 | fb80f091468a299b5209acc30edaf2001d081c22c3b30aad422cbe6fea7e5fe36a67a8e000d5dd03a30c60c30391c85fa31f3931e804c351ab0a71e9a978cc0f |
C:\Users\Admin\AppData\Roaming\discord\component_crx_cache\oimompecagnajdejgnnjijobebaeigek_1.d9a253514b6a010dfc1916c55246797e5773f13844ea3ec2d25078e845fef760
| MD5 | 17c227679ab0ed29eae2192843b1802f |
| SHA1 | cc78820a5be29fd58da8ef97f756b5331db3c13e |
| SHA256 | d9a253514b6a010dfc1916c55246797e5773f13844ea3ec2d25078e845fef760 |
| SHA512 | 7e33288afd65948a5752323441c42fcc437d7c12d1eaf7a9b6ae1995784d0771e15637f23cc6bc958e40ea870414543d67a27b4c20331fde93d5b6dc6a59cbaf |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6932_1858601361\manifest.json
| MD5 | 2648d437c53db54b3ebd00e64852687e |
| SHA1 | 66cfe157f4c8e17bfda15325abfef40ec6d49608 |
| SHA256 | 68a3d7cb10f3001f40bc583b7fff0183895a61d3bd1b7a1c34e602df6f0f8806 |
| SHA512 | 86d5c3129bec156b17b8ebd5dec5a6258e10cb426b84dd3e4af85c9c2cd7ebf4faea01fd10dd906a18ea1042394c3f41a835eae2d83dc8146dfe4b6d71147828 |
C:\Users\Admin\AppData\Local\Discord\download\5cf6dc9ff4903cf491abe6d097d57e8f86a66c249a4a4dbf598467c52194b063
| MD5 | 404a5d70f6a7dc5911c166a5616d8c85 |
| SHA1 | f1d78f06ff0aa2d84cc5c9822fb9da4ac177b1f3 |
| SHA256 | 5cf6dc9ff4903cf491abe6d097d57e8f86a66c249a4a4dbf598467c52194b063 |
| SHA512 | 354b032dba18f6bbf48f157401f3fd20636745512d6cc3abeaa8e69acbdd0e3f3552493b8109980463fc416b909bae509c3bc8e5aa40b3e09f1702ef2bb2fed4 |
C:\Users\Admin\AppData\Local\Discord\download\1fd8295731b9d4b24fe4f0a07b7aed43194943f0bcbf75990d38503adea321a5
| MD5 | 40c91d4ca6206d64fed233d67bec986e |
| SHA1 | 62661e6e907059c8cc079f902b4794ff7dd082f0 |
| SHA256 | 1fd8295731b9d4b24fe4f0a07b7aed43194943f0bcbf75990d38503adea321a5 |
| SHA512 | 09deef2d03b220a82d85d2b3fd446b9bfa9428a9a4281aaf19213d2cf1a40ab9686be5fed3931719367bf14f67a1091abdb5359df1717b4cf583334e8edc0b8b |
C:\Users\Admin\AppData\Roaming\discord\sentry\scope_v3.json
| MD5 | 626e2a181baf6d9db713ad346f7ec6d6 |
| SHA1 | 57a7e88643923d1e58c88dfd3fc3d5ea71e95873 |
| SHA256 | fd241d35e188342d1c1d7d1932614f482603b4cbef6a8ad25149be02ec083bc2 |
| SHA512 | 39ee493b8e484f1b4635581fd85b47ffdc5899f96148cca92a39857991fe8953a7ceb44ae1523b38530e110640e04e3b40616ed29d62d2f40573db940db7248c |
C:\Users\Admin\AppData\Local\Discord\installer.db
| MD5 | 0ef0bb6dcb24d8ddabe9ff9a7b712b48 |
| SHA1 | 7d677d22a37af87ee304f1875b3d1ec407dbe15c |
| SHA256 | 15d0a093c05b589326f2674a05caf598409a9463670b5588fa251ce91eff8bac |
| SHA512 | b8ae2a1707a267d243b1ae7871f4868613c851424249e07a19db08cc386add019ef8f8a5ad3f43cc6e3ed7012113387abf885401174d837cc8aa6c61731e2028 |
C:\Users\Admin\AppData\Local\Discord\download\56ee2dfa922e38f2f6756a91aef9e44f070d1e7033fd46c0eacb158003df73bd
| MD5 | 982ade3d7ba7f640352948e825a8c157 |
| SHA1 | dbf4f5c58c52386e5f304fca39a3ef73fa27373e |
| SHA256 | 56ee2dfa922e38f2f6756a91aef9e44f070d1e7033fd46c0eacb158003df73bd |
| SHA512 | 9d25623b586604bbed032b52c03e51e845dffe234d39a6454a08079436bd7a9542e699fdf5834061b7fb29603314e83da795d0d412c73189b128066111e02a2e |
C:\Users\Admin\AppData\Local\Discord\download\3bfe4b38e6a48e857910bf19084beadc9764483e2e25d48e849f623b0b5be41c
| MD5 | b79e4ad57872ad9ed8546ad35bcc488c |
| SHA1 | ee793c249e493246a98d842106b98f06ea30e780 |
| SHA256 | 3bfe4b38e6a48e857910bf19084beadc9764483e2e25d48e849f623b0b5be41c |
| SHA512 | ebd2f9b16d602bf1679d349c5d60d72db15ed6dc672d1fdd296d2f68ef8f1998a7e5927e9cce1440da8374c3ef2ca40692a31a0a1f1056d79f2b342606404a17 |
C:\Users\Admin\AppData\Local\Discord\download\2730d89fd87c93445dc5b0328ec61f7666fb0ff837e02fdba43eec667649ae45
| MD5 | c0039fc8775c8a9e32ef2258fe73f604 |
| SHA1 | c2ef4b1c88557e2f2596cd2dfc5a7c2218b674a0 |
| SHA256 | 2730d89fd87c93445dc5b0328ec61f7666fb0ff837e02fdba43eec667649ae45 |
| SHA512 | 6493718c073780f6fb6ce3e2347cfc03275917975b4c4f27ca85a79cf4aacf16771f9f7fc8c10d4e7f683371029de73a31f1a9476183ca73c9af65f5d77722bd |
C:\Users\Admin\AppData\Local\Discord\download\ce26c7492bfbf8669ac75a499e353b7636661e8b5f5374f76b7cfa92a1d79e23
| MD5 | 23d18720b6a343cfe9bb441aeabc5953 |
| SHA1 | 8f8f345f0f8aa2838a991b6d1a40548d8e8e54a2 |
| SHA256 | ce26c7492bfbf8669ac75a499e353b7636661e8b5f5374f76b7cfa92a1d79e23 |
| SHA512 | 9c612d2dbb4ff628d477217a77bfa6fb7d75839b83e7878d3c8acf7b0aeed32578d5477e82642b9fda6f4556acbf6397f9ad67596315aa0777e8b055366fdfc8 |
C:\Users\Admin\AppData\Roaming\discord\Preferences
| MD5 | d873a1c804341fdcd5e71551411dfb29 |
| SHA1 | 4061e65e9e1dcb4058f5304225e69936cc62a662 |
| SHA256 | c867bfcaccc2d638b08789c6722cebe662a76c1af001d18068fcaf91620da02f |
| SHA512 | 3bfe583368fb1bde0f09424930c76384e52469cd9cfa2ff3c4db46bb02c33af335d783d378426df0ac035013561f4abf776d53c87c4cae6716ba952dfb0e779e |
C:\Users\Admin\AppData\Roaming\discord\Local State
| MD5 | 245f06c682856e88d493241852ef258f |
| SHA1 | f8c3c23d65f48f5d55116e96c840ad6d061c7924 |
| SHA256 | a716331860e21471f19f762a3b6b52f841c588020052077878478a7b08a4fa54 |
| SHA512 | b668ba536177efebac8bea66178ffce45c0b53c8839c12360eee98017ad33300a99c4fdace75d3780f5a1d54dcd4668961d5a1e6e19e20d01ab56ed79795b4d9 |
C:\Users\Admin\AppData\Local\Discord\download\4d954e739d4fdbbb263b7496d8f0eda2c744362cdda87a4a4061610f9004dabc
| MD5 | ebd33aff637ef0d79b2dc0fbff3381c7 |
| SHA1 | 96e82b6692b4218a59efac56a9f8d7bbfde6d920 |
| SHA256 | 4d954e739d4fdbbb263b7496d8f0eda2c744362cdda87a4a4061610f9004dabc |
| SHA512 | b495af887f17215bfb625a678e485ef3caa3df6b3166315f040e595b6e41c7b1ae32c5c57daa1cd0f04188385f825e7d91cd73f18f3fac26b735484101d05886 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aa2f9657fbc7260a1efb8427899645f9 |
| SHA1 | 5481cec17a87885ce45bf1836535ecc3bc2232c1 |
| SHA256 | f8f10c7ed35c4287523f87c6376d2b752c4705137350607d9b15a87e61f59dbc |
| SHA512 | 46fadc84f4ae87e2a22571e5d6823df27ce5a47fb1eb411ef8a039a74a95a46ecc2bf9fde6d3f6ff72f9fc0d54c945aa059f4fd7f987e848c69508a23876ef2a |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | a95e13df367631e3c9b78818505f3658 |
| SHA1 | c391a9694ecc78ba7a3d27ada79665d49e5c6bc9 |
| SHA256 | 9561a1524c14e797b148d087ec89ae64efe89a03fe4dad4aa13b5ed08dd37843 |
| SHA512 | b77abf02498420debfcd9a2653808fe184e5258d52a4cf0d41dcb26a6e746a627af8fc832c86edabc84bda82a41a9b4f80e738cd9bf218b2438c9afc2fad4bf6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 37ec86eb8cafbbcb6d721f1dde8dbe8d |
| SHA1 | bb4046142f567ae355c94703b75448f3e9899a7f |
| SHA256 | 06227af1255cadbf60b3364bb0ceb11c57bbb6b903e1ead381ca65aa23a81812 |
| SHA512 | 1138584066517d26628b845233c7fee59d84bae9bc587cceeb676ec5c4fc08b879f75a3e2516a48c48f8a90f294eb550534472073147d5678bf819caf56edfa5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4b5a3c31b4482faa65cd801b6006a19a |
| SHA1 | 9a021552132e9a3ffb53d0e0d84aa1d28e1460c8 |
| SHA256 | d1b369b0e3305764f8a21805e0c74cd3b91199258b17bebc2336c821c7196a57 |
| SHA512 | 8236afaf6ef575d93c5c5d78df7f1cb60b4c66847be57f0784fc70b90f3a578f6c82a43f380daee803dd35a8126706b17b3736c9388feac57b364ed6a71b65a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0a30089954827f8e95e476ed6beeda05 |
| SHA1 | d36426ab65bf5dec85f713f586b1c1ddf8a88235 |
| SHA256 | b6412b8c93c96baa21b7527ce0da73e7e9f385761534b1d84bb043bcb60e30aa |
| SHA512 | 738f7642b5874ace17dfcf8cb6876546b36c3eae2081be6f5f01b78099d75dfe75a18952288553edf5b57e5db28d18cb08f8ea27485ed76d684c4381c6d83a69 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9606de596bc8ea3de69fdaa3ad05b7a6 |
| SHA1 | 6f787b35922d3e3efcfb004695e96757572004b9 |
| SHA256 | 96827cce8ec56c27556bb8c6ea08284ff41b4c475c1dd43126215e68527e1251 |
| SHA512 | e0ce0b8521b569f45feda1444bc71a4d71d7cc8404a9c6aa35ec72583ef4cb6d89ccd5394edace8f48baf99cf83dbfec1539726e70386e94730a5cbc7ad6eedb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | abdedc8818f9ccdfa9837c60971994f4 |
| SHA1 | 3d979e5c86d4f5fbc4883bc6d4100cec17fbf2a7 |
| SHA256 | c4d11920dd30cc603cc99a2370f899f5a192746c46d9a8b69eb3cd7b0f057832 |
| SHA512 | 1bcc12cdb94428f02fdd3099522e9b0fe6469fc994d2dd8239869de45e2490e07478b07a596c52a073b1b05366fac3a0c24151f6b67893805acc7610a694b4f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b786b47e1a1381afb94614accc2b5a7d |
| SHA1 | e8190b6df91b47106efa014b184e9b0afe2f1487 |
| SHA256 | 8753101d6452041149f6cf3f25f1bebd135459d73c1c3cb89b44a2ab4b04256a |
| SHA512 | aee883b66f3c57133c8565a24734165de7facb767d372a7d8842316ab273d46e88acba2d0db95ad51585d3b74faf36a6c0dc07dd5fc111511bbd2f6fdc5be368 |
C:\Users\Admin\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index
| MD5 | a5dbea4f9a26ac7bfb6f0a80c4bd0662 |
| SHA1 | 80f2c29603dd6069407634ae52c2c94911c4b751 |
| SHA256 | 96b9fcf54ce1ff3a1aa46fccf554f77d7eaa1a09cbad92541be2982db93b159c |
| SHA512 | 2ae85eb47ec557bcf93b95b64cd21c74290a5534c53940d80b71f3cc1842bca59ad1f930afbd3152d152de236ae1bbf3505200760f0682a7ad1e93b13d3f3426 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 3f824684662bb2e8756ac254adb72bc5 |
| SHA1 | 7615c1ce6d0df166c44a03453ebebe285a631f7b |
| SHA256 | 5dce2d7e51e3dcf6e8f8534d979097775c3be512c1a6ee435056249c4284dbd3 |
| SHA512 | d96e9262cae6da870c9b330cb4132b2cd7869b53c1a67a4576226f8955f24a6ff9e2dbc73092fb8e9bb616aa84c7a0e5b699c5c4a3dc58243d27782fcc3724ba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 428eb282820d95d020217e33dd9a9dc5 |
| SHA1 | f180e9c3883ffef27488dd7beac4d29e57e5fe9c |
| SHA256 | dc4e69c03f0c6061276871fef9bc07c1d1aff98405100899f71885c3a326a70f |
| SHA512 | 8336df61bb7007ee0e1005f024e2e64b07aa61114c3b9eb0f6ee0021c42f6e9a3a2831236f2e277b13f165baef2aec359248450bddaf7a226e493ade0947b3f4 |
C:\Users\Admin\AppData\Local\Discord\download\51e05565b70606607ef93a1d65072b40fdf337057e968a1cb3522e87e98781a7
| MD5 | 687eddb58cd054479de4508605b5fd6c |
| SHA1 | e39d37b264c965c066cb628e5013a073a586416a |
| SHA256 | 51e05565b70606607ef93a1d65072b40fdf337057e968a1cb3522e87e98781a7 |
| SHA512 | 0da6f2dec629d8dcde7167efca83c54bb76810771ebbb439c78bae3ac8662fa3177366124181a9c2988dc6aec1cb9ab2c73277dbcdc6873deb277a4a2aea7b6f |
C:\Users\Admin\AppData\Local\Discord\download\e1fe55e5b44b1525090c5153c82ad95bbab2f7900bc8e5a14b810de3e16e8147
| MD5 | 770f8378dfeda944aa32807c11eb94cf |
| SHA1 | 38b0e537e3643801e906c70879b6c50dd003ef98 |
| SHA256 | e1fe55e5b44b1525090c5153c82ad95bbab2f7900bc8e5a14b810de3e16e8147 |
| SHA512 | 99849f85fd13090ec058e58d6a19a77da38c8e3858327e916ea28b62b9549433c322f88af02712086ef5216bd4e6a672a28a8a8f54f5222edb9390f836f6e6e7 |
memory/544-3363-0x00000232E60F0000-0x00000232E6112000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_djnolvhx.21y.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/5584-3420-0x000001C5D9FF0000-0x000001C5DA036000-memory.dmp
memory/5684-3443-0x000001CD35F20000-0x000001CD35F44000-memory.dmp
memory/5684-3442-0x000001CD35F20000-0x000001CD35F4A000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive
| MD5 | 0254494a4c89bf8f623066957ccb7ea1 |
| SHA1 | 0a31bf0f80c2e5caaf36fdf4266b72379cfb3751 |
| SHA256 | ffda9233d24b63e14924cddc16d3885111c7cf09abe840547c0a266c2000687f |
| SHA512 | 8f8c04122ae09f4a544d482eb72c30fc6d1ae9840e4247eb9e7a5cbe6e912fbff9132afc78974509923c24c30a8049199d43d83aba49b8a66ab78316546673bb |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 91b81aaef4ea89f57828bf88bb48a5c1 |
| SHA1 | 3560d4c8ba71a8e5c0f2c2d5e7e472062b31825d |
| SHA256 | cdeae2db6c8c7443a2301e548d2d94072ffea1361bad331a071e186b86b5ecf1 |
| SHA512 | b67327b46f5d2918cd89b0d6d24961cae35ae8f138eb5a9e5c6ae566586c9d454fb7a608910219e8eb81e84aba820011ba9f35aa93efe981b0904500c26eb056 |
C:\Users\Admin\AppData\Roaming\discord\Local State
| MD5 | 4deaf7e6c55e10ed49f8cd398dd84d82 |
| SHA1 | 13cb357aec72ed9a27004dbad53a4eb45932d535 |
| SHA256 | 84099a671755ec9cea488b6f62b47849b397d0aee76f386564724b8be79b831d |
| SHA512 | f394ace8560013742188dfeb53b57af9699758b877a38bc87fe654ee764992662dcd3e68476223839bdd3e0435317958c931ec7a7c93cc78191975eab0c9aada |
C:\Users\Admin\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index
| MD5 | b475e7254aca074d7718966b863d626e |
| SHA1 | 2d6efc6ef9d8469c4ad42a94443999bbfe63b123 |
| SHA256 | 8aee2c7d6fb7fab26129b1c6a3e42a247230e8fff3a9451e950a5a5e405ba7f7 |
| SHA512 | de200888a013f95a58d4d78282890ec2e14cc95ea5cd4a84b50dc73aa58cc5ac5b88c4ad10385ca730da936eee5cc896142f66b80b54524ac78f85124384832b |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | f227eec366a6bee3298aa312bd7a4666 |
| SHA1 | 5a8444657997d535537790c369c4527a520298e0 |
| SHA256 | aec27a4089663eca27fef6acd024913f19f3089c11f5aa94d85fb675aae25b98 |
| SHA512 | e362ce21d264812e8529ababdf7cff3541d51595d6675638b7e532f7a8d34743b69fa16bce7985c63e2d8e4d22e6d6233d4964778044cf7059d6f8406ee5d11c |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_00002b
| MD5 | f9977c0305c88de16a99ed0f3c18c5ca |
| SHA1 | 43678b2a064b88d8028299c28d27f3da6504da41 |
| SHA256 | 58f5da651b27cfa8a29562aa9761fe586ffb4267ede19d8be930092693397f7f |
| SHA512 | 041785d0a024c44bb1bb90a99df56a1d1e7155e1c3d7c61679d96381636f5643c9581897c30b9c21e837e30325707271660d15d4be3a54fa6b9d3bf1c1809a0f |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 41f2f032d4d1bb1a06bc2e4955df6306 |
| SHA1 | c6235347a9e21b1645c752aa03da063e27b0e308 |
| SHA256 | 4188a330763f84f20eaeced1829c2a8d10c401112bc901066bda672388704196 |
| SHA512 | 5131c368d1e78796678422b1b8d43a321d656d9b8bf8fba89e33c540d4480fc7aa7927cf3a5ac8af141bac7d6336b8c7a127054dcc940f6b1c746b41b2f4844b |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | b823ec8ae7ffd8a190dccaed07b3e6a9 |
| SHA1 | e2036963c87495b75245185bfcaad37523c25809 |
| SHA256 | 5608a2290319b8cd7775d7fe36c2ea0ad3e34a171fe8d53ce4cb97eb17b3f96f |
| SHA512 | 9f0f7140b93eb9c10a8ade6797cf27346aaf4b234a54c9f0da7d06ee225c5f41ce27efe1f8c8b046c205281fe4b885ff5ed3a75b2a0697c69cd709462a8682ae |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 714a60a40ddb6de6cb15fd506092eaeb |
| SHA1 | a00d81342afdf38076a071ca8a343f7836ca8233 |
| SHA256 | 125eb471dd0c9492d1b24955c4590bb146560f9e7d56866c5d10865db208d79e |
| SHA512 | 3af006b2715cfb52a09aecb61fc1593e71b988dc6a8e88eda24c354f00d1748a46ce0133e2d8f00110bd76009c6267b130ab927fbdb122345ab1413d5311658b |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | a8d95393fbfe8370c4faa9753a321d55 |
| SHA1 | 7945e7477dd27873ca059c8cbb425093336845e2 |
| SHA256 | b3dbe4f53e709a982425be0416d3e56d5a0118ed2d218120e1a90357acf86757 |
| SHA512 | 984d929b16d88a440460cef2f32daffb203c476e9077da9036bf2c2b79da356ad20cd8c51a390815029c86d27856047094d710546830fc7ef1ec410fa7f83ed4 |
C:\Users\Admin\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index
| MD5 | eb93893f8ac3a4cc2c7ae9568be2b266 |
| SHA1 | 455122f165562a926a1f246e14180395cb9f15cb |
| SHA256 | 18e8e5b495202e4a0d6e7f2e1a5f82ef786a9343aa6b8cbb327a039636bfaa51 |
| SHA512 | 5a0ceb45a1c287a094669507185d2ebe4760a665e265308473d23942e0f438d5bfa99130955519c2a8351888dc7b1a1a73ab3948cd581b2f81e71594276fd22b |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 3e791e8df64c1b9ea26491fed00feb3a |
| SHA1 | 9688097834e71c558a7b245e6fdaa26ba1dce316 |
| SHA256 | 3db1dfc4a7f3fed22647c08857ca57602683df52bf9b30507204d7e84613898e |
| SHA512 | 8c12b239ad6bddf22ed359b9079e672318617a5b6489fa99f173f4c5fe0dd850126ac1e01426d80a398a3ab9c68bcf3fd5e8660e5537984702ab15149fccdf11 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 95ec8f00d8dd2700acedcd37fe8f8851 |
| SHA1 | 4f6e8f3911d8734c93f5bf9125ac76ad19d7a0c0 |
| SHA256 | 4b873c9b8e714cc54039abf82049c28bc7a16e05258c918ed47d50bf6df216fe |
| SHA512 | 7d662be2c2fd2e4f7709b58dc82acb96eb9d62501e3e32d67663c9b765276f3e63f4282164e4f5d65d9c1d3d869bd5f4482dad24153eb16aa13df6e8efa588f8 |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | 129e64e33e5ed245b311e6b93673491b |
| SHA1 | cf2b7d2d5c5991469620d12832e195ba08c1d40c |
| SHA256 | ced073ad4ea15d4f3237b52e2f4997a4ad7d8695441079cb879bb3817bf74dcf |
| SHA512 | 3de764e76354969035f12aa692fb8b19307186185934cd011a1313bbfc29b891bcf34c167d56d5757a1b896dbac4e40929d069b010200c7b657bc0ce861f97e1 |
C:\Users\Admin\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index
| MD5 | f2f653f086abe392a0437686d959b9c6 |
| SHA1 | 952b3d93379836bb1d9bd3cd552054e0a0d65ac4 |
| SHA256 | db10ebb8e1ed4f345e489d7ad81a583d5d803f836f9e9fbe815e10e89321750e |
| SHA512 | d21e5def58e0bc2454a032e67fc04f52de9d0675fac77564b2ccb99559174585a326c1440e29b2c1b27bf7b86ba1a68d034605293b29afd2dd6a7e5344f0f433 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_000040
| MD5 | 9119c066d59373daaee087cc0d7cdf7c |
| SHA1 | a2868f03604d3114833fd2448d87b1e405dc91f9 |
| SHA256 | 9e665299ab3f3ed693e12d359345e1631a01ca0d4b11f2098b18d6e9818e7bca |
| SHA512 | 32e03149b790955b0aa50609f1d2eebdfd4d53bb20e9505c2990c70ab30bca66ae54045c068ba5da3d5990f84da029c265985440ab21661dde0db685cebc8999 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | b3ff5bb3aa5f2e8ede912d9b7555f41d |
| SHA1 | d4df1677f6c47b7afbdd513de3890e05a9e697b8 |
| SHA256 | edd058c679959c55cf6d56ffc16f3ff3c83db7929c39101007af4ed280eaaec2 |
| SHA512 | a6e17bea8d862463b12a0d8b3f0c44b9b56357251f75c80d116fc4eeabdb06e2caee4ff0bac98eb172654089937ce902a9e16e2ac45d6dbea2bb7e037f958d81 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 420079e8f6e95c4a34722f9e2d9d486f |
| SHA1 | 3fca03fb0d946ad8d1c9f68ab1b0d9c9262fd5e8 |
| SHA256 | 2b1989269e4e241b6411a20843ede34570a53e4a6a79fb28437ed8f5c6172742 |
| SHA512 | 88691fec02471a0eac4ac76830a348d5fe2ff708750203c30f8076c018cdd06aa57bfa3efde2f4cc9486ef3c9a5c83605840ca7774cd0dcf9d8fa74d0da911e2 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | c4c21a4dba8f9ae18dd1ef7ed0422ee4 |
| SHA1 | 43c46804a93fbac7bd33456553743540040639fa |
| SHA256 | 3d7cde0de34a1f34e08f4c24e054356987d4189606e97b95d462f7d7f126606a |
| SHA512 | 6a53a8e562c67e91b9f710eed1a70727d5b3404c6a2690cc520bbd2e53231de8a553d6ccaaebd6b5ed9ba9e826f9bff0c0fcac0265ea16e4fe880c29d250da4c |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_dispatch-1\discord_dispatch\dispatch.log
| MD5 | b4fb95583468cab155d4d7c497cd2e9c |
| SHA1 | 65217acc290df89f10bca66f0a3d1f9cc4a08c9d |
| SHA256 | ba356eadc760f7b8ccd5e2eeb730184a92b97417934f15d45fe9a46d9fd44921 |
| SHA512 | 8d96205b3354c81e85abc747469612c37b593b32d3b42408febc246c4ab9266a743badb143c0aff7e8a84793eb4b7a47bc5cdf513a31a7f8aadd4b4ea11f680c |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 2d8cd0965296d6794a1c6ce9441505d9 |
| SHA1 | cf6b3f038df2af9c6aa22049a925a602692511ed |
| SHA256 | 2122904cbc6befa1c58a10da005f2920604945013dd3b6d7ecbf09b48309eca9 |
| SHA512 | 91298cc87a49882eeb2da7b9b5ff171a25311e436183a5d6f2c8e284955f9681e45e8385421ec65c19914e31818ec09bffc712aac40d923f65eb7fe314352adc |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | 1bab263a51569629f95217868a13bdbd |
| SHA1 | 5db8f6708b9c0a798f4876988198e20fe3974f04 |
| SHA256 | f90c667103a3f6eefd1e3499153d426ff30afcce1e5246d9f60d7e10b4f4350f |
| SHA512 | 2235fafd35b90704e8574bc022e938e7fac73c36d23d9d25b5aba12d10ae88f93c7800b15aaa478c1d1a8d1165344f363bf71a97063a161e979c27c03c78edfa |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | a885e9e3311ae293a7bb9515d03a35ad |
| SHA1 | 4dc307a762a71e0a023acf2978717d8fb7659715 |
| SHA256 | f9af7676d29b33ad238e0e0ad885b0ed9413e6b110b18a97d7413911636af207 |
| SHA512 | 39404ae3978384b6d2bb3c20bb5f1c4fa207bd12b6b4054caf5262a019d379d0cc37ceea041880b429bebed753d0ab51bcd863fed45fa796c726148b8b880b75 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_000061
| MD5 | 1e4be5d18e998503949eef043d8be4ab |
| SHA1 | 6f818b7b58ec2e2d9d2ccf3821602f19d3ae98b5 |
| SHA256 | 52ff5087ef3e5ffe020fee4f35623ba0f18f76232e842cc464772371e4860bac |
| SHA512 | 564fbc63b2b1ee50504f4d39544752565e7aebc7ba46affead23b4fb9918587de7e0f193e441404f78fde344e533b604adb400a786ff44586a49ed002adea13d |
C:\Users\Admin\AppData\Roaming\discord\tray.png
| MD5 | 08e3872ede2967f3ccf2c4a3eee511c9 |
| SHA1 | aa604f49406d8617c03e306a889931813f4b479c |
| SHA256 | a44bbb3d84b73c628714f3ff805e94fd524943963c1740d4b59b53f422ffbea8 |
| SHA512 | fc0e14c8ada9ef43421a7e69d98887c06e01e1ed9f117902c06b4609ede02709de40de08b5f3f583a29fff45a80fa075e51680d2960088d13e4c236c379b9585 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 8a9f7d2f1f9c9bdfdb524cf91a3ec1af |
| SHA1 | da893b90122575deada64f438caee4515c3d5724 |
| SHA256 | 61d369856eb0d920d3c5bac1b47f3ebe512436e76a85022b15da883089c9f1b5 |
| SHA512 | 0c649c6705faaaea7cf5f442bfc14c129ae746e9e347cb5a7b56520bdd368e7fd117cc6197ef5ea77eba8e234253d8e9dd61d2d141a6c4cba38ead4aa8020967 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_00005c
| MD5 | bacbaf11ca84b8124810e06de735ca6a |
| SHA1 | 27308d46d0e3d016ecaf6a0b92fe36fa28f54e79 |
| SHA256 | b3baa6a72f76f4431a26be9aced763b73bd6258faf4b1def3663609d1d420a30 |
| SHA512 | 5f6a4e4c67d1b0178e08cd6de5d0d7b9e688e97584922fe19b3fb29b65bdccc404cef07e3df9f593bed9dbd636f2a7dd02bc4d92e1ec75d6fe8eb5d287681d67 |
C:\Users\Admin\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index
| MD5 | d9b458a29040690e339b038f3739e9cb |
| SHA1 | b138e494f9da7210289c8674a604e0e34f6635c6 |
| SHA256 | 4ebf510c2f19e2e1cd37f3d53a6b0d9c5f03653970937c0e97daecf3535ebd2c |
| SHA512 | b50803d14e63ef9e65341e620bc71a6fb16b2751b6124f078fbe8e0437f2079b251d912448b7a93ffaed6d6ce94ab6faff8d9c1d8acf4ea28b26d5c15de179fe |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | e8c185fbdc01e10bcb21960a0f6a4874 |
| SHA1 | 252f55f598e67a55cc982696f51933740b98f04c |
| SHA256 | 57be44c838d2bcac83491c6a013d0caa2cdae669d75f5f76fc66d5ecdf70dd73 |
| SHA512 | b1fa9e62e93b2e5053f620e9451ee003cd958306563cc12c241d9297799112594671c10b33df90bec6a73bcf7e9974536009627dd811241a1bae30542b00a1c3 |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | 93f924fe1f5feaf7ddcb3b1f5b7ef2eb |
| SHA1 | be36ddc67cbf755e78145d9714679ba473b20d08 |
| SHA256 | f057864da40451de2017ca8fe49e00d82e5591e4af64a45dfef876ea7d7b64e5 |
| SHA512 | f90e197e183898942a5bc776c0c6bd0f663ff7824f1ee179088234c74b184dc9a73ae4477cb264327042730b29d11a3d5065010e4dc964cbc843aefd466cb4b1 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 176938de77c2f8cc1ea0dee6c94af19c |
| SHA1 | 3f023cf586588666dda7de8b50e66b5d70e34927 |
| SHA256 | 2736b5b437ea9bc0f9392724fc5e34f151578a8886584ac4dcc2b0d6ba031301 |
| SHA512 | 7fb39acb9d136678ea309d2bce9251ff75014e90d304089a4f2781799a8a85cbe0f75e4eb0c055a3fa94fcb4bb68fddf4f8da9b64bd6a7389b17959b17ca8e92 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_00002d
| MD5 | 5c7269efbf860bb67657e2cb232fb619 |
| SHA1 | 0a9e3d6b3a109ef21373a7b0a0a3ddd8dc51ee00 |
| SHA256 | d44fd97e52a3d18cd7d380fd9fc97ba8409a666059e3cbb3d0dbcb74ead9c18f |
| SHA512 | e3d79242c43e267b63dc07f56935cff99e33b9fed5baa0b976fde630114888d6fac7a502506932385e810aed045a7530541b08dfd0dffab65ad056f192075571 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 7516cb11a358b4e34338483a8c73612a |
| SHA1 | f197f426e76b092ad7c625d48b917b1d02beb152 |
| SHA256 | de69e75b4a346e740f81ab277b031207753747773879f61995feae25402969cd |
| SHA512 | e458ba2ee90b6adb2732d805f7ad4512fc6211b2141706d700d25c82ba5720523737ec54836a7e4d9e123e8d58ae0a2958a065c038197443f602a8e072e3c383 |
C:\Users\Admin\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index
| MD5 | 9e4e9a003779d634fe23aa582b1ae79d |
| SHA1 | 2dea614fed5e289e1a36e22cb28ff7192f5f5ac5 |
| SHA256 | 42516687c3de4728924cfe2d4929b7368173dce3d63fdf1807c2ea1312609c37 |
| SHA512 | e4e954783e7fa6dded64ff50bc26b60d1921b2c6eb018ae0a4d580e7397c3d38be08bd2c7f0d5be98e0048ad40264f9c693ca8566e79e16a284206356f1cba42 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | f2c76cdd037f2c1293e9942479fe05f0 |
| SHA1 | 63d852ba54b47ebf28aa3403a2cee246da20bbf1 |
| SHA256 | 4092dd1e3d83781569a2d7e3495a80462d661224c19439e48ccf4bb6340faf8c |
| SHA512 | 88cd904efd6dc2f2b42328de174d743e3be28ee3ffbeb8b2f1a35895a3aa24f6f6a4c62d74190f950f1f884ec829d3d39461508ed8e5f9108687d3671c43282e |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_000068
| MD5 | aa345f22b5e40d2427813294a101a31e |
| SHA1 | c22630588b43bd9d4d4afe437c263c165af03b72 |
| SHA256 | c33c2341a458e8adb2ec5feff94a77af43f7db9340c3b77a3acbb21409b7ffe1 |
| SHA512 | adcb8148c895f63ae606fa15f6f12e6beffe2bb5979636faaf1bc3b20a57f01465c42853f23a257f44d51c237dc4fa7a73bc4a1742397d0d7b9f9c0b49be3080 |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | 1f27bbfdf71fd5e39bde420aafa8ad94 |
| SHA1 | 20d534314459efd6774764f77a54ab96ae6f065d |
| SHA256 | 6823f90342ab0b1645ef23e064846b8d2a385cf9cca236fc734124c182f61d5b |
| SHA512 | e8e26d6a84bcac0373721f9258f66b6431559f8ee81ccd3de980c6d475ea2cbbced20d34763de713c3c6e5d67f4319c23a43d6ee2256c4c7ad138abbc1f670c1 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_0000ab
| MD5 | ef6c6b6fdff1260a400c46315cdb9824 |
| SHA1 | d51000d33f4b59000e484f0c8fbda5bbef479ffa |
| SHA256 | a9a70e34fa6c9af9321a889c0ecac41703a805df592e32e379ce2ead7a04b82b |
| SHA512 | 595262a14feceec6378b7e8c17fdbbcfc4e55381e9dd0ca2e70fee9d793690b8bacb93f67e75287795b26e56e6a178d4579624dba41b50078714d447fdf9381c |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 05aba1a3adb24f3ca6d3fd7bda0cb043 |
| SHA1 | 928c4d7b17a0cf8563b3b9b8be0fc371ac73ccc4 |
| SHA256 | f6a73af91025ed0697db96c2caea32f260d10e4584d43796aaaf5cf1032d920e |
| SHA512 | 795d5f16e36e5b715c0760e79ec50fe0d4b6830eb5f76adf61ac7f711b93db6a66d28fde6141143bd57fb9517be856c7f84208b6b9965c3db0954d0392d46fdd |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | be8df19b4e3e66e9f8b76e6a5347b6b2 |
| SHA1 | 2046fca3751d488f7edab0224b586020a03ec2f1 |
| SHA256 | 451588ea521442bcbab26ce20e6bdf7d17627bfbd068980aed01c7da2b7502b8 |
| SHA512 | cdf2976fd89bd37f658c6deb6f19524e333fd1e974ec16acee35b6652a2e44740e4e6de87d2b27ebd965d5e8812c9f82509861cf8b7cf624c38f1ae6a6563621 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_0000bd
| MD5 | 13a6070c97fb5d89e985335be897d7f7 |
| SHA1 | f2491c79cf438f9d7b9c5e009f3f77ae5c5db535 |
| SHA256 | f092c109fadbd6fcffe08f0144650f26190f3d13a180de173e68ea334976eb7f |
| SHA512 | 4099db8431da2e1a4f2900c6a4dc65b35f37d26c80f64e639ddae4330437bc606099678e124e6f54bfdb6463fd95f99dcdb9e10b9196f9961a6375e61c2f1dc5 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_0000be
| MD5 | 84b2279093e25add571d273fa4eaddae |
| SHA1 | d88eaed186e26edd79f85e65cac1fc1a58b08e7e |
| SHA256 | 31fe6e737fc1773afa379d0933c4d7fd53bb0222c418c450c845fc8a272f2664 |
| SHA512 | 8142bfd85d0971ba227bb757352ec0db952c9d53055f7acc35577d2f52bfcf6a93eaf971a84a258f82f11615cbaad9b9ebe1db9bb0c05425a4fe84d470873d02 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 8fb28e0a49294cc21b51ee297443f6e1 |
| SHA1 | 0d375a54e0d99596822b57ce75fcd72d16d2b5c1 |
| SHA256 | 7bb13bbf619aa3e256e02e6b951eabd9f809554a07355a8654afd8788528a030 |
| SHA512 | a6a6326eee19b2f3b968c9af71f06154aef7152b4b7cfff9fe868b01ae0a6e0b7d54e7849a686160e362a48d54bd8d9fcee394ca0ef395b84d5f013b08248994 |
C:\Users\Admin\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index
| MD5 | 4e2902dd24ecf694fa3f4d3a21111fa8 |
| SHA1 | dec9852a1feb0a4a7457015fc1f75a87b75a9946 |
| SHA256 | 6932301dd04c5ac86aa258a2362134cbcd329f3aad847f5250df68dc86942ae8 |
| SHA512 | 32d8fbdde5445da711b729c21bb11bdf4315f7408327e33111b5b513fb8645b35bdca9f6feb93c13e77f177cbf265c909bad6f7dd2e0baa6fbcfb4340453106a |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 90ef7f04f7c88076cea423a134594457 |
| SHA1 | 39e4245718f76a2b86c1080e86684e6e920b8791 |
| SHA256 | c1048fb6417f01d0a0a8a7d018f329fc844144f3aa1932c0a18e5a56db3077d4 |
| SHA512 | f8aa6048851d84b98e7679da8355c2028e5e02d1060b34104c32ca9a5360ee70c707d12e0ac5f22f00631b3e12869436748f4dab8ad97d38e1b6b19db7210920 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | b1e277d412ed5afbe70c64d1848d3feb |
| SHA1 | 343b7e52d5de409640462a53fddbf3b386cd76dd |
| SHA256 | 584e9d958279e908d276fe95a5d4181cfa98f91b094bb7f7050c54f5ad866b7a |
| SHA512 | 3fc790aef36af580fe8e6beac4de810d22ae4489617421b91f02b3d4cc8cc85b989a3defa2955d2847d598e0091709689197d1140272773b43cdfa17514068a6 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 77e50639bc755e6c36d30f5f0e1792bc |
| SHA1 | 79449783e7304fdf025675922e55da432188259d |
| SHA256 | 2b76392be3a23ff76060ddd51fc29ae6fc6faf2abfd11b2a7af6a0ed7b3512a8 |
| SHA512 | 783656b427490d2d2c9b63db37c292e24e08efc75e37af3cd4583eaad9bf887fe4582a40399c53335c48388c68e0e97d7fe96a21f403a35a1f9cd9187da57314 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d218393db00e93d57ba22bd65d198875 |
| SHA1 | 57028c2ca29da560f7762458fbdbf2261ad53764 |
| SHA256 | 32d446488e9838815241d34f6273190563dd84839cd3a1ca91b50d9bb20b6b16 |
| SHA512 | 155c264a55841d16a507f6d11faf3618b1e18afa7eaacc64103bd92a4eb4f9b0d5afa47854165f66b8891d0067ad39ad503faa27a2f351f9d33c151343f199c1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 16d4a929a82949df9ccffd48abdae51b |
| SHA1 | 6c5b265aef9b94ef160777566396b285585f5ea3 |
| SHA256 | 96420d8631da38c71fd144689514f84a95b65e7f1635364ca1e05772f5e2aac1 |
| SHA512 | fd44b9cc04b562a209e7c3fc35dddabec77fc22487056ce66438f3bb9d2d4c70f976aa52794db66089def387f820c3afa007f34f13949230b264521f093c8b10 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | ccfd2a4459e476abaebb78885889a389 |
| SHA1 | b78b1a4b99e9bc5cf2ac207da03232ffdd4f8756 |
| SHA256 | 0aa728b4ef28ff4bdd4f169275ab01eb5263bbccf7b45de499dc1c3920252a94 |
| SHA512 | 17eff62515fae45df2376c4ed39eb6f69133f25d2e6c2db94ea0fe5071b404ae607f4f515938e22b969231039885eabbc4e990751bc79e6376f7b1eecf8f33eb |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | 83986a8c34589e842fc53e785294340b |
| SHA1 | 245fb5d258dc67837184e318e2cb6f3fe9a8c955 |
| SHA256 | 71efac82e00c5a6399709f9c37dc8df068b8db011d8d600cc9d6824a551672c8 |
| SHA512 | 342625668b7313a65b4bc0a387abf18c3d3f8944bd7c8b8e13f64644b07db85fe809853d39dd631bbb6635b2c4cc69b5ad3d2d6450a82a004b24fba45649bba8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b0eaabe6fc343507905d59b59cc18232 |
| SHA1 | 6c9585ee9303963325625ccd05c278d3af49c128 |
| SHA256 | ee97dcb8d1f540256794d9e4a1f9d53c578734e35cbd1e990c28bb3ec5c60bfe |
| SHA512 | adb89e5a67ba7bcd44c25edaad567b4c0751bf015c8c2612ae7acadbc1bc3905cb8a265c0ddc9ea102ddcfcfad37c63fc7b2939289a7cf4488626f9901577c5e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | aa06447ba816abe92f69d43fff6b3d23 |
| SHA1 | 1f7e2958ecc0f74421f0532e49a909e672ec4968 |
| SHA256 | b25c91bc512198349aa9fa724af22ba3d1399ac9b07ef278ebedfe73d96ed7aa |
| SHA512 | b5e28b50f9ab98292a05cbc99598827160537d40c74abfec6ccc1db3250a3f3b9f77dbbb68f4a14531179b9b11f0c93aee6bb73c9d627094dcf72dc2e27e9b03 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e743a9ec8de9a7466e2cc6843d509a44 |
| SHA1 | 110e97e31dca8184dd80b18ec41f13800de6a294 |
| SHA256 | 4759a4679cd3e169ecd094165916aaac55e448ce409d557393afde95933e8818 |
| SHA512 | e1b7b989ed1ae4b44ea88c930bdb1334949c384689e596380eecc17f923f8eed2af69b47370b418c194f6c174008bfd0179d39614f20e9d9bdd2a4f7954ac542 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 839a5b1693c8a6f1a166842b78f376b5 |
| SHA1 | 96cbcd2666bbee53b5fa67eaca90cb392120ce21 |
| SHA256 | 33c02595f14c7adb480f5253dd1201e22ea4404ace99fe1cce8dc155eadd0a4b |
| SHA512 | ea58f07245df539fdfd3b25c36ce3553bcef4bff50e35f970440cb90b476ebb32a5f0d90466b2a2c5bdf4c5538114bb9fb7941675de5f13144dad691d0d24654 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3e6e5107086db46f6bb067d60ee5f1c2 |
| SHA1 | 8cec1924a1401e787070b0fbc8a5ef921236be07 |
| SHA256 | 724d0c61383027ccae2d620e03b244a0ec3371611219d04a5f9f478b84f0a424 |
| SHA512 | 3f9477a7a529a2f2b90e6785c8188898b032f77827dfbe123cf4692c5f8638206bc716601d0e53b94767bf06798a80a3d4498780febd628ff8212410b93a7944 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 571c7901fb81b821a17fb0b0fdcea4b0 |
| SHA1 | a6c8bcec1db627a459621a1f5c18146b02d63324 |
| SHA256 | 0c8138bd1c64af4fc903840f1a398362f6ee8dfb8a169b38792db057e6fb1246 |
| SHA512 | dedb71eb09c7062b98b3580752ca9ab9c724fbd121b9f827dac438780c3077ea4e026a10161a136a21e6dbf50a2445690a1ef60fd0402f5386ed03c5df940277 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | cd17cde79171e07ce80a60e927538047 |
| SHA1 | 1b25b59eff20a96d29b1b84d680a10121a04eea3 |
| SHA256 | 0533ea19d9f4970791aa074f3ba39e1dfa9025f359f4bf10a8817b950e9430dc |
| SHA512 | 660de64570c6181d7a69bd25cf3ff8229eedcbf23859ccb09d92c7c10f70d1d8ace517f29d3811b990745dc7b63ebdd4fbf3b9b7b8e424599357a267d17154f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | a43ec3dd94da3e67c929ddf0756093e9 |
| SHA1 | bf873a99d0b78194077d451ea3f8edf37c8203e0 |
| SHA256 | 860cf86d4cdbd0548427885a1a6696daae2b3d365d2f38a3f1fc81b441b1e3fb |
| SHA512 | 6dd04e846c21f10aeb8e871051323d2f8517205a3ecee6a497eb3da0da34806c30f49f2f6e25f2f22b7ebfcef9f98d0a310464dff09034977e3e5c8d96cdd6dc |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | 7093bd893369de7f541e05446338eb87 |
| SHA1 | dc6b1294c0ef1bf0f4fe7d932ad9a4b93380064f |
| SHA256 | d9033aab36544ab5417c3f6a31efc1fb00f1c04824fb09d071051203a79fbef5 |
| SHA512 | 3a5e66d2aacdba5e9fe94ca78ca53e7c1093d63f0a5a301dad9c4b2e249181213967b41d8b194c7e2b53e29f3cfbd68c6db264dab259d5442af6c3e1c57eb377 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 278b5cf6a73d65536d27b64feed17af4 |
| SHA1 | f81ea07be77a9f0dad966ebb24adef271a6a4123 |
| SHA256 | 56aebee8fa66c5d520e0f4db32a5f7b342329c31b24c3bac8a6311762752f98d |
| SHA512 | ce4e8133e10b25b5d93f45f956aa957cf3cd54d4581fda7b5883efbb22f50162744c9a364ee492d9a0eddc8ee2b1bbc9c69b5af5741e0545cd248bf8250f16b6 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_00002e
| MD5 | 0ef1aa4bed895621c4dea36643bdad41 |
| SHA1 | 9ed537a5927f81c722f88c4b4e1de2cb73013723 |
| SHA256 | ab5e815696ee03ce46e04de1692f38ed0f90ee75796866881aa76e1bd5b8e565 |
| SHA512 | 7d303483f935292d93c657a76a743a4d795022ebcd4ef2ee7b833ab6b2bd326286eb8257ff5f5af450fbca5a52cb9ea99fb8f5b3f70e8509dac3a3306294b7b4 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_00002f
| MD5 | 9f7dceca91ed334b330b8b83ad7cf500 |
| SHA1 | e52af5767455a42644641a8e8e9e9781babcebcc |
| SHA256 | 3bf175e4033b91d3817f4be4ae639caae93109411a2f86fc09c74c17f6683e82 |
| SHA512 | 0313e1c3ebbb15db2dbd86a966366a4ec36d679fa4073be3bb2cd96f174df621426e86ef2ad13ca7b9fa298ee05e6aaa68f95375a203572f903bfebeb7c68cba |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db
| MD5 | 64490404f685cd8e745fcb17ea031ab7 |
| SHA1 | a6850d5b0baf0dd90bbf00de1114e0904c1c6132 |
| SHA256 | 150deeab2c80e281cdc8ae2d0db8931d9a6428a19c87b18dee2a30be7f5fe207 |
| SHA512 | 5e92354ff1799641d469cdeefb26cc33f28184a8fcb5717ca1cd15b1dfa76fb36ef3436466487391047c275a102bdd7e661602064f283f7f0486eb44ab9100d8 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_32.db
| MD5 | aa5ceb0b552b4f61a9159ed4472605e5 |
| SHA1 | 841a7eb964dfcc3ea8b76631339eb2ca6d159377 |
| SHA256 | cad36e7570a96df7c8dd92790bb4ee0bc01535d4037e9e8761097eb9abafbb49 |
| SHA512 | 2a857c60b58ac789eae5199bb33dd52c04183a6495005dac9d43ce89c123910b9f45f55f3c476061bb0365841165111c39df2f7aee55aabf35e95bfac110437e |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db
| MD5 | ede146db0afeb8bea0b35db412d114a3 |
| SHA1 | e74c53502108008b430d241a9b22b3f464be5602 |
| SHA256 | 67ba3786f42470cd4d6dd0913efa38e8982309fec633ffdbafa35d2217da9f30 |
| SHA512 | 2d03a2fff07e0f558dd410b9dfd084f9e3a99cb345d6ab2e377d4b1af04d9ac7bbc432ecaa70ebddbbb71898c633eaab57c28ad12f717ee16e3eec1d1f18a93e |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | f935427cb847d132f7b04820290a462a |
| SHA1 | b00a025da03f8f7413a2022d9b200b19128cc0a3 |
| SHA256 | 6ee9e1318fd51c21949c712049c1fb44eb0a0885d2b6808fb52bcd15a27ef847 |
| SHA512 | 8a6e31b4528accbc0857ce546016691979be83e26153ad47f880db89deba01dccb138ae487f28494fc1a9f623848151f7592b6bb633397b9b9817fdfb22ac200 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 5d73f866e1b7e8d66c6127a6468a0a70 |
| SHA1 | 2982514a628fad0c9d3a9f5baf72e910f3d33752 |
| SHA256 | 028697daa36589fc8d0d75f978c80452f7be0ba6f872d88ad45a97223af183af |
| SHA512 | 16c0c3ad7b9113a46f7ddc5815137569dceb8f3034a0bbad48d50a1166f52b7d77f1870e7ef7df93711475ed1c61c3443566aa5c5603777625df4e5fe0a81d03 |
C:\Users\Admin\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index
| MD5 | 5b2d5dc22e142782752bcbc8176eb2df |
| SHA1 | 4520ae0da5b748f75698137018073f6b5da1cb08 |
| SHA256 | b2c04a860466de2d6be6301b7aba0507afc839b04b288141e427d1ea4e12e0da |
| SHA512 | 6af893ceb21d9c7082627c6e9fbdb606209986d025569fe5fdafc11ff1e4bdc6d57b2e3351308674a5f2c052cf3f75840d95b8910adbf3c9512d1817aaec9187 |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | 507be280cdbcd456489113b6b3e487b7 |
| SHA1 | 93d637e36347d3d3c6591a1d2fabfd1dda293c8d |
| SHA256 | 8d0684953a6c2f4ef54fe418c0892d712d30e4f998f883e1474227c1db82ecff |
| SHA512 | 6541f054fc9b08a861afb0f28df9e98f0b357bb0dcc31e583e2c15d575239522ecf93eb5b520384b8364c032b0b476f67faab3fd714ece354357d22d3e8dd480 |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | e1400ec91b5d6980c30728850a8904f7 |
| SHA1 | 1833e15bf3f36d78f83a77803ad28f225cea4a2b |
| SHA256 | ad6b4145957d0007e5713135a5090c1bd33740e30d070c0bff912ca3c3d40be0 |
| SHA512 | cd59e80ce9cd1be3f3b931ba70c792693245ed250970e11b0a5e19cdcba0811225ff87ea77e5edd6235216ffc0e56e6c1feec710a9a2f448a287e750b527726e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2597e11bb0f3f7b6c15844000c2d422b |
| SHA1 | b9de87e4033b496a6c7a7cde00bf970af01fce41 |
| SHA256 | 9fdb727d6f05744f78b396022b3b32c1cd64979e9a1e9ba1f0c1cab76f7a1803 |
| SHA512 | 817b497fc7b902ea44ce096389a63e4b5ef08f27980bea5c13945f264c2de02bd1ed98de12ef1acf1afe7ad7c19f814a4cc33ac7472250b48efa0b8b6a61303d |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 7a3a00b9be601d1d3c557265d5474535 |
| SHA1 | 72f99159c9fd6b433d7a613b0cb590162cfe4c1b |
| SHA256 | bfe50afe9de85567d174edc98f3e03a29ecfa71deb1b96042609a07c5e0ad0f4 |
| SHA512 | d9dc79fdc3357800808c33e5a47f6f1b851861d50ea5f6c7d74de24a8cae12173b6a471c86c59198b6326b468e882f629b79fa533c2c213f13f19246692a8e4d |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\f01b4d95cf55d32a.automaticDestinations-ms
| MD5 | 58a146d1b0713bbbbda31c87e5726efe |
| SHA1 | 32a84cbe5ba799924adcb521652e927764f9a349 |
| SHA256 | 9061c94bcba67d552035c1ae08620c779f4b4bb98b3de71c9f1e2978098b10cb |
| SHA512 | d3e90c4aa6bf195446f5f06a8d8d0b9d5ccb9fadf7526007ccc53a4a11b8036ecd73985ebd4dcfd41e6212ae652bd4553b02338ffa6b471cded3c28fc5352287 |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | c7d9948e7fe0747f0e4525425432d4b4 |
| SHA1 | edbe630b23b03b78756c33f5e39da14bbb031339 |
| SHA256 | 1b2b073c3fda6c315488290b5fd01c5b50b81889e07fd687ca12ff0de8fa940e |
| SHA512 | f8dc9cbadcfdc3fd12fc0cd43afb9c953bcf58bb8d0ba1cc5f409fea5423b6b1fc759ea8978ff02189df366c9ae14229b2bad7490b522c0557af3f82aac6b124 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 6337f846cc6bb246497581ea06e1c589 |
| SHA1 | fefa14653f4b78ed6f6fafcc415176f17b5fe7e8 |
| SHA256 | 537f7d1ff1ab475d15550d43ac8719e5ca7dd06b1c2db252652a3633983d2b98 |
| SHA512 | d8ea862e647a9ba734d155aec449b679e1ecff9de96b51bc23bd4f771fa9480490a76f2af63a4c9aa38def7ca8956f6b6938be821c85baef3f7879d1d7b9a3c0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006d
| MD5 | 151fb811968eaf8efb840908b89dc9d4 |
| SHA1 | 7ec811009fd9b0e6d92d12d78b002275f2f1bee1 |
| SHA256 | 043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed |
| SHA512 | 83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 53313ae58f9b0524cc071bc9d765bab0 |
| SHA1 | 6adb8b9139e55426cd2e59562d6ba3d141efc8a0 |
| SHA256 | 5de83de61f2d18dafc39dd27decc30feb1fbd52000b7d2bbafe218bc5970ef82 |
| SHA512 | ad28ebc4a77b23fecd92f627e7d9aed52c55bfeaa21c22fdb2e81d6f0d582fba8d2ab9b0c18a3bb784dc12ba12302613d786750934f5646ec6f5ce5ef75a08ec |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006e
| MD5 | c594a826934b9505d591d0f7a7df80b7 |
| SHA1 | c04b8637e686f71f3fc46a29a86346ba9b04ae18 |
| SHA256 | e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610 |
| SHA512 | 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3c87f8a77f7c18bbc52f06f0e7943c90 |
| SHA1 | c1ffd4918d803573a6c69ea2b7c63e3a5cd5aa6b |
| SHA256 | ec035c6155668405e433588ac4eda349d7563794ea53f5b7e20e71297f1da06a |
| SHA512 | 7fcf9d99f2731b3838dfb3214cb8441c6bc28e62dad9327bcbaa47e733f078e513398e68f04e5802f2f71644cb91e27341666c6ab6979f2805e089e3be203977 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\580461ea51394c91_0
| MD5 | 0c62a6b78a42b0d987bb35eea4be2e15 |
| SHA1 | e5783b78671321a8f899141343bfdbb84cb4753e |
| SHA256 | 4eb2323d91e56d081f3c1663ddf942ea01c35a9fc8eab121f5986c0d491e1db1 |
| SHA512 | c55d94355f19dd102ba9a82d14da30812a04a70c3d10d6ddfc344bc1a95640a153cc61592a002dc44fb07d7b2a9f2836c5aaaa316eb652e563490033578a93d5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ec5ea768045d5c65_0
| MD5 | b5829994229ab9d8475824cccb5db5d5 |
| SHA1 | 8abb9ce2c0f41487a82f566b8dba5ae57939fc7b |
| SHA256 | ec95c6daa3451a12e8cb1017ff508253a4053b46c23bd55c5aa2b08c03cc5be4 |
| SHA512 | e8d8d32ac642aca4623690982f6605c6b220993ee58531e0c9653ac7b41df3c227e5617123420ab4aaeb26ea091a2d5d22cd0d880b40d221fee8ae2b52aace4f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | daec666808c1ba20e55b57393cc01aad |
| SHA1 | 3fd390f9d17cec6858045b78f3e643180c4409bb |
| SHA256 | 889737e9ba5240016f79a36c08bbc696226cc4f817e0dcb41b99aebcc6b088ed |
| SHA512 | 0ff4f3b0ce3507270df7fc4ac060027c4585af1583007b2f7d0d255b2156abcc3e07d02121adc24dd4e5152f71ae247974f4fadd1f301ebbf5760e29618aeb97 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dbb846c6e7188ec8805cfb54c672901b |
| SHA1 | 45b15883e9230360de0fb01e2f3b56879863e0f5 |
| SHA256 | 967c9a79cd54babcfca2edecec196ed3d8061f1a75a0b8155f0f08c0a56f7bb2 |
| SHA512 | f5799b0879db53f29a3d84a6984d030cdbe26ca030212202b06b0739747bfe8045e34591744606b486ecfb5508fd99d58398760f2452a627817c60fff9421052 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6393c6501380922636233e6b67a0db2c |
| SHA1 | dc895b9534e17a287262f414851be891de8f05c0 |
| SHA256 | 2b409bd23758cee6272ce831d8a949f0e350d7c8c296cbaa83f9897b11b24fde |
| SHA512 | d5dfffc17a27093fbd9131d9e05260fe68ac1fcedfdd7c097152f917261059059668a76374212f3120755abd500bf3095e21eeece33d393ce55c8572f866a1ac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 143002fe292a0a59e28314191590ed93 |
| SHA1 | e4ebe8d1c09bce93a6665e69812903097d41705f |
| SHA256 | d37f9907f2e801d480a58aa8bcc1c1d0363c39f00a96568ef98cfac37a03ad7a |
| SHA512 | e1108c213768fd3a2410feb4b73fe6bef020381ff9fb74611399d24a9670fcac8ca2e0c9710e5895b901041798ded5b6232288571539885885d85009afd0fdad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1c7167d5b52d008b_0
| MD5 | 373aeab5006f0a0475f041f5002330ee |
| SHA1 | 85354bec674c8284cfd53e13e9380fb54f245708 |
| SHA256 | 05f669c2a1a668829a3bf4a38c6eb7928d4376edfee636f8eda83d18ac96e7cc |
| SHA512 | 59a0a8cbd739dc5f4478c8dec014acad6da4d56562fc7c173efdabe3ab12252c73c9df08b7707fc0fad82b539d180acf5d8e55808b2ea1348a7d6fe9a16439c1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d628bace90128654_0
| MD5 | eabcec70cca41bdb569952b486b43ef2 |
| SHA1 | d30be6183eb038690b7d048dccf557541dd8941f |
| SHA256 | 9edf9114bbdc6d981d8e144d105721dc0118e78c4862f13e217c4bd3da3a6c54 |
| SHA512 | 0a07e9aabbca90f14bec47c4ba8361e0905ca93b5694af2b11de563e817f747bfd303b59931d6e467f61453448c4a8f45e07a4c09f89b20298353aace6607dc1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a6c6954769d581711098b59b20623ccf |
| SHA1 | e089631b45858b682b8a03baeba72ed5b4483229 |
| SHA256 | 0053d348424242e9d52a7070d3b749e2053b56850870b9127fb49de9edbab0a7 |
| SHA512 | a3dc0987feafc1b7353e11724308aa40cdf7937075e5cf30a5c34e06b4266da295bf2e4e2146ba784f65428f3786541c7a5638f18fc5f4c96c831697b2644189 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e094798bf72d32d66a6a05fdc3d5c2ca |
| SHA1 | 2bb07abcfba23fb50f3134ccbafc37c168ebb837 |
| SHA256 | 688433b005bc434241984a54a405aec3f42978d6cd664be73756ced6b1056548 |
| SHA512 | 306eaa8841948a293c14cde10b0c11993aa1aed5eac30be1c7c07178e24e3eefec82e0b844a0f945decadcdc34e380f8998ec4ac329cd4db76e4f45ce82b936f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004c
| MD5 | c71e661f482d2a7bfc565060281b324f |
| SHA1 | 4f66536e4d59091e4ce33e84207965c51330ecbb |
| SHA256 | 60edc95aa4f8233ce27dd1b122a78632a0b9aa5be0f183b27a08dd9fc58a4932 |
| SHA512 | 7bf62c927d45ba24d1465977e8d741b2aba4faee95f7d3767fbbd781c62b3c6bc97e1fb9f525d43f3c77202ae6f8904f3389c3ffc84c306c43be876ce4a180c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000057
| MD5 | 15aa12b9b0f6dcb7d4d14255199e1275 |
| SHA1 | 610804a7b641bb0a09a53c9eaa2bd5cea080b003 |
| SHA256 | a49e3d182f0d935df2dbc2e3b1dc4f477e53ce9e841b66f591d017b3024aad85 |
| SHA512 | 8e6a06260d33b9c66875b1b62b10e334dbf73a09e6eafb657ffa2fdcba8d9bfbc5789811bf85fcca05f2912674975ee1b482f83640573e7e66a33241c9eece68 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000058
| MD5 | f45817f6c4de3ac3de73c49c0825e2ca |
| SHA1 | 2aafe728d80ce0d83bf0e2b526996ba0a6924d27 |
| SHA256 | 800017ecaede000b1ef56fc5d8724019f14c5c7abf3f3abaf89bfaceeb437d09 |
| SHA512 | 6dc794e28753503893a7265e63ebd1cfb8b3f968d6387f62a6b9ed64b7714701ddbf3aa0920d991259a30816ce27cf6b2d4c2080d204dc67043887a94b9dbfc3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0d34298276410c75059ef2802c749f40 |
| SHA1 | 72c497867a6a9b9a0ab8a212b97001b8fddf6983 |
| SHA256 | 2cd61d43898c71c9017fc723654e97787dc3525c7a39d7cad923a1ef76131556 |
| SHA512 | 932d9fb6d43bd80559156594162b721494b3ad82ee37a9a57afaed741549b2e9d67d8329c30235102396f9b4642d9c2b291650e557c136fcf1a53d1a02d16353 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 76453f7a39d8972d014c04581ec9b9a0 |
| SHA1 | feeedc5a032ffd5e77512b3ea34ad1ab3b97ebb9 |
| SHA256 | 552c4628440786e4adab8d8f687a83c66289834184d8b9d380240c81c9c66450 |
| SHA512 | 5e75deab39bc8b247095de50451d46d09e098e40336a320b590e9a58caa821ed4519eecc45582ffb3ea949cd363e6a7127b618c70f103a6eddb4efccbbcd58da |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 5b8a9aabbf7a759ebde2c519607b7581 |
| SHA1 | caf613dcca900f2a4a288ac2f6d7a38d6ab5c3ec |
| SHA256 | 68169e9d1389056610beb75ce090ee9805efd3b40ad41f05f806704b0c80717c |
| SHA512 | b7e02fca5311d303003960cbde70a696aa4dc9582839a5aa92289848c7dd532067f919d3dda1dbe4973841615e57fe9160cc1f39808e28d35016f61c673f27e6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a1
| MD5 | 1721006aa7e52dafddd68998f1ca9ac0 |
| SHA1 | 884e3081a1227cd1ed4ec63fb0a98bec572165ba |
| SHA256 | c16e012546b3d1ef206a1ecbbb7bf8b5dfd0c13cfeb3bdc8af8c11eaa9da8b84 |
| SHA512 | ff7bfd489dc8c5001eea8f823e5ec7abf134e8ad52ee9544a8f4c20800cb67a724ec157ca8f4c434a94262a8e07c3452b6ad994510b2b9118c78e2f53d75a493 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a2
| MD5 | 9db75af2ae54430b2c88c452b4d66505 |
| SHA1 | 805a267ffe69bc89075066761742682e32461a47 |
| SHA256 | 921262b9d71dc673eed53926026576bdfd85b2f3192e12ec3931de84d48a8b33 |
| SHA512 | bacaa8f5afdca197f3642bb4f673321a6448c5e6c10cd10624cd214b3c0a0e8976d542efa2c9724360cfa7116f129b4f6a456dc3ed718cb8d75632ab55c89a44 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c1e668913f2594f542ed99cc35b7dd5f |
| SHA1 | 350eb5eb07b8d9b620014ddba73789f7e2208c4f |
| SHA256 | ece43069b672102bf28cd0639f172ce360be880d47d84c9438bf587330dd33ab |
| SHA512 | 612dc473f69eeee5baba149895d2a614c3262b85e4b51bc040d492666dddb4cdf88e1937b590407fd33aebf6e0830837013d5e2e27438d4783f1ea4f06c232ca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1c56a73bc88b95cc08a8bf27c444928f |
| SHA1 | f7cd8e19283942e770bbb0953b0d49f5c4019eab |
| SHA256 | c352d695145770e56ce4c95a7b55585066d9c60b5c12f488deefbe963a42f9fa |
| SHA512 | 32467a64fe530015bda7ea7e3955bed0d4868c876f3c97c2a0f8780ef3fcd59e5ae65a06d58e5a2bf0ff9511f428ecbf0155509d01dcf8643cd2e1f6fa8b6758 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 045bffe250bfac04c10f23480fdc26da |
| SHA1 | 2a27549433125e88139d25f55fb316b147ea1eb0 |
| SHA256 | bd7773ba7e8571caf44ec821fdb6bc0d5d1b9505367fc7ad1790170b3c301a0c |
| SHA512 | 6ec2b107f4df69d1394eff4a27abb87d8d8191dbcacde1d76e71158d5f4bd509bf47efd9d770bdc7411e830048d82b55b202dbaea8db43c55d5c4ea6a14c309d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ac607a72f1fc7f6870392fef619dae35 |
| SHA1 | f2b747c61c4212d7807bfdc15aa3af5422c260c1 |
| SHA256 | 14d6f073770b38e08221d2f75a420e009e844b237db73c7a336e2896de7965a8 |
| SHA512 | ff417231a42465a4b1a818ccaf35a7ae7d0733a08e4fa91d5dc9ae99a479b93df1ee68b2a56ce8ced53c99e33d57f9ce43d1ddb513f323c5c3350f262950e597 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | abb5cb4c9667f3469b2a82d310f0fe96 |
| SHA1 | 7060bd267646425790923b81bd589d9188791bed |
| SHA256 | 26603880fbb71b0f063f8ec89f25d8f8524804a266ea7561b22eefee8206dab5 |
| SHA512 | 5746909dedf49ae18146512f39ce70af04add22740f044089e51dddfb5a00315f2e574b1e8e9eb0a94542cf1ec0af7c59227d1aa7747d1dda67bca47189f3f22 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000087
| MD5 | a3b4e70a7580a08bd5f7e8d1a9dac97b |
| SHA1 | b6105b77c20e9a99dc1771bce08bb1be98337fad |
| SHA256 | 17d95c2f150d6ba6ffb32f375604210203e95f0fe777d936fa993275f019dc36 |
| SHA512 | ac9e4f737389b881dfb21d75b4a8d16fcfd4cf3b3e75a992996f5f0a97f87c2145833dcc976b4ff5f263a408e9801279addb160a07b7d3d5335f2742a7718e77 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d56198412d00bf10b60836dbd8db231b |
| SHA1 | b80bc13c545000b257b259e45271b10a0eaef3cd |
| SHA256 | c255bc330b9f70b34329bd932149bd81140c15d03cf42facb0175ff7e45c72e9 |
| SHA512 | 107d34ab64e60d3622dd24c8b23f6197d50230f7b1f60b71dfa4fdea994fcbc60146613086ed266c7939b43244a99303f05c98406f93bad4921120eb1a2a2999 |
C:\Users\Admin\Downloads\H2cKeD_BY_XxX.jpeg
| MD5 | bdca4c949c39d431fa3e876de4e82efa |
| SHA1 | 3616c7c5d959829018a16d1c10f7abca60ec1d35 |
| SHA256 | d4a85db40491e70105a3b2b736d563b932e54130ec8e2470186eb1b1c7b0b84d |
| SHA512 | d7a75354beb3febfdf8e3ff991cde1e68d2db626b8ce9170d49694a8d49d6c4422ae86d30f581ae33b24231b8ea7ac202bca7da85b57ada878f5e1c0c263d0ca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7ddb28936ad591736675958b2737ce74 |
| SHA1 | 61acce8a409dd0ccab7132fc8cbbfaf8d8714a6c |
| SHA256 | 15c5da89bde88332cf3edb357fe345247fd974b5401da1ee726c17e2650f8f4d |
| SHA512 | a4fd7c6e002f9d70d0c7a0e5776b3cd56d54f74a924bf4ca260363172046a959f2104a6b644bcfcfcdf046310b540ee2eb69bd583cfd2118561e2b20414548f3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 355e8ab6dd6632f2a9f23b87897e4931 |
| SHA1 | 29cf70fa8e7686f25e74adcf62ac0c3d78f231bf |
| SHA256 | d4aa5b0ec4f49fa3a394a88df2925fd29c5986120489a479639e1e034acfb547 |
| SHA512 | 7083d22648cd9c784ac3e46ade3bcf990570e60c4925c4068cf8c03c702c5e817a12d3436a57356c021862c87dcf92fdf0d485fe8265516bbe581d7755f9389d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f3badec2b3e8b38fb9a11206313f85b4 |
| SHA1 | ebcd3cd270430aa4cf1b028aa5d2f541d355832a |
| SHA256 | 88bfc893fd2bc365a081a1a84c91a39051725ea8eff4fb6ec28d2c164bc70d5a |
| SHA512 | 7bae9c57ab01bfc89adb8f7fc39fd436f10bb207fb6c24edff06d41fa20bc2d7ab95f21a808eaf746c85779cf6935e5a9209355080c3ecc41bfafa0ef04cd06d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | a6f9163528f194262b73abfb6e449ec1 |
| SHA1 | 752db6d938592ef6d782b9b06d95747cf2787817 |
| SHA256 | 4bbbcd15495f804ab5fdc4807a822bbe579734d55d1fb99cf1e91cf75d60af13 |
| SHA512 | b5f9f5e0840a2a512283efe894aab792505bbdf6a6aba55ffde2dbbc662e86a74346727fe143d5d4e60256f7cc2383c614dfcd47ffcc6eb8bcd0d5e5f9b6be08 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004a
| MD5 | 87c2b09a983584b04a63f3ff44064d64 |
| SHA1 | 8796d5ef1ad1196309ef582cecef3ab95db27043 |
| SHA256 | d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0 |
| SHA512 | df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2ca0023f471ec23f2bc57758484e2ff3 |
| SHA1 | 5558cd14fbe1ac76282a53b92e890734423cf6b8 |
| SHA256 | 39f5df2d81cc2f4554418dcf8e888d0ea49833708e4432890cb7d48e669fd1fa |
| SHA512 | d11c016b3cf5602cc76ca17ed1eeb430a0278ef3375c2f4f66dcd022bd93408c32c4af30c63e538a9e3e9e803ceccbffb8d9a2d3a28b18fcc6f9cb29b787175c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005b
| MD5 | 6e6c3138fd14c50da303a2829f2de1a3 |
| SHA1 | 3418c7572c0aa0f33f5b3a8b4c572650b7d13ec2 |
| SHA256 | 84b4e4fea26e33f3ae0d072ee0dde44c5700477575ac1e1f5ab7654054d14b4d |
| SHA512 | 03acec147c599dcfb6c05cfec71daccbd1b9e9b05ca3853876cc099970f92f7690c79bdf14d4e8bcf7e57a2068701b7c8c866c59d29b9eeb0a49afe5da1e20b7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005d
| MD5 | 225f04936e3bffef147762a512fddf04 |
| SHA1 | 94c9f08db4c2be93ace5de79f580b1266c51996f |
| SHA256 | ea7b3e2ffe4c9830223669d5d71d9c493b085ca85256cbb193da411d2dc9c053 |
| SHA512 | b1212b0aa3fc6318b74c157d5764b34a7833022c6208cf6659e3041939a1c8757812eaee5827620115f74305d293655b23018fde0cc5bef5d77c1984c37cee9d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005e
| MD5 | 9aca52a3b46f12b1463ab387043cb9c4 |
| SHA1 | adfd53d7379608afc81c61839c3678ae954ecc5a |
| SHA256 | 8e0cdca44bab56960567c0f3dfcad021c36711910353d3cbfa2f5d394b642182 |
| SHA512 | 85a4754c00576c1211227c0aa505f2092e46652b4d5adb26eb92db6d886281fc17d6cdacb9d807e804ec32458f8368876eb52f72cca6994f9370573c24e12ad5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000060
| MD5 | 104d145dc90c9aff7ec49742f1ef9fde |
| SHA1 | 9536c28c1413e227d61b040d83dee775fdfaf9e3 |
| SHA256 | 25caebe6c9f4cf41429327c4582b225bcbf70119e182038b7ef4610253bc7e67 |
| SHA512 | e1b46ebe16916872f29c1ac29dad12b4f420d82cab2243ca595572de7ccf8ed711de78efee48ebc202678e206978498fab9c16fa252e35f66ac9c9c0aeba9fbb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005f
| MD5 | 54476cef20aa3e041c5b14de32a5ab6a |
| SHA1 | 032a1be25a46f795208b0365455d34e1e3b17760 |
| SHA256 | 189be432c6fdba1e70841382153b3b2ac08aee391c80f6259066364be3ec461c |
| SHA512 | 0b8ba7bec920a0b73393fdcdb8fe399473965646b32ddee7a6734fa222476780c40b8ff74e528b12b2844cc15278bf0c065ffef32c227243829950623946d56f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 04593648b51e20a2a07606db4248481b |
| SHA1 | ad7555e815ea359061eeee25582978dcf9c60149 |
| SHA256 | 138576ae90d24508ca8a0216889b3ca7b1adee816d272ea36ac3a043ba28b21e |
| SHA512 | 0935d44ae9997f57b68b29304f246025aa8b8c89e2ca96ff4c9632f42434099172d85e07b0ffee7fe0003510d820283b9d2b94cab159368a5250f9cb594ab81a |
C:\Users\Admin\Downloads\H2cKeD_BY_XxX.png.crdownload
| MD5 | 410b5c3ff90001613b9054d423cb3ba3 |
| SHA1 | 10987e582825f9c1fba6af5fd7eb4d9bddc441ea |
| SHA256 | e0cb1c5c22258c26354bbf298068502088a519f7774819b6689fda5f0ef53fb9 |
| SHA512 | d68aaaabfe2cfcc259738548b03d07a818a92495f49f91eaca14a8eb32d98999ced1c387c57e3fb120c77d65da17cfc80fc49cca70bb1eabbd5c1f57dfc95935 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b724a1235c574742f2ce9c5bebb514c6 |
| SHA1 | dd0f42515d664ddefb09c1cc90e324b0c0959d04 |
| SHA256 | 1666206bde057901a300575053971ea631b85d82798f9be29f6bece3c69481fe |
| SHA512 | 513633a8433c1be87f4fe78ff72735b60dea6733d09d19749d20274d6fbfba1d77547d97a949678d206fd220edfde4ba37fbef766c52b2fb9a74a080252914c4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 175dbb18c3be17199b97b916571081a1 |
| SHA1 | e55e89702ef375156cd6ae8ea645f4d27d0aa641 |
| SHA256 | 0f8a5ce8eba890dd4cc231b3d82344b631e80e4d85bed29beec6a8231dcc68e1 |
| SHA512 | a40ae7e20e44de05849ff27b43df384d595c98e069febb00afe987496e309dec411a2ef0c31261a78263382b291130b5085b39665e46706038626f62f944946f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 3acc7ce90deb3b358c9316279bf23254 |
| SHA1 | e96932ce18c34a5083f891d758da0138813420b0 |
| SHA256 | 5731224be129ab7df8ff54883df43a3764dc647851aeaac499bb60711b4e8f8a |
| SHA512 | fd295c9ab3f3a1860a519e60f3734d8adec53fac54063259d3472b49d080ee75ebef4bf3cfa01f5bd2b060542c430a55812409419e2ab800a6be6a8bdae53adf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3466c2fee6c4d69c1964dbce8c494e2d |
| SHA1 | 8be116c2892b4507254ae870b2cae319bdb93692 |
| SHA256 | 8e9432bd7abff5a46b046f900c086a9625845a880ad6ab9abb9b709d0549c849 |
| SHA512 | a47f83aff184988396491fb43ab18ebac77b1dc064f2505a98be636edccfd638ccc4534dd32869fb8eef60a84b44288bba4b2f55ac8988171d122c5229b5b5d4 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db
| MD5 | 75d06afee679ab0f2db4f742aca7ecb4 |
| SHA1 | a47ac82c1c48283d503d4def414ab5b375636ddf |
| SHA256 | de40f3d4575fa0752c5259bc142fc582dc5697550a1211e0740503beeac6b370 |
| SHA512 | a6bd1dba6046f8315c89cb284ea42adff3a9db640c0389287bb1327bf132a9e7d14b91c7993029c3a3612f3790dc9d306ba36e52a92b87eff8f7adad0a60780b |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db
| MD5 | fdbdd80421d6ea104451d237d548fe53 |
| SHA1 | db587d30e7690c8c9ec9efec4a084780ea1c374a |
| SHA256 | 2c4857b6eb8a3a3f87e89c4fbb83ac4372c2750e9d9ad5946b26bd8691f91ed4 |
| SHA512 | 95fa618712d3a5992336e85a3425671c2a890292e2c6c3c921e41bf2eee42391ec6b841e6d927c7d88f740c24b5566e4d76921bb40ad2556717aacc93e358e40 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db
| MD5 | b3721c36d6c84ea555f3d94b067ed001 |
| SHA1 | 469d283102e746688fd36f5de5e7cfb0c53422ce |
| SHA256 | 13fefdd6deabc9111c4c989c886db2513448716ea589b2f0b39c166dec033373 |
| SHA512 | de816e72b14bd20d0ba15da8d902a969f730784756769337ec231f446ebd0f0a3a0f1993ecf1d6c3368d12eec9ea71e58083ccd560629b67b50cd3ecda19b252 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d634551b99d4d1f1494fc3cd3ecb7b9b |
| SHA1 | a81947ac6ca37f16f7243bcd9043598eb2b98cde |
| SHA256 | 8c65570f3284ffb9a126e6db220749836fd433cc695d3d99766ada94f38cdb32 |
| SHA512 | bae81823128f8a6b995d7c1e3d48f8219e72e430403cf465a788f0b7936ad257e6fc435bbc7e32c417a0fe310c7151170c07d0403c243f3bfbd9bcb40fbff0be |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_000066
| MD5 | 5cbd607210d5e18e5146274c3fb4d84e |
| SHA1 | 4599c8d27c9329c096283ae8222fd3d7e262719c |
| SHA256 | 13d4646c785bcfe8b5068ac79c3fda69e90a7df41bbd2e190fc52e1bf9be6432 |
| SHA512 | d05647cf4bcefe3f3c48c2fa45b1f50f91035902100c2a73c833bb5f44eaeb1d6b8873f4416e0f2ac374d598814c1c1aa4d2bc748fce6667110ea096d6fbf5a8 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 6c250e877efb8ff7aafe421a4c0c3c25 |
| SHA1 | 23e16ca74bc429f03824da89a660edb0eca8eaa6 |
| SHA256 | bc0728770e359c5aeb40007cb66d65f95f1d41df3e66cdae29b5309c46a304a3 |
| SHA512 | a06935ddc734f93535fd0a2204d06952d5583e34557f4d0e23c1689aa3616ccf640c445e84b3d71969b3a71da366702226cdd4ff71e4e652648b0c439da3400c |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | fddf1ea10ca935f2a52ec8729d07961e |
| SHA1 | 961d639d088a58884e37e010189e5ef3af888dcb |
| SHA256 | eef3138c37dac2ea147d4bbc1dc7f84c4b4c0040cde1948d8ff86b22414e68df |
| SHA512 | a5d0b43bd095cd17f19620862bfba14c80d514dd97a83a05e1dbdea24fe4747a688c2eddcfa937f90f407389e1b96c7ae099d58acb291b55e03adf95b04b4d4f |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 6b49aaa7a83415ee7f861887f1f5fa52 |
| SHA1 | 986cf5e0c2afa26c897dbcf995f16f0f5a5cfa45 |
| SHA256 | 97ae41fb0d215f3e29b4d36d01ab800acb85c7e47a87cfa5198eccbc9cf38a83 |
| SHA512 | c946d003a720d925c4ddc47105e5e8f2944347d26de39e6e86028d7116fe13b4fac575bc85b71f6b402a73ee328e1d4bad87c2587a2c428f2dd21faf6b33381d |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | e8aa238cec412d7d6e850d3f50ac1893 |
| SHA1 | 208fa612c2d89d58def7dde4716a6aec37eab221 |
| SHA256 | 99d391b42695ed7e9a5507e5e3389ad0e2c435452460f8722b55087cda5b1462 |
| SHA512 | e04c5ac6e0fa676cf0aed11b0106e5f524cac6e74a10ec9fe903164486f9c4c1d73cc9cd4b495967a359b64cc87adf138942afde9a0df1f0f61469b8647205e6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | d893295dc0c385b9f046f360dca40785 |
| SHA1 | 87112b3d617b9a096907b91551923b4b6208c597 |
| SHA256 | 8f54da4410e15086af94aff2933f388107bd68b0890efb61a26c4f0c06486faa |
| SHA512 | 1238b68bc6bec79e6afe72f064a9268f4261f83691dfdac0d9e0d50621de98c2efe039cdd0fbc6255462e2c40ac07a7909f058321b7096aeac37becbe3c3b222 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 18f8629cd582b08a5df022afb7351d34 |
| SHA1 | 9b1ecf9b2adea8a69a508fdec94b0eab3a79a4b2 |
| SHA256 | 51639d96fb1aea19d807c04926f9c3b15047ff65e52732576ee5a12bea197b12 |
| SHA512 | cf3dd5d7df2fe2ffe5c0437618aa881d859bab7ba724cae5b85212e48861dd189fb29fecf21065b5e99eb3b6dbfb5b0fa1e9bf8660a27d203c7f6a275e9c70ea |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | 0b1efd1005adc70cc1a04f3f19951ef1 |
| SHA1 | 033dcee560fdc7cefd5b7f9612b3de9d43241274 |
| SHA256 | 8ca23fbd8d860d8a538b708b7f976af5224999f89aa15d8327cec899944fbfce |
| SHA512 | 0e8dfb8e3a9148a5c1f713ae26e9b23998066d8c13644ee9bf5e9e4767e4c8cf594e83a031bb0c98a82c7b0fde2a472a09d0c4a40a06cfd0b39bac2715ec110c |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_000072
| MD5 | 9fc707ce5cce8440895eeec49c21f887 |
| SHA1 | f0e478501eea48f72b84cbaab5c13cd956fc7273 |
| SHA256 | deccb62f45773a2069ffdb14b1a8b63c79493d73b0a8387cc295280a91cb4df9 |
| SHA512 | 44726fb60a2d5762fae0127a338e8eff7c7242196d1e9349ae5215cbb1a1e5b1ef0ab4d2d0ad751fca93b0e25a1b4e3aa12fa62f1da1039b6de5b4e11334d0a9 |
C:\Users\Admin\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index
| MD5 | 99477e2e586af70d37d28448ea45f48a |
| SHA1 | 9e87fb648a7136edbfc779862faa23faa3a6d84a |
| SHA256 | 26c20be76214a39d57ba995440212f425567d3e1f95598642f53ddf3126dbfe0 |
| SHA512 | 3560d230928f4503a1789e9fae60bcc08dcec9412026da708c1443261783ff0e813ec784b1bf8b133857a971a77994a7d5a31970a68bf8c27ba91bcce900e145 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | fb4cdbecd9e58d72fbb5444d99e2a0d5 |
| SHA1 | 3f820ecf5506c64a20931d37156887782071e31e |
| SHA256 | e804a1461430b7550ba18ba64ac46510fc4a0493ec7b5144010a1eb24b93abbb |
| SHA512 | 295b5c105376133277a398b7247fac897f22d5ced22548b61cec763a103575a877f2b5004ffc096ac1678c85fae83b5bb57b79fc25128aa52fa8ae959402ad9d |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_0000ca
| MD5 | 8a86ed0a86bb78843b3ecc4db083e1a3 |
| SHA1 | 1f7eba67e72065c8800dedf92d0049a974db884b |
| SHA256 | 4089c13f1b45636ee55941c464925ff4221004d048cf35db63be74200bd48abe |
| SHA512 | b0e55f24865e3ec3c9725e43e426ef1da6f0e23c5617e5d85dd8cd19cf44f4cd93a9463e2788f15599b36d499ee58d32f09caa083e131ab95d09e590b124d5ff |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 9f6d422e2ac284180a680354b857ee05 |
| SHA1 | c64d3a058119f2f34b2ce2059eee47b21c70b80f |
| SHA256 | 8adf1396aadd5d81047a538f00b07772b5f28b980bc5d555fcd0837e2ff5a78c |
| SHA512 | e765025af9eb609b4562cb5f4a485f6d512a2240f5614a4620a79847836c93b97d2f7e7e41dcf08462503e3fe1581c215cec6c33b349b8f7b6e3215fa3c064ef |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 1bfa6ec5af051675184a4f5bc1182bf0 |
| SHA1 | 63c28abed3daf71a5e4b34edcd4521636b556089 |
| SHA256 | 556f12bef0f37e65e092674166a1e1614d94abc3a68ad454676a311272122995 |
| SHA512 | fdc1ce18ac87c3eaaf84b4df1806a19479af91adc3ccd349b476bad44883467996674f9051ae6ecc9ad50ebc6f18d1e086a54b61abbb8ede340c9a4840b0c71a |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_000028
| MD5 | cc472537c02118b892df1cc4b772ce13 |
| SHA1 | 1e6d77c96eb12f45dd92275b2783f551c30e6565 |
| SHA256 | 53647e8b67d5b575d50c63a1450ddbd565bb85b10b58d1162b3c7b9d78775755 |
| SHA512 | 016c742ab72acd4e9dc39483adff2d08a028b84b5688868d7d7e4b1e9f62e683969d328204ccfbd33128d50ec77587e1ac47a9bcd63ab340784e15afcb2ab965 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_000029
| MD5 | 6fae33a8a3fac071ce0301f04274d25a |
| SHA1 | f1c42eea5363121af34e45ccf0d8b2de7edb7734 |
| SHA256 | 0a2a784e77e4642ab1630627bbf0c2201f0a3600375995990b5a87e94032b029 |
| SHA512 | 09c9e0c77e7ae6db3e28c702ad2874d82fe57e63b3109b0b3657ef297c0acb5f245af3e84cebd8c0b07ecd6b5d4d83e454d05593319d4dc099a73766637f8e34 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_00002a
| MD5 | 4833106f2d83b40cfe88b76f30ff4c9c |
| SHA1 | b71ac4bd49f65c60a4f0b5be262087d8df36a1d4 |
| SHA256 | 75be90bec664daad2c8de09d421b0b180d9c8b47a7120b499a8ff90106070618 |
| SHA512 | 1f60e8de44df5f943f81f44b178d534e7b3870e1eaf3502bc14a46819beed56aabc003074c710238c33fba3d67ad3cea14806e325c3fc9e3764c4d217960bd73 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_00002c
| MD5 | 2a643a4d211b4930a8a21e6acd8dbe71 |
| SHA1 | 0400db0b5661b64ffb4570f19ea35a12fe632553 |
| SHA256 | 6147dd816fee9ed62f67cd23ac49316a5c7562345127893247ac36c48ae11d51 |
| SHA512 | f879e5dc7dbe47e10aff2cb7e08c85832eb1bc01165777bf128698fea1412cb8f12a2dccf5b5a2dd7a79253aff1026b61c5e1b2439810779cd8c6416f6dec7cf |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_0000c5
| MD5 | 0cafb8951bc76caf5a77ecb0af597202 |
| SHA1 | 065abc5e9f3b3f03ff3e208527fe9b6977318949 |
| SHA256 | ae5bb1c46c2afeb94619d74a9233252fed7acd0e4abef892fd0cf012bfb35759 |
| SHA512 | d8168ef49f0fe682a44c13bed73ea637d7de9fa999592c5bda1baa97e2f5fec6474ce8741ae85d8a85d1ec5c4c5047dc5be84312d2d01bc60690bb3dc87d7b81 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 65b81e5ada065149a42e381dd2e38e35 |
| SHA1 | 90c1c6791af3c7653b319d1ccc59d2a5fb754cf2 |
| SHA256 | 34a4388f15ef82250d223fdfc2485311edd7b3509e34cd68df601e7790095640 |
| SHA512 | be8e2c912879b4c980f6470550a40b46e921ce4f22e5a64a9baf8effb4487e25095e67820af567127cae56eb1baba2696cb736bc144fba7e47713d75a0a759dd |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | f3a614cd5004c48579bababf5103bc35 |
| SHA1 | 5abc12bc095653a0de74e6eea9c6115b45ffa695 |
| SHA256 | 49bd03a918f520377a28a8de7f96b1d2bbaf0f46bab74048d46a691a16b9c246 |
| SHA512 | 592832267ff9c2e56b21aa6af758282622c8d756145d84b1942432d49d75f8953a1e27b1b6f2c809c996dc79e06b4833f02457043c7aac0c589435826d1ce012 |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | 93a7f9436f1b61231838156e23b0cd23 |
| SHA1 | f3c78fc6d58e88b1cf91d2d903d3375ee78cbe23 |
| SHA256 | 20400d05bec30413bd2b02a6ff40a21ed70d7dda0ae5e73e5d02d0f7bb67bc7b |
| SHA512 | 5fb1b2b347f9012717026ff87aed334883334259e1b66cc0fe75b096e303b0177ce60313385caddd0b83383f54b093991b4e7c7ecc08d5911900f5216bf166f0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dadad3592aeea2a4afb111024309d1d5 |
| SHA1 | e44855eb3ac404cb2477066d1d4f098ee7673892 |
| SHA256 | d1b5c658f1000113694c9e2787737ca2092bfe437ffd92d1bf6b9aaff8a0ec0a |
| SHA512 | c4beaf77ce0d02acb22a41fab3858105811d4537e9ba78780726af559083206c333ca36d425b697e8a9fc29dd23341772961a56a749ed429c5def71b9b0d9311 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b5
| MD5 | ef39dd9c70535158060864fb619cf647 |
| SHA1 | fbc0a2a1078ded0c190aca9e2813c733041543ed |
| SHA256 | ef91524857c34812fdcacc60b661558b1206509603484800c0cdf53ae9e12295 |
| SHA512 | d10c2b3e7490f6c77f9b78db34f53d391ea2379c96cda91c51894883069bd52927b9008c0c55e8bf9081303fa3b570b47d22f681fb305612c03a55488743a2cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9f86d28e5a05cb84_0
| MD5 | bac5bc810f60fe299eaf7dfcc2397960 |
| SHA1 | e13efd0543f300a5f4db2ea0841c290ba59089ba |
| SHA256 | c01a3f0dc10a15b51192483787fd8275a251a9f74533b47dd372094bb6be39c3 |
| SHA512 | 4788606cfc49b254e1e6af1e16b9495973c3fa26ca46843e7a32a6ce52449bf5502c9a2bd778b1115f409c428db23b0044e9626543a416269f913d1eee4efbb3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bc58aa58207256a1_0
| MD5 | 058cb53dd0b587ac32d25cef87a43e47 |
| SHA1 | 65bfb3fdd2915f425c6d8528eb920c58a3e77a8d |
| SHA256 | 4944b9c024a75f65aa5e9a7744288429c606328b2ae4ccf53104a359caa519f3 |
| SHA512 | 0b6504b1db1c8b0221d50a73a81d7aad403347811d2970bfbbcd74b71f460dd521b4430ba263706c77c605c3183878006ec2c3600014a1173b415fc8f64c0d6a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6bba1e8fbf6ee9071defdad4bbbc3a15 |
| SHA1 | 35cce644b225dc8e013e3d660fe03aaeac9fb72f |
| SHA256 | b5b3dcf38a32d38b7d58bb11af12a59eafaa5d882dafe414852088d87daa3a4c |
| SHA512 | 81963221c6e4998b7c7500e00a04a9fb0bb3e62c3142b5177cbdf51f889e2624277ab978b2701b364abe97687343dc3eb06cbcbf19e92b06a888653226b6179c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6eb9cef769025f4ec941966374349784 |
| SHA1 | 43579fc57674e4c0c4b7b1987cf34519d39e4d9e |
| SHA256 | fd0466e2d6c4ba9105ef647393728fb7f05ad8d32566b9ffd98e4ffca66376ad |
| SHA512 | 942159e817e9f9e14cb8b000230f4e4d406ad2402896ca24eae08f04880ea7c9ec209b4287f87e003fc3c4b891dafac656b3e54beed23432697277026cfb8298 |
memory/5840-7081-0x0000000000400000-0x00000000004B6000-memory.dmp
C:\Users\Admin\Downloads\FreeVK.ini
| MD5 | acf7fcf9905e583edbcea61916e54d4d |
| SHA1 | b151da46ecb2129a2ec1b878d966e217dc2b94f1 |
| SHA256 | da5922b0090eef4c1e405a16bd3770960c5ad66bad8f8d509b7121b239979786 |
| SHA512 | 969f2d0e70e5349a67434eb5ac6aa592306b7c819d7093dd00f299e1f837e430d850657a049dbc3fd63a00d93206ae733d9ac85ced4f74c45a31f0b23a638f00 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 169dae40ae41f0e517d92c4719375acf |
| SHA1 | 495d8d94df4368165b333aa95fe14c2b8a05a675 |
| SHA256 | 5d29717584f490ee5b684217d5ea9b25bfd25a95e6d67585ba4d7cd9aab767ce |
| SHA512 | 3bdb8ddd5f564c5fda430592bff8f872febf121e394d0d16d6cec94dd2c937a3ae22c89d3fbdc329f5ac24f82069c3f5bc49a45b9442fb72cbc349aa08206b62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0b1d69d3484026b182a2c20e73ba61f6 |
| SHA1 | 2be628d47b1cecd19ea3dbf50f7e57a8eeaa9118 |
| SHA256 | f31c2403438c795b4c50f676eede0736bcbabb560a3456e201feda98e8ef5caf |
| SHA512 | ccba31e22a6535230fef1bdcf1751d4fa8b57223088cdaecf60c7f3870557bc90175f1197e6824ab7a87a4ae0ec76e943c5b2b04431cd6cced0d70095e964dc5 |
C:\Users\Admin\Downloads\FreeVK.ini
| MD5 | b4fb5e76ee6b434a732a6f490750066d |
| SHA1 | 22edbfd088ffd1c5f36001de16e6895044df4605 |
| SHA256 | 9bb9473aa82f8df99333ef3bcaa5317707ad88c361eadc8e37a6c1f2dcf1429e |
| SHA512 | 0f9f09fa3d41055de0735b42245de0139cedd42e9937a62508b75e19e6e86ad15bcd512694b79b9707c3b5a69ed6977384eb9b19332b77dd61d45fd74148bbfa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8c21037ec77857164cabcd9c1614aef0 |
| SHA1 | 11b0ddded71ad38b57359f76678110321a50953d |
| SHA256 | e0d75e1214bb6e8c0d94a55f0f6ebdcf1cc19a6d7e6c5d4dbbbbbda3226e9d63 |
| SHA512 | 27b704260997588f24ab271709a356582d237de87e96a72a5c8addb1e2e7061c8f2f2dede74f2b7803785f014ae991c6328205f8500ef90535d5ded50d3a3134 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 01d3ac3055cf72a714c6afa0710e025c |
| SHA1 | 68fec9cd49b59e3bc751c5a66ba3fcb279fd547c |
| SHA256 | fc31d631d415b74c03358358f056707ddbf0c06fc89b8abe0dab9f7c35eec88d |
| SHA512 | 4c3813b77361a1defc0e5f94951688c0fba019cdada4a2632941f03b4a537e1d6a597e2533b73308a1b582d2bcf1af1e7a3857d7d991d245b161068b9c5703ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 02312e7cc35d81c1a738286ff26500dc |
| SHA1 | 1908ca2a83269840cdf48a00ee143ba97b17536f |
| SHA256 | 0b9d90befd5fc62f240335221c0a08b9b670a9a55a9f6a8360a3dd0f8056ca0b |
| SHA512 | b819fb9ea9c159b9f551bfd340afda5d6b1f72ae4d3733c6ce432f8808acc9b41391ed2fdf3336785ceb35b2b08b35b729c2c767129100cfb3094891a7d21f9d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 694685a8758ce98426c8c3a13c0085ec |
| SHA1 | 220060f082643cbf957e45a5cafd1aa5ebe596cd |
| SHA256 | 5656b9b4233f6af4ede06c06cd57681608e321f67ed132e7a598e31a2fe0067d |
| SHA512 | bdee91b4fc9e0a0eb0fdc1a2343f6adbd96ca0ae2cce0c4cfc4ff0c70da850a62d6f235cee8ba1ff3c602ecb0a3544def0eb43f324e93f3e2cdd2fd595eaa860 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 7002d2b3007e94772805f6d332b8190d |
| SHA1 | 33884926501bab7f5eb0de76d14f98b608d1c025 |
| SHA256 | 8c35f9826288b00f4ab3749d8c22be80ddd1d3768ac347e8c0b46bb17a60edd1 |
| SHA512 | 36f382a4d5710fa6751505aefe9b7507c1e5c745fb575af6b37d960892aecccc0676e80c937eb19db95bcc0a44b2dd7d28fe6356fa9854115587bf4609a5dc1d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ce91c8958600b9f1d764d294c3b786a5 |
| SHA1 | df7bd83ba2ff337ad82961c3b1c13b180006e153 |
| SHA256 | 6b4f31880d329d191a6e47c774b19ccde9f800914e5df77e57cd4fb9c40ac752 |
| SHA512 | e11f36a281a931cd5f8bb35b9142015abc9a15093796c9f525328be04aed65755a6cd7b29a4d882df8ed53690ccd92a5889ec0616bf75de655060502dfda94bf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 350103ed5bf13cac71727331e83846d3 |
| SHA1 | eff4026929e5553e3f788a404e09a0b980ad2115 |
| SHA256 | 8d0abe363635fb34d961d7ef592f3b91bec17a8c1af37153c88a9a9e3cf85765 |
| SHA512 | 63ad9654c1e51c2c054c6ee87fdf4320625d2e004635e79ae7a2a346fa5a9072d970778225f6d5e8aae8c27b6976ad532e61b93f09b8fb9be2c29bfc2dfe9748 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 971a1e76ca7726acc206b7c61ed7cf5a |
| SHA1 | ce4b032a8236a411dea6206b19065d5320537210 |
| SHA256 | 2cf95f01553fd2ba0eb2a725ea60655dc60572876b7d5ba01ad5793cd91f8373 |
| SHA512 | bde2169c3064b90ace64766bb5e2b5cb9163c5eb3a13e2c84ddbc2a101e337a06a76a8716e00deeb60cdbb501a4b2858755702fda50efa6f71f9a3a2d6041b43 |
memory/5840-7312-0x0000000000400000-0x00000000004B6000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d50982155a3667a3_0
| MD5 | 70be6b87d4c8de3da33aebf8a1f29bab |
| SHA1 | 3af5f04a67da2e273800fa76d27356727f8d2319 |
| SHA256 | 5227e8662570651e7cda1dccf94c11494d3b7d8816e49de8cee0d36961525ea1 |
| SHA512 | 786b04fb2da51cb01d0f9e1cb850a903038fbf2f3e44908d92a1339bc7e2ca4584cb2bfedd64baf16d15529c917192db9be3fcf56e1b12c2606853b6d4af21b7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5dd0ad6188a1b357_0
| MD5 | f6b34f82a2d9b77ea9c48a86ab1197eb |
| SHA1 | 77b4b696a99f31846eef378ec50a6240a4548a41 |
| SHA256 | 62ce9bf60c44970269c2f91c9f9ce5bd87c946a666a67456c272d4f6e9b70626 |
| SHA512 | a3e75050e883cb1c0bb9e302d5832a58693229608101c73ac3c5fc907f06d37bd8e9a0278caa263f080260bb899dac74422ba3f4a8e6813a4dc9536ed68d3736 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\27e55977e2a32b38_0
| MD5 | 8d8a95ac4b81b801bd2042ff81d21e06 |
| SHA1 | bd7cd343c7337b1ed0abacfe3e9e00073b6638c5 |
| SHA256 | 62aa5efd080e2b6075a8fd069fbe917cf7ec7588a9a7ea6a0cd101de250a2fa4 |
| SHA512 | 42230cdfc7dcd12e3ecec38543000aee161282af64ce855c39e7897969dc853113ebac502324ebd557efdc9b54e90d5866d2b9701fc9a4e1f1afbd7cf479b4a7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b7a62e42363160ad_0
| MD5 | 4eedd0d9e9e8e106efe10aa9549b169c |
| SHA1 | fa90df7a9464e97d7e851bddcf2085bc617ad4d1 |
| SHA256 | 9c2b3d053891f238b31f74fd37b9a9dfbc6b28e3240092f07adea8e845c59929 |
| SHA512 | f39927095bdd59ab678a23010ff75bf0cf41ae154af3bf806293b73a8d28221e476c3759d38da4e076e1918d6bd374ba6103e47214511d07fe55a8f23b65e2e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cb36b0bc3e922ba1c85067e69bfc2e75 |
| SHA1 | a309f9bea6ed4a4e461c2a500420b95724a64b37 |
| SHA256 | fc1738d29c963db8da53a13e2ff5260ab08bdca924782ff685860f25dc61cbfa |
| SHA512 | e5656fd5783daec65d972a578be99e9151dcaee8f73004d8d246c4f62cd1e31d857d0e8cbc5962809765cdc784dc6c09bb2b7935861e626a565157bc279158ea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c8
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000cb
| MD5 | 9b37111695f4c37c0d38d91b686f1667 |
| SHA1 | ac0e19d73bf88170ac7395ee633403ba9ddb701c |
| SHA256 | 2f3cdb9995ff61c8febbc650e8ef03a1ffc81d7cc968c9de5052f237dbd2f874 |
| SHA512 | 8ef545da7241e713ea09bfb5bca38c63ef3cde4866c7120ac72bf7fa0d281bbcbc80324b4d8d164bbb23604efb31855ddc5e98a793958a43a07f4f5ba1c75c83 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 287a8c0e9baaba31371750478281903f |
| SHA1 | 6375c8a1d73c293601b910fe8c0379559dd52870 |
| SHA256 | 33779f66ae6e8a4415d735473365ee82d3852513d0b92baefd50572f1946f820 |
| SHA512 | 4f1bbc6d46159a7c0daaffb04296737253a8837fc06ab6e873579e8c49dc30b728f6e916feec10b9552fc131592c22562a2f9689a1b60343b4aac06607715354 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9f86d28e5a05cb84_0
| MD5 | 08b176c2451b80f73c79055edacf7690 |
| SHA1 | f2678ae26cd7bd43953f82588676d31fb97fc45e |
| SHA256 | a92ac82295423918e6554189c7681d55c626bedd0fa38efd92d9cf7433588e7c |
| SHA512 | df4c4a4093d57bf065106b9b39147ae732bdf30707253f1c13cf3dd167da9bf20e6f647efc62153bebcf089388a3f3f623553a736531200b149a70ac57bc463e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4c9fcb21a60f8601_0
| MD5 | 858d295f7221f3402b570918ef3af87d |
| SHA1 | edf7e7f82d885c4c2bf4f0f841c550fe9129dc8a |
| SHA256 | 67863bce1b92809865154798893acc6559955d4f6755bd55cb0086fb35bb619a |
| SHA512 | 0accab5313de253a5fb31a98ccc5d2a2655b4a8f7966cf07fac76dda01d5a16e4e376282964e916af9a79266eeffc76404d0e227090e278040fa147fe41220cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\43f57d7b74a05430_0
| MD5 | dbe13368eef22e8d5c7a9696cc7da0ed |
| SHA1 | d4df1b186c0abad7c801c878101172bd866fee82 |
| SHA256 | dd64b7daca9a269318d6dd12209710da0a0993eaa9ef8fac3d54ae6fcc4c4c74 |
| SHA512 | ea5b1823176948c8f842b5eff4ca6559cf9089170d0691f622c55a4905f8256a54d89e5a9f5f561329cf6426676e9e9bff3fc07541ceef41326484dad4c2b5ed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ee122781e27c41a8_0
| MD5 | 17ffb618f418d258a7fddb288ed63960 |
| SHA1 | 753fbb8ee64e056d7fb184956eabb489b7c63597 |
| SHA256 | 9bddacdd2c6bdcde0fefdd8d1d01238a5f7680348a8e5b7e76d37cf0029f879d |
| SHA512 | 5bbc642daabf4d9884fb1ef9e8f225a796d5763aff94d0a0d2acafebb2807a5fb0adac9ad29ad7782e62cf438f0ac6f759a75e6f358fe0f4450bb52066d4cec6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8719258ee2db8bcc_0
| MD5 | df00ff3c6222be7bfa2d69e3b9ea2d7d |
| SHA1 | ea2a3eb27a4af8bbb93310c01d4bf46a173b5bdb |
| SHA256 | db16117ca786b7441cb3d4adcc7f724488ee759d473ebca292c149f5bed324d2 |
| SHA512 | 7089329234974c6b7f411322742ea8f822ee3c34f47809085396df77868227adf3e5bce1766b859f2b42ae3b114c837a560b30926f0fbf054316c56f871410fc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5c255e86a21e3019_0
| MD5 | 77e9c6a498d657c6df4e1cb97f538149 |
| SHA1 | 0f2ee3edba7c28f844d9d27b7c164d07fc599fa5 |
| SHA256 | c2f3220dbee1253300a43164ec53d5f74dd97a3302b7b540bf4f6b9f5ca0357b |
| SHA512 | 7b915ee75cc642f3598cff37b0f7257a35102a74edf25522eadfcb9e6322346f0b58c29ed1feb3c41dd1d0f6dee0734ad22277b79f319c0d72c0dfca38c366d8 |
C:\Users\Admin\Downloads\npp.8.6.7.Installer.x64.exe:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 228b774d28cde46f7520b249736ed0c6 |
| SHA1 | 0ebe7622f7b627a54fd8c244c30648ed475f6cb8 |
| SHA256 | ae6a555a544c9440f338444afd3179472832fce1ee78c51deb61ffc38ea7660f |
| SHA512 | 07253290a3326f1ab0b406654ac43b4b614698d17750b49f6a3c887b299f556f64f6bce52c4b41a64c356690044edd019a6da5befba838f5d623ff5b632342e3 |
C:\Users\Admin\AppData\Local\Temp\nsq292.tmp\InstallOptions.dll
| MD5 | d095b082b7c5ba4665d40d9c5042af6d |
| SHA1 | 2220277304af105ca6c56219f56f04e894b28d27 |
| SHA256 | b2091205e225fc07daf1101218c64ce62a4690cacac9c3d0644d12e93e4c213c |
| SHA512 | 61fb5cf84028437d8a63d0fda53d9fe0f521d8fe04e96853a5b7a22050c4c4fb5528ff0cdbb3ae6bc74a5033563fc417fc7537e4778227c9fd6633ae844c47d9 |
C:\Users\Admin\AppData\Local\Temp\nsq292.tmp\ioSpecial.ini
| MD5 | 9cd15c109cec2c10eb2c12dbe14800a0 |
| SHA1 | acc46aa15af05e78e3fa5322006ce7ad744222e3 |
| SHA256 | 4d143f77d33c74e9d1ce45c0beb90cf3f98d8dea4f3cc3f2677a2a33b6043389 |
| SHA512 | 4705520d7cce37d402a842a594ffc8ade8f75d211f68385aae3d3fba8688e709b55a41f6934d783e4cee4587b066b5fd086621c49fb4d3ca7083b586d2d3c55a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5968fbd8e01cc0fb3bfcee582957a686 |
| SHA1 | c1dc2ca62a908efa06536b154d1caab5a6c14c08 |
| SHA256 | 2ff22c8ae7e19777e396981516c4f894fd4e8b308c7a4df0a79019109ebeb7ed |
| SHA512 | 82920c5d167e599607538781856f50355fd4d99ecd85dd0293e4a7c39d895b004d5893a7505eaf72b4310cf1790a81c1db501172520ba7da2cb8b67bcd580f2e |
C:\Users\Admin\AppData\Local\Temp\nsq292.tmp\ioSpecial.ini
| MD5 | f7e0766f1fff53f578b9ba0b27d0065b |
| SHA1 | 0050d6c4540dd3a107741f379b241308a9fdced1 |
| SHA256 | 5f1ead1d972c03da056662761c96f119db8a9ba501402cffafc9690d9bad75d3 |
| SHA512 | 4535f55c1f15318d95099a249de55353634cca99208c41dab58e2812a309f0fa658d542cd137a8d64f405ab656d5a60d0816a99152b2ef7a35659e8e3c4875c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b1a67ed911188deebfada9a151da307d |
| SHA1 | a3c90fb817ec780fb9f91303333acb4392515c9f |
| SHA256 | b3f8c69b39387b66f278d2e1ea6b42207399bf5e3ff54bd897b9d0f5f4c89a35 |
| SHA512 | bd7aad5af7a74f0625d72636de59600a092b1bc038ceb4300f0efdf43aceee5a9e5410e5f390b2741aff5811eee5a422317137a16f744ccf5e0884afd94a32a4 |
C:\Users\Admin\AppData\Roaming\Notepad++\plugins\config\converter.ini
| MD5 | f07150054a6afff4d8e9d58899167722 |
| SHA1 | e092cd960ab728667d91b37d64a02d7f6821518b |
| SHA256 | 5b0a08439e8e93817772f84e1098f14152d9da36c2601a0600ddaae6f61359d0 |
| SHA512 | 8c86aa4c058a8ab5fd26f21cacc8ddaffa8ce6012bb329d3c5b817da00b4b43018a575c768d1921c6eeab7537f172c7cb3de658b014365ea52fb3c87547182b9 |
C:\Users\Admin\AppData\Local\Temp\nsq292.tmp\UserInfo.dll
| MD5 | d458b8251443536e4a334147e0170e95 |
| SHA1 | ba8d4d580f1bc0bb2eaa8b9b02ee9e91b8b50fc3 |
| SHA256 | 4913d4cccf84cd0534069107cff3e8e2f427160cad841547db9019310ac86cc7 |
| SHA512 | 6ff523a74c3670b8b5cd92f62dcc6ea50b65a5d0d6e67ee1079bdb8a623b27dd10b9036a41aa8ec928200c85323c1a1f3b5c0948b59c0671de183617b65a96b1 |
C:\Users\Admin\AppData\Local\Temp\nsq292.tmp\System.dll
| MD5 | 4add245d4ba34b04f213409bfe504c07 |
| SHA1 | ef756d6581d70e87d58cc4982e3f4d18e0ea5b09 |
| SHA256 | 9111099efe9d5c9b391dc132b2faf0a3851a760d4106d5368e30ac744eb42706 |
| SHA512 | 1bd260cabe5ea3cefbbc675162f30092ab157893510f45a1b571489e03ebb2903c55f64f89812754d3fe03c8f10012b8078d1261a7e73ac1f87c82f714bce03d |
C:\Users\Admin\AppData\Local\Temp\nsq292.tmp\nsDialogs.dll
| MD5 | 1d8f01a83ddd259bc339902c1d33c8f1 |
| SHA1 | 9f7806af462c94c39e2ec6cc9c7ad05c44eba04e |
| SHA256 | 4b7d17da290f41ebe244827cc295ce7e580da2f7e9f7cc3efc1abc6898e3c9ed |
| SHA512 | 28bf647374b4b500a0f3dbced70c2b256f93940e2b39160512e6e486ac31d1d90945acecef578f61b0a501f27c7106b6ffc3deab2ec3bfb3d9af24c9449a1567 |
C:\Users\Admin\AppData\Local\Temp\nsq292.tmp\LangDLL.dll
| MD5 | 50016010fb0d8db2bc4cd258ceb43be5 |
| SHA1 | 44ba95ee12e69da72478cf358c93533a9c7a01dc |
| SHA256 | 32230128c18574c1e860dfe4b17fe0334f685740e27bc182e0d525a8948c9c2e |
| SHA512 | ed4cf49f756fbf673449dca20e63dce6d3a612b61f294efc9c3ccebeffa6a1372667932468816d3a7afdb7e5a652760689d8c6d3f331cedee7247404c879a233 |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | f25cb1af6bd539cafdb3408b344c58b1 |
| SHA1 | b87171488d1d949fd7cb5bfae3597ca9b298bc17 |
| SHA256 | e9c78b586b1f81ca07b15b8fd4ca7ebbb0a738d0e4260c5495086168572c3280 |
| SHA512 | f39026388d5e6f711758e8a56c6f92c93fa64ed9ba7258a0277be8e836cb40c575a857716e71ef50e88290994a4a45a0ade9266dba04e98de2514021ce69c06e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 31557319f69e4b26c3a9b15694044017 |
| SHA1 | f88629687ca58792a053aa360666bd8761868137 |
| SHA256 | 70e81be3dcff6a2bc3b550526a653db6c518cb363ea396f176038ebf216de266 |
| SHA512 | 8b5b374309f225a13af0365029ccba350e9e7f70e071da233674a7361ba5ab7b44085694af49ca5040b6aa8e7f3dfd526c5d2eb363f4ed5e9c3e03a8037b922b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | c94c8095d5f8af8873008baa5c61ee1f |
| SHA1 | 86f28ce035c53713e07747364c17d0026f2ba96a |
| SHA256 | 4552cf21852ec0880edbc23d244bddc0c5be9a0fb9be06d0e47bb477be19d59b |
| SHA512 | 02c8c1bb1dfadb765ea975cec7407c466ba6cdc6a99d6cae5894b599acee90b5b742107856b606f0d66e2efe7f27f36206f9db075a36c501476cfdf65dd5d93d |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 763de10353fccb57277d7ada3068beba |
| SHA1 | ddd439ae7ca23cf52f919adee9b09121117e3433 |
| SHA256 | 4c6e00ffc064d6b5bf2ba5a98fb1a72613d52e25751aa20aa7c773eae91685f2 |
| SHA512 | 120bf2c02866818329d50126b429c6da2d60d694289dc8f3a07b5c7cb300534838e9257ac8af258e1146518acc2252181402b8b540424d02bcd6f61bb60dff71 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_custom_stream.db
| MD5 | f732bf1006b6529cffba2b9f50c4b07f |
| SHA1 | d3e8d4af812bbc4f4013c53c4ffab992d1d714e3 |
| SHA256 | 77739084a27cb320f208ac1927d3d9c3cac42748dbdf6229684ef18352d95067 |
| SHA512 | 064d56217aeb2980a3bfaa1e252404613624d600c3a08b5cf0adcb259596a1c60ee903fdc2650972785e5ae9b7b51890ded01ec4da7b4de94ebda08aeaf662df |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide_alternate.db
| MD5 | db7c049e5e4e336d76d5a744c28c54c8 |
| SHA1 | a4db9c8586b9e4fa24416eb0d00f06a9ebd16b02 |
| SHA256 | e8830e7ac4088cf3dd464caec33a0035d966a7de5ae4efc3580d59a41916ff7b |
| SHA512 | b614037fb1c7d19d704bf15f355672114d25080223e7ee4424ad2cb7b89782219e7877b373bbc7fa44f3ad8df8a27eef4e8ccc765d44ec02a61e3b7fae88ae69 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_exif.db
| MD5 | fc94fe7bd3975e75cefad79f5908f7b3 |
| SHA1 | 78e7da8d08e8898e956521d3b1babbf6524e1dca |
| SHA256 | ee1ed3b49720b22d5fda63d3c46d62a96ca8838c76ab2d2f580b1e7745521aa5 |
| SHA512 | 4ceaf9021b30734f4ce8b4d4a057539472e68c0add199cf9c3d1c1c95320da3884caf46943fc9f7281607ab7fa6476027860ebed8bbaa9c44b3f4056b5e074d3 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide.db
| MD5 | 5f243bf7cc0a348b6d31460a91173e71 |
| SHA1 | 5696b34625f027ec01765fc2be49efcfd882bf8e |
| SHA256 | 1b1aed169f2acfae4cf230701bda91229cb582ff2ce29a413c5b8fe3b890d289 |
| SHA512 | 9e08dfbbf20668b86df696a0d5969e04e6ee4a67e997ff392099bc7ff184b1b8965502215744be7fe423668b69099242bba54df3f0bfe4e70acdc7cad8195b02 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_sr.db
| MD5 | 379523b9f5d5b954e719b664846dbf8f |
| SHA1 | 930823ec80b85edd22baf555cad21cdf48f066aa |
| SHA256 | 3c9002caedf0c007134a7e632c72588945a4892b6d7ad3977224a6a5a7457bf4 |
| SHA512 | eca44de86bbc3309fa6eab400154d123dcd97dc1db79554ce58ce2426854197e2365f5eee42bac6e6e9455561b206f592e159ef82faf229212864894e6021e98 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_2560.db
| MD5 | 2d84ad5cfdf57bd4e3656bcfd9a864ea |
| SHA1 | b7b82e72891e16d837a54f94960f9b3c83dc5552 |
| SHA256 | d241584a3fd4a91976fafd5ec427e88f6e60998954dec39e388af88316af3552 |
| SHA512 | 0d9bc1ee51a4fb91b24e37f85afbf88376c88345483d686c6cff84066544287c98534aa701d7d4d52e53f10a3bea73ee8bc38d18425fde6d66352f8b76c0cbb5 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_1920.db
| MD5 | 635e15cb045ff4cf0e6a31c827225767 |
| SHA1 | f1eaaa628678441481309261fabc9d155c0dd6cb |
| SHA256 | 67219e5ad98a31e8fa8593323cd2024c1ca54d65985d895e8830ae356c7bdf1d |
| SHA512 | 81172ae72153b24391c19556982a316e16e638f5322b11569d76b28e154250d0d2f31e83e9e832180e34add0d63b24d36dd8a0cee80e8b46d96639bff811fa58 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_1280.db
| MD5 | 2dd3f3c33e7100ec0d4dbbca9774b044 |
| SHA1 | b254d47f2b9769f13b033cae2b0571d68d42e5eb |
| SHA256 | 5a00cc998e0d0285b729964afd20618cbaecfa7791fecdb843b535491a83ae21 |
| SHA512 | c719d8c54a3a749a41b8fc430405db7fcde829c150f27c89015793ca06018ad9d6833f20ab7e0cfda99e16322b52a19c080e8c618f996fc8923488819e6e14bb |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_768.db
| MD5 | d192f7c343602d02e3e020807707006e |
| SHA1 | 82259c6cb5b1f31cc2079a083bc93c726bfc4fbf |
| SHA256 | bb4d233c90bdbee6ef83e40bff1149ea884efa790b3bef496164df6f90297c48 |
| SHA512 | aec90cf52646b5b0ef00ceb2a8d739befe456d08551c031e8dec6e1f549a6535c1870adb62eec0a292787ae6a7876388dd1b2c884cba8cc6e2d7993790102f43 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_96.db
| MD5 | 2a8875d2af46255db8324aad9687d0b7 |
| SHA1 | 7a066fa7b69fb5450c26a1718b79ad27a9021ca9 |
| SHA256 | 54097cccae0cfce5608466ba5a5ca2a3dfeac536964eec532540f3b837f5a7c7 |
| SHA512 | 2c39f05a4dffd30800bb7fbb3ff2018cf4cc96398460b7492f05ce6afd59079fd6e3eb7c4f8384a35a954a22b4934c162a38534ad76cfb2fd772bcf10e211f7c |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_32.db
| MD5 | ad5195cb3cb136a8f84f108a3a815fb6 |
| SHA1 | c8ab70eb8f0c4a8b3267cc0a8192a0c57b4b01ad |
| SHA256 | e68af2e86459aef90d384ee26a95b26ad2aa375fe507097f7c3dcfc84829dfd2 |
| SHA512 | eeff9341fe859f53dd6fcd827fd4380ef56a8f2a6d36c852b427a9029e1185f30da7b6fd8b517488cd351e3a2e5c3d35a7eaeea3d479ade46bb5b8449b2ba717 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6cee62515bc392b4967c6cd5f0e8e029 |
| SHA1 | 3e4c253e95705f270554559be8f18d42fd807232 |
| SHA256 | 074cea11913464bf9d9433b82fdfe67818e4cf05ebc2ad022dd4fbba663ea48e |
| SHA512 | d983d6aa55cb322eb507f89dd0e9180fedbb23cffd9f273e49bdfc68e7104ab09e8580d3ca9e11f089de35b71b77f5859f846301fcc03d83683120648b7e93c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7e3bd4a2a36e462e56929b29936e05c2 |
| SHA1 | 70c8462ac14e10664240800bc9d824d6a21fdc62 |
| SHA256 | c5d11fd01e2cc375a66d3a21cff611971115d6a7d2780572fe3af1afab78b48b |
| SHA512 | a66dbe314f7956912cbafc813c24d359e014854111203b9f65a14586ca49244a9e90b631c2a57678774087682c1629bcb8e234cfefd2c4c0743800368107848b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | caa43ec3b1a10ad2b690f1dc45f72dbb |
| SHA1 | e18f30370587b9dd6f9029d49b99b51536bfd34c |
| SHA256 | b6bdc8d0005a4711e0ad3633a852f4870940bfa2aba0bee869042e0c21c97db0 |
| SHA512 | a67c13688f554915bb509ef195f449b92514f9d10529214bd48a4367650196b4fc9a810aa8db7781c2115ba8a43f28ddbb624468cbd35a25e0bd9febb1ad4a1f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5b882c5f6c3bf2fb181dae00789dd63a |
| SHA1 | e9487affeb7abbbeca8a7e633437387751954526 |
| SHA256 | 10a15f50924a1d4941574aa383dda6e0ea68effd6fed46caed2045bbe19158fd |
| SHA512 | c98082fc409b821caea0c067234a10acaedc4a9e662796130a534f3788f4883a9f670ecfee4c6e24ce988119c70992d9f0704a060e2e5b1d2d6fe149d74501eb |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | 707b4938e63551a8c6a8df0983d3b57c |
| SHA1 | 64b5a08d69f7b03d49bbdf622f6aebf43d63bcb9 |
| SHA256 | c14cf0f77c5ba62e0a33a2f9b0f1b526c45a755bf6050483f512c8205b189006 |
| SHA512 | fcce97454fc1deccb8f25da9ed90a7e0977adb1f8b6765d5c284870d9e12449481a8750a99c20ef37ea53863f2f9b0972f4ed012b3722d686266dc8d06394ea1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a1de0893791b21caa3bd8d8c11e0f452 |
| SHA1 | 5c436972d2cef319665bc2f913d6845699701a8d |
| SHA256 | 21d55bddcfb8b40e906d4e7739d9d2f86d58e478965b5c3a30641a3f45ab4915 |
| SHA512 | 5d16ef780915e3a59db8415101bdec5e7e9c2964618d2aa24478d278a0d963dec6a6eb17b38fa040bf3dd5bae90ec3d1725c647d6abba569b4c7af8a03f28396 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cad430bc56ae6e3559847388c49c15bd |
| SHA1 | e3a5d6803c6e5b3316d75e76f0712a208ddeed86 |
| SHA256 | 84b1e85105bfc46bf1349b75946e987355a8b6ce42cf2b99fd6185e1e9846c4b |
| SHA512 | 54675a44359dcbd08040faf7d2fe47c3cca7a425d4c393dd05dff9f624e769f3c6f67c01cc6377d1248b43999c6d5174f9d0d154e961180426f89664c7a5f203 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 86a5b525aa7670d8d82985e60ee1a041 |
| SHA1 | 1eb7d7d8f7b6934d8e6dfb8dfe6a060ad9c2ce58 |
| SHA256 | 443f0fafd661795870398a2204fb7bfacf6e7012ceba45aa0c936b57c15d15a2 |
| SHA512 | 437188eda835b1fc1a46c92e6668ee5ab8ed10e143087994b0357e38ec6d7afeaba855c2631ad4529fafcc952a80fa219135e26f3f4559bd232b3c676d26e09d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 31d15dac41613154003cbab9abf3bd30 |
| SHA1 | 0077114e7a73e45328840ca7dc265de1a86bd766 |
| SHA256 | f88495ab277bc63a82d975469433489d84403216462890ed90a0b86265c1b00d |
| SHA512 | 2266813e4f34a90dfb67c92fa03c7d2f60867384c9a62e5cef155b3003d68b44f3ff6d234d735e0d7d860602054126a623e7f9bc487cbd50c65c231d5fae8201 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 8145fd51ec9ca62eec68edb379f59011 |
| SHA1 | b3bf0203763fb3d0af4cb886e3195000f86de219 |
| SHA256 | 4e336ba47ef4017eabdc2b9c72f432afa11308c2ef27932549e18270ce24e699 |
| SHA512 | d41b4face9083234c67d45606acad203bb22baffd8a1364ef45630c3e1d1ea3b558b82fa98b775322c1c471b329c0d83c657f4a8299f93fff12f938c8251c3a0 |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | 929137d3c5b7a3ab46b78c2d00e9c8b3 |
| SHA1 | 9c4ce9841146b9f231c140eb7f64804101693eb2 |
| SHA256 | 558fd8560e465e0eeaecfebe28890cfe02ce98f91fb97435f1f1b154da615481 |
| SHA512 | f25f1f60cc0d7f52878496a6d589434baadaceafe3347937de2baa064c8db0a977bd089f925e1969ee9a129bb45495263d54d78f08d59ccaa1a5f4fde943f797 |
C:\Users\Admin\AppData\Roaming\discord\Crashpad\settings.dat
| MD5 | 8699e2d178b3183f26b124d336d69eb9 |
| SHA1 | e00ad12db370ede7706bac16f6cc7772fa2f9827 |
| SHA256 | 9616ba8804afcbd494beb3c823d20514bed1281f671ff8c0f15f9712b996ea2a |
| SHA512 | 143f27f617961dc4284faa9d831d32e3459c14c556a47041873b41d673d18fe37a30ced0b72dea7813c3f91230ec7dbd9b6a25b5d9f233f6a3d9663ccf969da5 |
C:\Users\Admin\AppData\Local\D3DSCache\93e7f05821b87c7e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\Discord\installer.db
| MD5 | e28f3f9ff47a277c92e5818453a0e71a |
| SHA1 | dd61fa48a8ad7fd47d71187753917b71c6c6cbb0 |
| SHA256 | 6727101638376d998b23ebc85f3b408077b05ba1c09fc044846b272fc623327e |
| SHA512 | c77d42d20aa75c39c3b4096dacbcd0ab76e89a97378439d5da1502b343623b77160a20ade61e1cc7569a76b115c949666b4ee186fdf9dc5127c15dc286fa2cdc |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_0000e5
| MD5 | 3d6549bf2f38372c054eafb93fa358a9 |
| SHA1 | e7a50f91c7ec5d5d896b55fa964f57ee47e11a1b |
| SHA256 | 8e401b056dc1eb48d44a01407ceb54372bbc44797d3259069ce96a96dfd8c104 |
| SHA512 | 4bde638a4111b0d056464ce4fd45861208d1669c117e2632768acd620fcd924ab6384b3133e4baf7d537872166eb50ca48899b3909d9dbf2a111a7713322fad4 |
C:\Users\Admin\AppData\Local\Discord\installer.db
| MD5 | c7244317eaeeaf6c1cce9df013e94551 |
| SHA1 | a6f5cda31d0971cc00661a821c3c351b0cfd5c99 |
| SHA256 | 5c89a48d42dbb4ff3b206e3d2b2b307c5d144444d45b74331b3e2eeccecb1f64 |
| SHA512 | aacc2e696b6b3cdd39d4f308cfcc68c23273a27e65e040fa10a355ac449269b1bfd0cbd036d37d122661f69e254411f0a4194a60dc38a0cb8c3804752fcf061d |
C:\Users\Admin\AppData\Roaming\discord\sentry\scope_v3.json
| MD5 | 296c00647c6bcea00b976ff3842099ba |
| SHA1 | 66e4425aafca9de71e23352765596b874592530c |
| SHA256 | e83df6f7cd8e5ad8d6f18a489b8aadbd50b8262ee9f807a8c122beffea09ca03 |
| SHA512 | 4a22964aa8aa13077f5e1d4eb8ecf020e4beb165927b94212346de17702d1265b9380fcf2806894e26c2c942a737621e92a809b6b571ecc6c1c7a71620fe55c2 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_0000e0
| MD5 | fbae9eb14776a5f7b3960142fa91cfc5 |
| SHA1 | b0db60502f9feb13d1154456b7e0b49bf1da1bb4 |
| SHA256 | 14b94a4090bd6593aab423f2b453e27c03213db0cff9e6db521eacf32dfc519b |
| SHA512 | be6b13c10dbea60575452d3cc84643c2d2b0a01e4ce28cb2455739c06715f3a82a4335705d98b66491c97ff56bb11c9934282f2a76269126ec9ae3cc573ed49a |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_0000db
| MD5 | b849bfd4c6400e0999b895809b310ba4 |
| SHA1 | 89b0934130ba6a1dd26ce32e57d2759f86395d0b |
| SHA256 | 071cfb067565cdc1182dd04d0fcff1a5667ab5e244cd84b00cbbf5668ebdade9 |
| SHA512 | 0a313e8a2926118248417db6be389cc5e97a136a7ab669cd143d04845f8423955309370c37678efa7a6b2ab86734a1eb97eb227170c7cdc650e21cf0ee66c368 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_0000d6
| MD5 | 46a19864d49dae58bdb6c49ceb71ffe0 |
| SHA1 | f52458451131afbc0739bf65f9bdf72e9e0595d2 |
| SHA256 | 34bc478451e0fe925f6ae9ea1a7366cac81ab7c96447c6a9633f46469a729bf8 |
| SHA512 | d524f287e4485a418a4aa80bc0bb90ed5c699d1528b989d5b93e243e542b06a32fd1bcc84a2ffe4f0f70baa78b93a045f5a922d94907cf3c35edeadb890050cd |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_0000e6
| MD5 | 71d3e9dc2bcb8e91225ba9fab588c8f2 |
| SHA1 | d7e38ee4c245f64b78eb18e6ecd7b9f53b3254a8 |
| SHA256 | ae99aaede2f373187a4fe442a2cb0ab9c2945efbab01cf33e01be517c0c4f813 |
| SHA512 | deda05ebd575d413aa2277876991ecc2ea238907390753485ba1b487ede2f432363c46daad5f3f240eaaf8d3258150829a3ae3d2d9c420ea59567cfd440361a6 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_0000e7
| MD5 | 7f63813838e283aea62f1a68ef1732c2 |
| SHA1 | c855806cb7c3cc1d29546e3e6446732197e25e93 |
| SHA256 | 440ad8b1449985479bc37265e9912bbf2bf56fe9ffd14709358a8e9c2d5f8e5b |
| SHA512 | aaea9683eb6c4a24107fc0576eb68e9002adb0c58d3b2c88b3f78d833eb24cecdd9ff5c20dabe7438506a44913870a1254416e2c86ec9acbbcc545bf40ea6d48 |
C:\Users\Admin\AppData\Roaming\discord\tray-unread.png
| MD5 | 501fc444768f499ecfaf5befe1b090ae |
| SHA1 | 8c63e33140492b2b64a6512ccf6d4f0cfd379435 |
| SHA256 | ec242dec681372df01ce1eb96aecf9a1638f8e7a067966f45ab83bc8acdcaab7 |
| SHA512 | a63256aa5cdc3b2d3829afabcc44699ef40703c6cb8a014b5820fe050b04a1f09169edb9852bc54f72f047419651a163ca5886acb7270081c31de05bcf67dcec |
C:\Users\Admin\AppData\Local\Discord\installer.db
| MD5 | a0fd252c20eb4d7d62eb9188bafe9bf6 |
| SHA1 | f2d3d8dfd19b1aba57b71bb76d10f05f80f0cc70 |
| SHA256 | 214a7ebbeb452ffc32b5ee5226be1e1e73d8f2650e5e899c4f9f5d94833d40c2 |
| SHA512 | 7e1b6185d33f96d423518d9e08cdfb56fdb3c5e937d6e119a6919ef73d344a1f44113fb1aba6b0e5e82c66cbb463a2033938bd82a10f439888bc66c44d2560dd |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_0000ed
| MD5 | ff5eccde83f118cea0224ebbb9dc3179 |
| SHA1 | 0ad305614c46bdb6b7bb3445c2430e12aecee879 |
| SHA256 | 13da02ce62b1a388a7c8d6f3bd286fe774ee2b91ac63d281523e80b2a8a063bc |
| SHA512 | 03dc88f429dd72d9433605c7c0f5659ad8d72f222da0bb6bf03b46f4a509b17ec2181af5db180c2f6d11c02f39a871c651be82e28fb5859037e1bbf6a7a20f6b |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 3edc4dea75554c5f3552cdf6e563e0eb |
| SHA1 | 215b313131777447fa4cb0c152c5a7cb9876f457 |
| SHA256 | 753ec1740fbd7d207f617864c7cb72997291b512d2c3b4b8fd224780d181f575 |
| SHA512 | 783f3578e00ceb937883cb9019b0b962618f5b6518514ba13c96df4569bbcd350bc178b4690d0175e951c18786722d590f4f394127a5d759d6d39aa39833c52a |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 48bde1d48dba4d835663e04f62a06390 |
| SHA1 | 14f32f2424b2f18b74320692338b36bf52404ce6 |
| SHA256 | a46969777079708610ace9f170691518b7d2d9b39471c6a256dcbbaec44536d8 |
| SHA512 | 585fe7b891ed2aad0f3bbc0e0c8a558ab9ae37e67b2ac489f70ce7286723f4a99484f231e2f1d60f8454c59854497e3688c4dcb7152ef9e8afea05c976307660 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_0000d8
| MD5 | 5ad9ea6f04cadb85b456caec47c2a6fa |
| SHA1 | 0379193ce0eea1ba951d5d3bbebbe9004998ff20 |
| SHA256 | ac86a5802829ca18f8eadd4c54a0c68f18654c7c361416ebb917feb892ca40b9 |
| SHA512 | b9fc318800683f35849f88fe4fd6a7b7b052eec43eff3d4fab547538c5f197014e1fe4571b856b25b9ad4fe108e45feb6a0773d9839600501fd1f2bce93aebc6 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_0000e3
| MD5 | ff3d5307766e0a73a0427f5fe90a7265 |
| SHA1 | 180526c9eff93bb1e452800a0c09d98d9ccfcdb2 |
| SHA256 | 61d277a402e20292a15a84bd9e45e3b705722cc2ea44b8d898c2a031d1c35161 |
| SHA512 | e6293a369d003834e5fdf0db246f6696b11e44eb961bd4bd79964624e32b9182310a7700b45a72a8bedfa0bcc52b1ce8633a388113c4cf84974ac55ac9b403af |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_0000de
| MD5 | 7c961e6a8e11c7b3e8401fe1354bc826 |
| SHA1 | 5caca8dc00c64dcf7589c57c7648cf8fe04b30a9 |
| SHA256 | 479f02eb4181d3b35cc9e30bd3fb08a28a3d11da9a66fc1e3bbf8c694bfe76ab |
| SHA512 | 14ea76196fdf421053f00edb05eb327dc375dbe95c33267b5d37ee4e37337ff4553ac028d476ada581daf7ae0bd3647eeb2aa75b519b7ccb174c1ddaa0c4f036 |
C:\Users\Admin\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index
| MD5 | 7161f193d48726d0d8529bcc0cf80ecc |
| SHA1 | 4674fd424be8b9b5fa75b4510a8308626162170b |
| SHA256 | db7b444a27e76d35de7a45ebaaaa810a853076f236938eb5108663a0e29ed54d |
| SHA512 | 1a616e0c4ffdb6aff91af79e8a3fe975c2999a74669a58f18e5e0c03df7dc61ad8c2bf39ece9aa00315e3bec9ecd8d54683a9e429af1e0238eab1eb8e67df91b |
C:\Users\Admin\AppData\Roaming\discord\Preferences
| MD5 | 3dcf7056c6ae5f347aee06bd5b7263e8 |
| SHA1 | 189af274cf0aa044ba43a670403f1c7bd5cbccc1 |
| SHA256 | fcda0d166af80b1609460caac7810b856037792f8aff8f5eb669d116ae643c2b |
| SHA512 | cda7600f7b26f5c31e522c43fd97996179e6467f4f1cce325c6aaeb2a657f5732a114fa2e1ab04d78c0084ff8d771ed1a73716662768f224d14d7e95d73f1410 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 74250917116204ccbe52fdd0913bc661 |
| SHA1 | 17ed4c83f3c3eae82f3b7a287cf78a209fe097ff |
| SHA256 | 0df1786e060257b929a9f16a9f393c34e8006fcc358e4e35e5d4485d4aedbb10 |
| SHA512 | abc7419c17c830c5340c260279fa8ad10a3af3a0bb733b4fa902d2759e91c67764ee110ce2242ac9e65c4d1fa40426a1fab782439b326a247c1ca7aabfdfe741 |
C:\Users\Admin\AppData\Roaming\discord\Preferences
| MD5 | ac8536974a9936d64b7f5e4f8432ac00 |
| SHA1 | 49dc7cec4238217e927b105eeb20ea8bb17f80b2 |
| SHA256 | 03ab3049675042a72e53f813d7095a6551426972f0cbaf52b2dbbb969f8eb816 |
| SHA512 | 21516d4900e6a26659f05ef58c14f41f9b204b21dcd2e22581f7a14378831e90dc58748b3d98320718c5136f5df6050aa8a413b4d3cf0ed1352e2b5ab9c896c9 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 65ebac0ee09feff3113e5d83c96d03aa |
| SHA1 | dac73d361225b9f7cbba51e98a341d35f2e40060 |
| SHA256 | ca06438bc1eac4903dfb9db7a651f093002f698ecec0e657d218ccdfd4428851 |
| SHA512 | b2af8360cea9ad45463e23dd5df71d9bc0b77690e4b3916714b500435bdf0335fcbe7f301531acf9fd79b845ac7713b51ac3239e74a552fd279df76530a15edd |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 3f9a28ba492326f850e2becd21eff33f |
| SHA1 | bb7b111ca6c3fe5fdd81f577770f1de6e2ff33bf |
| SHA256 | 6fbda0c1191a44330e93b672f55ef01fc24ca5a5ff4ee92e98cb51b153a390d4 |
| SHA512 | 91830dc621f91a5f7bdfea052abe08a4551092b221495409f46669de36780e63eecde2a78e1e7cfd3452aec77aeb73f5f60af0fe48b6e830237581df6521d561 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 204c5818c625f42c1cc2cf01aef9afe1 |
| SHA1 | 859c856cd96c5fe1a6949f2b7860ff10e27abfd0 |
| SHA256 | 0fc51158d57d7d4b159380dbdd1bcf377caada718f8e505d14f81cae8d1b392f |
| SHA512 | 505e14c7db4a5113a8955f52652885541d91936c782f117d11ab5926d34fa1fff386f433bef63befd7332ded3f4a0224c3ef932b425a2ef1b5c081a1dd7af1e6 |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | 8170ccf1fa51de3a11d9953398beae3a |
| SHA1 | 2432140ff618ecbfe1f5623f3f2dd0afcc9a16ec |
| SHA256 | fd7bfe3d1adf73d811e1e60d7792b31bea96b5b97dec50ad4abc7e57720125f4 |
| SHA512 | a8080c3dba71a22b2287f71c2dd18ed681fce6e81e445e595e5611d8bd28eab536bf19d8d6cc74db137438927721422ef76270f944386017db2cddeefdcb73cd |
C:\Users\Admin\AppData\Roaming\discord\Local State
| MD5 | 6f8115b64ca9422f5a8c054091a53c00 |
| SHA1 | d8845c65023cccc20f43c0c30cec0ddcf300625a |
| SHA256 | 4cc892e692a3439a12468de96bf5ac7781f2cf62c2cc7cb083d684f7877409f0 |
| SHA512 | 91e598e95c8d105487070b8ac103d54c2d73b5282585dde2e10477fc3cf8f68f4bce50431c9e21d37e1b313b6165db59cea01f3bd51e5a326706b777fb6a6445 |
C:\Users\Admin\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index
| MD5 | ca29544e1e7a050c5a26a682f053185f |
| SHA1 | 33ec6e0b85d861174b680f2191ee96d638a8410c |
| SHA256 | b4a4101b64c9b6d5018c8435ebb2c9f66160dccd84e0e2f5ece32c565d577a4c |
| SHA512 | 6072038589dbf24d77e1af84bea7b4ead38f0abb61422a27e46768289c140cc9d163cb73a356ab34dc9f343d74aa5ac11f176109163f05242bc2e1f808cbffab |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 268f27d07cfedaa9d489449484b9a04a |
| SHA1 | 42115da6ce2a33e687c83203f110b4acf0546c64 |
| SHA256 | 720e8fc0db26b8a0c5f9e74d7cac41e0fbeb4c7b0815f1d14f5f636ce5e75735 |
| SHA512 | 1e7a84d5bc4671a27632a8389636f1bcb977fb9be64e0bf5a741515bbd622e2e2a76c712edb4aaf4df0ee6c035149c1363b995ea9d94a49a9f20ddfb48d0a8a5 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 98f052e4a732a5140f50ba3b826dbcc8 |
| SHA1 | 7939ad77c1cded257b61fd01c2df8d0d5ea2f0ff |
| SHA256 | 30099c50ed0186aee52228443ff3174c7a1984a6269cdb0df16412cdfde238f2 |
| SHA512 | 1a70eb1e836047ba60c4a5affcfa2257e42519158e2ddf18d644bd25c65ee5a15f231e5e0a49a208fd3ca92605ffbd5d2e499b88fc0dafc8dc55fa44c235964d |
C:\Users\Admin\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index
| MD5 | fab98117585a2d2ad85cfafc230ed43d |
| SHA1 | af05bde868a86eb1f8026fa9960f2efd2674e8bd |
| SHA256 | 4ca9fe8db4a4ffb48b09860694ecd7e19b47ee65e906607163c0b104d12a4cc3 |
| SHA512 | dda994f4fbb32680b95a9809476566191447ec19a824093223fa9cdcb8bd43984e51e8d73719a4cdc19e626b81821d03b19533ca7b6d1fcb2dfa6b92c2ddb5b2 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 748d4129618201a5d900449b0bc0f897 |
| SHA1 | ed70726322485431aca4a11b7c356434bbbc1a04 |
| SHA256 | 5564a2cf288711c1797703ae67543969442bec952f1f0ecc0bbcd4b29b515fe1 |
| SHA512 | ae51d181fa5f00a72d00d367cf767296977175873b6be3a1f960752cfd4b4ba12b9b73ed2c14e4b507dbcb075169fd994dfdfd96411da1bbf5e9b157a6fbfc8a |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | b90de2d7a07ff9b2f66f19c211e749a7 |
| SHA1 | 95537e0b899d33ddce92fd31432531bcd8fd96f6 |
| SHA256 | 73157ce810a3883ae2df35f59a0967fb6549910ce32af2c179902050dad3a5ba |
| SHA512 | 454b3cf748bfd0666470736b4e821128ad3c96d6750150d699a9e98141dd006fd3d46ef876b7c72288540d095b1c2d7fc26f79340e7f71b29fe23a390b750898 |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | 58e363812d335497dee4b79c820ace22 |
| SHA1 | f02246fa85643f92a6a50499093738b1f18df493 |
| SHA256 | c88e31535fd80d95fe9fdc4904fda99183d811a7fa9f2698a243e035cdbe35c3 |
| SHA512 | 31d71eeaf55b80f17ea1317c1b50f159ac3b5f3de4202eec303c0d9f6adfe3f99a161e9a78771484c3b6f7a2adebb2bb67e461b793b30b513c2c613f82f09feb |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 2be40ce9b422a4dffa5c394704d029aa |
| SHA1 | 652a22aee12d4afaa5c24bc7946441b80c47bb9e |
| SHA256 | f6518afd498a037a4032986a60efdf7bb3e11ebf40dbea3939f9d1cb3ab807ba |
| SHA512 | bbe5c072f68407443c99743231e33261d72ef8e709fbd1a8902373a1e4a449d0b0c37edda7743d6d457f0b2772c3c8bb3bccf47bf9de7a883cbb7020b8c90633 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9152\modules\discord_dispatch-1\discord_dispatch\dispatch.log
| MD5 | 5ede3768e499ce4a58a371b2e8190e47 |
| SHA1 | ad812a422c6f5049cffc6daf24f938c9698435cd |
| SHA256 | 9b198993c814ce84432789d7c5e48f40290a086a2d0d05a7b87d86051c2adf16 |
| SHA512 | 935978f3773213ee518e7066dea71568955060679bab7cccd336970a491608536ae617a751f3e7168f28196efb963a9cb0da0f62b6c2a2e3af0fd5437ebca416 |
C:\Users\Admin\AppData\Local\Discord\download\c0d68659205ee65030a1fa09f03d4263fa14a677d1f3d03ab147e0f4cd21c19e
| MD5 | 53b331f040b7ecc4eff64170bb904be7 |
| SHA1 | 5188bc9c37ef92b4ffcc0556b7e752e14bfeb8f9 |
| SHA256 | c0d68659205ee65030a1fa09f03d4263fa14a677d1f3d03ab147e0f4cd21c19e |
| SHA512 | 959c72a89a4c5fce57b1930783ae98d2904b295a0db6a63b050840212b7d5546b50453985b62f788467a1f757ed6ca8c2a386ac526add9f398024ce368ba0495 |
C:\Users\Admin\AppData\Roaming\discord\Preferences
| MD5 | 05cb11b4c1324aec40ee3a647ee6a3ee |
| SHA1 | e6cdc78020d855afcc954a3ec366e09894210a23 |
| SHA256 | 601a69cc1aacde1592205bb96c41bb9671e0b1e79c44a68f9c8d80ab74f21690 |
| SHA512 | 76e904789d36ca81326f9279cc350435c347fb9ca57593fd5ac9c452a1db14b6f63786bb66c48c9359704ae77db133e6386270c7e36007b333453fb1920bb132 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 9b5e09412f3d4a869dcb0aea863a94ce |
| SHA1 | 7c4f5e36a9988b019a8999502e1309d8c82ed9a6 |
| SHA256 | c0d404a99e0cd20ba55753c92a14723d9bc99ac508a37b21f3cdccc5c1bd13d4 |
| SHA512 | 13e8d3577c7b1124fe8a05022cbe3654a122565e5ae61e2cff6cd60df5bcbf29ad0888b37097ea94e21e55a7e6b77b521c3e133f21de294c931766eb865f1e35 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | de128f7984c70806fb6e09c840897fb2 |
| SHA1 | 3c101f24446cf27f45e8585b6c60e09116db6d17 |
| SHA256 | aed7b8cb019b8ef8551a952137417f1635c3b5422024e2b9384ed118137d448c |
| SHA512 | 062afdaa5915228916de7b850c0b82b6c363c15c799a009545ba693698987c6428b4f0887515b0b4b5b4ed20b1209fa0065e9ff9543083f2991a4b9845293d42 |
C:\Users\Admin\AppData\Roaming\discord\Preferences
| MD5 | 09b11893f3b8d18a2a16793abc12932d |
| SHA1 | f593d77a95738f019a0484d845aa2ccfa4ddf652 |
| SHA256 | 2022be33c2f232c887f1fd01c4e8795bd64f11f7e85dc0c2dbba1f4427fef314 |
| SHA512 | 2836d2b28d2bc1e1ccfcbc9c682fbff946685de3e9258413f67c0b0ab292009d18be0b7867b5b3e6c19e2a840fbc34f56981df656fe30be4e8d78c6f166eaa60 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b9ccf2b8efd52f2015dabebbbadb986e |
| SHA1 | 936bae74de34720901f640b362b41d18d564a824 |
| SHA256 | 63325e942b44deea57c9d792c1ee15084e437a719613c9dd0b12b4de521e6f52 |
| SHA512 | a1a5c93c966097ffabf1e51e4b6b23ae18cd4dc185f39b60c97176f9a8c4c78bc053c892e6e1bfd8356de91bd1a419880564b69305bb7cea0887ff0716a42452 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | fc55d3e0203f456f1a18f7c313242f29 |
| SHA1 | c841287274a3b07c0e342165ed51e2b347e1b6ea |
| SHA256 | 3f3dcaf34986cf7e0ccbb580cf0a8baf08eb69fb538eff430d88c7595f2ae3b1 |
| SHA512 | a31b886038b605391ffc2471f033f511a42f1db7c42c401c956b20b1ea276a23ae01ab797be0694d109c94815aafeff13590aedd5023ca9a384b1cc3948dcc09 |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | aef41ad20e27fc515b40dff76e5b6f9c |
| SHA1 | 33d0d97a7c994eca0a35b05eb71c27bf78a852a8 |
| SHA256 | 0f09c7d6cb8f72e65ea8cd27ad61d290dab4071391167a0ed02a40772bad7673 |
| SHA512 | 4252926288ec0b7cdbcc8d445bfd1f0677c9a5bbe6931c520e859d55829299bea767ce4a3656ea265686aaa7057da6c0cbec55d18a3b535f193b5726d2207796 |
C:\Users\Admin\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index
| MD5 | 147d6637b9e384e87554cc99c031faec |
| SHA1 | 688c6df7ccf103214497adbcaab3278aa1a90e52 |
| SHA256 | 6f29f8adb0298dd78c847ab21fb28a724168ed67b9bc35453c89db3506827d73 |
| SHA512 | 74a2e4cf85814b7d3965f743f3924e2c2f5e1a3086e99e8341acd7fda083f9a8141aaca4713fba188f6338f510792683828d6c3bf58fe83c20b0315620ad3af3 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 2621357df818f678ebaeef63a3dd280d |
| SHA1 | 8f680b3ebb51437d65275219be59943e93bb270f |
| SHA256 | 479fa36a22af515a8ef965a71e44a07bfec8a4c22b9def4679f6e53002505616 |
| SHA512 | e165255c79a96d3d4ac07e7ccbee33253b3a75d3e7246ea298ad6dfbf36b87bc097a58e0975c90bf8400306ca1778d667ea6fc2b5fff2b5cddc4e98405112f29 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 1386bfc9b25dc3a81f419bd43357a481 |
| SHA1 | be3b165b5b4e6ca66f0ae641fa51df71aab74526 |
| SHA256 | f74349c237d6761dd5613fbd0a884b6ee40e3cfe5f5e7d0d3013fb68623e06bb |
| SHA512 | 3fbcf1b1001ddb28ce259a078ef739c12b311fb02a6820052c0464ad5d4825c840293a23d07cc55143c68dc02b8b2ba843df59c32d97acbf7637782fa8028788 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_00010e
| MD5 | df3228db1e67e406cba743551d2b055e |
| SHA1 | acc398634e18dd758dd036954d8059065f1ee601 |
| SHA256 | 8f782f8ce761f522c13157bb2df929b5252f39a7011448bbe61f87296ab2d923 |
| SHA512 | 26548eeb9dffceb891c942066e56ca3e9266bdccf3456c07696ac718048e83f92883f907edd45bddca5d7bca264b1fb9b57988f22dfe72114dd069c77f2ea8e3 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | f0eebdb22c5628441b4b370c5ef5a096 |
| SHA1 | 6298416ebbe5f101a67fc4ff7945ec84a44b1737 |
| SHA256 | f47a45b5b5518ffe379702963ec1d8455e264d92752f50d60c9437328bce11a5 |
| SHA512 | 66c78ed506f77c6ae1c010e86e8dfe7ec0a3d3b75b8b81fbcb804dc0db853a1580d85586fdf8fb71d94c85787dee3fb77722ff0c2a580b9c876bffa99f0990c8 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | b4b07796f2ed0710cc0da48790f28751 |
| SHA1 | cc7c765aac616dad8e7d0c6986bd1241a615c205 |
| SHA256 | 734e59594507156c98661ed82b2c02b6878d0c4c87d425766b82cb453d8c1602 |
| SHA512 | 635cb672083c7ce26e76552f49bd4813715815ac0ca539c41b30f34f13d68c943294af838e23fc0eb2760145a79a6d9a6de9e2fe40e25abdb8f8e49c1b71d4c7 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | e9e11cd913c1c87930a92dcecd20380b |
| SHA1 | 6e857a0d2388f82e3b09fe372b0f376f204b2c7b |
| SHA256 | aa15476c75e565ee967f0d69e580763a6ae4569e9eee8fe0dee8f1ccf5754487 |
| SHA512 | 9858929343ff3e78810d51fd7c2b933fcb2d1d06010c49ab370f1835197c8fbae1c19574ac0fb97ab7f20c4206830492cb41e8fdcaa3e2d77d09cf3acc1f5695 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 766ce933f5797b62ce47a038d6791241 |
| SHA1 | 66a4e922965f6a0c8b48590fcc18bc7067e9b54d |
| SHA256 | bcf927eb713e9f53527524ec1bca2b284450d9b331d052c8a806840592c30716 |
| SHA512 | f0e67dab692026aaa0fd24e4932788ac0751959165cfeaf89c3c9301f7abdd3a7aadb62a21d38fff355410080623def0decf58365cba015e2393bb08d4a7eed4 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_0000f0
| MD5 | 5dd43c946894005258d85770f0d10cff |
| SHA1 | 21ec03ab6ac7e4a676c30df88d5b59589df84f2e |
| SHA256 | d30746caf3e4675ae0d822d51461a9ad24832afa1e20179c3c2fc7b50b911a26 |
| SHA512 | f7cadef75bafb2358ab575d032f65e0534c284e5ad3b243ec03660d332b2149c6c6e4750d82afb81ab1b5529be23c3164df0621315431201f7f47474bf5fb8c6 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 0c9409c514556baf46e9399a99c3f5f9 |
| SHA1 | 30d9440c0205dd533df6482c034dec906394fe00 |
| SHA256 | 3e125fb457a6fe602b5b3b231d74205608572298019c67d6250d337055b2c0a0 |
| SHA512 | e5819b963b694db93b0a2b2b8223df3cf7e5617afc571df1c41a2d66c02f18cd6db069b74797a25a09a5d3520dd3595408627ec9cbc672dbbdb1223aea330813 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | f12f5f069e42120d96bf195a5f421667 |
| SHA1 | af043d82483d6206560e196f166a7a51ea59fcb2 |
| SHA256 | d0c7ce2cb600abcfc570ef86f759bac3398d87f3ca6ed117c8492c138d95f012 |
| SHA512 | 206cd9413b2ed7b70b514046abfe44dd9e2b634fa5d31de567055e59004adf81eaafb1ef007613b7f1e52c5b71d4e84fb0c76aaa4eb96308eaa4727f58c015c9 |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | 0160dfc930fdceb11db63792d239e23d |
| SHA1 | 96c8a62be24ecaaf8a5cb2ee31c1b32135e3ae00 |
| SHA256 | 55e6b9ac1f86e5322b82fd668dcd65d20398e1a7a0f70b4ae3438b3c0e58aa50 |
| SHA512 | f2bf779cb12027848348abd8c7f02990b5f45117198a45e5509543197a3636970526585b8c9f94c2c7db2aab78b607c1931d75d7f50a4df1072f6ad5e1e6120c |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 4893fd78efe20fd54b3cf04d0a4b025a |
| SHA1 | 136f9a73f274273e594ada93815967f592b82a3b |
| SHA256 | d9ff21634589aba7be06c3c0b3324f7a6f51939729dbfa7285e79c28196d92f0 |
| SHA512 | a1bbaa38a8358205d08032f7d39efc3f1691b3e575ff3483e7d53b9890754352ff4504196a61703c2cd885df91dbdcb3dc51d160a8595ae0896d98ff76be5ff1 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 56fd652b53e209d8eddbdfa70cac7ff1 |
| SHA1 | 81e2b59abbb62831a43e05d9727c47f114e0a17f |
| SHA256 | 30828364b595b9d28fc71e8507b1cfcd75715db8a13ec659429be30acf91f8c0 |
| SHA512 | 42a28c672c4acacf974a6cd3e97353af8a3277afa9943c4ccf10fe9e673e5802e61b0f4729322d37483134b9c7b8cfebdf6d8a09a1ea15ee464048dc9694df5d |