Analysis Overview
Threat Level: Known bad
The file https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbDNERFZSZTl1TGl4RFpCbE5mWTBJUGRrUUNwZ3xBQ3Jtc0ttNUxBYllqaElZTGZzcjRQZHFXcXlCNTdJMUNTMWgzMzdNTm9jUVF4dk45U3ZFcEh2VjBVQnloQXdiemR0Q1lta3RaeC13Sng0d25hLVF4NVV4c3U1Ymh2aFlmckc2N0RubVZlM2pqNWdmaXpNRG9vZw&q=https%3A%2F%2Fwww.mediafire.com%2Ffolder%2Fm2y78v01hc7nu%2Fex-peng&v=hgeSXZ52Ba8 was found to be: Known bad.
Malicious Activity Summary
RedLine payload
RedLine
Loads dropped DLL
Accesses cryptocurrency files/wallets, possible credential harvesting
Suspicious use of SetThreadContext
Modifies registry class
Suspicious use of SendNotifyMessage
Checks SCSI registry key(s)
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: EnumeratesProcesses
Modifies data under HKEY_USERS
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-07-07 13:26
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-07-07 13:26
Reported
2024-07-07 13:34
Platform
win10v2004-20240704-en
Max time kernel
336s
Max time network
353s
Command Line
Signatures
RedLine
RedLine payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Desktop\jojoenjoy\cucumber.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\jojoenjoy\cucumber2.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\jojoenjoy\cucumber.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\jojoenjoy\cucumber2.exe | N/A |
Accesses cryptocurrency files/wallets, possible credential harvesting
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 2412 set thread context of 3916 | N/A | C:\Users\Admin\Desktop\jojoenjoy\cucumber.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
| PID 1840 set thread context of 412 | N/A | C:\Users\Admin\Desktop\jojoenjoy\cucumber2.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
| PID 1480 set thread context of 4524 | N/A | C:\Users\Admin\Desktop\jojoenjoy\cucumber.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
| PID 1192 set thread context of 3144 | N/A | C:\Users\Admin\Desktop\jojoenjoy\cucumber2.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133648325195883336" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2494989678-839960665-2515455429-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbDNERFZSZTl1TGl4RFpCbE5mWTBJUGRrUUNwZ3xBQ3Jtc0ttNUxBYllqaElZTGZzcjRQZHFXcXlCNTdJMUNTMWgzMzdNTm9jUVF4dk45U3ZFcEh2VjBVQnloQXdiemR0Q1lta3RaeC13Sng0d25hLVF4NVV4c3U1Ymh2aFlmckc2N0RubVZlM2pqNWdmaXpNRG9vZw&q=https%3A%2F%2Fwww.mediafire.com%2Ffolder%2Fm2y78v01hc7nu%2Fex-peng&v=hgeSXZ52Ba8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffab005ab58,0x7ffab005ab68,0x7ffab005ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1660 --field-trial-handle=1996,i,14788217661351276127,12015381412099074595,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1948 --field-trial-handle=1996,i,14788217661351276127,12015381412099074595,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2220 --field-trial-handle=1996,i,14788217661351276127,12015381412099074595,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2956 --field-trial-handle=1996,i,14788217661351276127,12015381412099074595,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3084 --field-trial-handle=1996,i,14788217661351276127,12015381412099074595,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4376 --field-trial-handle=1996,i,14788217661351276127,12015381412099074595,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4512 --field-trial-handle=1996,i,14788217661351276127,12015381412099074595,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4260 --field-trial-handle=1996,i,14788217661351276127,12015381412099074595,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5020 --field-trial-handle=1996,i,14788217661351276127,12015381412099074595,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3184 --field-trial-handle=1996,i,14788217661351276127,12015381412099074595,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4516 --field-trial-handle=1996,i,14788217661351276127,12015381412099074595,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3100 --field-trial-handle=1996,i,14788217661351276127,12015381412099074595,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5164 --field-trial-handle=1996,i,14788217661351276127,12015381412099074595,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5420 --field-trial-handle=1996,i,14788217661351276127,12015381412099074595,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5132 --field-trial-handle=1996,i,14788217661351276127,12015381412099074595,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3428 --field-trial-handle=1996,i,14788217661351276127,12015381412099074595,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4996 --field-trial-handle=1996,i,14788217661351276127,12015381412099074595,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3144 --field-trial-handle=1996,i,14788217661351276127,12015381412099074595,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5372 --field-trial-handle=1996,i,14788217661351276127,12015381412099074595,131072 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Desktop\RepairConfirm.mhtml
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffaaf8446f8,0x7ffaaf844708,0x7ffaaf844718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2244,4711674728249760872,10179531294666466504,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2252 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2244,4711674728249760872,10179531294666466504,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2476 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2244,4711674728249760872,10179531294666466504,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2752 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,4711674728249760872,10179531294666466504,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2244,4711674728249760872,10179531294666466504,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Users\Admin\Desktop\jojoenjoy\cucumber.exe
"C:\Users\Admin\Desktop\jojoenjoy\cucumber.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
C:\Users\Admin\Desktop\jojoenjoy\cucumber2.exe
"C:\Users\Admin\Desktop\jojoenjoy\cucumber2.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Users\Admin\Desktop\jojoenjoy\cucumber.exe
"C:\Users\Admin\Desktop\jojoenjoy\cucumber.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
C:\Users\Admin\Desktop\jojoenjoy\cucumber2.exe
"C:\Users\Admin\Desktop\jojoenjoy\cucumber2.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 138.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| GB | 142.250.187.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.16.114.74:443 | www.mediafire.com | tcp |
| US | 104.16.114.74:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 216.58.204.74:443 | ajax.googleapis.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 74.114.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 104.16.113.74:443 | static.mediafire.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| DE | 18.154.63.115:443 | cdn.amplitude.com | tcp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.113.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.63.154.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| NL | 157.240.247.8:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | 8.247.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| GB | 172.217.169.46:443 | translate.google.com | tcp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 35.162.6.110:443 | api.amplitude.com | tcp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 78.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.6.162.35.in-addr.arpa | udp |
| NL | 157.240.247.8:443 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 74.125.71.154:443 | stats.g.doubleclick.net | tcp |
| GB | 172.217.16.227:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.71.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 35.247.240.157.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| GB | 74.125.71.154:443 | stats.g.doubleclick.net | udp |
| GB | 172.217.16.227:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| GB | 216.58.204.74:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | 92.12.20.2.in-addr.arpa | udp |
| US | 104.21.42.32:443 | the.gatekeeperconsent.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| GB | 172.217.169.46:443 | translate.google.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.21.63.106:443 | www.ezojs.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | 32.42.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.75.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.63.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.199.67.172.in-addr.arpa | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 104.16.52.110:443 | cdn.otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | 70.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.mediafiredls.com | udp |
| US | 172.67.73.78:443 | www.mediafiredls.com | tcp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| FR | 13.39.145.251:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 8.8.8.8:53 | 110.52.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.73.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.145.39.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.142.67.172.in-addr.arpa | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| US | 172.67.142.121:443 | g.ezodn.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 172.217.169.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | 34.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 172.67.142.121:443 | bshr.ezodn.com | tcp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| US | 172.67.142.121:443 | bshr.ezodn.com | udp |
| GB | 172.217.169.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| IE | 34.252.32.189:443 | bcp.crwdcntrl.net | tcp |
| DE | 18.173.233.119:443 | tags.crwdcntrl.net | tcp |
| IE | 52.50.240.62:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 189.32.252.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.240.50.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.233.173.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| DE | 162.19.138.118:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| FR | 13.39.145.251:443 | g.ezoic.net | tcp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | 47.216.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 172.64.152.89:443 | cdn-ima.33across.com | tcp |
| DE | 18.154.64.187:443 | cdn.prod.uidapi.com | tcp |
| US | 8.8.8.8:53 | c3.a-mo.net | udp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | 37.62.75.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.23.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.131.71.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.133.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| DE | 79.127.216.47:443 | c3.a-mo.net | tcp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | ghb.adtelligent.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| DE | 18.196.200.186:443 | btlr.sharethrough.com | tcp |
| DE | 18.196.200.186:443 | btlr.sharethrough.com | tcp |
| DE | 18.196.200.186:443 | btlr.sharethrough.com | tcp |
| DE | 18.196.200.186:443 | btlr.sharethrough.com | tcp |
| DE | 18.196.200.186:443 | btlr.sharethrough.com | tcp |
| DE | 142.132.249.188:443 | ghb.adtelligent.com | tcp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| DE | 108.157.4.82:443 | hb.yellowblue.io | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | prebid.smilewanted.com | udp |
| NL | 147.75.84.158:443 | prebid.a-mo.net | tcp |
| US | 8.8.8.8:53 | rt.marphezis.com | udp |
| DE | 51.89.9.253:443 | onetag-sys.com | tcp |
| US | 104.22.31.209:443 | prebid.smilewanted.com | tcp |
| US | 104.22.31.209:443 | prebid.smilewanted.com | tcp |
| US | 104.22.31.209:443 | prebid.smilewanted.com | tcp |
| US | 104.22.31.209:443 | prebid.smilewanted.com | tcp |
| US | 104.22.31.209:443 | prebid.smilewanted.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| US | 178.128.135.204:443 | rt.marphezis.com | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| US | 178.128.135.204:443 | rt.marphezis.com | tcp |
| US | 8.8.8.8:53 | 89.152.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.53.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 187.64.154.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.200.196.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| US | 34.120.135.53:443 | oajs.openx.net | tcp |
| US | 8.8.8.8:53 | 188.249.132.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.64.124.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.84.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.31.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 204.135.128.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.135.120.34.in-addr.arpa | udp |
| DE | 162.19.138.118:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | 82.4.157.108.in-addr.arpa | udp |
| US | 104.16.52.110:443 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | download2331.mediafire.com | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| DE | 162.19.138.118:443 | lb.eu-1-id5-sync.com | tcp |
| US | 199.91.155.72:443 | download2331.mediafire.com | tcp |
| US | 199.91.155.72:443 | download2331.mediafire.com | tcp |
| US | 8.8.8.8:53 | 72.155.91.199.in-addr.arpa | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 35399338b0808b68462bdaafedac49f8.safeframe.googlesyndication.com | udp |
| GB | 142.250.180.1:443 | 35399338b0808b68462bdaafedac49f8.safeframe.googlesyndication.com | tcp |
| GB | 142.250.180.1:443 | 35399338b0808b68462bdaafedac49f8.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | tcp |
| US | 34.120.135.53:443 | oajs.openx.net | udp |
| US | 8.8.8.8:53 | 35.169.217.172.in-addr.arpa | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| GB | 216.58.201.97:443 | cdn.ampproject.org | tcp |
| GB | 216.58.201.97:443 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.201.58.216.in-addr.arpa | udp |
| DE | 162.19.138.118:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 18.196.200.186:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | ghb1.adtelligent.com | udp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | udp |
| DE | 51.89.9.253:443 | onetag-sys.com | udp |
| US | 23.227.151.194:443 | ghb1.adtelligent.com | tcp |
| US | 23.227.151.194:443 | ghb1.adtelligent.com | tcp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 34.98.64.218:443 | google-bidout-d.openx.net | tcp |
| US | 8.8.8.8:53 | 194.151.227.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1x1.a-mo.net | udp |
| DE | 18.194.57.210:443 | 1x1.a-mo.net | tcp |
| US | 8.8.8.8:53 | 210.57.194.18.in-addr.arpa | udp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| DE | 18.196.200.186:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | ghb2.adtelligent.com | udp |
| US | 107.151.11.18:443 | ghb2.adtelligent.com | tcp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| GB | 142.250.178.3:443 | beacons.gvt2.com | tcp |
| GB | 142.250.178.3:443 | beacons.gvt2.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 18.11.151.107.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| DE | 142.132.249.188:443 | ghb2.adtelligent.com | tcp |
| GB | 172.217.169.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 172.67.142.121:443 | bshr.ezodn.com | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| GB | 172.217.16.227:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| US | 23.227.151.194:443 | ghb2.adtelligent.com | tcp |
| DE | 52.28.120.118:443 | btlr.sharethrough.com | tcp |
| GB | 172.217.169.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 118.120.28.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.84.255.185.in-addr.arpa | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 172.67.142.121:443 | bshr.ezodn.com | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | 9.179.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.200.14:443 | clients2.google.com | udp |
| GB | 142.250.200.14:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| DE | 52.28.120.118:443 | btlr.sharethrough.com | tcp |
| US | 107.151.11.18:443 | ghb2.adtelligent.com | tcp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 172.67.142.121:443 | bshr.ezodn.com | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 172.217.16.227:443 | www.google.co.uk | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | udp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | ghb.adtelligent.com | udp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| GB | 185.83.69.58:443 | ghb.adtelligent.com | tcp |
| DE | 52.58.239.192:443 | btlr.sharethrough.com | tcp |
| GB | 172.217.169.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 192.239.58.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.69.83.185.in-addr.arpa | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 172.67.142.121:443 | bshr.ezodn.com | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | beacons3.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons3.gvt2.com | tcp |
| GB | 172.217.169.67:443 | beacons3.gvt2.com | udp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| US | 23.227.151.194:443 | ghb.adtelligent.com | tcp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| DE | 18.158.108.240:443 | btlr.sharethrough.com | tcp |
| US | 178.128.135.204:443 | rt.marphezis.com | tcp |
| NL | 145.40.97.67:443 | prebid.a-mo.net | tcp |
| US | 8.8.8.8:53 | 240.108.158.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.97.40.145.in-addr.arpa | udp |
| GB | 172.217.169.34:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 172.67.142.121:443 | bshr.ezodn.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| GB | 172.217.16.227:443 | www.google.co.uk | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.178.3:443 | beacons.gvt2.com | udp |
| CH | 185.196.9.26:6302 | tcp | |
| US | 8.8.8.8:53 | 26.9.196.185.in-addr.arpa | udp |
| CH | 185.196.9.6:43164 | tcp | |
| US | 8.8.8.8:53 | 6.9.196.185.in-addr.arpa | udp |
| CH | 185.196.9.26:6302 | tcp | |
| CH | 185.196.9.6:43164 | tcp |
Files
\??\pipe\crashpad_1608_UPGUZJHRYHJRRONV
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\1a7bca26-35cf-461f-9f73-19fe387a9c94.tmp
| MD5 | 483226824df948d4a719961fc6d17b2a |
| SHA1 | 8f4ac19b6b42ccf2493f8bdbc9196821b386764e |
| SHA256 | 5816704b519f158bd40514950001bc8f79b6ab2d8da2a5ebb0fbb6ffc5f8b798 |
| SHA512 | e621e35d05c0cae79389cd11c751e0811442614286313f55a900e947bf1a7f41f6651c42f54c8e54cf846c2bb5d4be4c8156c72e9f16fb6499baf986766555a8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 395e29ba25b66c6f12aadc024f862eaf |
| SHA1 | 402f60bc126283032c421abca87b623ee3077d4c |
| SHA256 | 5fe2bc3c67cf8319062f6908d00d62cad90ee07f627f872b7b045eb232fa2ab1 |
| SHA512 | 235d72a7ed4abdcd15cb69182fa687ea0a85862a5676a0dc89068c7b5df0af1ea3f046c1140402d2c6f321622be1ad2bf1b702321815d0f42f7fddbb518227a7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 551dadc870dce646b3b8c2d813b26bba |
| SHA1 | 9a2c37cca69a2ddc7efe7eb2ab790754cafd7b56 |
| SHA256 | 2662b1a3cd57ef70c481b52e8b7d093c177767976c0be1eb533cb50d10e2a376 |
| SHA512 | bea2aaf013a7b0cc19dd579cae8f56bd3dde3ef520b4dd2eb31a3bd9e567cecbb9ac9551cd6e4c4d842db82b94d935e6c642a4f14db7f036a46697278aeb7906 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0cbc6fc12b173c0281b776fbcadaed9d |
| SHA1 | f11ddbcef85ba24b7f2f31f2a7544ac6704e99f1 |
| SHA256 | 0709a853b7acdc034f195119c875107bb73e10b49b18f450a46ab11b0156f319 |
| SHA512 | 7a2b22fe611add4215eb7ff267cdd29426f06123d26319f5eb8138eba7667503f75eb534666e01594a0156c61b51435b5cffb92dcc5e10390fe400baeb7b7657 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4bfbba8692da886c495a9c3d3a284a12 |
| SHA1 | 7ffbb88e7f7df80fc74e182ad7d386a5194a8211 |
| SHA256 | 37ec68edad4c890f6fff6d1e1edec77f43e332d74b991d4ddd9b7c463665a159 |
| SHA512 | 1ac226161a6b97db8ded6ce32a0b137a03ed950f0c048cb1d45602860fbb5a623685bed242ca8d623c6a638b3ac27bf3dff9fea3d45edd3507381548b2c58c2d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 88ff635f6677522a262311c02a329ba6 |
| SHA1 | d4e9fc33ee3ccfbf6be2ef9e43ad0b0f2645cb41 |
| SHA256 | 91db9ac6a216874dbef6ae28744cb702fcd1dd0f1b98decb56779ef50818cbe8 |
| SHA512 | e9e77040cc5944a177775169097cb4f861afd83087f2291e349835746f755ac1e337b3e7ecdb066c3fe0a62213b5b759ab6ce591ca05edc5f98a58556790c97b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9db699397b73ffbd2ff57e95fee4f38d |
| SHA1 | bcef90549506bb63e498cc2672163d447d44072f |
| SHA256 | f8d492248d8c8d88e71647f38da219ab82994c29f67e267292e7f23ab9c8fac4 |
| SHA512 | 9544a008528538cd9690927b4e4d4093695f60ed509be79f0a73dc30bcaa4f3556ae323e7dd42a11cb53896544157d94c3508c5962c1751445d17ab0a86a4242 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | ce3e35fd10a3385b03394669100420fc |
| SHA1 | f25fab308b36526c8ac5b51ac73178c91129337d |
| SHA256 | 12164ec23f6d01efec3b166fda397c8c116ae714f57c0160741c0089e0bee6a2 |
| SHA512 | c06e80d2491c44e934cefde10cc9e50633553c49224df4a250d40f7079ac144e7e84a24ce427b8db9332df34fdb11fffc5b356e46556e03fd1beccaaca452848 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7c95bda38f396c6e0ab2734fcf9dc1a3 |
| SHA1 | 1313f39780c9ed757fc710df5ab5fcd437250712 |
| SHA256 | 93bd54efbc3c819ce79830f58f1d048cfbedef8345f30f0261e5090a5e97c85b |
| SHA512 | a7a5099d52797bbb12621643e0f63e5fb0703c6309084a0b18522ce54a953931b0ac39d71bc6c33c56f61e8ddf9f54b9af6c3d4af11f79b60db5e35ee3bf9fdf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 825d987eb3c967a8e498980206fd65d0 |
| SHA1 | c5d4f908582d0500f2dff67307b12871f729e1d0 |
| SHA256 | 67eeaa447692807e6af112c7dc3a496e4f94fd1c1fa6cd58c44355b17077e1d5 |
| SHA512 | 2c456fb3634d5492d119c610f732c6933719a3731cf18fca63fc47d853fdfb2a057b45220350e4bd020d52c9732f38b70e75f3e126c0c675812ecaa98723f45b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021
| MD5 | 13d4f13cd34f37afc507ac239d82ddbd |
| SHA1 | 6d500935a441d438ed052e90de0443bccc8c6d17 |
| SHA256 | 76464e77d22532976bbe5d1829e97854d5c37ed5a46ff300ad9680876ec81d01 |
| SHA512 | 152e6449d09a7b544cf6f986c9695ae07c330f4b13068cca028ab56ffdad6ff2467f371ea4385ad71da023f3beb83fe0ba1d6d413f1ddde14372efe82ae36b6d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020
| MD5 | 01ad880ee50b786f74a5e4fae9ba3d71 |
| SHA1 | 111387dbe885b7f3af44cdbbeea17eeb04bbf803 |
| SHA256 | 9368f2d586a1d2727921605892048bf5201ef8caa044f2e939ef431aa881d83e |
| SHA512 | d8dc47e5d55e6598988281539205936c56b716eb02b4e643fc917a68ba4407ece36a9d4115d5d0e32ac630d44eadb94ad2607330de082629fea82a9bd35fb83c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 85a5e4109a73fe264f702c44a402852a |
| SHA1 | a386fcacb57955cd55e603289d63a8d6b9af4031 |
| SHA256 | be700a674a2eb4165ace3c4916229bcc6fcb82266806509289c4604926db933e |
| SHA512 | 16e222cbca3c21b5da8a75bf726cd38f084c30d58a4a9fa3deacf8d75faeab2240e30de63ca101bae8f34ea9bc41872f505ac66451fa4ae1da6ef3d04ecc28b3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 887e943bffd4815ce6f66337abb9fb86 |
| SHA1 | 51576124433ee79da9e2b2b513727b1ff190a904 |
| SHA256 | c85ec0aae0c668649978fc759d342409609c308995d671e9ce1f864d7d462353 |
| SHA512 | 7eac589f70268a67c45cd787709e25ddcc367ba9a3dac8dca1642cacdc7af1d9fb64d77f3a4d0627facbba3a98e4f2706a870c9e76c0df9f2afd1c5f8c5ffa0b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 157373e8a63615ff6b60cd603733830f |
| SHA1 | 629593036c310d39d2ba781746737fd038b05163 |
| SHA256 | cc39605b8e01b0acc011a30edd9e518f9b22cde7a7bb244ff224917e3dde5752 |
| SHA512 | bbf9729f3ff413cdf1e68ac33a63d694c81f4b51ed2ff97a745338d35e8dcef0c728781d081bad679a1ed2eb8cbbc8b403ea6f1b7c5f91eaf2a338c07ea8c65b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58cc44.TMP
| MD5 | 6e1da1260f211833494d705b62c5884f |
| SHA1 | 18c3354d445ed9b7a9cec448e1053eb6861dbacf |
| SHA256 | c4c5b965110f5ca2a6a406fb553ea719203611213b8edc1ad29edff9ef990372 |
| SHA512 | 1fea34a1ed2b49932f2b7acbd2d5e148b61726e6686f93439c4b3b176101d6832785b9e266e81b8a19a6837c46474554cab1959d70b426b10c4f3661fc5f17d3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1c602302d54c8a2c309c0cc9165a6007 |
| SHA1 | 50a5b3b07b05ade5c239a58b1370c1bd98a11f71 |
| SHA256 | dd0f0f74d652d619553b29f93ad12e99a304a6bc8304ed7d92be4279e459270c |
| SHA512 | 9f41609c5508edd05517d7b678ab4dd09845e421113b239c1593138dd8f409b7257f1a2682969c4ec1877aa6eb0da942c5239bdc19465c247c5b855d981bf516 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4c8d3547631967d046b3920b33b15790 |
| SHA1 | 08f873ae6ee88f278eeb5f9fbb1004266a8e4b5e |
| SHA256 | 8355ab747c88d034684ddab1f33a9f46a44027d7460168bd7da8b703764d9ce6 |
| SHA512 | bdf6a4f4ca23184760c858b8599b3c688c171c700d2cf85ab06a2590376bdd80f2446f8cc011662aa57a313ea9e6abf2d0d716cebc4a4250a245e4ff28af0a1c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7b7a932a0f51eb91bf8deb61deda1b1b |
| SHA1 | 85a8288ced7c10fc482ba0c50b87ef6c7bcec77e |
| SHA256 | 87b85a43092f26df7c711bd4ea32a12a21127c3e7b1ac72f281585dc03e7f686 |
| SHA512 | 0a7d01a2575b051e95703b5a0adee1201d4b8c8e8a9240b15450154e3c4929803ecc6897251c82e743c9f45c71ad809aafae45bc4a707284f218c33d80f694d3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 023fb6a0235eac47e119bebe588fa04b |
| SHA1 | 9700010fc1f613665924efabc0d007e2669b784c |
| SHA256 | 7a14da9b45c5f0f607dce70117f1804b1f897385bb81a119529fabe010765079 |
| SHA512 | a122520cd9fa9110fc9212c40698f4c1a1142a52007426c95a2ae7916d08b74778ad1d48bbc0c40af0462e6facd9ca7eea1eb19675f41f1b8402686ced0ff488 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5907a40bf674d484833d9155c33c9177 |
| SHA1 | 8c511d33828762580280a45380f1052811b55629 |
| SHA256 | 00a403fcac2b60a0538a3a93a46a2cf4623b651185abbae8fd5d918105f2e39d |
| SHA512 | 9958e46b02c9c805ec7da828dff81260df15730ecee128d5e86150e23e0f6f1cf917bf977fa57e5e90ae5ae30ab8c4c03a0827d353ef426e08d8cfdd3dda5e9f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 123b78c8d1762d469af133ec9f24ab61 |
| SHA1 | 0a770bfaf07a646dd47d2cd9c05716c323e1a381 |
| SHA256 | 12500d80e90d46911583af3a4c0002a15faf4ebeebf9dcb5dba89dbf44a6c164 |
| SHA512 | b8e15b9e3f4cdac5160bc5d92ba6f1b727f1440c1fbfa34c2fd9d2bf393ce3c82799eec0392a68397287769f6287bcaef43db8d95afba15872dd3d31708394d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 9495d515ee4b43a3c37e9ddc35b99840 |
| SHA1 | dbb9a52399680fa8cf630911b5433efa43ae475d |
| SHA256 | 12f0c00fb8be175d5772a96664e1cbd572f5c61c09a537794203dfd2cc3e8020 |
| SHA512 | 9bf1394163105dc59697989c980da671c7252515c0a564ae7c222ba0cbcc56ace908dfb9e38b88a01e1be08c2e30f710a79e61b8682ff49c4a8ba6e3b247a732 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 70d8f6b4e2a9cde55f05fe225ccd1542 |
| SHA1 | 7a2fa8a82f30702ebe3a263c6115cc86e61fd31f |
| SHA256 | f37d60012142fb3233593aa26eaa739e3c7ddc3f4bf8fdc09d1a4c275054726c |
| SHA512 | 81adfb65e974e6243a918d0a0354bbb0dc9c3340510772e458c63b9387e9b30cb86b505505695045468e985f49684be0c6e7823617fdae9c2e4d891611e2ca7b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 1cc30a2078d5dcab21c2a7ab36be9432 |
| SHA1 | 14695d271885efb9eebd0f0319e305cc281625e2 |
| SHA256 | 55d84f83daf3c03bc61784f6c4a359b108b9b6ade8b74ae34abf17b86ead010b |
| SHA512 | 15715b355c0f6cf26e634e5cde888bf2d7c235592e7d91cca07418f09c5ddbe3c4c096ffafd500ce167d948e78d940943756bba3c0d2a5adc2188608559e50ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d6fa5f9872b6936fb3ee10274c42d41d |
| SHA1 | 42134bbc88e7a8c93c79b92710093e3da0bdcf22 |
| SHA256 | 484141147bbc0cf520b7d6586b0ee8401ec3cffa5f9f0a132d4decd8a0f1d6a3 |
| SHA512 | f55f97e2b773e448f626e59e63c6229be63c19a232dce9d3e33624f7667bb8f2b2640150b599e8b230d9a2721dbf31b6a194f0b02b5649913af548e27ab45fb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 09c7ae658385f6de986103443217840b |
| SHA1 | 298d880503edce4413337c09d3525f27a2edcd28 |
| SHA256 | 91e04ec38abdb0204458543592c4621b7bc0306407884f764aa9596a52454cd7 |
| SHA512 | 4e1272b209487d1e9e7d8502be49ebce91c76718410e817b3ac7faf47d9b699210aab1b941fbb5ddafc192ddf4b2ba151afd47fab753ec62bc0bca36039c55c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 3c78617ec8f88da19254f9ff03312175 |
| SHA1 | 344e9fed9434d924d1c9f05351259cbc21e434d3 |
| SHA256 | 3cb47fcdca33bb3c8f4acc98424140987235ad79815da4f0e7593e4591ae90ed |
| SHA512 | 5b58675088b0fc2b2d705cb648ea89385b80c7cf908b0f4f95a9acdbd350b50754e1b586202db6a918eef70029fafb210947f3c43c570ecf7657e08939fd7e9c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3906f114b623f2752f52d5bede1c2785 |
| SHA1 | c9171a6673e6d504cb82812dc08638e23ede5c12 |
| SHA256 | 3a7eea183a0cbfeac1e32a21631bcadbfd8ea34cef97fb2887dfe7860139596d |
| SHA512 | 3ee018967e10cd97c57c5a4600fa58b047cdd1a72318912406f51523494110ccedfc4f6865532160b69b91b863789778e8e097a308811e05455b759d72ee04ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2de33c1dee3fb24e867c33b37e8602ce |
| SHA1 | 43414db4ff3b3ca78f7269906b541739fb124871 |
| SHA256 | a8dbc9bd20393f93a41ab8efebd9a20adc07b0f82fdd24b04ddeee42cb73e25b |
| SHA512 | 7a5386b5705264bb831156d5812c60a78ba4d8d177757718d1ef034fca9ff990ac3d67e0a564bfef33e43140156dff88b0ef0eb5051ec7746531858ead8d7c72 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6c7c9101ecc73e60c92cbcb9475702bd |
| SHA1 | 538afd74350adc57e6a71de29098e63271931809 |
| SHA256 | 7d953cc4fd952d8ec6fe9ae191946313560608a3ba610f4e2d937f3a01e76941 |
| SHA512 | eb0fb76093ce697b52b35fb42e0522254bf74fc489b40fcc3f648530ca2e1d6777cddba3e6fba40f26832cb46331610bc6e7dd549c76a7f49a6f2f26487e9cd3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 358478b4be7709d25588cf4e1d686dc2 |
| SHA1 | e33442525ec7c02c709e02c014e073d64eb2b210 |
| SHA256 | e574448f3ffd2e3274c54b0f0fe9ebf5cd7341ee0e780a1a7bbbd803ddd3624e |
| SHA512 | ce0f84a708ffff33c4fa9e09ef771833c23646f8472717e3cf9496fcb17790078ef469389a7a28e8196135abfbea933509a4778dd001699c6c0175dab178f2f7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
memory/2412-632-0x000000007446E000-0x000000007446F000-memory.dmp
memory/2412-633-0x0000000000120000-0x00000000001B8000-memory.dmp
memory/2412-634-0x0000000004AE0000-0x0000000004AE6000-memory.dmp
C:\Users\Admin\AppData\Roaming\d3d9.dll
| MD5 | 83641a01d6033a5b956a8a4f2ad17dd7 |
| SHA1 | 3d13b7b645239bb2c6e29abc2bcad286fe343101 |
| SHA256 | c403c0568f067e4d05930080b6c82d80373730e150a5c11d1b993a2e008952de |
| SHA512 | 0d01f098efc05697c517b4dbb0e0c2105e5bad61e07b45a3cb4e406d3dc0a48d4fb0d21998e7f3ba5264aea1e93f0e968583d28eafaa1481865f91c79ba5d958 |
memory/2412-650-0x0000000074460000-0x0000000074C10000-memory.dmp
memory/3916-651-0x0000000000400000-0x0000000000450000-memory.dmp
memory/2412-653-0x0000000074460000-0x0000000074C10000-memory.dmp
memory/3916-654-0x0000000005AE0000-0x0000000006084000-memory.dmp
memory/3916-655-0x00000000055D0000-0x0000000005662000-memory.dmp
memory/3916-656-0x00000000055C0000-0x00000000055CA000-memory.dmp
memory/3916-657-0x00000000066B0000-0x0000000006CC8000-memory.dmp
memory/3916-658-0x0000000005900000-0x0000000005A0A000-memory.dmp
memory/3916-659-0x0000000005830000-0x0000000005842000-memory.dmp
memory/3916-660-0x0000000005890000-0x00000000058CC000-memory.dmp
memory/3916-661-0x0000000005A10000-0x0000000005A5C000-memory.dmp
memory/1840-662-0x0000000000390000-0x000000000043E000-memory.dmp
memory/1840-663-0x00000000025A0000-0x00000000025A6000-memory.dmp
C:\Users\Admin\AppData\Roaming\d3d9.dll
| MD5 | 1e3ca1fc6a18452c1b55a0277d72daed |
| SHA1 | ce6b2dfb16b8c7aa67ff5bbc5288dd851403a80b |
| SHA256 | 2a4771c5907802e96531a9b823db6db7ea1e64872a6a99ae2b283f2038d8488e |
| SHA512 | 71e7f6cce9d4173c4d776fb05610b2901d05a302b544b0869e490162481e97a934153970c3f689bddd6e29384dda2d7a8a3288994af0dda126352ecea444b68c |
memory/412-671-0x0000000000400000-0x0000000000478000-memory.dmp
memory/3916-673-0x0000000006140000-0x00000000061A6000-memory.dmp
memory/1772-676-0x000002001E500000-0x000002001E501000-memory.dmp
memory/1772-675-0x000002001E500000-0x000002001E501000-memory.dmp
memory/1772-674-0x000002001E500000-0x000002001E501000-memory.dmp
memory/1772-682-0x000002001E500000-0x000002001E501000-memory.dmp
memory/1772-686-0x000002001E500000-0x000002001E501000-memory.dmp
memory/1772-685-0x000002001E500000-0x000002001E501000-memory.dmp
memory/1772-684-0x000002001E500000-0x000002001E501000-memory.dmp
memory/1772-683-0x000002001E500000-0x000002001E501000-memory.dmp
memory/1772-681-0x000002001E500000-0x000002001E501000-memory.dmp
memory/1772-680-0x000002001E500000-0x000002001E501000-memory.dmp
memory/3916-687-0x0000000007180000-0x00000000071D0000-memory.dmp
memory/412-688-0x0000000009760000-0x00000000097D6000-memory.dmp
memory/412-690-0x0000000009740000-0x000000000975E000-memory.dmp
memory/3916-691-0x00000000075A0000-0x0000000007762000-memory.dmp
memory/3916-692-0x0000000007CA0000-0x00000000081CC000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
| MD5 | e4ee4d1eff0dd63635fc1cc391edab89 |
| SHA1 | 55bb21e83c14b960d7577b78f5de0007b642123f |
| SHA256 | 31f6d637126f10fac371bef03aa311ac9d09008067f36aed0b1ce704906b854f |
| SHA512 | 4c1b2e116777e07ee8e6da837074dae56cb8f072402670de8541612e7071d2e159a176cf9518e2a56dccc7aeae840915bfdf4e9938a332f749cb579a876039a2 |
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MSBuild.exe.log
| MD5 | f57bf6e78035d7f9150292a466c1a82d |
| SHA1 | 58cce014a5e6a6c6d08f77b1de4ce48e31bc4331 |
| SHA256 | 25a36c129865722052d07b37daa985a3e4b64def94120b6343fb5a96d9026415 |
| SHA512 | fa240d2d26370589457780269bae17a883538f535e6e462cc1f969306522526faacd314d29e78f71902b799046e4395c86c34007d2cfee5090e01cd72150675f |
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\cucumber.exe.log
| MD5 | 84cfdb4b995b1dbf543b26b86c863adc |
| SHA1 | d2f47764908bf30036cf8248b9ff5541e2711fa2 |
| SHA256 | d8988d672d6915b46946b28c06ad8066c50041f6152a91d37ffa5cf129cc146b |
| SHA512 | 485f0ed45e13f00a93762cbf15b4b8f996553baa021152fae5aba051e3736bcd3ca8f4328f0e6d9e3e1f910c96c4a9ae055331123ee08e3c2ce3a99ac2e177ce |
memory/4524-705-0x0000000004DD0000-0x0000000004E1C000-memory.dmp