Malware Analysis Report

2025-03-15 04:41

Sample ID 240713-cytd6s1hmm
Target accesdelasdadlsada.txt
SHA256 2ff8e5dabfe73c945054318d61a1765eca8e52b1dd7e70f8d292add52b0dcb75
Tags
redline discovery infostealer persistence spyware stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

2ff8e5dabfe73c945054318d61a1765eca8e52b1dd7e70f8d292add52b0dcb75

Threat Level: Known bad

The file accesdelasdadlsada.txt was found to be: Known bad.

Malicious Activity Summary

redline discovery infostealer persistence spyware stealer

RedLine

RedLine payload

Checks computer location settings

Loads dropped DLL

Executes dropped EXE

Reads user/profile data of web browsers

Adds Run key to start application

Checks installed software on the system

Drops file in System32 directory

Drops file in Program Files directory

Program crash

Enumerates physical storage devices

Suspicious use of SetWindowsHookEx

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Checks SCSI registry key(s)

Enumerates system info in registry

Modifies registry class

Opens file in notepad (likely ransom note)

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of FindShellTrayWindow

Suspicious behavior: EnumeratesProcesses

Suspicious use of WriteProcessMemory

Suspicious use of SendNotifyMessage

Modifies system certificate store

Suspicious use of AdjustPrivilegeToken

Checks processor information in registry

Modifies data under HKEY_USERS

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-07-13 02:29

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-07-13 02:29

Reported

2024-07-13 02:48

Platform

win10v2004-20240709-en

Max time kernel

1049s

Max time network

1051s

Command Line

C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\accesdelasdadlsada.txt

Signatures

RedLine

infostealer redline

RedLine payload

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000\Control Panel\International\Geo\Nation C:\Windows\system32\rundll32.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\gldriverquery64.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\gldriverquery.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\vulkandriverquery64.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\account\Steam Authenticator\CefSharp.BrowserSubprocess.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\account\Steam Authenticator\CefSharp.BrowserSubprocess.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\account\Steam Authenticator\CefSharp.BrowserSubprocess.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\account\Steam Authenticator\CefSharp.BrowserSubprocess.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\account\Steam Authenticator\CefSharp.BrowserSubprocess.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\account\Steam Authenticator\CefSharp.BrowserSubprocess.exe N/A

Reads user/profile data of web browsers

spyware stealer

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Steam = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -silent" C:\Users\Admin\Downloads\SteamSetup.exe N/A

Checks installed software on the system

discovery

Drops file in System32 directory

Description Indicator Process Target
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sd_ltrackpad_down_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\switchpro_dpad_up_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps_outlined_button_circle_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\xbox_p1_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sd_l4_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\minithrobber03.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps4_button_options_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\shared_buttons_s.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\cloud_icon_up.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\public\steamui_vietnamese.txt_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps5_trackpad_r_touch_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\public\ppa_italian.htm_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\resource\styles\gameoverlay.styles_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steamui\sounds\deck_ui_out_of_game_detail.wav_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\genesis_z.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_030_inv_0060.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\icon_button_news_mouseover.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\localization\xbox_360_czech.txt_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steam\cached\steamui_postlogon_italian.txt_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\icon_security_junk.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps_rb_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps5_trackpad_r_up_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\templates\controller_generic_gamepad_joystick.vdf_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps_lfn.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\switchpro_rstick_click_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_035_magic_0316.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_040_act_0340.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\localization\xbox_one_latam.txt_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps5_trackpad_r_swipe.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\switchpro_sr_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_060_vehicle_8888.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps_lb.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\switchpro_lstick_click_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps_button_x_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\friends\broadcastrecordererrornotification.res_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_010_wpn_0512.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steam\cached\gridview_placeholder_3.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps5_trackpad_l_click.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\switchpro_lstick_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_045_move_0160.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\icon_security_key.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\public\steamclean_greek.txt_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\joyconpair_left_sl_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps4_trackpad_r_touch_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps_color_outlined_button_circle_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sc_rt_click.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps4_trackpad.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_030_inv_0321.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steamui\localization\steampops_danish-json.js_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\win32_win_min.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_color_outlined_button_b.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_mouse_scroll_down.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_040_act_0317.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_040_act_0329.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_110_social_0100.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\shared_button_x_lg-1.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_mouse_r_click_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps5_button_create_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\friends\SubPanelFindBuddyResults.res_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\resource\layout\deletecustomimagedialog.layout_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\logo7.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps4_l2_soft_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A

Enumerates physical storage devices

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Steam\steam.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\steam.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Steam\steam.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\steam.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\steam.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133653114608914172" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000_Classes\steam\Shell\Open C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000_Classes\steamlink\URL Protocol C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steam\URL Protocol C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000_Classes\steamlink\Shell\Open C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\ = "URL:steamlink protocol" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000_Classes\steam\URL Protocol C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\steam C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steamlink\DefaultIcon C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000_Classes\steam\Shell C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000_Classes\steamlink\ = "URL:steamlink protocol" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000_Classes\steamlink\DefaultIcon C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000_Classes\steamlink\Shell C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000_Classes\Local Settings C:\Program Files\7-Zip\7zFM.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steam\DefaultIcon C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steamlink\Shell\Open\Command C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000_Classes\steam\DefaultIcon C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000_Classes\steamlink\Shell\Open\Command C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steam C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steam\ = "URL:steam protocol" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open\Command C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steamlink C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000_Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000_Classes\steam\Shell\Open\Command C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000_Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1176886754-713327781-2233697964-1000\{F6B8CAAF-91D6-4E9B-B47A-1AAF918A0E59} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1176886754-713327781-2233697964-1000\{1ED4305C-8F43-413C-A4F4-C250F15D93A3} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steam\DefaultIcon\ = "steam.exe" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\DefaultIcon\ = "steam.exe" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000_Classes\steam C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000_Classes\steamlink C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000_Classes\steamlink\DefaultIcon\ = "steam.exe" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steam\Shell\Open\Command C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\URL Protocol C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open\Command C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000_Classes\steam\ = "URL:steam protocol" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000_Classes\steam\DefaultIcon\ = "steam.exe" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A

Modifies system certificate store

evasion spyware trojan
Description Indicator Process Target
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 5c000000010000000400000000080000190000000100000010000000ba4f3972e7aed9dccdc210db59da13c90300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc251d00000001000000100000008f76b981d528ad4770088245e2031b630b0000000100000012000000440069006700690043006500720074000000140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc36200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8040000000100000010000000d474de575c39b2d39c8583c5c065498a2000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a C:\Program Files (x86)\Steam\steam.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8 C:\Program Files (x86)\Steam\steam.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8\Blob = 0400000001000000100000000cd2f9e0da1773e9ed864da5e370e74e14000000010000001400000079b459e67bb6e5e40173800888c81a58f6e99b6e030000000100000014000000cabd2a79a1076a31f21d253635cb039d4329a5e80f00000001000000200000003f0411ede9c4477057d57e57883b1f205b20cdc0f3263129b1ee0269a2678f631900000001000000100000002fe1f70bb05d7c92335bc5e05b984da620000000010000006f0500003082056b30820353a0030201020211008210cfb0d240e3594463e0bb63828b00300d06092a864886f70d01010b0500304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f74205831301e170d3135303630343131303433385a170d3335303630343131303433385a304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f7420583130820222300d06092a864886f70d01010105000382020f003082020a0282020100ade82473f41437f39b9e2b57281c87bedcb7df38908c6e3ce657a078f775c2a2fef56a6ef6004f28dbde68866c4493b6b163fd14126bbf1fd2ea319b217ed1333cba48f5dd79dfb3b8ff12f1219a4bc18a8671694a66666c8f7e3c70bfad292206f3e4c0e680aee24b8fb7997e94039fd347977c99482353e838ae4f0a6f832ed149578c8074b6da2fd0388d7b0370211b75f2303cfa8faeddda63abeb164fc28e114b7ecf0be8ffb5772ef4b27b4ae04c12250c708d0329a0e15324ec13d9ee19bf10b34a8c3f89a36151deac870794f46371ec2ee26f5b9881e1895c34796c76ef3b906279e6dba49a2f26c5d010e10eded9108e16fbb7f7a8f7c7e50207988f360895e7e237960d36759efb0e72b11d9bbc03f94905d881dd05b42ad641e9ac0176950a0fd8dfd5bd121f352f28176cd298c1a80964776e4737baceac595e689d7f72d689c50641293e593edd26f524c911a75aa34c401f46a199b5a73a516e863b9e7d72a712057859ed3e5178150b038f8dd02f05b23e7b4a1c4b730512fcc6eae050137c439374b3ca74e78e1f0108d030d45b7136b407bac130305c48b7823b98a67d608aa2a32982ccbabd83041ba2830341a1d605f11bc2b6f0a87c863b46a8482a88dc769a76bf1f6aa53d198feb38f364dec82b0d0a28fff7dbe21542d422d0275de179fe18e77088ad4ee6d98b3ac6dd27516effbc64f533434f0203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041479b459e67bb6e5e40173800888c81a58f6e99b6e300d06092a864886f70d01010b05000382020100551f58a9bcb2a850d00cb1d81a6920272908ac61755c8a6ef882e5692fd5f6564bb9b8731059d321977ee74c71fbb2d260ad39a80bea17215685f1500e59ebcee059e9bac915ef869d8f8480f6e4e99190dc179b621b45f06695d27c6fc2ea3bef1fcfcbd6ae27f1a9b0c8aefd7d7e9afa2204ebffd97fea912b22b1170e8ff28a345b58d8fc01c954b9b826cc8a8833894c2d843c82dfee965705ba2cbbf7c4b7c74e3b82be31c822737392d1c280a43939103323824c3c9f86b255981dbe29868c229b9ee26b3b573a82704ddc09c789cb0a074d6ce85d8ec9efceabc7bbb52b4e45d64ad026cce572ca086aa595e315a1f7a4edc92c5fa5fbffac28022ebed77bbbe3717b9016d3075e46537c3707428cd3c4969cd599b52ae0951a8048ae4c3907cecc47a452952bbab8fbadd233537de51d4d6dd5a1b1c7426fe64027355ca328b7078de78d3390e7239ffb509c796c46d5b415b3966e7e9b0c963ab8522d3fd65be1fb08c284fe24a8a389daac6ae1182ab1a843615bd31fdc3b8d76f22de88d75df17336c3d53fb7bcb415fffdca2d06138e196b8ac5d8b37d775d533c09911ae9d41c1727584be0241425f67244894d19b27be073fb9b84f817451e17ab7ed9d23e2bee0d52804133c31039edd7a6c8fc60718c67fde478e3f289e0406cfa5543477bdec899be91743df5bdb5ffe8e1e57a2cd409d7e6222dade1827 C:\Program Files (x86)\Steam\steam.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8\Blob = 5c0000000100000004000000001000001900000001000000100000002fe1f70bb05d7c92335bc5e05b984da60f00000001000000200000003f0411ede9c4477057d57e57883b1f205b20cdc0f3263129b1ee0269a2678f63030000000100000014000000cabd2a79a1076a31f21d253635cb039d4329a5e814000000010000001400000079b459e67bb6e5e40173800888c81a58f6e99b6e0400000001000000100000000cd2f9e0da1773e9ed864da5e370e74e20000000010000006f0500003082056b30820353a0030201020211008210cfb0d240e3594463e0bb63828b00300d06092a864886f70d01010b0500304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f74205831301e170d3135303630343131303433385a170d3335303630343131303433385a304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f7420583130820222300d06092a864886f70d01010105000382020f003082020a0282020100ade82473f41437f39b9e2b57281c87bedcb7df38908c6e3ce657a078f775c2a2fef56a6ef6004f28dbde68866c4493b6b163fd14126bbf1fd2ea319b217ed1333cba48f5dd79dfb3b8ff12f1219a4bc18a8671694a66666c8f7e3c70bfad292206f3e4c0e680aee24b8fb7997e94039fd347977c99482353e838ae4f0a6f832ed149578c8074b6da2fd0388d7b0370211b75f2303cfa8faeddda63abeb164fc28e114b7ecf0be8ffb5772ef4b27b4ae04c12250c708d0329a0e15324ec13d9ee19bf10b34a8c3f89a36151deac870794f46371ec2ee26f5b9881e1895c34796c76ef3b906279e6dba49a2f26c5d010e10eded9108e16fbb7f7a8f7c7e50207988f360895e7e237960d36759efb0e72b11d9bbc03f94905d881dd05b42ad641e9ac0176950a0fd8dfd5bd121f352f28176cd298c1a80964776e4737baceac595e689d7f72d689c50641293e593edd26f524c911a75aa34c401f46a199b5a73a516e863b9e7d72a712057859ed3e5178150b038f8dd02f05b23e7b4a1c4b730512fcc6eae050137c439374b3ca74e78e1f0108d030d45b7136b407bac130305c48b7823b98a67d608aa2a32982ccbabd83041ba2830341a1d605f11bc2b6f0a87c863b46a8482a88dc769a76bf1f6aa53d198feb38f364dec82b0d0a28fff7dbe21542d422d0275de179fe18e77088ad4ee6d98b3ac6dd27516effbc64f533434f0203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041479b459e67bb6e5e40173800888c81a58f6e99b6e300d06092a864886f70d01010b05000382020100551f58a9bcb2a850d00cb1d81a6920272908ac61755c8a6ef882e5692fd5f6564bb9b8731059d321977ee74c71fbb2d260ad39a80bea17215685f1500e59ebcee059e9bac915ef869d8f8480f6e4e99190dc179b621b45f06695d27c6fc2ea3bef1fcfcbd6ae27f1a9b0c8aefd7d7e9afa2204ebffd97fea912b22b1170e8ff28a345b58d8fc01c954b9b826cc8a8833894c2d843c82dfee965705ba2cbbf7c4b7c74e3b82be31c822737392d1c280a43939103323824c3c9f86b255981dbe29868c229b9ee26b3b573a82704ddc09c789cb0a074d6ce85d8ec9efceabc7bbb52b4e45d64ad026cce572ca086aa595e315a1f7a4edc92c5fa5fbffac28022ebed77bbbe3717b9016d3075e46537c3707428cd3c4969cd599b52ae0951a8048ae4c3907cecc47a452952bbab8fbadd233537de51d4d6dd5a1b1c7426fe64027355ca328b7078de78d3390e7239ffb509c796c46d5b415b3966e7e9b0c963ab8522d3fd65be1fb08c284fe24a8a389daac6ae1182ab1a843615bd31fdc3b8d76f22de88d75df17336c3d53fb7bcb415fffdca2d06138e196b8ac5d8b37d775d533c09911ae9d41c1727584be0241425f67244894d19b27be073fb9b84f817451e17ab7ed9d23e2bee0d52804133c31039edd7a6c8fc60718c67fde478e3f289e0406cfa5543477bdec899be91743df5bdb5ffe8e1e57a2cd409d7e6222dade1827 C:\Program Files (x86)\Steam\steam.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25 C:\Program Files (x86)\Steam\steam.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 040000000100000010000000d474de575c39b2d39c8583c5c065498a0f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc30b00000001000000120000004400690067006900430065007200740000001d00000001000000100000008f76b981d528ad4770088245e2031b630300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25190000000100000010000000ba4f3972e7aed9dccdc210db59da13c92000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a C:\Program Files (x86)\Steam\steam.exe N/A

Opens file in notepad (likely ransom note)

ransomware
Description Indicator Process Target
N/A N/A C:\Windows\system32\NOTEPAD.EXE N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A
N/A N/A C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeRestorePrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: 35 N/A C:\Program Files\7-Zip\7zFM.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3336 wrote to memory of 3760 N/A C:\Windows\system32\NOTEPAD.EXE C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3336 wrote to memory of 3760 N/A C:\Windows\system32\NOTEPAD.EXE C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 4704 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 2968 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 2968 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 1040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 1040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 1040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 1040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 1040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 1040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 1040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 1040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 1040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 1040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 1040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 1040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 1040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 1040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 1040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 1040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 1040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3760 wrote to memory of 1040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\accesdelasdadlsada.txt

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://go.microsoft.com/fwlink/?LinkId=834783

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff013a46f8,0x7fff013a4708,0x7fff013a4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2184,5813103246512846572,2456855280328618243,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2196 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2184,5813103246512846572,2456855280328618243,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2248 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2184,5813103246512846572,2456855280328618243,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2836 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,5813103246512846572,2456855280328618243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,5813103246512846572,2456855280328618243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3356 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,5813103246512846572,2456855280328618243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4936 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7fff0f9fcc40,0x7fff0f9fcc4c,0x7fff0f9fcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1768,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=1764 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2180,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2192 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2260,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2232 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3140,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3160 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3168,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3304 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3144,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3292 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4056,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4476 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4776,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4840 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4496,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4592 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3148,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3284 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4012,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3152 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x4b8 0x314

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3228,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3288 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5140,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5132 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5296,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5276 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5448,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5420 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5616,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5596 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5268,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5320 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5804,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5032 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\7-Zip\7zFM.exe

"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\account.rar"

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\7zO464316D8\login password.txt

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5108,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4448 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6120,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=6072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5976,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=6328 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=3264,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=6052 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=3540,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5212 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6456,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=6032 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=6708,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=6068 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5400,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=6800 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6712,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=6736 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6732,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=6524 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6692,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=6900 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=6764,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=6616 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=7084,i,8463924184037463888,13510429605310542045,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=6940 /prefetch:1

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\account\" -spe -an -ai#7zMap26892:76:7zEvent6018

C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe

"C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe"

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\account\account\login password.txt

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fff180bcc40,0x7fff180bcc4c,0x7fff180bcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1880,i,9807797792715050839,18075618013455241139,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=1876 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2192,i,9807797792715050839,18075618013455241139,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=2204 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2260,i,9807797792715050839,18075618013455241139,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=2480 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3160,i,9807797792715050839,18075618013455241139,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3172 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3192,i,9807797792715050839,18075618013455241139,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3232 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3724,i,9807797792715050839,18075618013455241139,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=4628 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4860,i,9807797792715050839,18075618013455241139,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=4824 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4748,i,9807797792715050839,18075618013455241139,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=4432 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4724,i,9807797792715050839,18075618013455241139,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=4824 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5152,i,9807797792715050839,18075618013455241139,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3464 /prefetch:1

C:\Users\Admin\Downloads\account\account\Steam Authenticator\Steam.Desktop.Authenticator.exe

"C:\Users\Admin\Downloads\account\account\Steam Authenticator\Steam.Desktop.Authenticator.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fff180bcc40,0x7fff180bcc4c,0x7fff180bcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2040,i,2811583116707387727,2178396620724072209,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=2036 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1924,i,2811583116707387727,2178396620724072209,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=2072 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2296,i,2811583116707387727,2178396620724072209,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=2304 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3144,i,2811583116707387727,2178396620724072209,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3164 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3184,i,2811583116707387727,2178396620724072209,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3196 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3708,i,2811583116707387727,2178396620724072209,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=4652 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3448,i,2811583116707387727,2178396620724072209,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=4400 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4500,i,2811583116707387727,2178396620724072209,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3328 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4844,i,2811583116707387727,2178396620724072209,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=4852 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5220,i,2811583116707387727,2178396620724072209,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=5172 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=208,i,2811583116707387727,2178396620724072209,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=5180 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5588,i,2811583116707387727,2178396620724072209,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=5596 /prefetch:1

C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe

"C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe"

C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe

"C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe"

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\account\account\login password.txt

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fff0f9fcc40,0x7fff0f9fcc4c,0x7fff0f9fcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1972,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=2044 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1892,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=2164 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2308,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=2324 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3176,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3196 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3200,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3240 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3180,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=4592 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4832,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=4848 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5064,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=5076 /prefetch:8

C:\Program Files\Google\Chrome\Application\123.0.6312.106\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.106\Installer\setup.exe" --reenable-autoupdates --system-level

C:\Program Files\Google\Chrome\Application\123.0.6312.106\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.106\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0x268,0x26c,0x270,0x244,0x274,0x7ff7a6364698,0x7ff7a63646a4,0x7ff7a63646b0

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4516,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=4908 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3452,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=5124 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3208,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3404 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5028,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=4744 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5408,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3344 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4088,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3424 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4460,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3448 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5492,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=5500 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5572,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=5364 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5656,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=5692 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=3476,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3188 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=3332,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3380 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5068,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=832 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5308,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3464 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3456,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3432 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5108,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=5156 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=5712,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=4884 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5704,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=4604 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=5476,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=5576 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=5880,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=5080 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5932,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=832 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5884,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3752 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=5456,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=5220 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=5588,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3372 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=3432,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3444 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=6052,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=5116 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=5024,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=5788 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6328,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=6352 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6336,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=6492 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5500,i,10118447940544836221,16737612581816098912,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=6484 /prefetch:8

C:\Users\Admin\Downloads\SteamSetup.exe

"C:\Users\Admin\Downloads\SteamSetup.exe"

C:\Program Files (x86)\Steam\bin\steamservice.exe

"C:\Program Files (x86)\Steam\bin\steamservice.exe" /Install

C:\Program Files (x86)\Steam\steam.exe

"C:\Program Files (x86)\Steam\steam.exe"

C:\Program Files (x86)\Steam\steam.exe

"C:\Program Files (x86)\Steam\steam.exe"

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Admin\AppData\Local\Steam\htmlcache" "-steampid=6156" "-buildid=1718904662" "-steamid=0" "-logdir=C:\Program Files (x86)\Steam\logs" "-uimode=7" "-startcount=0" "-userdatadir=C:\Users\Admin\AppData\Local\Steam\cefdata" "-steamuniverse=Public" "-realm=Global" "-clientui=C:\Program Files (x86)\Steam\clientui" "-steampath=C:\Program Files (x86)\Steam\steam.exe" "-launcher=0" --valve-enable-site-isolation --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-quick-menu "--disable-features=SpareRendererForSitePerProcess,DcheckIsFatal"

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\Admin\AppData\Local\CEF\User Data" --url=https://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1718904662 --initial-client-data=0x368,0x36c,0x370,0x344,0x374,0x7ffefd1eee38,0x7ffefd1eee48,0x7ffefd1eee58

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1718904662 --steamid=0 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=1596 --field-trial-handle=1720,i,17047829018087266465,801803293014459000,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:2

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1718904662 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=2176 --field-trial-handle=1720,i,17047829018087266465,801803293014459000,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x4b8 0x314

C:\Program Files (x86)\Steam\bin\gldriverquery64.exe

.\bin\gldriverquery64.exe

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1718904662 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=2552 --field-trial-handle=1720,i,17047829018087266465,801803293014459000,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:8

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1718904662 --steamid=0 --first-renderer-process --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2960 --field-trial-handle=1720,i,17047829018087266465,801803293014459000,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:1

C:\Program Files (x86)\Steam\bin\gldriverquery.exe

.\bin\gldriverquery.exe

C:\Program Files (x86)\Steam\bin\vulkandriverquery64.exe

.\bin\vulkandriverquery64.exe

C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe

.\bin\vulkandriverquery.exe

C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe

"C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe"

C:\Users\Admin\Downloads\account\account\Steam Authenticator\Steam.Desktop.Authenticator.exe

"C:\Users\Admin\Downloads\account\account\Steam Authenticator\Steam.Desktop.Authenticator.exe"

C:\Users\Admin\Downloads\account\account\Steam Authenticator\Steam.Desktop.Authenticator.exe

"C:\Users\Admin\Downloads\account\account\Steam Authenticator\Steam.Desktop.Authenticator.exe"

C:\Windows\system32\pcwrun.exe

C:\Windows\system32\pcwrun.exe "C:\Users\Admin\Downloads\account\account\Steam Authenticator\Steam.Desktop.Authenticator.exe" ContextMenu

C:\Windows\System32\msdt.exe

C:\Windows\System32\msdt.exe -path C:\Windows\diagnostics\index\PCWDiagnostic.xml -af C:\Users\Admin\AppData\Local\Temp\PCW3952.xml /skip TRUE

C:\Windows\System32\sdiagnhost.exe

C:\Windows\System32\sdiagnhost.exe -Embedding

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\psj35p4u\psj35p4u.cmdline"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES3D2A.tmp" "c:\Users\Admin\AppData\Local\Temp\psj35p4u\CSC2AA79A3F7BE2452CBAC4CCA1AF321830.TMP"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\1tv412ec\1tv412ec.cmdline"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES3D88.tmp" "c:\Users\Admin\AppData\Local\Temp\1tv412ec\CSC51AD9B81796B4B4BB42F85B766AFCA95.TMP"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\vspd1nyb\vspd1nyb.cmdline"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES40D4.tmp" "c:\Users\Admin\AppData\Local\Temp\vspd1nyb\CSC7798BC07FE9A4DF1B0E567C717C04EA9.TMP"

C:\Windows\system32\rundll32.exe

"C:\Windows\system32\rundll32.exe" C:\Windows\system32\pcwutl.dll,LaunchApplication "C:\Users\Admin\Downloads\account\account\Steam Authenticator\Steam.Desktop.Authenticator.exe"

C:\Users\Admin\Downloads\account\account\Steam Authenticator\Steam.Desktop.Authenticator.exe

"C:\Users\Admin\Downloads\account\account\Steam Authenticator\Steam.Desktop.Authenticator.exe"

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1718904662 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=2920 --field-trial-handle=1720,i,17047829018087266465,801803293014459000,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:8

C:\Users\Admin\Downloads\account\account\Steam Authenticator\CefSharp.BrowserSubprocess.exe

"C:\Users\Admin\Downloads\account\account\Steam Authenticator\CefSharp.BrowserSubprocess.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 6684 -ip 6684

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 6684 -s 864

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 73.144.22.2.in-addr.arpa udp
GB 92.123.142.98:443 www.bing.com tcp
US 8.8.8.8:53 98.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
GB 92.123.142.89:443 r.bing.com tcp
GB 92.123.142.91:443 r.bing.com tcp
GB 92.123.142.91:443 r.bing.com tcp
GB 92.123.142.89:443 r.bing.com tcp
US 8.8.8.8:53 89.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 91.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.180.4:443 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 4.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 we.tl udp
FR 3.165.113.4:443 we.tl tcp
FR 3.165.113.4:443 we.tl tcp
US 8.8.8.8:53 wetransfer.com udp
FR 18.164.52.7:443 wetransfer.com tcp
US 8.8.8.8:53 cdn.wetransfer.com udp
FR 18.164.52.7:443 cdn.wetransfer.com udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 tagging.wetransfer.com udp
US 151.101.65.229:443 cdn.jsdelivr.net tcp
FR 3.165.113.123:443 tagging.wetransfer.com tcp
US 8.8.8.8:53 public.profitwell.com udp
US 8.8.8.8:53 ekstrom.wetransfer.net udp
FR 18.164.52.98:443 cdn.wetransfer.com udp
FR 18.155.129.23:443 public.profitwell.com tcp
IE 52.50.130.8:443 ekstrom.wetransfer.net tcp
IE 52.50.130.8:443 ekstrom.wetransfer.net tcp
US 8.8.8.8:53 4.113.165.3.in-addr.arpa udp
US 8.8.8.8:53 229.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 7.52.164.18.in-addr.arpa udp
US 8.8.8.8:53 123.113.165.3.in-addr.arpa udp
US 8.8.8.8:53 78.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 98.52.164.18.in-addr.arpa udp
US 8.8.8.8:53 23.129.155.18.in-addr.arpa udp
US 8.8.8.8:53 auth-session-caching.wetransfer.net udp
IE 34.252.43.241:443 auth-session-caching.wetransfer.net tcp
US 8.8.8.8:53 privacy.wetransfer.com udp
FR 52.222.169.75:443 privacy.wetransfer.com tcp
US 8.8.8.8:53 experiments.wetransfer.com udp
FR 52.222.169.75:443 privacy.wetransfer.com tcp
US 8.8.8.8:53 8.130.50.52.in-addr.arpa udp
US 8.8.8.8:53 241.43.252.34.in-addr.arpa udp
US 8.8.8.8:53 75.169.222.52.in-addr.arpa udp
US 8.8.8.8:53 analytics-v2.wetransfer.com udp
FR 3.162.38.105:443 experiments.wetransfer.com tcp
FR 52.222.201.121:443 analytics-v2.wetransfer.com tcp
US 8.8.8.8:53 121.201.222.52.in-addr.arpa udp
US 8.8.8.8:53 105.38.162.3.in-addr.arpa udp
US 8.8.8.8:53 snowplow.wetransfer.com udp
IE 63.34.98.116:443 snowplow.wetransfer.com tcp
IE 63.34.98.116:443 snowplow.wetransfer.com tcp
US 8.8.8.8:53 e-10220.adzerk.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 44.221.17.21:443 e-10220.adzerk.net tcp
GB 142.250.200.2:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 clients2.google.com udp
GB 172.217.16.238:443 clients2.google.com udp
US 8.8.8.8:53 194.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 116.98.34.63.in-addr.arpa udp
US 8.8.8.8:53 2.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 21.17.221.44.in-addr.arpa udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
GB 172.217.16.238:443 clients2.google.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 connect.facebook.net udp
GB 142.250.180.4:443 www.google.com tcp
US 8.8.8.8:53 www.redditstatic.com udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 s.pinimg.com udp
US 8.8.8.8:53 cdn.treasuredata.com udp
US 8.8.8.8:53 js.adsrvr.org udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 nolan.wetransfer.net udp
GB 157.240.221.16:443 connect.facebook.net tcp
US 13.107.21.237:443 bat.bing.com tcp
US 151.101.193.140:443 www.redditstatic.com tcp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 8.8.8.8:53 di.rlcdn.com udp
FR 18.244.32.109:443 js.adsrvr.org tcp
FR 3.165.118.121:443 c.amazon-adsystem.com tcp
GB 199.232.56.84:443 s.pinimg.com tcp
FR 18.245.199.89:443 nolan.wetransfer.net tcp
US 52.46.143.56:443 s.amazon-adsystem.com tcp
US 35.244.174.68:443 di.rlcdn.com tcp
FR 18.244.28.65:443 cdn.treasuredata.com tcp
GB 142.250.200.2:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 pixel-config.reddit.com udp
US 151.101.193.140:443 pixel-config.reddit.com tcp
US 8.8.8.8:53 alb.reddit.com udp
GB 199.232.56.84:443 s.pinimg.com udp
US 151.101.193.140:443 alb.reddit.com tcp
US 151.101.65.140:443 alb.reddit.com tcp
US 8.8.8.8:53 insight.adsrvr.org udp
US 52.46.143.56:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 ct.pinterest.com udp
GB 157.240.221.16:443 connect.facebook.net udp
US 15.197.193.217:443 insight.adsrvr.org tcp
US 8.8.8.8:53 eu01.in.treasuredata.com udp
GB 184.26.132.239:443 ct.pinterest.com tcp
GB 184.26.132.239:443 ct.pinterest.com tcp
GB 184.26.132.239:443 ct.pinterest.com tcp
DE 18.158.123.239:443 eu01.in.treasuredata.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.214.35:443 www.facebook.com tcp
GB 157.240.214.35:443 www.facebook.com tcp
US 8.8.8.8:53 match.adsrvr.org udp
DE 18.158.123.239:443 eu01.in.treasuredata.com tcp
GB 184.26.132.239:443 ct.pinterest.com udp
US 8.8.8.8:53 lebowski.wetransfer.com udp
GB 184.26.132.239:443 ct.pinterest.com tcp
US 8.8.8.8:53 cdn.brandmetrics.com udp
IE 52.210.179.12:443 lebowski.wetransfer.com tcp
FR 18.244.32.109:443 js.adsrvr.org tcp
US 172.67.69.191:443 cdn.brandmetrics.com tcp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 collector.brandmetrics.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
IE 52.210.179.12:443 lebowski.wetransfer.com tcp
NL 185.89.210.153:443 ib.adnxs.com tcp
NL 20.50.2.28:443 collector.brandmetrics.com tcp
GB 142.250.200.2:443 cm.g.doubleclick.net tcp
US 8.8.8.8:53 dsum-sec.casalemedia.com udp
US 104.18.36.155:443 dsum-sec.casalemedia.com tcp
US 104.18.36.155:443 dsum-sec.casalemedia.com udp
FR 18.245.199.89:443 nolan.wetransfer.net tcp
US 8.8.8.8:53 www.datadoghq-browser-agent.com udp
FR 3.165.111.23:443 www.datadoghq-browser-agent.com tcp
GB 157.240.214.35:443 www.facebook.com udp
US 8.8.8.8:53 16.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 237.21.107.13.in-addr.arpa udp
US 8.8.8.8:53 140.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 84.56.232.199.in-addr.arpa udp
US 8.8.8.8:53 109.32.244.18.in-addr.arpa udp
US 8.8.8.8:53 121.118.165.3.in-addr.arpa udp
US 8.8.8.8:53 89.199.245.18.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 65.28.244.18.in-addr.arpa udp
US 8.8.8.8:53 56.143.46.52.in-addr.arpa udp
US 8.8.8.8:53 140.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 217.193.197.15.in-addr.arpa udp
US 8.8.8.8:53 239.132.26.184.in-addr.arpa udp
US 8.8.8.8:53 35.214.240.157.in-addr.arpa udp
US 8.8.8.8:53 23.111.165.3.in-addr.arpa udp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 8.8.8.8:53 153.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 28.2.50.20.in-addr.arpa udp
US 8.8.8.8:53 12.179.210.52.in-addr.arpa udp
US 8.8.8.8:53 191.69.67.172.in-addr.arpa udp
US 8.8.8.8:53 239.123.158.18.in-addr.arpa udp
US 8.8.8.8:53 backgrounds.wetransfer.net udp
FR 99.86.91.32:443 backgrounds.wetransfer.net tcp
US 8.8.8.8:53 prod-cdn.wetransfer.net udp
FR 18.164.52.36:443 prod-cdn.wetransfer.net tcp
US 8.8.8.8:53 z.moatads.com udp
NL 20.50.2.28:443 collector.brandmetrics.com tcp
US 8.8.8.8:53 cdn.lamp.avct.cloud udp
US 8.8.8.8:53 donny.wetransfer.com udp
US 8.8.8.8:53 d9.flashtalking.com udp
US 8.8.8.8:53 data.ad-score.com udp
US 8.8.8.8:53 32.91.86.99.in-addr.arpa udp
US 8.8.8.8:53 36.52.164.18.in-addr.arpa udp
IE 52.210.179.12:443 donny.wetransfer.com tcp
US 130.211.115.4:443 data.ad-score.com tcp
GB 2.18.109.123:443 z.moatads.com tcp
IE 54.155.6.233:443 d9.flashtalking.com tcp
FR 18.245.175.7:443 cdn.lamp.avct.cloud tcp
US 8.8.8.8:53 px.moatads.com udp
US 8.8.8.8:53 measure.lamp.avct.cloud udp
IE 52.51.138.109:443 measure.lamp.avct.cloud tcp
US 8.8.8.8:53 download.wetransfer.com udp
FR 18.155.129.78:443 download.wetransfer.com tcp
FR 18.155.129.78:443 download.wetransfer.com tcp
US 8.8.8.8:53 233.6.155.54.in-addr.arpa udp
US 8.8.8.8:53 4.115.211.130.in-addr.arpa udp
US 8.8.8.8:53 123.109.18.2.in-addr.arpa udp
US 8.8.8.8:53 109.138.51.52.in-addr.arpa udp
US 8.8.8.8:53 7.175.245.18.in-addr.arpa udp
US 8.8.8.8:53 78.129.155.18.in-addr.arpa udp
US 8.8.8.8:53 secure.insightexpressai.com udp
GB 2.18.108.74:443 secure.insightexpressai.com tcp
US 8.8.8.8:53 102.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 74.108.18.2.in-addr.arpa udp
GB 142.250.180.4:443 www.google.com udp
US 8.8.8.8:53 wetransfer.com udp
FR 18.164.52.7:443 wetransfer.com udp
US 8.8.8.8:53 88.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 21.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 pisem.net udp
GB 185.221.63.17:443 pisem.net tcp
GB 185.221.63.17:443 pisem.net tcp
GB 185.221.63.17:443 pisem.net udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 227.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 px.moatads.com udp
US 8.8.8.8:53 lebowski.wetransfer.com udp
US 8.8.8.8:53 nolan.wetransfer.net udp
US 8.8.8.8:53 backgrounds.wetransfer.net udp
US 8.8.8.8:53 collector.brandmetrics.com udp
US 8.8.8.8:53 donny.wetransfer.com udp
US 8.8.8.8:53 d9.flashtalking.com udp
US 8.8.8.8:53 snowplow.wetransfer.com udp
US 130.211.115.4:443 data.ad-score.com tcp
US 8.8.8.8:53 cdn.lamp.avct.cloud udp
IE 54.155.6.233:443 d9.flashtalking.com tcp
US 8.8.8.8:53 measure.lamp.avct.cloud udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 dns-tunnel-check.googlezip.net udp
US 8.8.8.8:53 tunnel.googlezip.net udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.46:443 play.google.com tcp
US 8.8.8.8:53 157.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 46.200.250.142.in-addr.arpa udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.200.46:443 play.google.com udp
US 8.8.8.8:53 consent.google.com udp
GB 172.217.16.238:443 consent.google.com tcp
US 8.8.8.8:53 www.mailboxvalidator.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 mailboxvalidator.hexa-soft.com udp
US 8.8.8.8:53 stackpath.bootstrapcdn.com udp
US 52.70.161.170:443 www.mailboxvalidator.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 172.67.156.121:443 mailboxvalidator.hexa-soft.com tcp
US 172.67.156.121:443 mailboxvalidator.hexa-soft.com tcp
US 172.67.156.121:443 mailboxvalidator.hexa-soft.com tcp
US 172.67.156.121:443 mailboxvalidator.hexa-soft.com tcp
US 172.67.156.121:443 mailboxvalidator.hexa-soft.com tcp
US 172.67.156.121:443 mailboxvalidator.hexa-soft.com tcp
US 104.18.10.207:443 stackpath.bootstrapcdn.com tcp
US 172.67.156.121:443 mailboxvalidator.hexa-soft.com udp
US 8.8.8.8:53 widget.trustpilot.com udp
US 52.70.161.170:443 www.mailboxvalidator.com tcp
FR 3.165.113.60:443 widget.trustpilot.com tcp
US 8.8.8.8:53 121.156.67.172.in-addr.arpa udp
US 8.8.8.8:53 14.25.17.104.in-addr.arpa udp
US 8.8.8.8:53 207.10.18.104.in-addr.arpa udp
US 8.8.8.8:53 170.161.70.52.in-addr.arpa udp
US 8.8.8.8:53 72.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 snap.licdn.com udp
US 204.79.197.237:443 bat.bing.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
FR 3.165.113.60:443 widget.trustpilot.com tcp
GB 173.222.211.50:443 snap.licdn.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 px.ads.linkedin.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 52.70.161.170:443 www.mailboxvalidator.com tcp
US 13.107.42.14:443 px.ads.linkedin.com tcp
US 8.8.8.8:53 60.113.165.3.in-addr.arpa udp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 50.211.222.173.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 www.ipqualityscore.com udp
US 172.67.72.12:443 www.ipqualityscore.com tcp
US 172.67.72.12:443 www.ipqualityscore.com tcp
US 172.67.72.12:443 www.ipqualityscore.com tcp
US 172.67.72.12:443 www.ipqualityscore.com tcp
US 172.67.72.12:443 www.ipqualityscore.com tcp
US 172.67.72.12:443 www.ipqualityscore.com tcp
US 172.67.72.12:443 www.ipqualityscore.com udp
US 172.67.72.12:443 www.ipqualityscore.com udp
US 8.8.8.8:53 s.adroll.com udp
US 8.8.8.8:53 instant.page udp
US 8.8.8.8:53 12.72.67.172.in-addr.arpa udp
FR 18.245.199.108:443 s.adroll.com tcp
US 104.19.231.99:443 instant.page tcp
US 8.8.8.8:53 fn.us.ipqualityscore.com udp
US 192.158.224.59:443 fn.us.ipqualityscore.com tcp
US 192.158.224.59:443 fn.us.ipqualityscore.com tcp
US 8.8.8.8:53 stun.services.mozilla.com udp
US 8.8.8.8:53 stun.services.mozilla.com udp
US 8.8.8.8:53 d.adroll.com udp
IE 52.31.243.222:443 d.adroll.com tcp
GB 142.250.200.2:443 cm.g.doubleclick.net tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
BE 74.125.71.155:443 stats.g.doubleclick.net tcp
US 216.239.34.36:443 region1.analytics.google.com tcp
GB 142.250.180.4:443 www.google.com tcp
GB 172.217.16.227:443 www.google.co.uk tcp
GB 172.217.16.227:443 www.google.co.uk tcp
GB 142.250.180.4:443 www.google.com tcp
GB 172.217.16.227:443 www.google.co.uk tcp
US 8.8.8.8:53 99.231.19.104.in-addr.arpa udp
US 8.8.8.8:53 108.199.245.18.in-addr.arpa udp
US 8.8.8.8:53 59.224.158.192.in-addr.arpa udp
US 8.8.8.8:53 2.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 155.71.125.74.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 222.243.31.52.in-addr.arpa udp
US 8.8.8.8:53 227.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 2.180.250.142.in-addr.arpa udp
GB 172.217.16.227:443 www.google.co.uk udp
GB 142.250.200.2:443 cm.g.doubleclick.net udp
US 192.158.224.59:443 fn.us.ipqualityscore.com tcp
GB 142.250.180.4:443 www.google.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 google.com udp
GB 142.250.200.46:443 google.com tcp
GB 142.250.200.46:443 google.com tcp
GB 142.250.200.46:443 google.com udp
US 192.158.224.59:443 fn.us.ipqualityscore.com tcp
US 8.8.8.8:53 stun.services.mozilla.com udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 lebowski.wetransfer.com udp
IE 52.210.179.12:443 lebowski.wetransfer.com tcp
IE 52.210.179.12:443 lebowski.wetransfer.com tcp
US 8.8.8.8:53 nolan.wetransfer.net udp
US 8.8.8.8:53 px.moatads.com udp
US 8.8.8.8:53 measure.lamp.avct.cloud udp
US 8.8.8.8:53 collector.brandmetrics.com udp
IE 52.51.111.113:443 measure.lamp.avct.cloud tcp
US 8.8.8.8:53 backgrounds.wetransfer.net udp
US 8.8.8.8:53 113.111.51.52.in-addr.arpa udp
US 8.8.8.8:53 donny.wetransfer.com udp
US 8.8.8.8:53 snowplow.wetransfer.com udp
US 8.8.8.8:53 cdn.lamp.avct.cloud udp
IE 34.253.62.226:443 donny.wetransfer.com tcp
IE 63.34.98.116:443 snowplow.wetransfer.com tcp
US 8.8.8.8:53 226.62.253.34.in-addr.arpa udp
US 192.158.224.59:443 fn.us.ipqualityscore.com tcp
US 8.8.8.8:53 stun.services.mozilla.com udp
US 8.8.8.8:53 stun.services.mozilla.com udp
US 192.158.224.59:443 fn.us.ipqualityscore.com tcp
GB 142.250.180.4:443 www.google.com udp
US 52.70.161.170:443 www.mailboxvalidator.com tcp
US 172.67.156.121:443 mailboxvalidator.hexa-soft.com udp
US 104.18.10.207:443 stackpath.bootstrapcdn.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
US 52.70.161.170:443 www.mailboxvalidator.com tcp
US 216.239.32.36:443 region1.analytics.google.com udp
GB 142.250.180.4:443 www.google.com tcp
GB 142.250.180.4:443 www.google.com tcp
GB 142.250.180.4:443 www.google.com udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 secure.insightexpressai.com udp
GB 184.26.57.33:443 secure.insightexpressai.com tcp
US 8.8.8.8:53 33.57.26.184.in-addr.arpa udp
US 8.8.8.8:53 px.moatads.com udp
US 8.8.8.8:53 90.16.208.104.in-addr.arpa udp
US 216.239.32.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 px.ads.linkedin.com udp
US 104.18.10.207:443 stackpath.bootstrapcdn.com udp
US 52.70.161.170:443 www.mailboxvalidator.com tcp
US 52.70.161.170:443 www.mailboxvalidator.com tcp
US 172.67.156.121:443 mailboxvalidator.hexa-soft.com udp
US 8.8.8.8:53 widget.trustpilot.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
US 8.8.8.8:53 snap.licdn.com udp
US 8.8.8.8:53 bat.bing.com udp
GB 173.222.211.56:443 snap.licdn.com tcp
US 8.8.8.8:53 56.211.222.173.in-addr.arpa udp
US 8.8.8.8:53 226.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 lebowski.wetransfer.com udp
US 8.8.8.8:53 nolan.wetransfer.net udp
US 8.8.8.8:53 snowplow.wetransfer.com udp
US 8.8.8.8:53 cdn.lamp.avct.cloud udp
US 8.8.8.8:53 donny.wetransfer.com udp
US 8.8.8.8:53 collector.brandmetrics.com udp
US 8.8.8.8:53 measure.lamp.avct.cloud udp
US 8.8.8.8:53 wetransfer.com udp
DE 185.106.92.124:2007 tcp
US 8.8.8.8:53 124.92.106.185.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
GB 142.250.180.4:443 www.google.com udp
US 8.8.8.8:53 clients2.google.com udp
GB 172.217.16.238:443 clients2.google.com udp
GB 172.217.16.238:443 clients2.google.com tcp
US 8.8.8.8:53 id.google.com udp
GB 172.217.169.67:443 id.google.com tcp
US 8.8.8.8:53 dns-tunnel-check.googlezip.net udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.213.10:443 content-autofill.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 10.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 store.steampowered.com udp
GB 173.222.211.121:443 store.akamai.steamstatic.com tcp
GB 173.222.211.121:443 store.akamai.steamstatic.com tcp
GB 173.222.211.121:443 store.akamai.steamstatic.com tcp
GB 173.222.211.121:443 store.akamai.steamstatic.com tcp
GB 173.222.211.121:443 store.akamai.steamstatic.com tcp
GB 173.222.211.121:443 store.akamai.steamstatic.com tcp
GB 142.250.200.46:443 google.com udp
GB 142.250.200.46:443 google.com tcp
US 8.8.8.8:53 cdn.akamai.steamstatic.com udp
US 8.8.8.8:53 shared.akamai.steamstatic.com udp
GB 173.222.211.121:443 store.akamai.steamstatic.com tcp
GB 173.222.211.121:443 store.akamai.steamstatic.com tcp
GB 173.222.211.115:443 cdn.akamai.steamstatic.com tcp
GB 173.222.211.130:443 shared.akamai.steamstatic.com tcp
GB 173.222.211.130:443 shared.akamai.steamstatic.com tcp
GB 173.222.211.130:443 shared.akamai.steamstatic.com tcp
GB 173.222.211.130:443 shared.akamai.steamstatic.com tcp
GB 173.222.211.130:443 shared.akamai.steamstatic.com tcp
GB 173.222.211.130:443 shared.akamai.steamstatic.com tcp
GB 173.222.211.121:443 store.akamai.steamstatic.com tcp
GB 184.25.193.136:443 store.steampowered.com tcp
GB 173.222.211.121:443 store.akamai.steamstatic.com tcp
GB 173.222.211.121:443 store.akamai.steamstatic.com tcp
GB 173.222.211.121:443 store.akamai.steamstatic.com tcp
GB 184.25.193.136:443 store.steampowered.com tcp
GB 184.25.193.136:443 store.steampowered.com tcp
GB 184.25.193.136:443 store.steampowered.com tcp
US 8.8.8.8:53 121.211.222.173.in-addr.arpa udp
US 8.8.8.8:53 115.211.222.173.in-addr.arpa udp
US 8.8.8.8:53 130.211.222.173.in-addr.arpa udp
US 8.8.8.8:53 136.193.25.184.in-addr.arpa udp
US 8.8.8.8:53 api.steampowered.com udp
GB 23.214.143.155:443 api.steampowered.com tcp
US 8.8.8.8:53 155.143.214.23.in-addr.arpa udp
GB 216.58.213.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 login.steampowered.com udp
GB 23.214.143.155:443 login.steampowered.com tcp
GB 216.58.213.10:443 content-autofill.googleapis.com udp
GB 216.58.213.10:443 content-autofill.googleapis.com udp
DE 185.106.92.124:2007 tcp
GB 142.250.180.4:443 www.google.com tcp
GB 142.250.180.4:443 www.google.com udp
FR 3.165.113.109:443 we.tl tcp
US 8.8.8.8:53 109.113.165.3.in-addr.arpa udp
US 8.8.8.8:53 store.steampowered.com udp
GB 184.25.193.136:443 store.steampowered.com tcp
GB 184.25.193.136:443 store.steampowered.com tcp
US 8.8.8.8:53 login.steampowered.com udp
GB 23.214.143.155:443 login.steampowered.com tcp
US 8.8.8.8:53 api.steampowered.com udp
GB 23.214.143.155:443 api.steampowered.com tcp
GB 172.217.16.238:443 clients2.google.com udp
GB 172.217.16.238:443 clients2.google.com tcp
US 8.8.8.8:53 help.steampowered.com udp
GB 23.214.143.155:443 help.steampowered.com tcp
GB 23.214.143.155:443 help.steampowered.com tcp
GB 23.214.143.155:443 help.steampowered.com tcp
GB 23.214.143.155:443 help.steampowered.com tcp
GB 23.214.143.155:443 help.steampowered.com tcp
GB 23.214.143.155:443 help.steampowered.com tcp
GB 142.250.180.4:443 www.google.com tcp
GB 216.58.213.10:443 content-autofill.googleapis.com tcp
GB 142.250.180.4:443 www.google.com tcp
GB 216.58.213.10:443 content-autofill.googleapis.com udp
GB 142.250.180.4:443 www.google.com udp
GB 142.250.180.4:443 www.google.com udp
DE 185.106.92.124:2007 tcp
DE 185.106.92.124:2007 tcp
GB 142.250.180.4:443 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
GB 172.217.16.238:443 clients2.google.com udp
GB 172.217.16.238:443 clients2.google.com tcp
GB 172.217.169.67:443 id.google.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.46:443 play.google.com udp
GB 142.250.200.46:443 play.google.com tcp
US 8.8.8.8:53 answers.microsoft.com udp
GB 104.103.252.222:443 answers.microsoft.com tcp
GB 104.103.252.222:443 answers.microsoft.com tcp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 40.126.31.69:443 login.microsoftonline.com tcp
US 8.8.8.8:53 aadcdn.msauth.net udp
US 8.8.8.8:53 222.252.103.104.in-addr.arpa udp
US 8.8.8.8:53 69.31.126.40.in-addr.arpa udp
IE 40.126.31.69:443 login.microsoftonline.com tcp
GB 104.103.252.222:443 answers.microsoft.com tcp
US 8.8.8.8:53 identity.nel.measure.office.net udp
US 8.8.8.8:53 aadcdn.msftauth.net udp
GB 173.222.211.120:443 identity.nel.measure.office.net tcp
IE 40.126.31.69:443 login.microsoftonline.com tcp
US 8.8.8.8:53 120.211.222.173.in-addr.arpa udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 133.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 answers-afd.microsoft.com udp
GB 184.25.193.234:443 www.microsoft.com tcp
US 8.8.8.8:53 js.monitor.azure.com udp
US 8.8.8.8:53 consentdeliveryfd.azurefd.net udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 mem.gfx.ms udp
GB 184.25.193.234:443 www.microsoft.com tcp
GB 216.58.213.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 234.193.25.184.in-addr.arpa udp
US 8.8.8.8:53 19.211.222.173.in-addr.arpa udp
IE 40.126.31.69:443 login.microsoftonline.com tcp
US 8.8.8.8:53 acctcdn.msauth.net udp
US 8.8.8.8:53 acctcdn.msftauth.net udp
US 8.8.8.8:53 lgincdnmsftuswe2.azureedge.net udp
US 8.8.8.8:53 lgincdnvzeuno.azureedge.net udp
US 152.199.21.175:443 lgincdnvzeuno.azureedge.net tcp
US 8.8.8.8:53 logincdn.msftauth.net udp
US 8.8.8.8:53 acctcdnvzeuno.azureedge.net udp
US 8.8.8.8:53 acctcdnmsftuswe2.azureedge.net udp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
US 20.189.173.1:443 browser.events.data.microsoft.com tcp
US 8.8.8.8:53 175.21.199.152.in-addr.arpa udp
US 20.189.173.1:443 browser.events.data.microsoft.com tcp
GB 216.58.213.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 yandex.ru udp
RU 5.255.255.77:443 yandex.ru tcp
GB 142.250.180.4:443 www.google.com udp
RU 5.255.255.77:443 yandex.ru tcp
US 8.8.8.8:53 77.255.255.5.in-addr.arpa udp
US 8.8.8.8:53 yastatic.net udp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 samsara.s3.yandex.net udp
RU 178.154.131.217:443 yastatic.net tcp
RU 87.250.251.119:443 mc.yandex.ru tcp
RU 93.158.134.158:443 samsara.s3.yandex.net tcp
US 8.8.8.8:53 forms.yandex.ru udp
RU 213.180.204.73:443 forms.yandex.ru tcp
GB 216.58.213.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 uxfeedback-cdn.s3.yandex.net udp
RU 93.158.134.158:443 uxfeedback-cdn.s3.yandex.net tcp
RU 93.158.134.158:443 uxfeedback-cdn.s3.yandex.net tcp
RU 93.158.134.158:443 uxfeedback-cdn.s3.yandex.net tcp
US 8.8.8.8:53 mc.yandex.com udp
US 8.8.8.8:53 csp.yandex.net udp
RU 87.250.250.104:443 csp.yandex.net tcp
RU 87.250.250.104:443 csp.yandex.net tcp
RU 87.250.250.104:443 csp.yandex.net tcp
RU 87.250.250.104:443 csp.yandex.net tcp
RU 87.250.250.104:443 csp.yandex.net tcp
RU 87.250.250.104:443 csp.yandex.net tcp
US 8.8.8.8:53 217.131.154.178.in-addr.arpa udp
US 8.8.8.8:53 158.134.158.93.in-addr.arpa udp
US 8.8.8.8:53 119.251.250.87.in-addr.arpa udp
US 8.8.8.8:53 73.204.180.213.in-addr.arpa udp
US 8.8.8.8:53 104.250.250.87.in-addr.arpa udp
US 8.8.8.8:53 api.uxfeedback.yandex.net udp
GB 216.58.213.10:443 content-autofill.googleapis.com udp
RU 87.250.250.159:443 api.uxfeedback.yandex.net tcp
RU 87.250.250.159:443 api.uxfeedback.yandex.net tcp
US 8.8.8.8:53 159.250.250.87.in-addr.arpa udp
US 8.8.8.8:53 passport.yandex.ru udp
RU 213.180.204.24:443 passport.yandex.ru tcp
RU 213.180.204.24:443 passport.yandex.ru tcp
US 8.8.8.8:53 24.204.180.213.in-addr.arpa udp
US 8.8.8.8:53 avatars.mds.yandex.net udp
RU 87.250.247.183:443 avatars.mds.yandex.net tcp
US 8.8.8.8:53 183.247.250.87.in-addr.arpa udp
US 8.8.8.8:53 identity.nel.measure.office.net udp
GB 216.58.213.10:443 content-autofill.googleapis.com tcp
GB 216.58.213.10:443 content-autofill.googleapis.com tcp
GB 216.58.213.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.180.4:443 www.google.com udp
US 8.8.8.8:53 www.whois.com udp
US 173.199.130.30:443 www.whois.com tcp
US 173.199.130.30:443 www.whois.com tcp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 30.130.199.173.in-addr.arpa udp
US 8.8.8.8:53 14.24.17.104.in-addr.arpa udp
US 8.8.8.8:53 shop.whois.com udp
US 172.67.14.247:443 shop.whois.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com udp
US 8.8.8.8:53 assets.whois.com udp
US 8.8.8.8:53 247.14.67.172.in-addr.arpa udp
GB 216.58.213.10:443 content-autofill.googleapis.com tcp
GB 142.250.180.4:443 www.google.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.200.46:443 play.google.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 52.70.161.170:443 www.mailboxvalidator.com tcp
US 52.70.161.170:443 www.mailboxvalidator.com tcp
US 8.8.8.8:53 mailboxvalidator.hexa-soft.com udp
US 8.8.8.8:53 widget.trustpilot.com udp
US 8.8.8.8:53 stackpath.bootstrapcdn.com udp
US 104.18.11.207:443 stackpath.bootstrapcdn.com udp
US 104.21.81.30:443 mailboxvalidator.hexa-soft.com udp
US 104.17.24.14:443 cdnjs.cloudflare.com udp
US 8.8.8.8:53 snap.licdn.com udp
US 8.8.8.8:53 207.11.18.104.in-addr.arpa udp
US 8.8.8.8:53 30.81.21.104.in-addr.arpa udp
US 8.8.8.8:53 px.ads.linkedin.com udp
FR 3.165.113.122:443 widget.trustpilot.com tcp
US 13.107.42.14:443 px.ads.linkedin.com tcp
US 204.79.197.237:443 bat.bing.com tcp
US 8.8.8.8:53 122.113.165.3.in-addr.arpa udp
GB 142.250.180.4:443 www.google.com udp
GB 142.250.180.4:443 www.google.com udp
GB 216.58.213.10:443 content-autofill.googleapis.com udp
GB 216.58.213.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 pisem-net.mutawakkil.com udp
US 134.122.30.95:443 pisem-net.mutawakkil.com tcp
US 134.122.30.95:443 pisem-net.mutawakkil.com tcp
US 8.8.8.8:53 95.30.122.134.in-addr.arpa udp
US 8.8.8.8:53 mutawakkil.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
GB 142.250.180.4:443 www.google.com tcp
GB 142.250.180.4:443 www.google.com tcp
US 134.122.30.95:443 mutawakkil.com tcp
US 134.122.30.95:443 mutawakkil.com tcp
US 134.122.30.95:443 mutawakkil.com tcp
US 134.122.30.95:443 mutawakkil.com tcp
US 134.122.30.95:443 mutawakkil.com tcp
US 134.122.30.95:443 mutawakkil.com tcp
GB 216.58.201.106:443 ajax.googleapis.com tcp
US 8.8.8.8:53 t0.gstatic.com udp
US 8.8.8.8:53 t3.gstatic.com udp
GB 216.58.201.100:443 t0.gstatic.com tcp
GB 142.250.180.4:443 t3.gstatic.com tcp
US 216.239.32.36:443 region1.google-analytics.com tcp
GB 142.250.180.4:443 t3.gstatic.com udp
GB 216.58.201.100:443 t0.gstatic.com udp
US 8.8.8.8:53 t2.gstatic.com udp
US 8.8.8.8:53 t1.gstatic.com udp
US 8.8.8.8:53 maps.google.com udp
GB 216.58.212.228:443 t2.gstatic.com tcp
US 134.122.30.95:443 mutawakkil.com tcp
US 134.122.30.95:443 mutawakkil.com tcp
GB 216.58.212.228:443 t2.gstatic.com tcp
GB 216.58.212.228:443 t2.gstatic.com tcp
GB 216.58.212.228:443 t2.gstatic.com tcp
GB 216.58.212.228:443 t2.gstatic.com tcp
GB 216.58.212.228:443 t2.gstatic.com tcp
GB 172.217.169.68:443 t1.gstatic.com tcp
GB 172.217.169.68:443 t1.gstatic.com tcp
GB 172.217.169.68:443 t1.gstatic.com tcp
GB 172.217.169.68:443 t1.gstatic.com tcp
GB 142.250.187.238:443 maps.google.com tcp
US 134.122.30.95:443 mutawakkil.com tcp
GB 216.58.213.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 216.58.204.66:443 googleads.g.doubleclick.net tcp
GB 142.250.180.4:443 t3.gstatic.com tcp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 228.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 68.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 66.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 maps.gstatic.com udp
US 8.8.8.8:53 maps.googleapis.com udp
GB 142.250.200.3:443 maps.gstatic.com tcp
GB 142.250.180.10:443 maps.googleapis.com tcp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
GB 172.217.169.46:443 fundingchoicesmessages.google.com tcp
GB 142.250.180.10:443 maps.googleapis.com udp
GB 142.250.180.10:443 maps.googleapis.com udp
GB 172.217.169.46:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
GB 142.250.187.225:443 lh3.googleusercontent.com tcp
GB 172.217.169.46:443 fundingchoicesmessages.google.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.emaildiscussions.com udp
GB 77.72.1.46:80 www.emaildiscussions.com tcp
GB 77.72.1.46:80 www.emaildiscussions.com tcp
GB 77.72.1.46:443 www.emaildiscussions.com tcp
GB 77.72.1.46:443 www.emaildiscussions.com tcp
US 8.8.8.8:53 dns-tunnel-check.googlezip.net udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.200.46:443 play.google.com udp
US 8.8.8.8:53 mail.google.com udp
GB 142.250.178.5:443 mail.google.com tcp
GB 142.250.178.5:443 mail.google.com tcp
US 8.8.8.8:53 5.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.102.84:443 accounts.google.com udp
GB 142.250.187.225:443 lh3.googleusercontent.com tcp
US 8.8.8.8:53 84.102.250.142.in-addr.arpa udp
GB 142.250.187.225:443 lh3.googleusercontent.com udp
US 8.8.8.8:53 csp.withgoogle.com udp
GB 142.250.187.241:443 csp.withgoogle.com tcp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 241.187.250.142.in-addr.arpa udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.201.106:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 accounts.youtube.com udp
GB 172.217.169.46:443 accounts.youtube.com tcp
GB 142.250.200.46:443 play.google.com udp
GB 142.250.200.46:443 play.google.com tcp
NL 142.250.102.84:443 accounts.google.com udp
US 8.8.8.8:53 csp.yandex.net udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.46:443 play.google.com udp
US 8.8.8.8:53 store.steampowered.com udp
US 8.8.8.8:53 store.akamai.steamstatic.com udp
GB 173.222.211.121:443 store.akamai.steamstatic.com tcp
GB 95.100.245.51:443 store.steampowered.com tcp
GB 95.100.245.51:443 store.steampowered.com tcp
US 8.8.8.8:53 cdn.akamai.steamstatic.com udp
GB 173.222.211.106:443 cdn.akamai.steamstatic.com tcp
US 8.8.8.8:53 api.steampowered.com udp
US 8.8.8.8:53 shared.akamai.steamstatic.com udp
GB 23.214.143.155:443 api.steampowered.com tcp
GB 173.222.211.104:443 shared.akamai.steamstatic.com tcp
GB 173.222.211.104:443 shared.akamai.steamstatic.com tcp
GB 173.222.211.104:443 shared.akamai.steamstatic.com tcp
GB 173.222.211.104:443 shared.akamai.steamstatic.com tcp
GB 173.222.211.104:443 shared.akamai.steamstatic.com tcp
US 8.8.8.8:53 51.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 106.211.222.173.in-addr.arpa udp
US 8.8.8.8:53 104.211.222.173.in-addr.arpa udp
GB 173.222.211.121:443 store.akamai.steamstatic.com tcp
GB 173.222.211.121:443 store.akamai.steamstatic.com tcp
GB 173.222.211.121:443 store.akamai.steamstatic.com tcp
GB 173.222.211.121:443 store.akamai.steamstatic.com tcp
GB 173.222.211.121:443 store.akamai.steamstatic.com tcp
GB 173.222.211.106:443 cdn.akamai.steamstatic.com tcp
GB 173.222.211.106:443 cdn.akamai.steamstatic.com tcp
GB 173.222.211.106:443 cdn.akamai.steamstatic.com tcp
GB 173.222.211.106:443 cdn.akamai.steamstatic.com tcp
GB 173.222.211.106:443 cdn.akamai.steamstatic.com tcp
GB 173.222.211.106:443 cdn.akamai.steamstatic.com tcp
GB 173.222.211.106:443 cdn.akamai.steamstatic.com tcp
US 8.8.8.8:53 cdn.steamstatic.com udp
GB 173.222.211.115:443 cdn.steamstatic.com tcp
US 8.8.8.8:53 r11.o.lencr.org udp
GB 23.200.147.33:80 r11.o.lencr.org tcp
US 8.8.8.8:53 168.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 33.147.200.23.in-addr.arpa udp
GB 173.222.211.115:443 cdn.steamstatic.com tcp
GB 173.222.211.115:443 cdn.steamstatic.com tcp
US 8.8.8.8:53 test.steampowered.com udp
US 8.8.8.8:53 api.steampowered.com udp
GB 173.222.211.154:80 test.steampowered.com tcp
US 8.8.8.8:53 ipv6check-udp.steamserver.net udp
US 8.8.8.8:53 ipv6check-http.steamserver.net udp
US 8.8.8.8:53 154.211.222.173.in-addr.arpa udp
N/A 127.0.0.1:61116 tcp
N/A 127.0.0.1:61115 tcp
US 8.8.8.8:53 api.steampowered.com udp
GB 23.214.143.155:443 api.steampowered.com tcp
GB 162.254.196.67:27017 udp
GB 162.254.196.83:27017 udp
FR 185.25.182.20:27017 udp
FR 185.25.182.52:27018 udp
FR 185.25.182.52:27017 udp
NL 155.133.248.39:27018 udp
NL 155.133.248.39:27017 udp
US 162.254.192.75:27017 udp
US 162.254.192.74:27017 udp
US 162.254.192.74:27018 udp
US 8.8.8.8:53 67.196.254.162.in-addr.arpa udp
US 8.8.8.8:53 83.196.254.162.in-addr.arpa udp
US 8.8.8.8:53 20.182.25.185.in-addr.arpa udp
US 8.8.8.8:53 52.182.25.185.in-addr.arpa udp
US 8.8.8.8:53 39.248.133.155.in-addr.arpa udp
US 8.8.8.8:53 75.192.254.162.in-addr.arpa udp
US 8.8.8.8:53 74.192.254.162.in-addr.arpa udp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.78:443 redirector.gvt1.com tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:53 r1---sn-aigzrnss.gvt1.com udp
US 8.8.8.8:53 r1---sn-aigzrnss.gvt1.com udp
GB 74.125.175.6:443 r1---sn-aigzrnss.gvt1.com udp
US 8.8.4.4:443 dns.google udp
GB 74.125.175.6:443 r1---sn-aigzrnss.gvt1.com tcp
US 8.8.8.8:53 78.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
US 8.8.8.8:53 6.175.125.74.in-addr.arpa udp
DE 185.106.92.124:2007 tcp
DE 185.106.92.124:2007 tcp
DE 185.106.92.124:2007 tcp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:443 dns.google udp
US 8.8.8.8:53 api.steampowered.com udp
US 8.8.8.8:53 ipv6check-udp.steamserver.net udp
US 8.8.8.8:53 api.steampowered.com udp
US 8.8.8.8:53 ipv6check-http.steamserver.net udp
GB 23.214.143.155:443 api.steampowered.com tcp
US 8.8.8.8:53 ext1-seo1.steamserver.net udp
KR 146.66.152.39:27038 ext1-seo1.steamserver.net tcp
KR 146.66.152.39:27025 ext1-seo1.steamserver.net tcp
KR 146.66.152.39:443 ext1-seo1.steamserver.net tcp
US 8.8.8.8:53 ext1-lax1.steamserver.net udp
US 162.254.195.66:27025 ext1-lax1.steamserver.net tcp
US 8.8.8.8:53 123.35.104.34.in-addr.arpa udp
US 162.254.195.66:27023 ext1-lax1.steamserver.net tcp
DE 185.106.92.124:2007 tcp
US 162.254.195.66:443 ext1-lax1.steamserver.net tcp
US 8.8.8.8:53 ext2-sea1.steamserver.net udp
US 8.8.8.8:53 ext1-sea1.steamserver.net udp
US 205.196.6.215:27036 ext2-sea1.steamserver.net tcp
US 205.196.6.214:27029 ext1-sea1.steamserver.net tcp
US 8.8.8.8:53 66.195.254.162.in-addr.arpa udp
US 8.8.8.8:53 39.152.66.146.in-addr.arpa udp
US 205.196.6.215:443 ext2-sea1.steamserver.net tcp
US 8.8.8.8:53 ext1-ord1.steamserver.net udp
US 162.254.193.102:27022 ext1-ord1.steamserver.net tcp
US 8.8.8.8:53 215.6.196.205.in-addr.arpa udp
US 8.8.8.8:53 214.6.196.205.in-addr.arpa udp
US 8.8.8.8:53 102.193.254.162.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 10fa19df148444a77ceec60cabd2ce21
SHA1 685b599c497668166ede4945d8885d204fd8d70f
SHA256 c3b5deb970d0f06a05c8111da90330ffe25da195aafa4e182211669484d1964b
SHA512 3518ce16fef66c59e0bdb772db51aeaa9042c44ca399be61ca3d9979351f93655393236711cf2b1988d5f90a5b9318a7569a8cef3374fc745a8f9aa8323691ef

\??\pipe\LOCAL\crashpad_3760_WGZVWRLCNEECPYXX

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 75c9f57baeefeecd6c184627de951c1e
SHA1 52e0468e13cbfc9f15fc62cc27ce14367a996cff
SHA256 648ba270261690bb792f95d017e134d81a612ef4fc76dc41921c9e5b8f46d98f
SHA512 c4570cc4bb4894de3ecc8eee6cd8bfa5809ea401ceef683557fb170175ff4294cc21cdc6834db4e79e5e82d3bf16105894fff83290d26343423324bc486d4a15

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b5f8bbff1a364e471ff9833d63ec4754
SHA1 278ac57ecfa2fbe4fd833dfd0e3fa2bb01138404
SHA256 9e3d93cd3d6ddec96dff0392348c12063dde968c01c364a9004f059f666bb3e5
SHA512 41d8db9478e2303574a27a273ba5fdb634555a5c441ed762169db7d9f9fdd1097c54e0efa40be08e371fcca9190acc15cbc5b876e4847e13d8ac5d325048e80c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0020c217be3a7c37e90d189ad1f19e9d
SHA1 aa7d2990b0a8f02ffadbb815b93dc70d6a2b9e3a
SHA256 a280266aeaea0254e20f21925449cefd239ad9625745c1417e22b5c92c7536a2
SHA512 0f2aaf434d79c13fa52858a92564e8970eddcfb4d0d44931b4cdaf7072aa43958d056100d6d1c865e9cb18a515a67c1856361b339d63e099d1387167b5c01d0a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6ad7c752f209a6f9722f60cf3b2fb5c8
SHA1 10b97c2d9cb202d0a0f89441a5fb560c161a3dc7
SHA256 c91056e835889447608e815bed92e6cc0de36e0d02b28f800f2283e508752b28
SHA512 d99d9186980c1d6b6bb9643df7854eab514413a55822f25ca73e0227ad3ea6f1d7d3fdda8469e7b928427f6f645490397d525a89f4ae526f21790565bc4d0c3d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 95068a7de5d1a4d7150615317ae9d7af
SHA1 58f422cf29fc5bba3c83dcc629cf378446813685
SHA256 ecaaec646b735929c6a6eb4bdd21375f136705913f6a963b8ba937942fbf3d1b
SHA512 b44c41da25cda889f42379ad2f1f9f72b9bd3eb9c4390f4dc5cf0296a354805765e519f45e96dcf9dd458a789fad6c8ae69c813dc60381a9a5babcae3ff6f6f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 aa5c9ef101e0cca61678dcaed524270e
SHA1 94f9882349038ee458e04301b6ec123b0952860f
SHA256 cf77a8227d134ac5fec1aff2b71ab2d8ff3f89b588639ee06904b6578eabf404
SHA512 81717f814dbccb17f1dab5c07b48c63a43ab326bd764e7ffef704567a99356bdf66bc47e3a06b3cf9ae9c0d09e872d5d7415fff1282d7ef759278832a8fdfe1f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d4de39baacfaf5c5001c9f1e1224984d
SHA1 9764bf6cc3796d2bb732b74f9bcc223fee47cba5
SHA256 1567b62f7d55180dcb889aa0c14bbfe6f6c42a9794b8f5c3566ec5e2b29c7ccb
SHA512 14954ad3c604df9a21ad28f2c683baf92a90612ab552613667f6c08816726dfa53dfff58040c64c374f022b55afe0f8f31ae4bc33ded19869c3fd126b23ac3cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 80b14efe8cf1895ea94a4b1bf3cb3d94
SHA1 5d74e8a6056f4be679e6cb52f59dd537d5c4f2f6
SHA256 4a237d9c4b678e343224e4833c82cea85f8431dc0eda851e63ac865695bdd78f
SHA512 6c1c76a586208b72ea3d02422d7a63fb3e977e39aacdce3ad64a374d5c648d28b9c04c41d9dd0fbee3a658475efb9b47203aa1795ac6c1aa1ee3084c442f1ec1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ac939fa106fb24c87e8074515ebeb4d6
SHA1 e7f7059965338b721bd29bd43bb29ef79975752e
SHA256 f794c5b9ae2957fff1351918838ba8e282916b867581de60a89eeaea2b0ccf5a
SHA512 2c15c66023d67ba852f7d948f906b5ca7c41499d4818b4dc79269180b4575f2399094a4f389d70117bedf07171921bb127821c41ef70e62d4c5c74620f820370

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 a3b575efeeb61af7f50442a795665761
SHA1 4c8fa0ada980d074c417883c0c0d50c79d4a83b0
SHA256 000f21b11d8c3566b44e6e767f9a5dae35384498df096e5167a8784ff2b553aa
SHA512 5b4644fa41f36f1174982c2b3fc59500a1b50d5c450a7ac9452960bb0f061a65fe5165786ff745ec043afbf1049876ebd89aaed9dfbb9fc24cbfd2a8a47e2773

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c32aa325a0df537a3ba1f48bd5b917ae
SHA1 6e5401d9d49ede31f7f9515ff5a3dd26fb72a61a
SHA256 f5903e7473754a76e78866eb683621e1edb174832eb7fdc3453f5762f1e3250d
SHA512 9810dae12bc5f0c220c5d85dc9ef605fd120d86a7dc27dbacc16a61331d0b7408e6aa18bc35cf81b955a2877b49ca0c563d964dbe33710fc1d4fa40f93af92f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1be8892c5c8b9488c00a3495158b2d02
SHA1 60b2ad075530d536f796b8127dc11fc4d7a167ea
SHA256 ebb4c40050d17bf964de2878901ce774e42b48bf40eb0decd0a67686279fb04e
SHA512 f870e0a6f055bb2d1eecb89733a86b09d878ec1085c1064c109a332b9da85e656754f7dd321915810392178ccdcd88bd38534c61fd2368781483de219f915e14

C:\Users\Admin\Downloads\account.rar

MD5 8dd877eea12cf33da45486b32e5f1341
SHA1 02208240a73399b94747ee8b7cfb629acd465e8b
SHA256 7446608dea2e6a679edd8dcac0a447a71ffa2f34992970e603f6c10596fec51f
SHA512 4d124154ac19a8d237e12905c8663519bf2fd217bccd9ebfb5cfdd54092bd1369bd269fa08c2d4fa7ad4465b86fafb4b25dbd6587b4e7b560f5977d46052fc45

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 17819592af6d1a9985946a5e234f4f55
SHA1 9f79f2c192486dbbd3591914d0fe6fad6622bb35
SHA256 4123100499d6374065fa8965a7e9078cd1f317d6bee71e05b6205c263e58d1fc
SHA512 386c1e8a57d331496ff17e0fc58b369db053dd3a87f23aa4fa3918b9c5836dc028ab250f03eb45217da81610db92e3224814758b03b3123bf7ca7bcfa2e19329

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 bc1e876f202db40a4d5ff2115a11c7dd
SHA1 a636d9c5358d99312f27367ce3022b2afd0a8609
SHA256 3d4d43272f20e8f13bb91e17c774e2919d50d12f8b2f0cc702dc526f911c424d
SHA512 36764cd50d51910b76010dd43c06f2da699c50b3c7b6d0c370fadafd65c3c63419f8ff3f1fbe91290d4a40a04e59395b281ce65209c1f1cb83643292330985cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 84f7b00b68db61b5afe158264fd1b866
SHA1 e82ce88a1654486a1ff7b023e009ab011ae02a0b
SHA256 95674d1626e0ff54249c0bfdab8efb4d4272857cdfdadc1f52118a34ae31d935
SHA512 82503de0c14c4de8c800553a2d94af2df35ce4759fdb95df5ef31254804155273bf83474c3e8e4feb19aa1c599c9189d44e7364289a69bc52dcf0e45bfc8764e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 3a3bc0c53bfdca46ccd356881bcd66a1
SHA1 cde52b90b77d2946be53f094605e0700a0bab6ef
SHA256 e2882e9de4132c1146fecc8607a757468f5fc4b86f9f56c7095c559b40e89401
SHA512 d82ffac64ffefdb7c6319b328326feae1816a752b4335623f86565f8350ad195bf85b7927df231826447d859bf50956855229f7bc79ab85df7c025ca1aa754b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e716eb65670b41e3ff377c3799ccdb5b
SHA1 805b7e5dd6801a75b9d57039258bc84e631d86d0
SHA256 3f3bcb129a4442cad18ebff459b3875f74b162e3a61d3c4bab7131760e5f86f1
SHA512 f47425dda834a4a23db2744b0e686fb3c4c81a094b9455be96a901970e30730d75972c872cdb9738fd4b952b59b0b6e22c72189edc78ad19c096499095ae29c1

C:\Users\Admin\AppData\Local\Temp\7zO464316D8\login password.txt

MD5 868b92e1acb592c82b393f113e9154ce
SHA1 b29dbd402abc0496ec836428db72129df4458acd
SHA256 895c5fed02b91b67322d95af100ce8766ccebc1f6721e4c18015bb82c6ad45b1
SHA512 626ead862e666901997cab355237ce59c49a76b1d8862bfa410245012f40cc7bc32b2fe5c1d8307594c1576c3bd25feb508c71d886e491272c2ab874731dc9d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 33d65b93941c9faab7e1b589a58f9015
SHA1 7d9ef21c649c4c1337e3bb2b1ef008a930cff845
SHA256 d592a7a10cbf3e83a160549c938b2a44f2a133fe14d74fc4f7c96de959351e8c
SHA512 0878b6e1bfd87e10fc3362a422bd2ba7ccdafa81a3501f6cb420c5b950455bf652d6e76e722ba4f1704be43446bae60e887ee53e48e54c10e76007847173930f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 b438ef70975614d96730df4056fed25d
SHA1 94b9b3072bd999cd74a1ae3fd7da29467f3bf68a
SHA256 42a604d443bba3f73fe05c9b8123b0a499ff518c47d9b846961e364608db36fc
SHA512 770f3d35a0b26192e001825a8c36405d45a97906a74ed3f1ba95fa5134660f16fb3e7009e480addcee0eabacdca6a403cda0f1fa6b0d49c389485f8b19e5d0ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 21c09169b03cdfe2ee28dfa4e066b1da
SHA1 935b3f96318a79abd5d0c354bb08820bc3baf4b5
SHA256 419851aa0153b1725c7f342d80d2c2938d5d19d380fca949f3c2f8bc2c70a4dc
SHA512 067b86d377a9d3e65068c1cde2fbe1cf31cbdd2881f89e56e75a53763d15cdcbfb8d3ba0454dbf4887e76e9755d8152036d0ae8b2fe16a133a2e8727da873718

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d4b7a5628028a7af2294ee29d08bb4b9
SHA1 4ceec4e8f55ed1273f310310fb9011a0993fcffa
SHA256 508247d9b73137a46e26e261c084125633569d7622e361fec23195027c460b0c
SHA512 f920455ae2eec51980a929a1b80988a6433eaeaf77f7e86c352c2b96c629996d82533339db448318687b79616c3dc38c137e34666f7015fd5ba91ec28d264a7e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9b2c2c66176974443393a59ae2106fc6
SHA1 cbeb63165891b4df0457e2a67b69e8650e58141f
SHA256 3fc0b878eab81fb3b8cc38d029709fc2d1d0c506b5b7580c82d793fa3ac1f275
SHA512 e3f8a9af9999fbcfcffd904fc78c421ca29d725428a722dbe353cf35a66a4f1efce0969b39118cf319877613f823637a75ffc7d3c616680f830edb5cb9989d9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8ee3f6e8177a120e2bc5264051b26c0e
SHA1 9cfa11c89fa1dbb1e38d3d911eb4191e091eb7ee
SHA256 becb29f557ff49aaf6e0748269a1c1ac63d2336ddaec83a08de3e7f9d3bb7831
SHA512 09286b36357a410017328646df5f7f3dd0b6c24f5d2465c2ae32aea6f4ca007f4078602a66023e2303b0ecf20333831a2b5924b2f1aa23091f6e3e89e634eba5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002f

MD5 151fb811968eaf8efb840908b89dc9d4
SHA1 7ec811009fd9b0e6d92d12d78b002275f2f1bee1
SHA256 043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed
SHA512 83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eab386c544b621da35c95deb255cae53
SHA1 3aa49059d9445be8fa29491d4af9bebb3a7d8a05
SHA256 3a0a3a48dce675d18f3b678b6d4c7f8b8bf61b49d8d7f8416f6e698cd8b0d99b
SHA512 3f12f7d13d385391ca7bdf03ad40c85625d2040946fe62f31f5d4c179e2d59aee67fb43805bbf912922a6ddfb480fcde2e19204b1fbbf9e78ea9540374c4e9a3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 59a7f888e0da26036c08c22b236f4981
SHA1 25a9d2869278ccbe63a871bb710ca75395d08d3d
SHA256 c36331d994074f779060db5f94f2d5c193a52a78e0a8307df61e789f141550f0
SHA512 be53ca2f474ff7e02d7c3e08caf10c045fc05a2b385eb1c1256e8471c68666e14d90409e837b3c24e5e5563827c4b727971d36ee4184435469b947d95bfc0cbc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 87096758863b453728326966af12e58c
SHA1 45193b4fdf9dff2586120668de747bb3a6ef81e7
SHA256 5c50411b21ddf1d8c69bb16adb4ed6d5586ef8e3a5756927b050b69db4be1358
SHA512 c94ce69662ed1ed84cbea25adaa5a906fa5f437b7c59aada917907e6d64faf1e30a33f8bad3740f7ca60560227c2852a05eaeaf7bf43e52ab107f7d9086fcaf8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

MD5 ff5f6eb22cad5bfbac357077bc963f07
SHA1 7926b4fc2d292ec4e007bfbfb08b6a1ca93cbdd3
SHA256 aeb909116881e83f54f709a0cdd20f8e70c9d035b76e1e65ffa6f80d739fc523
SHA512 f10efd05b45ef5baca758c2de80c31853b25268264dfddbb0f513d33cb96c91886be7abcf343fbb347318d7df5d437d538821e4bf0ce8d165c9fa7f15840b1a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c4cb6ef14a9fb06543eaeb5428c9a55f
SHA1 a459b74bd9371f11d9b2d0192aefeebe7ef6fff1
SHA256 362216ffbdb7e8bae437c4f974291513cb587168564e2f44223dc98eefa13d38
SHA512 a54bd126132a000de7cb4961005b0bdf0668d11ea73ee48ec800d936cf2a8c9022883ad8e24d84f883e9346ff41cda909c1cf88280e5d23e2933360a71fa26da

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a0226ee2ba66e0d151e7e2ac3acaa9ea
SHA1 5d29a4dd7eef5293d3570ba75cfb1a8f22c018f6
SHA256 cfca1157b6413bb7e08930af13cdfc0d9af6c286cea0fcb749f0a14b56e82546
SHA512 e3f2ca9006aa8df82f2df1b39af45d0661bacdac1291d24eaf7309f5aae074e48cfd06995e6ef991cdf7692f4811b31ce2121affed096647e76e3ee659776bd2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6faefc5f4402aa4ab96c1815b5f1b245
SHA1 a7680d531eb4fb2d2c07fe1bdef8796b35b90aa9
SHA256 4ae80d3a13ea5956f74b8fccbb68d16ac025539250915b8006bfd5a895749147
SHA512 79850c961f6fc879bae4e1e6853e59eae95f9c8c06ff679ecc7009d2b576ab59db57850579bdc7b19917e2704ba7cf4150ae6ecd2aca7d8c00d7e5177f846a93

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5d397e8de71b70f659c9b6fe8f151ee2
SHA1 111e10b4ae4f53d819fdfc54b87f156c17319602
SHA256 cde4021c18adbfb39b3ba03069e8e8655100f066b20f15352be6714250c0a8b8
SHA512 0554570378c0448f7078a91549b61af49991413298fd20b92369186d574cf686742fad177f22fcd17c494807fc777d7fc1ca6e06e0735d28ba40305270240099

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 af8599e69b98e6e6ba5013933dc7ef29
SHA1 17bf4e203090cb1116fcf8a0cb6fff7b8bb09e81
SHA256 d57f5be64706eb87cf2f368f5aa4d8653f91cb2bca7b0840db589302cb008a2c
SHA512 1b5c31cdc805a05e69be8a715bb551d67cbac8bda3ef3c397f51ab1322f462d8e2a76c17d63d11535643c2d1a7c874fc7482ff50c90244209d8d7dd9f68ec027

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fa7bfc4fa4163597def1e966c3246074
SHA1 fa54dd805723c3a34cf81b5305bfcd80abef2729
SHA256 47fde1dac9a22492b9fd4b3867a421d9c8d5ee0ff564d2220b3794c0efd22e4e
SHA512 900836b5d769b0adde9e245f3529fdf93b6118e297e66436469b4c6da6633a0e278480b6101ade1c7eecefd2e7996f0d592e4306b94ed74935a5ab87355b0f62

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dd120c59a97017ea0e216eb81c64b570
SHA1 ee85da98576d83606d4396d79d1f3fdb064f7e5c
SHA256 3e1da6d17d69491496b5b0f538980e520dcfa2d68cb7cbadac986d1013e1bb10
SHA512 54d585924b3af9e796a12fa2303cc73d0c24db3ac77718d853686b2c97ba81fc0f362c34e657c444d927ec2100b083fbae57150e4f3608f3786ec498d9ef225c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e2f6f9d360e47390a6c11f3526ccf96c
SHA1 aa2b6dd2990b65caa913f64067689ff12077aea3
SHA256 728046706204281a5692d8414a41d0c2cb448566448814ac7aab3ede4a79cfd9
SHA512 467a87c290fd0db186df6091dd459e3dacf553a5f7ba71b2cf652d686ff26121bac88d99a44fb1235610cea54600a072818730e4aa04cababd1e14662fb16f41

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005e

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2c364cd4d40815803a7fe4da9b5973f3
SHA1 5868ecc2e7a0551ae563a800ce48ce1ea6066199
SHA256 27cb96b64d0268b578d82331a4ab304a1ab2354dc6acd7d8462ecd333077f43a
SHA512 50625e6b9f722969d93033a0732874694f93766f89e237257fac14b4888b85a3d284dee5992605ca398f5b14a7b3175fb033bcded9e1325652bd9a5ce8a6ec80

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3df4d19ee1ef2b9a337a550b9f16d6d5
SHA1 c6914b2c61e9108f78093fb639d2a01846497fc3
SHA256 6095483e4bbf2a08f003d4f6d8cd2b9ecff41ec152aeb2a88a75abff114696d6
SHA512 71a1ebf9219d844bceb6f8f257b43e55443686528e9e4941574fb86df340c99d31295ac3e3b8239d7ac74d011b9fa6a78973e121b4b2cb31bc1ed3d1462afb58

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f7f61b899f6fb3b1c25fb73b1cabbe55
SHA1 2f430d9c7b67d0bfa652a023845f1ffff63345b6
SHA256 ebef949da69db11389b2c799daf127efcced0616723254dd6a7379158c090dd8
SHA512 d3239594ebe9db4139de17ef095bd2ba528e0b9d6802b95c29d55696331a4de7b29a44a008fa80791249496962bab48a91201b214debf94f8bf3a17032976abc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cf3319ac961adf6c785ef3689245e2f9
SHA1 a3dd2a49524afc2d4a860ea161e8e5da1602f680
SHA256 94b20ce5b7cb1fa1694a8638fd3439e45410c683c64c4e40aa3c004db151de52
SHA512 dcfa9c11622542f4da269e249236eda7c184742e59bb2c57ca3539dd5e145620fa0f32f75779fa04048a3bfe88f82cc6b5ddbace57a4fb6b422b19479072bf7b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 12acd68a336bb3bd0b88f9ff2a4e470d
SHA1 85a346482a3585edea65d2f1a98b9162c64fd7d7
SHA256 fcc4af5d8c438a6291c0ac9eaba6e0fea4f169c0f28d61b22a32f23b2f165c40
SHA512 72ffd19d50820412abff20db12a506120fa1e179c8e023ef8122424ebfa5997a41473a1b3f4f28862276d54c06794a6a959717079ab3716726873a055b08c92f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000056

MD5 11fe2bd17f72a45d1cd89bf71f0e5e7e
SHA1 2d68b5501d8f3d61c2397686201335f58475d720
SHA256 78c7c4c694e28a8281212de0569b96722b2a744a0e20a92cdbd063d97be2b8a5
SHA512 b8866bf645554d436b0cb412ea1b1c0875f4772477ee23d66c72bbb47a890df3d8131dd1488cd37397310c89cb3f195a0bd5327f3ffa82b99ff636c97f4477bb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000057

MD5 dd6f03d55343e68a1d0fa0307c4e105c
SHA1 57170625f96cbc8eded2c7bab025ea5ddbf5944d
SHA256 70366920e774e153b0e8e27e44d0b8c38c5e0d9a5268a6a690c1a7e48ae70c04
SHA512 894fb103f150505c3c8772137f16a2be9974c2beb89b67bbcfa746b3069413f2d1dd8965e9e6fbd3e66b2b0f121aee8c289256d8b22b877ba5a9309bd065f1c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000058

MD5 a20fc700ca55ff938f80ef98929144ce
SHA1 c708826bd7e04d5bfc6d1a8cc69611c0c5f1b051
SHA256 121af2018d0a79d784d2843289f97f2f94fe8eb22e9a8c8fb8043a0a73447864
SHA512 31f1b3688c0d8d150a88b0c37f306bf1f3b7f9be60e6923605a5923a7c5ddff29d4e20912aaf7abbd76bd14efbbd102e79fbf78f5576076d0a14a14cbfa03617

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005a

MD5 4454b808601acb9b42f06a6c9d6aa38f
SHA1 2f47b97df7ccac34fc00e08e8a1b0d8ea65d699a
SHA256 5e6272cd785d401bb0980985b6d0c87a99067247d0a736c80abfda84930908dc
SHA512 eacd4ba1f4fe3b5bd31f009adf267ca627391afd4ced68564b8f5ff5babcaca0c2d9107f3cdc824ee8011ccfd019c0e840db56c4029ffdec0e91e7e5e619e200

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005c

MD5 32aa59d67c37ca25ece65a2edfac7440
SHA1 0a89b4f1fb60dea336c08befccac7cd34ef293e9
SHA256 f555bb9445eae1867d9f2c6c0a9689877e1c68abbceb2440ab63aab819fe3d2b
SHA512 f894a7556c4086be5c3bee1c96e47716da37e7c66bee39a91592554911b8cb97284cdbcbc348eead2e38b9bd8680521c77e9bb7548c85a40e045334b3ccc971e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005d

MD5 3603417e8edf89abcb280ed093acec46
SHA1 34c191ed409713362cf9799cf29ac6609450af61
SHA256 68297e893fe8684197970f2f3950b366fb545385d5418a70e86c395b39b3b90d
SHA512 b89d86c583f9d38d9eea9fe2d5053fe80bfda867e29f70f6be787c4b5dbd97033cc1a9406fbed1474e42cb0336d2faf105c72aa64626027b3c6c3408209e97cf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8814656365e5e1ef8ee3a1eb1a882fa7
SHA1 b40c39aa51ec3017343a7df42a7db49d8a2ba043
SHA256 c96206cacf3c7fc9eee40f201b5b0e23c6513431b283fcc85e5612ae4081d7b6
SHA512 12345491838bb60b8d3ac080ad4240bfb0895a4354337855c96c1e82585b12f1b671811be53e552cc903d09b79dadd3af0ac64e80d032ea35605aa20623fe2fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000069

MD5 c594a826934b9505d591d0f7a7df80b7
SHA1 c04b8637e686f71f3fc46a29a86346ba9b04ae18
SHA256 e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610
SHA512 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\ddaf7a22-24e7-4245-ae69-fd373c620b91.tmp

MD5 1b50c4efed1033890c10b680ce7abca1
SHA1 7678ca42ee01aad3cfc488ef8c4e475b821e5018
SHA256 c31730c433337cce09088e2cc8acdb7fab76de432368f0d33e5ba6e3e49b7daa
SHA512 a7e942861d7d276c900dc834f825e3f45a636a04cb9575d88649d0e1b215dc5f11b83d4574581e3b98b82147ba2430fb7c6ca75c26a7f74dc9e69904b3a56fc4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 af134213749fde9433bd7eddf14edb2d
SHA1 c1b331f5418c248709c1738187ce59ba40055415
SHA256 46bff74e9cf10ee3aa4ebd8c2f454c51a1649f6cb6e0c3200d1fef17e6735f30
SHA512 ba0d4e958e02cbac710986b9e7c4e6bdb2feb89d160f87fd853c7ae8aaa5df0dc9b7dd8153af4d5d3f3995be3a037beb4dded70f385649835b3575eea86931fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0a15d6f03ae13c02800209b55165f4f8
SHA1 abd7764813210db03bf21081a4045339e725ae0e
SHA256 108c2e485e265f414cc0c28020f83b6ff0513dbed86787ee2340257b0f6db8f5
SHA512 c98aee0fbb531c6d36ae1a05e35e6d275da0dcd0404254996d4fcaf8ffb915d583109ec36127afb0883a3d663de7de06ac2309ff7053591ecd4451118226173d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 857e4f11f03b2e7e648717adef0d3abe
SHA1 6a14a39815827fc0a20e5bad7f203a70b3170c72
SHA256 04a3b2f055285d7914d04734d8181e3090e3049304efd8b338a83cb6e7f205ab
SHA512 4d55851d4f782e89c37df494f7cb72184e70268b22a9f66c2b9fd75f62bf10a5db59d37f8e50a6ab91fcac9306718d2f3a69648a31d9205c263dddaf353f23a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a587f94bb073d3c77dd3481ba8664d8e
SHA1 86a73753d4163aa378968303589760ea11dc56b7
SHA256 ae36288858d854ea1b12ef08cd47e6626d25992cbec457a6c8143d54f7fffa1d
SHA512 23d8ec11f23adb369f9c99155ddb95cd98ced3c28978c7069a367b465c9ba923a3c5d7ec67f97c3bac39be813697fd161377771cbe13a63849d7c1bf5b905464

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dad557d9dc72484f7105f308223b9574
SHA1 eb5f443d39f578b346781084d7c1dfbc2f26cc9b
SHA256 1c200c04b15362722f83007f4aeb2001a060fdc48861cf9690c45621bebcbfb7
SHA512 f9c189db5528af28941f539cde8ee86ed0ce4cdfa8765804a656fa8dbdfebfcf589eca9ae7fb588eab30b37676bf97d15d00cfb12cae195dd5eeed24d48aed2a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8dfc473ffffef4bcddf70ed9ef75cbfc
SHA1 399032f855baf6515210a52fff313b3c0400f724
SHA256 4f54a342f36f8d7f7cd8d6b9ac577791999aad6f842c47ab4991995cf42849f3
SHA512 57f1c97ce7b70dea5d2bc3fb4b77eb70dbe5577c674b3276508215d8d11cdfed9365a389345223a4b68a9d8573d6e7b6bc68fb79faa7f968d325ffa8c33ddbe5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 28968d4e778e468683fce2fbc58f4982
SHA1 d7555ad77f6b389b0e9829f19870cfccd29f101f
SHA256 6e143720c5f7044a1b08aebe304b752c3c685b53e4a822a144856c49e7e00d81
SHA512 8d2792a818e53dd3a4e9119055da9684b6d1a2707f42741683f7d5f238d5b26380715a1b4daabd8423aed2eda0cd1820e0c00426a800afacbcf14157fdcb16d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5281ae826631aacdf539fe19cbad08c3
SHA1 0422b82f66495457eb0059157fe1741bf7d7754a
SHA256 8836f8973a4a7b183fc9988961b57e7b5c5134f39349eeaa379bd764662032a9
SHA512 4ecbe035c4d0975ae57bdb99ac829a260ae88056981f2a1d9640d394477ae1860b8e0bde90a09a129ad7938860887b18501621682e3caa8cbb873369e9ba7a65

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004c

MD5 2c10eda69b3fc001a42f139a55943df6
SHA1 7aecc69f744acdca672d38fc7afbd72f82cb53dd
SHA256 1b2a8b84d31774cb1b3c8602aa1ab8aece3a8e4805ab2949df4ee614726af7e4
SHA512 bf83c63b09607e2ff0d2b242b8f91afd34f929c34189e1ef1f035e8e024c48e6daf3deca9beece9c6f491fa4025691b4df50cc5f11ff11908b7f3d73d6a3c5c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000052

MD5 9708742d2d4498168c0fc01551f7c6f2
SHA1 f6ea6f060fa1da24fa0f807d0a4e9998030a5221
SHA256 99360e28070f230fa4457c21b6119c0066337ec9e7577a5009e6ffc322c29662
SHA512 a94f5c363268056354fd3e1a9a57d79404e7d50652c9542f37e840efeb6768e8f785b090a824371a21ab410bd9ba9a2ae29f1b8418cec6b2555fdf7a31f711e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004f

MD5 daf34f81cae9fd2ed4073f049aae4567
SHA1 80342adef76c4cf1bea9feb7f609139d8a395942
SHA256 d5a6acba1a33ca63845a22f380cfc4093939f6d402f984b83f463a6d74fc9a2b
SHA512 dd7d38802c1a51d422dda3ebf34dc10c494b99fe74c4617ec2cf788071e04535de6596e6374667f73a9325aec4b089ffeb83b77c6d48a58f8fd7eeaa898b376b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004e

MD5 a1cea7cf3ddf5d742efcc29fee3c2a50
SHA1 16b8c3b56c96543dd73ce50414867d4a0776780b
SHA256 50a3fbbd5f8d2150c6117d1fc3b89d4c7cd18406e680a0e15d3f471ea2daa72c
SHA512 a735ef81c400dfb9f6d894dab5c31ce07d89e217ef269ad631dd9b023b869cceaf42d5a00242ca07f71e630d966f667c1197d1c8fc88c5c104140e53de65369e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d07e4b935e5afca3f1f73c1707547e80
SHA1 a4ba88b060d6a00f615b7ea8f2e284eed475de20
SHA256 ad8e236c476378757a77816d8bb75dd588896eb752f74527e461d3497d09564c
SHA512 d25d0b5bd101f19abb8558343f255dfda8972d5eea96d4ee4df920845221766d4bb8a1e4bc74dabf53d3e4bc2987216b5b7ebc92d8b58520cb2050227f0f4eeb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\44ebd25acdd6f141_0

MD5 f4e1b84dfb3189efafd181e08d1fd0f3
SHA1 9ada1af4e84c13511925338024b8a9b1d4115537
SHA256 c1abede85cb74de4255f2714b8fce5dece8ba57fcca86bcbaf067bc0a5ad70a0
SHA512 893359ed3ed3fb6c6c72dfdc77d1a9af1e23431b8f6b843afd56bb1980de488a05cfaa6968f0a5571495a028088be974ad3dd5a316d69102068695e230cf1894

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\812b5adab3a9b4c2_0

MD5 cbd9462fd24ccd3cf32ba265609fce35
SHA1 6cb846692fb329281f5ce358d297399e44025324
SHA256 f24d88a3dad60e205965a5c4f3191691ad48467dee7b3c9ffd6ef4deb4cd0b67
SHA512 c7e32b248e0293a0553aa14e0450c8011fea2420a9067302ea6f7d7bf16066fe0bea9f9a4d286d55113880bd50f4e2a58d3d03b33dcff1e2e4155d2264551e46

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\07b305ad0c81b919_0

MD5 5dab7ba500046994dc4e05f89e6b395a
SHA1 25000c5a4c63b910793a1810307223d1d0c2b343
SHA256 97d7790c23f5fe6d8e63ad9013391f105fe3ef9cf3e6c76542868ab8eaff14be
SHA512 6c0c0add81536eec40bda936351c7dd163584408dd86d327025fe9e165e13c2dab632e249dae0116c1edb9e79a8248667df917bb5df9b9ffdbfa0694fcbb9b98

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\54a5adca6a1c6407_0

MD5 401d84361881a61b2fa5f05d2672d4bf
SHA1 f0d846cf0f4b895db0f42af075d0c3db1e353cf4
SHA256 0fb904738ab51918a718d6e36b9174eb1e19ecc46fc941957bdcebccddf5c0dc
SHA512 d1c2c4ec1ffd1545e26e4f32af48bee7b18947540e43cc1bf7cfcfdba5596737bfa4542e4da13ffe4fcd0cda8aa50419d4d539d6cdb7b7a3e561d9e1c1872c6e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e3904d90033a9baf_0

MD5 f6e1d0e9b044ab1a59c82fcee2c6b3fb
SHA1 84fadbf50ce7764bc963c72d07b28d87d95f9fd7
SHA256 07951fb90d9d559991435ce8001969514b7a05b3f8e570a5ac1b98c13303785e
SHA512 d52fcede002b5bd4e68e0542bc4f73f4f6e160c513c85a4ab95f3b088fcae22e2d4a1bcc054722d245c475a7aeb33da19ffa03b4ab69693e7d8f937da94c9ac3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9ae01db7bdde946e_0

MD5 4bd6d986a4de88f261bc3be52f867067
SHA1 fbc2b5ec6d916e3970b306bc479e031965772a54
SHA256 7aa229a94c00b11751c78c9c2ee52ebd2a69a3713fe3ce13b3c57786acb76b63
SHA512 bee48a5d48899ac9c3f4ea7f4937dfeb650cb5da9bbcd57ce9fa7a3ba1b50613897056b2163382ca7a0529c57bdd1cd4bab1f3e887d990a157946b1e5f8344fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cb9788889a7e3b135361c4eece26d97b
SHA1 79f6ecaae8fcdfb8fdedc25f421d1c82e507845b
SHA256 af9cf8bdc063032c6c0433698a141b681558023edce148a8dbf455ad77bf5022
SHA512 36032b2f6c4d6a32da4afb5d7fcd018d6d44022b6c31fd0ada6178e2f68ae412731cbf87d9bd7e85bea8ea6f9b412d372ef94ac83d730fbb29f2e754624e9fd5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ed5ecfb91d068232cd52d5287ccd6c30
SHA1 baec2c19caee80560e06cd49f38587705c701869
SHA256 881dfc57032f753e427dad5470c8ab57c52fad7ceef0a03fc8a44743fe9e345b
SHA512 a33092b45281fc0dd50742f46ba1fd2d1188e35c7bb5514520ae3eb0a62bad415172518bda5ff809ff331f31addd3af11fd7df01eef7fb905b17c00ab262ba29

C:\Users\Admin\Downloads\account\Steam Authenticator\Steam.Desktop.Authenticator.exe

MD5 680bc42863cc9ed0d1d280ba05f5bc7e
SHA1 92b009aaa38c4f81ca042111f3c8cd1d0d3e06e0
SHA256 9299759f6e54266df41e74521aea9a06aa1be98ab94d215b091d8c4f6395850d
SHA512 06bc4286375c9168ed790f926912f0c550f305da004e13cb9a72bb83ff3018f86ed3c4a139be1667f67a2c4c1f5e86ccf95b5ae9cf1eda0b047d1429bf7351f4

memory/2256-2200-0x0000000000470000-0x00000000004D6000-memory.dmp

memory/2256-2201-0x00000000053B0000-0x0000000005954000-memory.dmp

memory/2256-2202-0x0000000004EF0000-0x0000000004F82000-memory.dmp

memory/2256-2203-0x00000000052E0000-0x00000000052EA000-memory.dmp

memory/2256-2204-0x0000000008820000-0x0000000008E38000-memory.dmp

memory/2256-2205-0x0000000008380000-0x000000000848A000-memory.dmp

memory/2256-2206-0x00000000082C0000-0x00000000082D2000-memory.dmp

memory/2256-2207-0x0000000008320000-0x000000000835C000-memory.dmp

memory/2256-2208-0x0000000008490000-0x00000000084DC000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 30ce829e7f72c114d43d6a5b787413c5
SHA1 8290cb4cd100c713ab89415ac1bb66d94c2b5e4e
SHA256 7ea693db05061bb46365be3f8e48855ef2dc281d0b30de8a1ab65bda3ded9ce0
SHA512 737dceeff218e1136db803e982c2c0252ab383e97784539020857a305475db05493e124dd68302eef18065cb9ab7d2c8c5ef9b7c1567500b6a6ac87dd0ec2d78

memory/2256-2218-0x0000000009100000-0x0000000009166000-memory.dmp

memory/2256-2219-0x0000000009430000-0x00000000094A6000-memory.dmp

memory/2256-2220-0x00000000093D0000-0x00000000093EE000-memory.dmp

memory/2256-2222-0x0000000009A00000-0x0000000009BC2000-memory.dmp

memory/2256-2223-0x000000000A1B0000-0x000000000A6DC000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

MD5 d295f5e215b73d1cff02bfaa00d902e8
SHA1 239486dddf950cd28e4303763289fa5add8caa94
SHA256 a780a51ff64a4be230fdb47ea979500a6d66d778400355ed6ee83b8fef31dbc6
SHA512 c83e828aecea8daef281fe5aa039243da4a077152d5ab7ead53ec6dcd9e17403eea50e0873b5e6c8096228adb936754bec392d2af3b8743752cb0512a3658d3c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data

MD5 fb74a01ffd05c2e4ec63a0614971480e
SHA1 5e38d92f26e2757bbcbbb2a0fd772bdfaf891cfa
SHA256 87f3980b17cd4b279e04f19f1d0ab1ee6b76a7e968d5484597b0ddef031e9f82
SHA512 f8d8d9eaf60d1fd91d519de5e9ad314b9affc1f0fa83a0de5fd84a8638f691cdaa77a4077d5482546f8da8574b1df5f195d95a241f131ea2719abb82452d6da9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies

MD5 713596f66ce7edd0f77b72daa6c8a3b1
SHA1 e81245dc3878fcf4f7e4c7be169421eee32b6154
SHA256 92f47a2792390e53926b2b7c979530801574dd2dd2ed6e38f40f278c36b35029
SHA512 79090576a326b35873304386f52aadbd1238f871471302ae5cb7e021f3f87a90cf466e2ab8a1ca7109a30800a9e85a714e8778f5be3cac90a04c953f05e9aa1f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

MD5 73c08fd600476cfdc1e7eaedc665820c
SHA1 a7060c644f2bfc12000cf0542faa00056747a98e
SHA256 2d87ff773146e05906bddd44ad92604ed73ab9099c651c67f8399bb1b7572984
SHA512 2d3cf8279e95bad4ced8c1d232362591875fe47975411a84612ff4ad37c1c412ac3f9b80724ba89986497ec04b8e7252cb8e13b8de425465c35803cd9ce811f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 15261f2a58ffc0a4a813a3ae3b5ef3d8
SHA1 e43af54c1fb7999a263555185a8c9c57cc9963fe
SHA256 623139cebd2bda8088d72d5bfcd4658c0276fe06de290f2df64d32fc0691ece5
SHA512 855ebabe3064b60249b5f82e6ddb4906189ad42832fe2c9945d5046f2ad598d9bba9517993526429fe2e3a55acd996b9de3b0884c7da3e2dc525d0ca9fb52695

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

MD5 aee681b93049d5395ae95247edf79ce7
SHA1 b13fdb26422c147543704b9bf31d75795a50642b
SHA256 b2d8575e52027651adb619b5cdd60d275b9728cb55fcb4d7611dca4d530a44b7
SHA512 22cef09763dacadbe447112b8e672ed656c5f7b5d0eaa634798caf188042cd747127b562f9501ad12b89ce5872e2dfc1589fd03e12f8ebb91f70b68cacbb6d5a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

MD5 fe18eb1b0c9e3fdbbda423c07c50716e
SHA1 45765cf7eb24449a1bec4f7c32bdcb64d54f98bf
SHA256 e47b3a009f07f47c97f4ffe3d6545e199c09189ecad49ed1b161c1685105a47d
SHA512 89237c1b17e072b3205f86d9c41c956ac553315c920d87547cc8955ce32216f700f62b8ee845ddfc95be328c4cb247b33f3c5cc3a04f81b6b7e187797b17ddce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

MD5 8ae956f57c2aab2aed8afdaea55a7d61
SHA1 129532e5b3899376720b8443d91207b7cb832f08
SHA256 2f506cc504ef56a020c14b55e781f64fd367e2c3311f622340b6277aa47a67db
SHA512 274ccdab5dd2128473602b7c015d7ca7c3b9d77046ffa6ac7dd197f11a676502f3826ec305e0156b1df77bb63cc5163614fc5ecc9210c0e2c4684fae6e0dde8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 5a018480a948072f5af0733252ab7a6d
SHA1 686d498741978256a996970d9c8948d54e27446f
SHA256 273ad1c86e457dafde2c81e56a08f2f8b005110a5e11508707db9e72a95955d0
SHA512 6d9e07479be89c2f868624de992c3c83f0704e406d8478a9d1d01ff8bbab1b22b7b5672927881050e1e3bf6bb52964935d04f212aa5a9eff3d72d4dfa1688ceb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

MD5 fb7f959dd9be7bb8809478e73406cc8d
SHA1 4f36198d8f82baaed6bcb0c51caef53aeb7db489
SHA256 90a7cbea634cc91ee7e6098d41245b5fbf947aa173cd30a8ba34c2a22463ecd9
SHA512 5b7c5dbd12508719ffbb5ef7d7439a8c33ee50ef8483a71a20436d8e4d575248a79a300e5d8eda2a547191ea1c3d5678b3caed91c6e20657455418e7ae32fdaa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

MD5 2c4236eff8f1e095ad79b69508fc842b
SHA1 378a22b3f73b3844fdbb4e66b37fcad2aab13a22
SHA256 c907155afcfb07f8b2263535af3f652d1fb477861b27d6b22056cc8b7cfc2f6d
SHA512 a50ba717cfda96307a54ad767d2dc80b7bd1d21ff1e15267bd282c24ace8e3e77dfd181b757a3bed007f0ff854515e61a729adc2ca5e631dd49c242e3e51b38e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

MD5 040b47cfbeb783c1bef535d23547c544
SHA1 cf764af9c4471f4942b4743cf983ff20027d7e19
SHA256 2d1245bde5278ebaeb52d5c4d12780434f218c79a8e5eafd3a1a2ef6b17162c8
SHA512 c9d02ef3e9aa088e3540798a39481fdf1455e300c363c2969a72a589a35d5145fdffc96701e32646f483c8078e33e55d6b0aed7537db053dba0385cd4b656abd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

MD5 2e1cbd3f429cafe49c2fe26f60d8102b
SHA1 3ab41be4c84ce15d5288b9825af04c748fc6c088
SHA256 e8417174cd04e507d7307e837b5f7d3aa80d493a9b3ea7249a1c41dfeb05db98
SHA512 43f2a49eb56cbf37b79e9d2f786de1dde94d25e7c23adf008b8f726c6c31eb6bc6e6c134193dbfe867dd95e71346e1e976ebb510d55c1d8ee316b65803004a57

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

MD5 842b90afa0623b3ca03c2dd440c6f65e
SHA1 db05c41c0a8fe7c6d7e702d5ea3f391902520ae0
SHA256 6fa6a05d23f56c550864cc33b7e217ecc2ddd34f49b27263e2b5d4a63dc394f6
SHA512 587ef1955bb88710f098181fa61ce37abb5a84cdac3c4f041009f29bc9797d82e3426bac5531c91712bab5392fc1838de7bffbf1d75643e4c8af43e76201e619

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

MD5 b444cca0e349b8b26d9660617377845f
SHA1 0798159fa8bcc33f41ae5d39f05d1cf6053b762f
SHA256 6de5e693e698af5a46e4e6276bfa5a5ffdb9722289ef43d7f58b86d3caa28768
SHA512 0760b59b81c1c5d09f51898394f2adafb00e528706e74973c379cd870904fcbf003f561b6e1a9bd78abeb545eea939f5c9a8abf00f8bc06a1ddf0b09c70701ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db-journal

MD5 b022c203e3a82ce954ccb4d8499bf227
SHA1 77ca9ca60318855911ef41f4316a16f907bdb7e1
SHA256 ba3b7f69ea4a214c1bd30cb65639b3489636d95a3a2808bdb7de786fa65415c4
SHA512 8bf48c9ede72123e2a9dff1b2b8bb913f0f308efeb2f32087ad5fb50630459982a165dc4012df04eff5ae7785836a2372c921f59950393e7271cfae2fcf15442

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db

MD5 6871e305f0344c2b62fa58c9066ff3f9
SHA1 ea204bff9834cc8fd6d8257b439400cef4589bc1
SHA256 64a4e975c7b61914dec1aa34b0ea81c548051a1dc11bf885948bc37bc48957a8
SHA512 a8d73021530adc0604983b73e2e5cfe125267069f0842ff64e6a58cc9a398f3fc467edfb8e0e5da14e50b34c8ba25b7f521c834d0027ae083432bc847a5353d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

MD5 aaa1d3398c11429309df446cc70a4b24
SHA1 426037d880450cfe67c0db4e8836d8cf67c3af33
SHA256 d3c5bb416732a0643cb435ce980e4cf7ed0d96375d6d1d866565ffa4cf5f4e31
SHA512 5400a74ad59ee80e11b97e884bedee53af567520b807e4c3c43b68446bb495a967e22838aeee4bfbf02486ec5abfb2e821c5165ab2b894a54e0d7eb70c7355a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\6e81b60a-6e06-40ae-9d50-2f3c0d1da3ac.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e3dad8f64d8dc377e7d884a0f3760d32
SHA1 fd457beca72e1e75bee255da58ec778a11c4cee6
SHA256 c76951c1b9d65c085fc982150c984a7226dfe04931dc680637049629e2d049f7
SHA512 fd1ff454f1a010bf1a7fc0ee5ef9be8c0557ee59b66fc3e2647018e7f0cf2e948a6bbed3f95d780b2d8348296909386445ce11501e3eda941a0bd9f58e9d0757

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\9a8e148a-8a4c-47bb-b870-e8ceadf478d1.tmp

MD5 cf7da38e2b89d6f997ec2afe38e74f50
SHA1 9e760aca38adc29e00d9d9fca7bd16c68c5ea30a
SHA256 2cdf6088d077368a8ef1aa24aa43b5f32f308368298c54074d920a6ef3d1a040
SHA512 c09b33713b8b698f744baf8b1cbb7ce9268a91feb96da0fe47870aa91e0c590028e4dc4e9132a290127c21fcb103215c7cf3b3212a0ccf3b5f2ea23f103ccf84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 92c1f74e4a91c4ca8de5564cd33fd710
SHA1 ac7363972af5594a758cdaf4f6385091a25f2ca1
SHA256 b7f8bd34a858f0650ed0b04b6ad38714a27b4b2037212350db89b426d97d8e10
SHA512 44f9c1d1eb86d2aa8e2bf17bb8943e2a8008bd55750bf9f490894f67c15dfb9c2ed248d9ddc25454dfb196ec3a6158cfeca61916b722fa35d59e565494fc1b34

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cc9352b0acd513e42f7fb7ab08f2accc
SHA1 9bb4fd01f7ec4719583a52521ab863c25e5d6bd1
SHA256 7539fae14423f81538e8ea62db334fcf1fc3cc9c9ab988785ff103f1d2cc2576
SHA512 235f2a15fbd6a8518851c54f8cbd9bb18706e4a6c6c43af17b639d684d8861e83f78c61ad49c55a1cd2965c8cde674df2ecd876950740547c434e6259477bd4c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 150a1164d681f3d7b0e73f2cf317f6f2
SHA1 0406c6930acf0f4802f1e98bfe6b6fb19d191257
SHA256 e3445b3cb0a8da2efb85114aba3f641d0de5504f9cfaefc8f64b63ef2ae9ca7a
SHA512 7dc88827f4d6ab7424d6b4bf2411b5830af89d86e7369ebeaaad0c850b0789057bc9d5c5cddd0afb319f6d9687795bd8b3e8d8144f5faec622a0ced9cc3ceb6d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 856c5411bee09b5e8499f765ca188be4
SHA1 54c28736f70f96dab54dbdfd70d6026b6e7864f9
SHA256 bd039d40ad366223686883532d9ecf7e9771f79d987597f19441061cd79f345c
SHA512 c610ddfc0e5147c792979d752375d6e28bf3f4868debbbe77eaa8c2aada03e056e5ce118c65caa825d65104c45c74fd0ec1950d38c40b3c11f8a3d6ae4aff5ab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c102b3d7e59c299aca899ec71f62b8be
SHA1 8142e9c29a5dbc3dd0575d93d8fcd02f283abd8f
SHA256 3ad1ba66d52716a3dc91591f764f9b4f06fc95a4a2d8751cdd0366ef22909504
SHA512 ca06d873207a1eb97fe89e8f8078b3197e0f1a70d33774cc97dea24f95f119c0f9c98dc39cde633db4a320430242172b12337d849e96be9337ff7c73812e809f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6879b29c369e76b441b54d4f6d9c2e72
SHA1 36aa7f74274c44e6ce0af3532ae2fc653bf33106
SHA256 501eace4d5f07e45f583c473c833ff3e4d8f3c976cf444b770cc45f726ed9815
SHA512 74c3dd7c17cbd89b53144f995f1e97c71880f31651d885064bf1b9d6796afedc29e2efde69ccf44232e7f3d970f3d3582560fa363559fc0899bdbb6bbbb42e71

memory/4964-2610-0x0000000000130000-0x0000000000198000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\tmpD290.tmp

MD5 a3c517376703ce5ed1dc2a93fddaa50b
SHA1 f889bc8eacb08530ab4c41e44244f81947786951
SHA256 2bdd761bb114bb75552c614cdf02952be330ffe1d839618e44d84842931ad408
SHA512 64a4a9a3e34f5dc094381e27392906d66041cfbd5deeb67f9015e5634b854bbe15fa3592b07b46426e0f934685eadaf399b648dd4ea9a6f316e2a5239cfcca7d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 2392f503330d556dcd41ba999f3a2dc3
SHA1 360bfddb5c58926835ab5cafec1971bb3f9db2ac
SHA256 0013c893084b244bdeb61c3127e835013beb9abc768c4ad3606a508d69edcf85
SHA512 9ac035f90e08ab93cb1631f10b1a797e0b36be3d921b40f58654b21644b27e45da1392215dad2d0204befc054ec6718344d9436f573908bb1676c0de1dc4bafb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 33dd44c57ab55703a9702397fd5aff5d
SHA1 5f8f9fef0b1754950d76ad5c4fa6c9b25ae93694
SHA256 ee29cee3b6d1f20fd996508d5ade644a16ee1a62f61ef931765169ed80c65f00
SHA512 3fa6590c0afc14adb3d4fcfcdab3583287ac990eafbdcae15d20c62aa15fc80a77f0e705af3dec3806aa5481e97fc5a95892c4f513d8b9897b4f8a3b799b2665

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e49aea3a3f1836f136e272b888562c87
SHA1 8d98c4213e2852ef0154a5b628d36d3e996fd0be
SHA256 fc4523c0d73352093dca21c30d33ef9d5be21f497ee49d3ad79267662378d646
SHA512 8d0518f0d613d04b257d946035862bf57337511d85096da5f502fe89a6bb230dc2ae7d8ef64b35d88d7b6cd1acf06f6faf803e9133f09dc27d1001d56b1d56d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 fc726a3147e16c93b7a226172250ea2e
SHA1 290e6b4dc87a56b94f2690695f8e3b6e86089333
SHA256 b61eff0265795ff86243c5cee679d1f308e0ea617c22616da42f107e92935372
SHA512 301ebe5ef026d3d2223ff56c50ba8b0a4703c65b21e4e055f30096d7bac322d87b46c6e31bee49370cc37de32166999d3ceb991b97afc35bcd5e9ea1744f7bac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6a894fa5abb8173557ea7e3f42874a07
SHA1 1d0699c5833efcf5ab380e61a6cfef82896f2c0d
SHA256 e2597b70ae42e11e3d6961866f422605299e11e96a0eeb4f8c5784807e0ae330
SHA512 0eae5b46a9bec0af0926c23f259a9e0cd49b1337d5a1ce0537958dce734e655099396c1a43232aba75e2256d324d39a70301776b77a99d9464152ea9d11f64ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b3bfe2efa653501c4daec88721e3ad08
SHA1 dc741bb0ca6ca5e835243cfa340759dfdf6e11d6
SHA256 72640381ae81e234ae827d223b16fd219368056522ec1fe7477ea513f2a95c4b
SHA512 4b5065f914f08294997fa1c0f1383ec5e91362716f81586e01491144c0a139bb5aa86699acd51fa227aae6f0a5f80a559573cf7eeea3b1d19449b40f221c9fcd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a0e745a854031d05f753febfa02ff298
SHA1 b9822fc79d96dbc42929e0a3fc4b68522507925b
SHA256 e2a8b35599123065f757dc3463bd30ac9bcd1ad88eb9abfbddc9cfe59b6d2a47
SHA512 764c84a24f0309b0222effa2f87f83c888110e2af132599f1520bcf32f48027ca0b6c9db2e466fcf66c4e44468d29fe318607ee0bc6e7e31dd11c74e59cf7e9e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 efaf30981ea14206dcf2c9f881446053
SHA1 0350c903323ff47fec4b9ca72e894cff6e3f6372
SHA256 dda67c198475b7d39805440f87043169a573823a188b70d830c96022b902c5a5
SHA512 dc671262019a7c43041f7cd23d9698b5e0398ca1c9504c730cbed2c2d1427506f6c78aeceacd65e2977d1f4f264c50749492181ff5d5735a2676c538eda6616a

memory/444-2792-0x0000000007EA0000-0x0000000007EEC000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b728f6e01a75b0fcdee83f119245bda8
SHA1 b08cb28d92e31ab05cc8c0c6d59daf3643b0db17
SHA256 48ad58847cd8fcc41d4cc2bc6f6039792dd627c4d4a3026049a91ee00d49e27b
SHA512 0de971acd1e46565a8b99188399fd7eeb207cc8844535b832756925873055242d086cd0450b3892c780303b536e651fb0043ed1fae9ad31c35139805e4a2ed8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cb607e482122e460dcc390a602322c9b
SHA1 b6b2927a91833c253fd2d2e661705f4673c6f134
SHA256 8cc63c4f073b2f6b6b7fa7c3d545fa9acdcb0349e52cdb3033b6f3a35ea0556b
SHA512 1a5cd6be49596ae6d6e9ab8623b0b460a28b47d674f24001fdf0709dd13bea999cdcae1787534f4b034038f878f9c77d190dadadef5cc61941cb1ffe6cd81f1e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2c335841aa3e898db9ff3e7bfbe7c48e
SHA1 4cced4c04e9f175f6ffbd4e8d54a8ee488043b37
SHA256 8e0d50841b1c01674bf96818692065f29955d58a99407c285bc93e8d9d5c111b
SHA512 bf626af5391fceb3333030640e3e7bf3bc9c5891b6eb8e07c5d83d343b4e8c0e96a5794fe505b9d8b0c6a0bde980580e1351b4db16c5ae428b488ea1513ead40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6f99e8571335b3c2cd2866022c0354ce
SHA1 b7b39a0d73a98ae514912df11ccb76410ba1bcc4
SHA256 68e4f583a63cf16d7146e1849b2e018b4705185e1339f8fcda3203d669d829ad
SHA512 61f6295cdb51bb1056a32980973777ca4878b2c50e7b470ce4e036afe637bad2046b357357f53e697e291faa772700b082834e7cb88d49d2926d1ca24dfaf4e0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 5212a82fcea6389dccf3259d536467ed
SHA1 dbd929689208a565c0def12a6cce98c664d4b151
SHA256 fc9b43e009f24f12348fe46a4c4e45478df9beb6220fcc3022a31bf173c43a0e
SHA512 421c0a77613825f84d187844698f1ac8887abfbc2f2d1c917cbc76a04d323bd442e2833b6aea84bcee498047aaef7168d6c36e9184b82846f4d41b5c9c65b598

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 aeefbd3ab855a9f3fcd096a3686cbd13
SHA1 09e04197a3f491ea8712d7cd04c2f3e63b9f144c
SHA256 4e15a209468f68f13a7c58544615d286d613f33189cbfb64712af321bc6c2d21
SHA512 d5de1566b5f7ca3fbe82cbdce8f9c4d5accb3f30167d64bf1c930d9f9237ea9a73b5f4e40493a4302dae367a128c984a7a28674ccd35f049b4b6d2c185a3e948

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 da659f02fa33fad5ba849d5ad7338bb3
SHA1 8a9bf17dc3295e4e590bb95b1cf628145642a118
SHA256 d4d8c20fdc63f4a76dbba77ec445e120f14d4285b93c4e19d49fbcbd46f71b3c
SHA512 ab2be127d1fdb0ce5a6f5ff23fa867939ff806b183ac2a3a83f7bcdd7a81e6400c5611d6cb1f3eb2c09a597c5dccad27adb435271de47b9da6880cfcd1862eb5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\Paths\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fbaca0f408012e3735f6223485d71e8c
SHA1 f0da0ff5af0062feb3018538f10492d4a4287179
SHA256 51406c5d3c3d16403c6a972506938625c174818e6e2d54ec5bf3f0441a7d705a
SHA512 06bb8d99ce7dc4d540b1a2dbec8cc6536bc24d9960fc98be5f41b681b36fe922fa9d1144eed99c833b987098b761efe4eddc9ea8cdfe4a4c9b314c295a688f05

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 36c26a5e8985c293dd13588f0c5ca620
SHA1 b8a8a003c02ec8fc4944ff29616e0aa64e374afd
SHA256 0b05d43bc34ae042319b3ae07e322400077c406d51c20203a02b5957f42c8553
SHA512 b85fc815759f5699ade02d3932e5510ccbed2dcf878a325e2c3cdda56ed748590699db42ef2d0fca9750b91fc8f4e1c087ea08177513e269eb50347fd1ff9129

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9c203b393ad521f786ae0efdd9cbbd93
SHA1 df38840c8c03deb4b895eb2d85a758f8618fd19b
SHA256 ccc794b5471fbc0f573314a43024b631739a355d270f9f836cc6432f4aa94a26
SHA512 402f9afe5f89304becf91aa23ed24bc1f39301450813d1f03ecfd4025c4ebf5226fd393a168ea8fc4cb4bda2aee8f51ba76441b74b614ce86d1b9ae0ec03a743

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 42335cda850820c629bf2c735e1dfb16
SHA1 7118ac46e842ef63468bafae21c76d6ee0531c59
SHA256 157467b8307283fee18dc138742b61f872573c4118f1fbb84e679de78a9e52b5
SHA512 8574d00852513c774dbaa83ef7a717ac1cdb0a0ff038ddbcc7a1069038f150c9d6998f6b5ee2c75217c5f2236d5c81fce1a5756dc1ff837fde3c3f374dbf5d7d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 375f8452559259e067e078795243ca42
SHA1 95fde8b7444f7499ec05011f3a248b32ec039c41
SHA256 0d64e06221055990ebc1ecc1edc49b1c94996967ced5951b312bf6af8f0c734a
SHA512 39848d2153d3913b11d186f5c3b16d74ac8c54557c4e8fb5cb7af99ca84c0a72f16f228ff1afdc56dcb7f29a12cf3069c53f4cfef11f4a97f7e60c37f6eae382

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe6237b4.TMP

MD5 1c6b2cfe6719b83c4568f2914590548b
SHA1 62bfd81515fb15256f3d7923a2e80fd8762b0ec6
SHA256 21ce0be500826b570cfa4bbd1e7dbe39b75fc77fb398a0b938ed55039875f78f
SHA512 9a29891f9a560bb02be1a9b70888052521aa0b183c1fda44989e3f76386c4aa06fe76942b9357d07825cdadfe8203e064dc5f98ad62f91c9b6b2699555f41ecf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 40b821b9726c4e150fb58550889c3bf6
SHA1 c476c75d04782b1eebba92adcaf14190a023c196
SHA256 e749a4e94d05e0f24157642aac75aba18f64fa26131b39d55104d0f4c0dcb3d6
SHA512 5feffc211845635de09341384c04611cdfb9a47c8ebc0b08b4554a2bcd423beb0239105a3793f8ff686e6aad4a0de138e11848d1690158fb71dc582ab9b82c79

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bab7171393540419dcca3512f885ac8e
SHA1 5689eaf0b953d573164e1789353ebed438290031
SHA256 9bd456e68f81ba336d4f9cc4c8fb895b48436d3890842e3618b464169671feb3
SHA512 37006f4c072ddb47a23f047861007dab56f2f621d8c333cc03fdf30628ac02e267b8d96d3b3186f00867e26743fe7102d6c59a1f7099b412262caa1f683f1b47

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3b3862c6d28a477b6d0a77c5e2e61bb6
SHA1 df7e43a5f8fd36d8ae78e4b2399a5ab60b69b4d9
SHA256 a6cf0c06521861c240c06e5718e71ce2a70439b84b8431253571d145e7dca6e3
SHA512 8a20be58d8cd2a639d640f9eb9d2592321d0ff41fe3f26d886e5f1df40e9bd5926547a41159cee4e5889a52e3bf7126f3f7faea9081a752f69e154612fe1a949

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fa

MD5 c80a1a647ab4e1657eeb5a402c7c60a1
SHA1 3c1f626550b2f922e6bef9be6f1738f6e7ef11bb
SHA256 0e87f225784bcdfbaf45a6c0b702e1a98da24570580d93987e244335e01fc287
SHA512 e65006970565c53c02e6482ad142c9d045f74621f319068d4ff0a043628ad5a29233c2b61b7230605bfde17c78593129c995cf9568ed1a870725de814ed12a58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fc

MD5 a3da8da561a251112656f943421ba226
SHA1 68c5d2d12c743d3f5294ba0172243459d446c0d1
SHA256 d371e8f7c11bd31b51b2b367b20df41d4917ee23d6bdd4a7a95ad1a5473386df
SHA512 d5dd5f64a8b5d193e64d1d85a50b658f51e6b9f27c6259d89d20ec22ad292152266fd99aa7682d163b4d00286d53d149e15266d5e3e0f74934cb2e560c1a0294

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bd3c2fe68079828b7905b01f455dc04c
SHA1 2d72fadeb83e18ab9f42d28211b8e3786c25010d
SHA256 ebd4f3d7daf8b5690193e16abde25d66c5952f53f7b0d078a84a80bbae399040
SHA512 a6ddc5775bd03811346d7bbd4a1b6c873b8eccee6f9d58b31f012621ecd9cf0461d87983dd0b16ef2205083927541e7c6319f6d71fff30153661cb50744244fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d9fd00d8394f1f2ab9749ff4cfd19957
SHA1 181a14fd01ff89c10f94fa29b24ebed76e6629e7
SHA256 122484dff4ca41e9b4e407c2c90e05bc3b13143f2f25de2a53b94c135c815faf
SHA512 891c4a9aa0d8eb4225220efbd393f09d3ed4f6dfbf5416139b187fbe4f532be209d57cd3b243c88d813cee9338113e6e7abd9481fd154128d750e066e855b8f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 5e19bbe8f0127e14b8251024d837d3f2
SHA1 055f3a0d4ec23307e6d1ebb7b4e32975d97bfee0
SHA256 3edc350af1dfbad3f82eaaa65b9e9248824168c7609659c63ae8ff6c53db360e
SHA512 8574ee14a58267e74a31e2e144c07a6a694a43d3e9f776a929c6e70fd573f478432d4a6d51f07279b63f7a6bcb649ca9903dd7bbf3895e1e4e23f040202ed6bd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00010a

MD5 015c126a3520c9a8f6a27979d0266e96
SHA1 2acf956561d44434a6d84204670cf849d3215d5f
SHA256 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
SHA512 02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 80bf8a69006c82e7991d3780b2d3ce3f
SHA1 3236e11448baded544cdf03837bf8468fd498278
SHA256 37cef90250f48d646aeeb6ea564435e93f86320f7d751a9e72b79e8f80612044
SHA512 6ab2c8d7bf513264e12f2721e04191e72332ad22272dae9ae3e210ac4d0d96fce9960171f99f5465ef899d8cc8feb098ec9cb2df46e4362d781d3cb4d59cbd1f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bb409e8683ad455087ed568b7a83188e
SHA1 a6153a025c0dd19a1f3dca9f0239e7d949341b5a
SHA256 1353c598c3dfc7fd2888cdcc12d1f725ae818f24d420f972416ddce69c6a2ffc
SHA512 6de22b7f99beaf95b6525a93fe0cb4cf6cae877ff41f9d7e241e44497c53352d7063e4fcc8a2cd777af0babd350e03225bbf5857af945ccd3468b7123e8e25d5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 81c4eaa005b1c41e9553f4b325708641
SHA1 fd3a8e3fa4a26bf9c3e4b132e19fabe4da805ffb
SHA256 ee37243d761bd7242b02ee398de5147fa2dd5f276af67b1ca96f2649a8d2cfdd
SHA512 f892083c2ab954cc6ca5e3af4555ce661fcdf42e1e09a275252b1e0a5cafb7951ac57f9fb4e9d10da3d388b67a1c67a91df915d9243246a7dae735bc8c0e5284

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 259a8fc66c6afa178a5ec6d505a9a594
SHA1 5de857eac8ca511287265efbbc385957eebcc670
SHA256 4d398cd89f39398297ab3c29d27776cede96f87087f5519d323b97c2c67eff87
SHA512 91956d7d97f377f3605dec1517d9dfbc22b3264895e408aac0b5791910017a238cf4c7ac3d360dc1a9d914bc27760277b6616356226e6b1c871fe01988eb4982

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f98fb632f0ec23c94a4bff724107f59e
SHA1 e3d129dea6297f0b6baaf02f026a2e6dbf843505
SHA256 6a4728e42e2a821753fa486731c23e1e260b5803abda6ad5b5d452cf70783615
SHA512 c220f84ca1db8b92e5c7fc176a483386d816634482f4b19bb10d675eec0522bc584cd64db9dca173f76ac2c270e5114d13f0c63130a2c37b5c1d09e17f8cc6ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eba7e014028025ef71160faa0cbddab6
SHA1 bb14a43c4ffc80c293717a7c81694914aacd7527
SHA256 a37ec5da5f90c4cb0935834cda71753187aafb8d79c2297308d3fa0d550b32f3
SHA512 2b9069833d6258b33caf21b47bd2085195831b767b19346774e1a05ee97da1f7b601b208adb2706016d7e0d9728126de622f3fc98f4fbe03cd045b9b28d5e46b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a3c5f12dbeec0415db0d95ef07520a47
SHA1 4c76c3dbb76af7a6063f093dab55dc9b9246535f
SHA256 f3fe30d8837bab3795a59154975aa4cacaae4faa31a6d32a547052448d3a22d9
SHA512 c8e10871eb3a1cc4d5602874268c22486bbcff72b2745907f215dcc5fdd83139ff9b4548a88c31b94b84692de725d5c540bcf3cdfd0a2138646b5ae1c6179c7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 418b4ea6c0794ff41baf2f11775f6944
SHA1 74f655f89efd291fa62b37db664e84cd9b280e11
SHA256 ef291febb7282793440133b5effeffe177717f6c821f728af8b55800cbb6ae65
SHA512 2e288bb4c722b0352ec52708a52f0ae57df750175329d9a3bb9621a5a015a5dca92d9be319752d1136030a657bb3b8382b119d2626bf89f20cf7b0dfa4ad7f2a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e2b56095411f952f374a16e87404a3e0
SHA1 18f2f096e793bcb57919bc932be9f1db771ddc54
SHA256 072a1d370a640c78e8589059850873c0d003b4e5e419e96e67b652bd1db24f0c
SHA512 60eb4ab049627b8c676943e8052363ed40cdf730c860d5acf09e446790d2c48670e27fc7ea0641ac369797f2f2cacc4398c28eaeb9eb7776993efcac58b25019

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c5bf210242c7eb5cd5265b541e6dcabf
SHA1 34e91b2f0554b2893e93fec4b9f69495d71fe4ca
SHA256 1ce61f650964bb9908248bb9c54f236dd1489c06643706ae232f57f6bbd51c7c
SHA512 3c9cfd44fd8898c25d584dc1ec9694c0d5646878c9549b507ff9aeab7dd35e939f26b81d667bfd3dcc588d5cd003e5965cef7f8119be8c7e11ef59dfa361c2c5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 880ed3cf9ee760b032f780c11a178547
SHA1 de191f2f9c42118e7515cfdd9c40798bd5606f22
SHA256 a9964b2e69eb44704b08226fd7f94ba26ea78905397ff2c5acf88086fe776cba
SHA512 26bcd7bd05fc44ab1e47a1bed45526a487b5aed7bca8895efae439082b2064f403771781b3ae8d3168a33553cd0445af7682feb872f993c62c5acb5f977a0c81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00012c

MD5 92225162bd35f782dbffb0a9d2955f01
SHA1 cca6c6f99993cd9f4c23268835cf4af9a7d1a265
SHA256 2c5edcb166af592350c87973d54404b6e8c6fb3244d134e107dee2c9628f5b43
SHA512 cc70f6b506547685cd17afd44d39714770a8a44ffefa3f2a774af410f086fed51be0559069974daea1bb32a253adda091dd7cf22ca27851d9fb649591a4a68cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 86dcd974aa76b828ea9bcb5a0d642d82
SHA1 7e4744ddaae89fde6098a8095e3a9ceae607fb36
SHA256 391c48a9aee119a983c37475cdc1c231a34c63391480ddfcd884837d07187ea3
SHA512 67577dadd40a37e700e3cb800c32b63694f4a2ae25da9e76b24f6d1a5e3d5045d0e6f20e113949ac28d566236e85d5abf611e7959c9f1dc2c46adaf00cb1d858

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 10754681250b2426b527ebf2794c0b18
SHA1 e5a759daf99250b171c6d38a5cd9ea7b0d35a4d2
SHA256 700d3009f4c38d0bc3810852eaa699ff2c5e1cae5388efa9eede5deceda7e8e3
SHA512 632e14a285b2bf8a6b5dc6f275a78ea70828ee6b84bf9a2278dfef33048093488faf078ffce42dd979aa37d0bdf9aa0468d8628a4ea82645bd4d960d13a001ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0c59000ae431a28c68788e5acb3ed435
SHA1 e125870eb2e024362c06febe86fb73a85f878ffe
SHA256 b9e4660eb0afc19378e92983ab49c9bf561ce6366ce8cf150f6157d3a79dce51
SHA512 a708859e5026ca0b928fe63993a99b96471887f0440e0cf56911b421669a6366b03337e83667ffca2d8d8550bdcf6f51dee5173d88e2b8945d4afe0d7862b87d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\013c24aaf330afa8_0

MD5 f0b69f46265a0cd14c32640e454b85f2
SHA1 929ad1043c1ecbc14163de69b132ee22ce608d26
SHA256 e246210981f6debd237f247c419c941aa3a7da630f0a9e6b7956a30a8f1b4989
SHA512 40975beaaab57bf74334a69945b6c454747016597e1825f468c7356d99c792bb29e67d01e36eadaf62b6d6e0eddfc7e138209aa06e52bd0a94b52bf13ce9ae17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0c1122d661af4cc6_0

MD5 3ac3be6ed6ade04d4067691a093155ff
SHA1 fd29bb7c0bf2b50825d4dbc4aff2abf0ef34e073
SHA256 d2602ece042197a6e6644163c37c02e0013afdc57069aa002f3db5c08ac0d103
SHA512 e7f06d56941a70dab72ff076bf3aff51d906294a3ef49a7a09e80988a0bad418bb4623a2271a48f9f2f42fcfaf6e43bc90476be243932a85eedb0da653fe2822

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 2d6afa58ad6a734571a8e574d3fcc0ce
SHA1 dd9524b3af49de7455becad2e4fcddd98c7cebef
SHA256 beb808299ba03f607802c272b5a4d7eb95d4c5581c42724f023c268682251cf1
SHA512 f780ac140b6c24cac5d080015a28e1432a4704dfa2537fcb6e59641fa4ac4df3c77820a43715a532b51c8f78deca361729ddabbe0e9ffb6bfc373609a6b4bcf6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 988fef2f96ff1fdbdb988a27907f5310
SHA1 a6a3441ede334749cdd82d2141ea3add592483ec
SHA256 7dce9870ec281d9e33927d42f72bf978697b4a9345e4fd25f6db34310ed88e1a
SHA512 8516f0f0921630f18c7e0638f5bc02d5bfc367dd6829c0e4930161f40067e0f6684ab05ace67a157e16ac2b6a0f9cd1b5dbdc76db24f261580f484cd608b92b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 53b429d4366a340210d718ba8dbf620c
SHA1 87e72595791c4e6fb9a8aa46b064e8d82909b2a8
SHA256 4cd89d8e99e73032cfd4142bd25785dd9dfa7253c2a47957200442d017644cac
SHA512 d542a5b0ec222367fa32e3f6000ecb9f9cf99841878355d2d9a8831a51b8b1c553f8747a9f00cf488a99496db3dae64966d96030a3799d82b9526de23b1717b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b8823cc6f746772041d1f811d75211a1
SHA1 4a2bf7beb8c32a2b18d20d70e1fdd2b08b6aaba4
SHA256 57485793f1f85a54243d58589b3cefec11181e70e57b57d49c3bb93af62b4cd7
SHA512 8fbef624889b3e4c2b23523c537499db581e06182c3594463c0f2fde8b447ef1916e24c58e90d9b9ea7676e2bba083edc7bdcea8eb648e27a597d1aa93a19809

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 725b784a810e0e8922385694a1a16433
SHA1 b67d80d457899b6108fb8a1dfc03e33ad6547bd5
SHA256 dea953e265dbae220fc01e2cf7466b8027570debf012f9e608d1d58165c16c74
SHA512 fc4fdd2e1b8dd34eafdf98dadf57ac8f194f03a68ee38ec057fe9490f1d805ccb43021bed2a3bc3591032d3f378eceece0bac0e089f8e8a9cbb7cf135a5032ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 53ec8c291fe5c86d772a0922e38e0c07
SHA1 a8e1cf26e5bd83c9cdd59a6616033ce42acc6642
SHA256 90bbc5ae5aaf568e69b228d65ef66712f4bab0fb5b679df5a7513f48abae1d8e
SHA512 c9a42b04e0c81295a76ed7963b69a0c0c43f9e5494c1b1c332f1f717336d72bd83807bafafc5a8f4c54ec1aa4f0de40ee9311514dd9bf8a17222b697b37d365c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\09a136d0-27f2-4239-8e07-dce717d1b262.tmp

MD5 12b37a900ca7cc1fc09f3012e9c1c1b0
SHA1 c75f8011bf5da2b2e585df97f238299687701737
SHA256 4b2e2ae15c51d62740581512706321c29f5fa67f4a1b8bb7e7015858c2603735
SHA512 f52c0bff1edbf0301f5320563dcc367463c5a6a85b75f97378060ac609c3f1d16ec6ff980e966d8039f28436ac253ba0a9bc96f06e4c8f0274e7bf3d36b4fcdd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ad26755945ccb48bf98ccea02cb97eef
SHA1 e0b93c0b9cdb192d1db598daf166a18c8a5a8a75
SHA256 9b2fc667277a4cc6b9e7c98a273af5c447eb526badc9906590c85eaddf408499
SHA512 deb6b722521764d4a3bf399abe521964a66507f4e39c5a0658a158195f371018c35375e0fa0ba0e27d7a674deb1e40372bd6d9361c7821a7c0178fbfddaf3e71

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 07f054908ce74e0bd10c9db958470ae4
SHA1 20740a341ca9db0cf4b5332b355088c5368527ca
SHA256 2bc95470794f68c9cca25558cab53599441177e9408d7e5f84dee26e1bd7538e
SHA512 1640098199d6db1f6ed27bf9e81356b5f9082635d28909cc91b814ccb1bc33fcfb8f2f4333f591528efce24cde24761d1fd56956be1b76404bb38ad079e784b2

C:\Users\Admin\Downloads\Unconfirmed 186290.crdownload

MD5 1b54b70beef8eb240db31718e8f7eb5d
SHA1 da5995070737ec655824c92622333c489eb6bce4
SHA256 7d3654531c32d941b8cae81c4137fc542172bfa9635f169cb392f245a0a12bcb
SHA512 fda935694d0652dab3f1017faaf95781a300b420739e0f9d46b53ce07d592a4cfa536524989e2fc9f83602d315259817638a89c4e27da709aada5d1360b717eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1d73b01be672e26784b213a268744ff9
SHA1 04cdf3262b35b945e6da36ab16abd2461275c4f1
SHA256 2889542ce6971d04c5b6a909e361092889c36dd92ec50560cd2d417e149d31f5
SHA512 ec73097ed2ffb88e74cd3a7ee4495d2d94a19a3d5a9338181f941f88864f0b1ee2ca5b885e6a76c5970f651059448273408e5969314c991fe4b9bbc891f7b620

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 82409b784e103fadb3290c2945612694
SHA1 74079df8d2479fb2f268df886323de0131644397
SHA256 ec27520c58c278265599266dff68cde85da1d46a6f282305c67bbd51c31dd1c7
SHA512 a5c1f577520b2bc6192e577b98face571ab9241e543075dd0889ed4904d82661a750e3a52a3f6c9946c0a325e44690111a8ac03879ae537ce19f67489dbae18e

C:\Users\Admin\AppData\Local\Temp\nsiCA14.tmp\nsProcess.dll

MD5 08072dc900ca0626e8c079b2c5bcfcf3
SHA1 35f2bfa0b1b2a65b9475fb91af31f7b02aee4e37
SHA256 bb6ce83ddaad4f530a66a1048fac868dfc3b86f5e7b8e240d84d1633e385aee8
SHA512 8981da7f225eb78c414e9fb3c63af0c4daae4a78b4f3033df11cce43c3a22fdbf3853425fe3024f68c73d57ffb128cba4d0db63eda1402212d1c7e0ac022353c

C:\Program Files (x86)\Steam\Steam.exe

MD5 33bcb1c8975a4063a134a72803e0ca16
SHA1 ed7a4e6e66511bb8b3e32cbfb5557ebcb4082b65
SHA256 12222b0908eb69581985f7e04aa6240e928fb08aa5a3ec36acae3440633c9eb1
SHA512 13f3a7d6215bb4837ea0a1a9c5ba06a985e0c80979c25cfb526a390d71a15d1737c0290a899f4705c2749982c9f6c9007c1751fef1a97b12db529b2f33c97b49

C:\Users\Admin\AppData\Local\Temp\nsiCA14.tmp\modern-wizard.bmp

MD5 3614a4be6b610f1daf6c801574f161fe
SHA1 6edee98c0084a94caa1fe0124b4c19f42b4e7de6
SHA256 16e0edc9f47e6e95a9bcad15adbdc46be774fbcd045dd526fc16fc38fdc8d49b
SHA512 06e0eff28dfd9a428b31147b242f989ce3e92474a3f391ba62ac8d0d05f1a48f4cf82fd27171658acbd667eaffb94cb4e1baf17040dc3b6e8b27f39b843ca281

C:\Users\Admin\AppData\Local\Temp\nsiCA14.tmp\nsDialogs.dll

MD5 4e5bc4458afa770636f2806ee0a1e999
SHA1 76dcc64af867526f776ab9225e7f4fe076487765
SHA256 91a484dc79be64dd11bf5acb62c893e57505fcd8809483aa92b04f10d81f9de0
SHA512 b6f529073a943bddbcb30a57d62216c78fcc9a09424b51ac0824ebfb9cac6cae4211bda26522d6923bd228f244ed8c41656c38284c71867f65d425727dd70162

C:\Users\Admin\AppData\Local\Temp\nsiCA14.tmp\nsExec.dll

MD5 2095af18c696968208315d4328a2b7fe
SHA1 b1b0e70c03724b2941e92c5098cc1fc0f2b51568
SHA256 3e2399ae5ce16dd69f7e2c71d928cf54a1024afced8155f1fd663a3e123d9226
SHA512 60105dfb1cd60b4048bd7b367969f36ed6bd29f92488ba8cfa862e31942fd529cbc58e8b0c738d91d8bef07c5902ce334e36c66eae1bfe104b44a159b5615ae5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5428d244bcbab347b564cad49b55e2b0
SHA1 7de590918a622f220e25909e2fc32f63eabdcad6
SHA256 83689929364d3f8d308c831e261d107ed5b1bed27310f90575700386324b7504
SHA512 e33d60995374830fb951c00f97334bf184cbfb9ab51b41718fea2d63623eeb40d4510eb7a02766998d7537dc943ec36a6e41dc42bb9bb8e229c6f9cb48f4da76

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9214f6aa85f5998dabb8b6102448e4af
SHA1 eb01ce62a76fdbfc04f03dd40dd800f25735e15c
SHA256 d7936a36e498c75e7af4d1858526758e36c9d4fb20894a6375db4cf5d43f50c0
SHA512 28aa8d11f2a474ea43d3c24b1f24e21cffc847e26838cce8a545818d13c9ff787bd9a7e4c0ef5b129866eb1ef5e8c1d73a1e8930980a3b11f48d03d93ade805f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b5b099825d1a8d6bebbc832c667fb5ff
SHA1 57435233cdeb6a29d0e7326922d9f6e494768d8f
SHA256 ea3ad9bd4884372c567a549be7fdf97bbb9273448f2aa72c857e717ccb271c8c
SHA512 bf0fa0b99590609567b51ca9fac58fef9e2d1fa214bc90e95cf9d0c316836a3b154b7a1ba80da08c86c31ad33241dcfa6af2290175baeaf41b4e94c7b9fa32ce

C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_

MD5 577b7286c7b05cecde9bea0a0d39740e
SHA1 144d97afe83738177a2dbe43994f14ec11e44b53
SHA256 983aa3928f15f5154266be7063a75e1fce87238bbe81a910219dea01d5376824
SHA512 8cd55264a6e973bb6683c6f376672b74a263b48b087240df8296735fd7ae6274ee688fdb16d7febad14288a866ea47e78b114c357a9b03471b1e72df053ebcb0

C:\Program Files (x86)\Steam\package\tmp\graphics\icon_button_news_mousedown.tga_

MD5 00bf35778a90f9dfa68ce0d1a032d9b5
SHA1 de6a3d102de9a186e1585be14b49390dcb9605d6
SHA256 cab3a68b64d8bf22c44080f12d7eab5b281102a8761f804224074ab1f6130fe2
SHA512 342c9732ef4185dee691c9c8657a56f577f9c90fc43a4330bdc173536750cee1c40af4adac4f47ac5aca6b80ab347ebe2d31d38ea540245b38ab72ee8718a041

C:\Program Files (x86)\Steam\package\tmp\resource\filter_clean_bulgarian.txt.gz_

MD5 836dd6b25a8902af48cd52738b675e4b
SHA1 449347c06a872bedf311046bca8d316bfba3830b
SHA256 6feb83ca306745d634903cf09274b7baf0ac38e43c6b3fab1a608be344c3ef64
SHA512 6ab1e4a7fa9da6d33cee104344ba2ccb3e85cd2d013ba3e4c6790fd7fd482c85f5f76e9ae38c5190cdbbe246a48dae775501f7414bec4f6682a05685994e6b80

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9417c305c3c32727738d9c298251d9d1
SHA1 4091d11ff2470208c36fee3f9199b7f84d3d7b6e
SHA256 51fb95a06d6cea3a32050d145ae7d41b186d8d847205996412acb47ff9c1ad36
SHA512 3d4b39ff7f18b3433efd2201b8564da38cb70b31b17a7cfcb6daa09b2240b30577aeaef44b11812d8ccb025c2bcb3ce63f29ffd4c554d466da2d8cf5a2caf497

memory/1920-16228-0x0000000000D00000-0x00000000011B2000-memory.dmp

memory/11748-16249-0x00007FFF1E850000-0x00007FFF1E851000-memory.dmp

memory/11748-16248-0x00007FFF1D980000-0x00007FFF1D981000-memory.dmp

C:\Users\Admin\AppData\Local\Steam\htmlcache\GPUCache\data_1

MD5 d0d388f3865d0523e451d6ba0be34cc4
SHA1 8571c6a52aacc2747c048e3419e5657b74612995
SHA256 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b
SHA512 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2ea7783b8d430d959638e6beca3682ee
SHA1 cfa5fb58f8e8ba69fa03369d9c25680cad053915
SHA256 aab00d927bb29f04485577457f5e52fa670ae72c2e3ff0a06d0016705b1f00ae
SHA512 68523e26792325dd8ea5d9d26aef16cbb5eef19ebc40902f85c4ac219c3de7a47c8e0e7ffc675d0611c544d6d812b33fd7f5f96efb572b854d50f3ebc644ef94

memory/6220-16314-0x000001EEF4760000-0x000001EEF4875000-memory.dmp

memory/6260-16324-0x0000023B3DCF0000-0x0000023B3DE05000-memory.dmp

memory/6156-16313-0x000000006FFF0000-0x0000000071369000-memory.dmp

memory/11748-16331-0x00000256AAB70000-0x00000256AABC5000-memory.dmp

memory/11808-16332-0x0000012D71A10000-0x0000012D71A65000-memory.dmp

memory/6156-16335-0x000000006FFF0000-0x0000000071369000-memory.dmp

memory/6260-16337-0x0000023B3DCF0000-0x0000023B3DE05000-memory.dmp

C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index

MD5 b8bcab52a0631e2202f15723bf0d4838
SHA1 8c030b70a576e061acaed260f650281d432d5ab7
SHA256 0c144dc03d71c82ef5e1c4f997f5ee8ec4243b9c52829166c5f7ad44ae8822b3
SHA512 6fcf3f093bb7afe9d7ba249de53e57f297c44b34b08f8b653cb2b69df515d38b69d17df46717a800bd60977d1a356720ad54986bc0430763259fa04db1e68387

C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index

MD5 5454599288767d4417efbe100834af6a
SHA1 9d9126da10dba2e9542b05644f5384fa3c1ab931
SHA256 833883c00e7cae7f929b047740524f755b593d9f4e2e163620c706bbc3a82987
SHA512 b3691c34d4be705b693753f961cb9952560afbfa12ef408b5934badeea9b5e5e8af98faee33b739bdc490905b638137df287cd4173b959478d58afb8044ffe32

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 beaa3791fc6e8d2b0fbc997406f9f27a
SHA1 a847c03e2b09145f18d67cb87d71928ec445fd5b
SHA256 dddb04f5441429c7cc6753f10da5991c9bfef64ecb9c1db5556e72616a5b3d54
SHA512 e089f764387addb9f95d7599517e42acdba6576dfe39ce1c6332f95f94bb7664f5ac80474345e4d51c8080dd2630de3ed8264c20590d20665858a3cf5d302e98

memory/12372-16358-0x0000000008360000-0x00000000083AC000-memory.dmp

memory/6156-16365-0x000000006FFF0000-0x0000000071369000-memory.dmp

memory/6156-16370-0x000000006FFF0000-0x0000000071369000-memory.dmp

memory/6156-16375-0x000000006FFF0000-0x0000000071369000-memory.dmp

C:\Windows\Temp\SDIAG_99188ba4-7ca1-4bda-84f2-57745d8c88d7\en-US\DiagPackage.dll.mui

MD5 d7309f9b759ccb83b676420b4bde0182
SHA1 641ad24a420e2774a75168aaf1e990fca240e348
SHA256 51d06affd4db0e4b37d35d0e85b8209d5fab741904e8d03df1a27a0be102324f
SHA512 7284f2d48e1747bbc97a1dab91fb57ff659ed9a05b3fa78a7def733e809c15834c15912102f03a81019261431e9ed3c110fd96539c9628c55653e7ac21d8478d

C:\Windows\Temp\SDIAG_99188ba4-7ca1-4bda-84f2-57745d8c88d7\DiagPackage.dll

MD5 79134a74dd0f019af67d9498192f5652
SHA1 90235b521e92e600d189d75f7f733c4bda02c027
SHA256 9d6e3ed51893661dfe5a98557f5e7e255bbe223e3403a42aa44ea563098c947e
SHA512 1627d3abe3a54478c131f664f43c8e91dc5d2f2f7ddc049bc30dfa065eee329ed93edd73c9b93cf07bed997f43d58842333b3678e61aceac391fbe171d8461a3

C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_oycxe3y3.j0t.ps1

MD5 d17fe0a3f47be24a6453e9ef58c94641
SHA1 6ab83620379fc69f80c0242105ddffd7d98d5d9d
SHA256 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7
SHA512 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

memory/4896-16521-0x00000165B8990000-0x00000165B89B2000-memory.dmp

memory/4896-16529-0x00000165A04E0000-0x00000165A04E8000-memory.dmp

memory/4896-16538-0x00000165A04F0000-0x00000165A04F8000-memory.dmp

memory/4896-16547-0x00000165B8B20000-0x00000165B8B28000-memory.dmp

memory/6156-16550-0x000000006FFF0000-0x0000000071369000-memory.dmp

memory/5604-16556-0x00007FFF1E850000-0x00007FFF1E851000-memory.dmp

memory/5460-16563-0x0000000007980000-0x00000000079CC000-memory.dmp

memory/6156-16566-0x000000006FFF0000-0x0000000071369000-memory.dmp

C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json

MD5 37fa35d1a7014f7e7ecf5225571594c2
SHA1 3b7fea2e41f191fdcd028d25f31119939f415e2f
SHA256 86f5efb5cb5fb1a912d677e517eef4b8f8247f736f120742cd1c99775bb565fe
SHA512 3dcd0d3f3ebb9cc3e129b153d3c0a31370f4c36252b654cd85f5d048b2028fc147f7e4d9bb33a8eb261cef2d231dfbb9e79030a5d0e0b8e5b6e656de3b52158c

C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json

MD5 ff3ac76d31e1760d4992290ac0a8f5e7
SHA1 17fcb8d9c0421f9a831d0aa742040c05c228d960
SHA256 cab2e19240a2daa8eb12de6197243f95a276c924076ded5193712557d8b212a6
SHA512 ab55a34326e53148dff74aa655a8ab7a9f106151bb96f7ab4ecc88ffa914dc78834fb5849a2176e2e45a8acbc76d95f4c0568f23835bfea9dc928e2cd708beeb

memory/6684-16580-0x0000000000280000-0x0000000000288000-memory.dmp

memory/6684-16581-0x0000000004A70000-0x0000000004A98000-memory.dmp

memory/6684-16582-0x0000000004BA0000-0x0000000004C42000-memory.dmp

C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State

MD5 1e95a1ae776a62da15b693dc1556e1bb
SHA1 9ce72ac1ee921a331be90a7607831d83a7648a66
SHA256 51f0708e4a6c21367a1c9e8d9331335a62b9150637c4d5a6f837671a3d4b3993
SHA512 1691b42a4bd9e47263e143ab5a81f941477d63ee2cfce91c4741395847c43427c89f3849bf36bb88561cfad94fecd1f9fdd62b2888dd1a8a642e058fd0cda5e1

C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State~RFe678acd.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b