Analysis Overview
SHA256
81fa2f00f9af36db4b0add31164aca81e5a01f5498f8a6cb5fad5d5eb2d73000
Threat Level: Known bad
The file Bootstrapper (extract.me)(1).zip was found to be: Known bad.
Malicious Activity Summary
Quasar payload
Quasar RAT
Quasar family
Executes dropped EXE
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Drops file in System32 directory
Drops file in Windows directory
Enumerates physical storage devices
Unsigned PE
Browser Information Discovery
Enumerates system info in registry
Suspicious use of WriteProcessMemory
Suspicious use of SendNotifyMessage
Suspicious use of AdjustPrivilegeToken
Scheduled Task/Job: Scheduled Task
NTFS ADS
Suspicious use of SetWindowsHookEx
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Uses Task Scheduler COM API
Modifies data under HKEY_USERS
Modifies registry class
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-05 16:18
Signatures
Quasar family
Quasar payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-05 16:18
Reported
2024-08-05 16:23
Platform
win11-20240802-en
Max time kernel
311s
Max time network
314s
Command Line
Signatures
Quasar RAT
Quasar payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\system32\Bootstrapper.exe | N/A |
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | N/A | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133673483256473973" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Bootstrapper (extract.me)(1).zip:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Scheduled Task/Job: Scheduled Task
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SYSTEM32\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\schtasks.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\system32\Bootstrapper.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\system32\Bootstrapper.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,"C:\Users\Admin\AppData\Local\Temp\Bootstrapper (extract.me)(1).zip"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x108,0x10c,0x110,0xe4,0x114,0x7ffb651bcc40,0x7ffb651bcc4c,0x7ffb651bcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1800,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1780 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1408,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2140 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2208,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2228 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3088,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3140 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3152,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3272 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4460,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3548 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4764,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4788 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4680,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4284 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5108,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5052 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5072,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5116 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4708,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4896 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4580,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5024 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4712,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4692 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4776,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4668 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3416,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5052 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5368,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3392 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5080,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5220 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=4980,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4812 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5064,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4768 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5256,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5224 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=4896,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4476 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5388,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5372 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=4524,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4544 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5528,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5544 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=5684,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5692 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5680,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5856 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=5672,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5972 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=5996,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6124 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=6304,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4432 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=6472,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6484 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6608,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6624 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=6156,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5524 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=6604,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6888 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004D4 0x00000000000004D0
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=6868,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6876 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=6852,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7016 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=7508,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7520 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=7544,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7672 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=7796,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7808 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=7840,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7952 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=7976,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8096 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=8120,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8240 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=8260,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8388 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=8412,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8524 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=8556,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8676 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=8680,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8820 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=8828,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8964 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=8984,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9012 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=8128,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9344 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=7996,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9464 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=9484,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9608 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=9616,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9744 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6632,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5980 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=7664,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9136 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=8516,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3204 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=7800,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8660 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=10412,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10392 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=10524,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10556 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=10564,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10700 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=10528,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10732 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=10016,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10872 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=11116,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11100 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=11232,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11252 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=11468,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10428 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=11564,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10992 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=11692,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11676 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=11844,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11668 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=11816,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11852 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=12096,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=12112 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=12252,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=12244 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=12260,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=12396 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=12376,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=12544 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=12696,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=12760 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=11656,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11984 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=12372,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6004 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=11696,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=13260 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --field-trial-handle=12612,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=13396 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --field-trial-handle=12800,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=13528 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --field-trial-handle=12768,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=12784 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --field-trial-handle=12808,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=13784 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --field-trial-handle=12828,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=13808 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --field-trial-handle=12844,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=14032 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --field-trial-handle=12868,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=14040 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --field-trial-handle=12880,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=14172 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --field-trial-handle=12940,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=14268 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --field-trial-handle=12832,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=14252 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --field-trial-handle=14408,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=14512 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --field-trial-handle=14504,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10424 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --field-trial-handle=14604,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=14124 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --field-trial-handle=11340,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=14508 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --field-trial-handle=12896,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8116 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --field-trial-handle=6732,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=14620 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --field-trial-handle=6656,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11760 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --field-trial-handle=6092,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11912 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --field-trial-handle=6064,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=12076 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --field-trial-handle=6724,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6736 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --field-trial-handle=10196,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10168 /prefetch:1
C:\Users\Admin\Downloads\Bootstrapper (extract.me)(1)\Bootstrapper.exe
"C:\Users\Admin\Downloads\Bootstrapper (extract.me)(1)\Bootstrapper.exe"
C:\Windows\SYSTEM32\schtasks.exe
"schtasks" /create /tn "Spotify" /sc ONLOGON /tr "C:\Users\Admin\AppData\Roaming\system32\Bootstrapper.exe" /rl HIGHEST /f
C:\Users\Admin\AppData\Roaming\system32\Bootstrapper.exe
"C:\Users\Admin\AppData\Roaming\system32\Bootstrapper.exe"
C:\Windows\SYSTEM32\schtasks.exe
"schtasks" /create /tn "Spotify" /sc ONLOGON /tr "C:\Users\Admin\AppData\Roaming\system32\Bootstrapper.exe" /rl HIGHEST /f
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --field-trial-handle=6860,i,17296442734830455081,18234721984838463136,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=13960 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 202.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.179.250.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 172.217.23.206:443 | clients2.google.com | udp |
| NL | 172.217.23.206:443 | clients2.google.com | tcp |
| NL | 172.217.23.206:443 | clients2.google.com | tcp |
| NL | 142.250.179.174:443 | chrome.google.com | tcp |
| US | 104.26.8.129:443 | www.shorturl.at | tcp |
| US | 104.26.8.129:443 | www.shorturl.at | tcp |
| DE | 168.119.136.78:443 | s84.extract.me | tcp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 104.17.112.233:443 | tinyurl.com | tcp |
| US | 104.17.112.233:443 | tinyurl.com | tcp |
| US | 8.8.8.8:53 | file.io | udp |
| US | 8.8.8.8:53 | 233.112.17.104.in-addr.arpa | udp |
| US | 104.17.112.233:443 | tinyurl.com | tcp |
| US | 104.17.112.233:443 | tinyurl.com | tcp |
| US | 104.17.112.233:443 | tinyurl.com | udp |
| US | 45.55.107.24:443 | file.io | tcp |
| US | 8.8.8.8:53 | 24.107.55.45.in-addr.arpa | udp |
| GB | 18.245.218.29:443 | www.file.io | tcp |
| GB | 79.127.237.132:443 | hb.vntsm.com | tcp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 79.127.237.132:443 | hb.vntsm.com | tcp |
| US | 8.8.8.8:53 | hb-vntsm-com.global.ssl.fastly.net | udp |
| US | 151.101.193.194:443 | hb-vntsm-com.global.ssl.fastly.net | tcp |
| US | 172.67.36.131:443 | hb.vntsm.io | tcp |
| US | 8.8.8.8:53 | 194.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.36.67.172.in-addr.arpa | udp |
| US | 45.55.107.24:443 | file.io | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| NL | 142.250.102.156:443 | stats.g.doubleclick.net | tcp |
| NL | 172.217.168.195:443 | www.google.co.uk | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| GB | 79.127.237.132:443 | hb.vntsm.com | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| GB | 18.164.68.61:443 | cdn.exelator.com | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| IE | 34.254.143.3:443 | mydmp.exelator.com | tcp |
| US | 8.8.8.8:53 | 70.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.223.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.68.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| GB | 52.84.90.106:443 | config.aps.amazon-adsystem.com | tcp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| NL | 23.218.48.210:443 | secure.cdn.fastclick.net | tcp |
| NL | 23.218.48.210:443 | secure.cdn.fastclick.net | tcp |
| US | 172.67.36.110:443 | cdn.hadronid.net | tcp |
| NL | 142.250.179.174:443 | fundingchoicesmessages.google.com | tcp |
| US | 104.244.42.131:443 | analytics.twitter.com | tcp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| US | 50.19.33.133:443 | onsite-tag-logs.apps.nielsen.com | tcp |
| NL | 142.251.36.34:443 | cm.g.doubleclick.net | tcp |
| US | 104.22.5.69:443 | id.hadron.ad.gt | tcp |
| NL | 63.215.202.178:443 | proc.ad.cpe.dotomi.com | tcp |
| NL | 142.250.179.174:443 | fundingchoicesmessages.google.com | udp |
| NL | 142.251.36.34:443 | cm.g.doubleclick.net | udp |
| US | 104.22.4.69:443 | id.hadron.ad.gt | tcp |
| NL | 142.250.179.174:443 | fundingchoicesmessages.google.com | udp |
| NL | 142.251.36.1:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 131.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.33.19.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.4.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.36.251.142.in-addr.arpa | udp |
| DE | 162.19.138.118:443 | id5-sync.com | tcp |
| DE | 162.19.138.116:443 | id5-sync.com | tcp |
| IE | 34.248.170.187:443 | s.cpx.to | tcp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| DE | 91.228.74.166:443 | secure.quantserve.com | tcp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | elb.the-ozone-project.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | apex.go.sonobi.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 34.120.111.33:443 | api.edkt.io | tcp |
| US | 8.8.8.8:53 | rules.quantcount.com | udp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| US | 34.95.69.49:443 | i.clean.gg | tcp |
| NL | 145.40.97.77:443 | prebid.a-mo.net | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| US | 104.18.2.179:443 | elb.the-ozone-project.com | tcp |
| DE | 18.196.32.27:443 | btlr.sharethrough.com | tcp |
| DE | 18.196.32.27:443 | btlr.sharethrough.com | tcp |
| DE | 18.196.32.27:443 | btlr.sharethrough.com | tcp |
| DE | 18.196.32.27:443 | btlr.sharethrough.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| FR | 178.32.197.48:443 | prg.smartadserver.com | tcp |
| FR | 178.32.197.48:443 | prg.smartadserver.com | tcp |
| IE | 52.49.184.105:443 | track.venatusmedia.com | tcp |
| NL | 185.89.210.141:443 | ib.adnxs.com | tcp |
| NL | 185.89.210.141:443 | ib.adnxs.com | tcp |
| GB | 18.245.187.41:443 | rules.quantcount.com | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| US | 34.95.69.49:443 | i.clean.gg | udp |
| IE | 34.248.170.187:443 | s.cpx.to | tcp |
| US | 34.120.111.33:443 | api.edkt.io | tcp |
| IE | 52.95.122.74:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 34.120.111.33:443 | api.edkt.io | udp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| DE | 37.252.171.85:443 | secure.adnxs.com | tcp |
| NL | 198.47.127.205:443 | image2.pubmatic.com | tcp |
| NL | 142.250.179.193:443 | d3cebf68b0d334c8ccaffce5ce9cd6d2.safeframe.googlesyndication.com | tcp |
| NL | 23.51.73.55:443 | tg1.aniview.com | tcp |
| FR | 142.251.37.163:443 | csi.gstatic.com | tcp |
| US | 172.240.45.75:443 | track4.aniview.com | tcp |
| GB | 88.221.134.51:443 | player.aniview.com | tcp |
| GB | 95.101.143.233:443 | feed.avplayer.com | tcp |
| NL | 142.251.36.1:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 27.32.196.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.197.32.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.184.49.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.122.95.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.73.51.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.37.251.142.in-addr.arpa | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 64.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn1.vntsm.com | udp |
| NL | 142.251.36.1:443 | tpc.googlesyndication.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| FR | 185.93.2.245:443 | cdn1.vntsm.com | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| US | 70.42.32.95:443 | b1sync.zemanta.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| IE | 54.229.25.182:443 | rtb.gumgum.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| DE | 54.93.109.96:443 | match.sharethrough.com | tcp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| GB | 88.221.134.51:443 | content1.avplayer.com | tcp |
| DE | 54.93.109.96:443 | match.sharethrough.com | tcp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| GB | 88.221.134.51:443 | content1.avplayer.com | tcp |
| US | 34.120.111.33:443 | api.edkt.io | tcp |
| NL | 23.51.73.55:443 | tg1.aniview.com | tcp |
| GB | 88.221.134.35:443 | content1.avplayer.com | tcp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| IE | 52.209.201.123:443 | ms-cookie-sync.presage.io | tcp |
| FR | 5.135.209.101:443 | ssbsync.smartadserver.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| DE | 37.252.171.85:443 | secure.adnxs.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| US | 70.42.32.95:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | match.deepintent.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| FR | 5.135.209.101:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| DK | 37.157.2.228:443 | c1.adform.net | tcp |
| US | 54.160.252.88:443 | sync.srv.stackadapt.com | tcp |
| US | 34.98.64.218:443 | u.openx.net | tcp |
| US | 52.206.37.41:443 | sync.ipredictive.com | tcp |
| US | 169.197.150.8:443 | match.deepintent.com | tcp |
| IE | 52.213.120.165:443 | pr-bh.ybp.yahoo.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| IE | 52.95.122.74:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 182.25.229.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.209.135.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.108.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.201.209.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.32.42.70.in-addr.arpa | udp |
| NL | 142.251.36.34:443 | cm.g.doubleclick.net | tcp |
| NL | 142.250.179.194:443 | googleads.g.doubleclick.net | tcp |
| US | 172.240.45.75:443 | track4.aniview.com | udp |
| US | 52.206.37.41:443 | sync.ipredictive.com | tcp |
| US | 172.240.45.81:443 | go1.aniview.com | tcp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| US | 172.240.45.81:443 | go1.aniview.com | tcp |
| NL | 35.214.241.248:443 | ads.creative-serving.com | tcp |
| US | 34.98.64.218:443 | u.openx.net | udp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| US | 45.55.107.24:443 | file.io | tcp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| GB | 23.215.239.190:443 | secure-assets.rubiconproject.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| JP | 124.146.153.153:443 | tg.socdm.com | tcp |
| NL | 35.214.241.248:443 | ads.creative-serving.com | tcp |
| NL | 142.250.179.194:443 | googleads.g.doubleclick.net | udp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| JP | 124.146.153.153:443 | tg.socdm.com | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 198.233.247.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.239.215.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.153.146.124.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 165.120.213.52.in-addr.arpa | udp |
| DE | 162.19.138.116:443 | id5-sync.com | tcp |
| IE | 52.95.122.74:443 | aax-eu.amazon-adsystem.com | tcp |
| NL | 142.251.36.34:443 | cm.g.doubleclick.net | udp |
| GB | 88.221.134.35:443 | content1.avplayer.com | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| IE | 52.208.95.144:443 | ap.lijit.com | tcp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| US | 50.16.121.226:443 | ssp.disqus.com | tcp |
| FR | 154.54.250.81:443 | ads.stickyadstv.com | tcp |
| FR | 154.54.250.81:443 | ads.stickyadstv.com | tcp |
| US | 172.240.45.70:443 | s2s.aniview.com | tcp |
| US | 8.2.110.134:443 | cs.krushmedia.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 35.204.158.49:443 | um.simpli.fi | tcp |
| US | 104.22.51.98:443 | mwzeom.zeotap.com | tcp |
| IE | 63.32.135.176:443 | sync.crwdcntrl.net | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| DE | 3.122.190.175:443 | optimized-by.rubiconproject.com | tcp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| NL | 145.40.97.77:443 | prebid.a-mo.net | tcp |
| US | 104.18.2.179:443 | elb.the-ozone-project.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 54.160.252.88:443 | sync.srv.stackadapt.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| US | 151.101.66.49:443 | sync-tm.everesttech.net | tcp |
| US | 151.101.65.108:443 | acdn.adnxs.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| US | 52.46.143.56:443 | s.amazon-adsystem.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| IE | 52.49.13.208:443 | match.prod.bidr.io | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| DE | 162.19.138.118:443 | id5-sync.com | tcp |
| NL | 198.47.127.205:443 | image2.pubmatic.com | tcp |
| NL | 198.47.127.205:443 | image2.pubmatic.com | tcp |
| DE | 54.93.109.96:443 | match.sharethrough.com | tcp |
| NL | 35.214.241.248:443 | ads.creative-serving.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | udp |
| US | 52.46.143.56:443 | s.amazon-adsystem.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 185.89.210.141:443 | ib.adnxs.com | tcp |
| FR | 154.54.250.81:443 | ads.stickyadstv.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| IE | 52.213.120.165:443 | pr-bh.ybp.yahoo.com | tcp |
| DE | 54.93.109.96:443 | match.sharethrough.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| NL | 89.149.192.76:443 | ssbsync-global.smartadserver.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 69.166.1.67:443 | sync.go.sonobi.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| DE | 162.19.138.116:443 | id5-sync.com | tcp |
| US | 216.200.232.253:443 | sync.mathtag.com | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 54.160.252.88:443 | sync.srv.stackadapt.com | tcp |
| US | 54.160.252.88:443 | sync.srv.stackadapt.com | tcp |
| IE | 63.32.135.176:443 | sync.crwdcntrl.net | tcp |
| IE | 63.32.135.176:443 | sync.crwdcntrl.net | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| NL | 89.149.193.104:443 | rtb-csync.smartadserver.com | tcp |
| NL | 35.214.209.97:443 | csync.loopme.me | tcp |
| NL | 89.149.193.104:443 | rtb-csync.smartadserver.com | tcp |
| DE | 54.93.109.96:443 | match.sharethrough.com | tcp |
| US | 52.46.143.56:443 | s.amazon-adsystem.com | tcp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| US | 69.166.1.67:443 | sync.go.sonobi.com | tcp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| IE | 108.128.116.23:443 | ce.lijit.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| US | 216.200.232.253:443 | sync.mathtag.com | tcp |
| GB | 108.138.217.61:443 | hb.yellowblue.io | tcp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| DE | 54.93.109.96:443 | match.sharethrough.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| DE | 54.93.109.96:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | 252.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.110.2.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.121.16.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.51.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.158.204.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.135.32.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.133.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.190.122.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.13.49.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.143.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.109.93.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.232.200.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.209.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.116.128.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.217.138.108.in-addr.arpa | udp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| US | 34.111.113.62:443 | pixel.tapad.com | udp |
| NL | 172.217.23.202:443 | imasdk.googleapis.com | tcp |
| US | 69.173.151.100:443 | pixel-us-east.rubiconproject.com | tcp |
| IE | 52.49.13.208:443 | match.prod.bidr.io | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 44.221.161.148:443 | api-2-0.spot.im | tcp |
| DE | 162.55.233.28:443 | sync.richaudience.com | tcp |
| GB | 88.221.134.35:443 | content1.avplayer.com | tcp |
| US | 172.111.38.54:443 | tracker.open-adsyield.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 104.17.44.93:443 | gum.aidemsrv.com | tcp |
| DE | 91.228.74.200:443 | cms.quantserve.com | tcp |
| US | 67.202.105.22:443 | ssc-cms.33across.com | tcp |
| US | 44.215.212.202:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 192.132.33.68:443 | bttrack.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| IE | 52.49.13.208:443 | match.prod.bidr.io | tcp |
| DE | 162.55.233.28:443 | sync.richaudience.com | tcp |
| IE | 52.49.13.208:443 | match.prod.bidr.io | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| NL | 172.217.23.202:443 | imasdk.googleapis.com | tcp |
| IE | 52.209.201.123:443 | ms-cookie-sync.presage.io | tcp |
| DK | 37.157.2.228:443 | c1.adform.net | tcp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| IE | 52.49.13.208:443 | match.prod.bidr.io | tcp |
| NL | 142.251.36.6:443 | s0.2mdn.net | tcp |
| NL | 89.149.193.104:443 | rtb-csync.smartadserver.com | tcp |
| NL | 198.47.127.20:443 | simage4.pubmatic.com | tcp |
| NL | 89.149.193.104:443 | rtb-csync.smartadserver.com | tcp |
| US | 34.111.131.239:443 | idsync.frontend.weborama.fr | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | udp |
| US | 104.17.44.93:443 | gum.aidemsrv.com | udp |
| NL | 89.149.193.104:443 | rtb-csync.smartadserver.com | tcp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 8.8.8.8:53 | 202.212.215.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.233.55.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.131.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.127.47.198.in-addr.arpa | udp |
| NL | 216.58.208.98:443 | pubads.g.doubleclick.net | tcp |
| NL | 216.58.208.98:443 | pubads.g.doubleclick.net | tcp |
| NL | 216.58.208.98:443 | pubads.g.doubleclick.net | tcp |
| NL | 216.58.208.98:443 | pubads.g.doubleclick.net | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | udp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| US | 172.240.45.76:443 | track1.avplayer.com | tcp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| US | 34.111.113.62:443 | pixel.tapad.com | udp |
| IE | 34.254.110.245:443 | cs.yellowblue.io | tcp |
| FR | 142.251.37.163:443 | csi.gstatic.com | tcp |
| FR | 142.251.37.163:443 | csi.gstatic.com | tcp |
| FR | 142.251.37.163:443 | csi.gstatic.com | tcp |
| FR | 142.251.37.163:443 | csi.gstatic.com | tcp |
| NL | 188.166.17.21:443 | match.adsby.bidtheatre.com | tcp |
| FR | 51.68.39.188:443 | dsp.nrich.ai | tcp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| NL | 216.58.208.98:443 | pubads.g.doubleclick.net | udp |
| GB | 185.64.190.81:443 | image4.pubmatic.com | tcp |
| FR | 142.251.37.163:443 | csi.gstatic.com | udp |
| FR | 54.38.113.5:443 | pixel.onaudience.com | tcp |
| DE | 80.82.210.217:443 | cookie.active-agent.com | tcp |
| DK | 77.243.51.121:443 | uipglob.semasio.net | tcp |
| US | 151.101.194.49:443 | sync-tm.everesttech.net | tcp |
| NL | 188.42.63.48:443 | dsp-ap.eskimi.com | tcp |
| SE | 13.50.192.155:443 | d5p.de17a.com | tcp |
| US | 8.8.8.8:53 | 155.192.50.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.63.42.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pubmatic-match.dotomi.com | udp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| NL | 63.215.202.169:443 | pubmatic-match.dotomi.com | tcp |
| DE | 52.57.150.20:443 | ps.eyeota.net | tcp |
| NL | 142.251.36.1:443 | tpc.googlesyndication.com | udp |
| IE | 52.95.122.74:443 | aax-eu.amazon-adsystem.com | tcp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | tcp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| NL | 35.214.209.97:443 | csync.loopme.me | tcp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| IE | 52.215.155.11:443 | cm.adgrx.com | tcp |
| FR | 141.95.171.139:443 | green.erne.co | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 104.18.24.173:443 | a.tribalfusion.com | tcp |
| DE | 23.88.86.2:443 | matching.truffle.bid | tcp |
| US | 34.111.131.239:443 | idsync.frontend.weborama.fr | udp |
| FR | 54.38.113.5:443 | pixel-eu.onaudience.com | tcp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| DE | 23.88.86.2:443 | matching.truffle.bid | tcp |
| SE | 13.50.192.155:443 | d5p.de17a.com | tcp |
| NL | 188.42.63.48:443 | dsp-ap.eskimi.com | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | udp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| NL | 188.166.17.21:443 | match.adsby.bidtheatre.com | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 172.240.45.76:443 | track1.avplayer.com | udp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 172.240.45.70:443 | s2s.aniview.com | udp |
| FR | 178.32.197.48:443 | prg.smartadserver.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| FR | 178.32.197.48:443 | prg.smartadserver.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| DE | 193.161.193.99:34180 | wefdwef-34180.portmap.host | tcp |
| DE | 162.55.120.196:443 | matching.truffle.bid | tcp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| DE | 162.55.120.196:443 | matching.truffle.bid | tcp |
| IE | 52.95.122.74:443 | aax-eu.amazon-adsystem.com | tcp |
| DE | 193.161.193.99:34180 | wefdwef-34180.portmap.host | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| FR | 178.32.197.48:443 | prg.smartadserver.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| DE | 193.161.193.99:34180 | wefdwef-34180.portmap.host | tcp |
| DE | 18.196.32.27:443 | btlr.sharethrough.com | tcp |
| NL | 185.89.210.141:443 | ib.adnxs.com | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.251.36.1:443 | tpc.googlesyndication.com | udp |
| US | 34.120.111.33:443 | api.edkt.io | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| FR | 142.251.37.163:443 | csi.gstatic.com | udp |
| DE | 193.161.193.99:34180 | wefdwef-34180.portmap.host | tcp |
| DE | 193.161.193.99:34180 | wefdwef-34180.portmap.host | tcp |
| DE | 193.161.193.99:34180 | wefdwef-34180.portmap.host | tcp |
Files
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c74dd0ff9d2fa8384fcb4bf02e08ed78 |
| SHA1 | 00ebcecd21d6c7819fda0b54e6a6c5fdf2bebd19 |
| SHA256 | 3978754463affc9ee1646b9f6c9628eb830caa4d3e7126bd7ac222e01ca99701 |
| SHA512 | 5a5da1fec869dcaed4ef2c12cb8e72e8d3ae06c55a0b8aa6b92d5e73ae040da4bda0e6cc885030848e8169a123fe07fcebc0b3705f2209051d18df5d2e7f7bc1 |
\??\pipe\crashpad_2340_BGKBSJEZCFOTLSPN
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1bbbb2ba5b3e0b6e69f277b57b1fafdf |
| SHA1 | ed5d9cb210ded6e300e3e110d6b303aeaee6c0fd |
| SHA256 | 85c9e402a34d609fac5336820625d3e70d4e8b176229a21c5375f1acadffe202 |
| SHA512 | f5582e22d5724c59b1baf1a3e7e234eba9afb3844d95167efb2011ff6e864cedd2bd578fb2eb4a01c2231e006d3782c435f2660458736d045fa6d86636aeac3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 96a48587b8664f95219fecd1389480ae |
| SHA1 | 5d4fc22ab3b336d59af756fb8141188f12b48ae3 |
| SHA256 | 8ed1ce9a9dc59561e2208a604bcc45daf9201b8c664f4bebeb948c0dcda36f42 |
| SHA512 | 40819fb83fce1489050cc9e4c06d53cc670abf38d0d0106ff1f66ad5230e0e388f4ee529dee3cc06c078267c556180630e5f7c3633c3dca691b1c89ce84190d1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f24aa256c89bff5c2b0cc2c9849d9e2f |
| SHA1 | 69e8f5d70ac88beb6760ad8e8483e89a6a2310e9 |
| SHA256 | deeae91e3a54d5d77662e511a1dadf9bb506e7e3bb211ea4b6cbffddc75307d1 |
| SHA512 | eb61d1b43b01a48a76f9fe8776a571363bd04465fe694ec2190200dbbd35d9c8acb0cb25bda1f73ad45e1546d9add65d9de52750535588577a0ec659db9a4532 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | c0a3bc0dc5f4790cfa515d0f63e62bd9 |
| SHA1 | 334245ca7714fe369447407bfc7628bea827d399 |
| SHA256 | d9264b7f180f76971a271ae47c2add1a1e083f95700144165a7d2f25757ead53 |
| SHA512 | 71d4f3c8e1faedeebc4ff13a0b3108a600b64e981c3cde4ff6959887b685a239cd512de0853930d966dc9002b84e4db554773724dc353f2191e2b6750f9fd875 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5a9832ae2730a6d4b63ba0c714806964 |
| SHA1 | 86afdeb90234edf34e75f8916232c1031e8dd543 |
| SHA256 | 99cad0b6d4aac0ae5a4c1a4219fb914c7dcf8baf8f92952ab6d9e0cda27f4f7f |
| SHA512 | e672b95d5feeb9e79d007f64c3f23c62bbff06948411ff6eb3823cfde8e3590ebefe3189473c6997dc17837fa7fc40cdd5ffb9d9e3076a08b28ce506a0521c60 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3f153f6964c83e1dc39771a48f9e517e |
| SHA1 | 11be20ffacbdcd6a69667755ce9d8f4c4ea2a34b |
| SHA256 | 39194c8f7b4c56995da386eb0d75a83e14bc6e7f76a7809bcb888027752355e8 |
| SHA512 | 08acc42bbb2113cbf3da9e033f3d1064d9661e4f13d4a0bc96ce1f9cccc87cacba1956c7ea88040972ef22f0d2bb2eb9cb004f51d7e0f3ea21ea19b5462e8506 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | d3e8f5ecd4ebacc1f8ae0d0fa5d12881 |
| SHA1 | abdc26ef9292cd5832b2ee9acb436bf597fe86da |
| SHA256 | a810afd9db80c107c9bfc2ffae7f4ce3d95943225a129d214e1ef5a0674a54ec |
| SHA512 | b033573808ebd784dd597384c77406098073e5e4341233cce7e2f996d08b56daa1ba46590ca2cea2b5648bf0d2905e43ea7debd6e2fc3ff935f934b250c11e60 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7eb64eaf29dbcaa41736cbc9af65d947 |
| SHA1 | 58dc088992516be0a2dfb5953c207d57b49bd35e |
| SHA256 | 6b4c8718f68f649582cce0f2924a57035a94bbc1d652a091ca2cc2aa7fe1b649 |
| SHA512 | ae32ce1159faa386db50fe7ace6e33612fb874d74788996d65c37674b575ca499fb18e72728634accdfec882a967bb418e54c6f028a8ab7265f22b883dd7d0b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 4b983d21830db665a6cedb395400be74 |
| SHA1 | 56cc4c2f695ca9dea02e03352191bb89a71ed514 |
| SHA256 | 941761581121f73bf15dbd39bde5dcdf7e21f2f04b5a0418c280c740299e803e |
| SHA512 | 2e3790bba727fba58a746f751e85e1d482031828220a09a04ac9a1a46f7955f5b1eb0e6cff8f41105bd00932ec2bd0d8300f128c05d04c779a76693014dc38ce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9bf435a94351754c4de6485bec975510 |
| SHA1 | 3e47744a9ffdc5827ac3f472d0a9fd90c345c8c9 |
| SHA256 | a885a2bdf19c26c40af606aea8a17e7993b7d8629ddc26cb5a63592d2a22f5e1 |
| SHA512 | 29a9620f4632264979ccb590700ea37dafe2d4f0e16916682686976832096e29e77b8f34f4622987fa0ea8d952b6a9645691c01f779872d62badf4cc42a5f02b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | ef99fb675240be1b9cce000389d8bfb8 |
| SHA1 | 0775a333a3d5d5e0298e57156c0b6d85dbde831c |
| SHA256 | b3a09ead77405c7925052f4d381121d056c257a4814a76ba62920c1ab1e18348 |
| SHA512 | c467df1e8e68d25cca456f60e23858304937c2e50192854d9e9183aa45c2d3ef9c6b4c0aa1e0634fbe3c83ea4a3217adb368dff21e718b1d60c6f3a40cd78a51 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 7308771a87d6971d3a95c766fc055ca4 |
| SHA1 | b239d29c38f5f4c253ee5fe5e1aa6affc05b4a67 |
| SHA256 | 8ddfb00e36266f66f19d8343cbf4d6420e04f731595f66f80c452350ecbf4e1b |
| SHA512 | eb81556de3a97d67257e21e16c6467851922b06156179387ce27d54b4eac76414c6d8975c929d5c23a410b4f737ebf2ee02e9c7eb6f3728fcc546441d942b496 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8b2e1bc8fa71b6d80518e49e54643749 |
| SHA1 | fcae587cf6147e96b1ec2508bb492f1f5f72f3bc |
| SHA256 | b202739abc9f20737c52f2950819b8f01acf5c8739d5e60707093d053d65822a |
| SHA512 | 0deaba312f2381e0df1259d0364474cb5214126a96b9994c76a5b7149fa8cc9f125bd82d5188426e79165733efe3231bd19c0dca35b9507b8b01db2b8bc0e8e3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3924449f3d90ea5d4c25f748f775b62c |
| SHA1 | 4a9692564e42a74c79ca9f96145d2e3e5e8840aa |
| SHA256 | 0be6397270eeff0e302ef902e7935e9f6245cbbe64fa7e06142c44fdee533d6f |
| SHA512 | 7393ba56476436238b2f761ccfecdd580a9768d6f39eab14ab1c7ac4cdd6a48b9db949aaa8149984aa9e2b03485bee299e02ed3381d3e8fe4e8888e44cb1c9aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0aaad1b16640ffaaf11fd635de6e3adb |
| SHA1 | ac6157868f7f8bf8b30d539aa306c6e0c9969286 |
| SHA256 | a23d5ff785b0aa99b6d687abca8d7b175f1b8440a07ae7e326466dcbda66a031 |
| SHA512 | 4b5de3afbeb4bdc57667aaa4f0049b3e401dada865cee752476132fde689281ba6ec56e323e6927c1e4db2d8086c7891b850ed04342029e88adde589203adad4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0547295955ee07eaa1d0cffd1a86e90e |
| SHA1 | 76a3b9e0dcf418bf3528386b8c465e96cd0295ce |
| SHA256 | 8278f6787de42958f6421ebee37dabe1402b2ab89895109d394b71119f9860b1 |
| SHA512 | 08c2a481e9dc6d296e89c84b1eb64b92c416c6ca7bc485949ca51bef9a61d3d62bda6e72067f8687bd2f696c6e028b567ab8fa8ef4bdef915db6a9039179b219 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | d222b77a61527f2c177b0869e7babc24 |
| SHA1 | 3f23acb984307a4aeba41ebbb70439c97ad1f268 |
| SHA256 | 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747 |
| SHA512 | d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | b5ad5caaaee00cb8cf445427975ae66c |
| SHA1 | dcde6527290a326e048f9c3a85280d3fa71e1e22 |
| SHA256 | b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8 |
| SHA512 | 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f282eeaf7e667c4cc9c497ed37125b71 |
| SHA1 | d563397108f4bc65aecf2d09a9be2559a64285b1 |
| SHA256 | 1063062cf221e88e4b82113167d179a49de781aab46d143e9c0ea3055ff67c02 |
| SHA512 | 75b383b9de52125d139e614710ae80cde2a9df001de163eddc672ca1c507a02243ace082d7f5b0447de10f0896f75575e24f55fc1b8745399690493f05fc514b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 959e3da9e768e6915f449c5cea05d9d6 |
| SHA1 | 3cc3440de7a8f870fe0fd0d62a096aad7a2f6c9d |
| SHA256 | f2fa44591a1aec93027c11eefcb2ac98cc9e4822727b08c27a593f230948947c |
| SHA512 | 3692a292a3e339ecc5cbca21208d2422b5aa3e68d32090f39c9b0372db5e261cf2a9c5c6112255d64c07d4ba9627395eee9041aacc790fb35ccfdda6c2da0fac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 14b75f1030cd7165d3df784d68e98186 |
| SHA1 | 35bdd9b1249e00c276381517d3b2a1905bc2ef20 |
| SHA256 | 3a2e9f9b298ce1e454d117a7f67536247026588b96ddbcf62b58ec5a893a743d |
| SHA512 | 902ca10d36f52663112866c9f24025e00ea18c7d1bd7b204b43f1f7049aef1e1d39079a8cecc8e805d329d49b257adf4b02743b0ba8198d8c59ddf53e1250569 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e0b101521b5f4c1600067a21ba22ab7d |
| SHA1 | 8e3bc1440c5db06931257732e8662966ae94a25e |
| SHA256 | 250eaf98cb0b7c2d7db2fb473d1df733bef0a8fbf22fe07acf20411cae4193c3 |
| SHA512 | 4338cad9b6c7ce3bc475a8bf1f934548631825a3bdad1fbd6eecddb73830b7d4aa5a9a7be393337d580327e6303e78b6bb00703c0eb278ace4d755b635580244 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | ed4ff97f7ff8c0274e43976b854e5875 |
| SHA1 | a97dba1a3b000c352498d4facc354bdb7677ac5b |
| SHA256 | a631fc41419a45876437f0b749ab31a90b257717b08ac024934b964ededff7ca |
| SHA512 | 191c9290f745aac8f3e7486e16aad17a1e5ed221760e1d2eada189a82ee8ecd3444781b1207fab16a7d4b0e8aad104de7061974694826afa4e804442ae4f65b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0e132ab0c6dbcc6b02420922de26c1a0 |
| SHA1 | ed69ca5e6adf560c3128ef340d09ca99de1d1e02 |
| SHA256 | 861d31b48b395d8f4b868c7f3823733d80e99e41e5e4996a0eccb697b8581c04 |
| SHA512 | 889a15193ecec5c618ec40f97c8c57f6a5c11cadba03d3529639f426d9bb94c57864917ae6a89cfa1da4f7ff689d7b648cd75e0735b2ee217eb68219948f2942 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8559854560c9888d2aad9bf089a5db3a |
| SHA1 | f44eea28015d732c517761015d4e87668536a146 |
| SHA256 | b6c6b502e5a870ca5b4cd4420f83a3e0c273b970b6287296f86d597abac31347 |
| SHA512 | 280af4036e68fbdb927a32de159309fab6c5fc636066023e10eaac045e5627c0d67ee06d88d3b2f899c4b056743c0fffb1eb6ddcc25fb12af3371020573e87f9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 568cbc872356b240479e2212f471772a |
| SHA1 | 4c5c74e2e1f4ca204e0d647f0b7344e5c7873242 |
| SHA256 | eb1b9e9b401df72b5632b1d67a060d51c9f03e53402487f49424b8ac1f31c44e |
| SHA512 | a69d4bd85f33bffe96bec5d5ff9322bf514d9436f042e103cd8747a6ad314143d2eece541a9ae6e7e40c852bdd2989d30350378454a1198eb289595da8c1f38f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5bf4df79c677ce943a8919d994e2f47b |
| SHA1 | 13e2fd361c28eac93267d9591e03a270eba034ad |
| SHA256 | 32c436675c511ded2d358f18e35dcc244f9f23145a0304ee0e06025bd39e1093 |
| SHA512 | 254571183efec4ad27118a35bbeb4b9b54136d0f0681cc4c90b39f2087301561bdccf2388ae8d61646e656e198958f7d96ff8b81b3f85976f8a80a9c282c630a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | bc18ee0b1e35e3180d97596c460f3383 |
| SHA1 | 1624214f87091745b752d5d569cc437565197ba7 |
| SHA256 | 41524c5b8614155f55cb164f0a927169c40aa66ef7f3f7404a2f585e40fd9631 |
| SHA512 | 883c7e96f3a5e5e7a49b9f8084b05c76691bea84bd5ca2b0db291de8bce90719b89d42ae8a3aba7884de2912e49608e3adc8bb1a1fd36bb2c9f4ad2bb5789190 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020
| MD5 | 4322f0449af173fb3994d2bef7ecb2e4 |
| SHA1 | b6ee5c6f76b8eee448f6b4b2b56fa1ec39653934 |
| SHA256 | 0502e6e2f3fc54a30dea0eb07eb19a395c7ea6fc273321a49a4cc977a59b7cc9 |
| SHA512 | d8bae6131a5a8a1fcabb2d7efebc6cdbba27955fb77484a5d87dbce7a237c0cd5e19b74b4dad28312929ad732d3b80cf3d7f15f059c88438d0bc6ff9535ceeef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8d6083f92808a2a2a4b8b735c0aafe87 |
| SHA1 | 853fbde76afc75e0358be05ebe90a911b2c53857 |
| SHA256 | c96c897f802c48db4f7eb271c877b8c7825cf835de36a0ef77fe96c29727add4 |
| SHA512 | 4b54fda646740e2931b8975ef2212eb035d86a43cd84cf09201d741943e0f7a781a0240902c1d5d827fd9c9dd58e911812227ef0507f0ef979f8a083b96bc01a |
C:\Users\Admin\Downloads\Bootstrapper (extract.me)(1).zip:Zone.Identifier
| MD5 | 72d152337ada3cd4de71046121603956 |
| SHA1 | 4c3a0e314956371545b16381d7ab0c724b98fc4c |
| SHA256 | 6aed784485fcfe3bcf95722bec81ee363188d5ac8af6c60895f3c8def3c70a6c |
| SHA512 | a532f854bdad3d7214aa33c0de931e929852140b8098cf015d9d49f048b9efc32d9b91e50327dfbd9677c32c79de09c9279ba922118840087bbf6aa901b5affa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\e3066f38-0d71-4bb5-8a7b-f42cf0edeb1f.tmp
| MD5 | 08f3e9656a732eac1eb6fa11f2f93930 |
| SHA1 | 4c94cbc0872c1ab269cf4931b9eeec0190a3ff52 |
| SHA256 | e648da8f78256c9dcada54b8f2377e44474163c79d5b1fbb21ca3d8c204a7d51 |
| SHA512 | c91a701c6e4f40bc8d609a11457fee7d53814346aaabe35d6bbddf6d0e58790ab86544077f4e4ef31503aa41ec488d1b868e5c793dbb3980c4cdcbb4cac35dea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 69dfe3f448505fefdc7fd24731d305d7 |
| SHA1 | 2a2dafcae4fe4b8c628d9a760ea053ecec256daf |
| SHA256 | 44a06bebdaf7e24afe0c6bfce4cc57329fd2c791b6b6a0b3f3988ae7faab5981 |
| SHA512 | f9c22e1f12799e2771ec47cf7b062da1b688290fb1390c65859aa6025c0ffaa1a42d3cb7c8fe818178e78bba2237069a1f8722f01f98343b1da24435203a37eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | eeb08b8d4ea6857157a4ffa0af9c41f0 |
| SHA1 | 1e6c1ec955acfa4b57d4c65c3e62314ff1446713 |
| SHA256 | 3aaf5491bac078436a191645cb3f2b924acd3d90309d28624bc4f736b2f1921c |
| SHA512 | 1fdced2df089bdf26907ac599b47e7b631c3e58368a848f1364c6f597f80fc210db211040c4919a29a52c7293d0309ea42b36d7b5d5ffa5eb49d8342b41778a0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030
| MD5 | f33894058aa0e0e8d236c19204dc498b |
| SHA1 | 377804bf56c549a3d65d51fd36a814a64d3208c2 |
| SHA256 | 2f8037c1bc35fe1211b2db6bf51f97c009f1c6e4958fb4df2ae07169abc5e71b |
| SHA512 | 6afbda25283dbc677c1f6f5c5060ecea772712fdc034454910a2a7ec2002866e4c7e19d727f317cc9c24338050f2cdbf6c56082f7644079f3b7aa4a5b3ed3aa7 |
memory/2772-639-0x00000000007C0000-0x0000000000AE4000-memory.dmp
memory/2880-645-0x000000001C9A0000-0x000000001C9F0000-memory.dmp
memory/2880-646-0x000000001CAB0000-0x000000001CB62000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | deeeaf837661a5038f5c00af9407e331 |
| SHA1 | d304e8abf6be88e1eb8026b5438c5659e7a2d9ad |
| SHA256 | d2d9b004d9d07f24a6076cfa459c06c5d3cff1f96e29b31029df5acc8196c457 |
| SHA512 | 8d87ea168a171e791f167e9edce2b7fd2023b5ded96e8ad92c5bcbcf1006971c1ba2a15c0e16d2801425f8eb8c5d4ce4c1929fa14d4e891075ac73ffea2746f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9fd875cb72c4253f757e539ee9605140 |
| SHA1 | c075116df406769b9de584ab3fec6fbda03424f4 |
| SHA256 | 7718f8521620a7e38d44a0bf6e01278b8b5153ea5af74e17e46625bc236b6bb9 |
| SHA512 | 24bf663b7b83b5538d267a54281a1975b27cf0619af6cd642330f577fb56ade6cf3d094bb35b4e46bd95aa53bf9c7b752432bd2f5d697ff9c5947fc092e8dc92 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3eb528fe2c9d18948c1b787f1e25d133 |
| SHA1 | 70d83b7f8ef07da365c4a0b4b37a7d332cca268b |
| SHA256 | cc409e0c0b1c0595cfde2d54dec61142013297a11686a52b45b08542ba046170 |
| SHA512 | 830ff45dcf1f80c892cd367b740c49ff587b3dd86b55b5a06b6d0e8536d659be43567eb6768758c3af3b58c36ca45fc6dd1fdec6c99e3fd2e102ef222afd6052 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 3c62da3aeeabdb7f6bee20812a235ca9 |
| SHA1 | caf6040c9e1aa968ef9c97728a9b488feed897a6 |
| SHA256 | e685ae858a0d77d2904b4fe26bc8c66c219f80074c1047515c1860d86c3519e2 |
| SHA512 | 70c1d37580879e8605aa5e9b62d4ca6ea903f9a31d5b12db5761c56f193cd09e79066e691685c2a25b7e6f8232271d86e6d1de3ee8fab0ef0c19c408db0799f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 5391370283e75ada1a601c700ae6770d |
| SHA1 | a1cb1e6ca3305599e63ed2d8f3493ac33b54427f |
| SHA256 | a0e9f6e26c4135a86f97b9ce1a76038978aefd029115a2c9acc1ca00a96e103f |
| SHA512 | 0ce58f3104301e2be21e984ceabdae98f8862a42b49e186df1a19066027a6b9d7682d7ae61be23de6f312ce5dc65bedf1b530beee78ad5199a6c15b83aa9add7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0fccdf6b3e753ca956e5e8d64cc7079f |
| SHA1 | 85d5d585563e9a92dfd6dac314e68710f94495c2 |
| SHA256 | 048d5a47e7714624e6dee2ae0b7b6de3d6986e9a1eddbb37f37f72bf54d239ef |
| SHA512 | 370150688df2c68d8e5ef399afbf92e1ef499efb7deb2103e5df62aaab3b91d864ce79ea671b2b5f0c310dd5d5f6c76365a1b9bf7459bcba2c0288ac79867f2c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7a4ad4c891260f3e22d4da0a7a19bd2d |
| SHA1 | d42f8e92b1a652e1ed94df1d142d136bc8922f52 |
| SHA256 | f98a94a260d096f7ec764a784f404bf595c6aa2d3e36483805f9f2d73d4e23ba |
| SHA512 | 109f1059d17f5bdc7cb4217c44d62d31646b53cc6549b13c4d2786663c1d13106304f2f0231147b5bcc38b418767bdbe98e0fd9a9ca8aa0f81bb0eb2e6376166 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 036ad9eac63ea54a0fa2d5587dd0c3bd |
| SHA1 | ed0b733094f13b333894446e5f72faabd39ced27 |
| SHA256 | 84a1bfa628fceae6d993fc56640a41703177ea4c534d0462587a97b5ddcf7d19 |
| SHA512 | e79f69fae4cbfed7014168e3c471b81994c0aa7b3ef958c509e021e4d4dc7a3a9227b7b244709c4a3b0cd4e8e4a318ea7c4aeef594f1f24a609c07baaa2e8193 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | b32051dc828c9e582c0188c0e2474da9 |
| SHA1 | bef73683da9f18ac73c3c3a88453de88a675ce59 |
| SHA256 | 28f06d12af6b8daeac59e64c6a042c46a7681940886b0abb9cba597f98be12a3 |
| SHA512 | a940649d468e581775ed4471050bd4f6a1f96376a06155b699a9f559d4c7a1fa431dbc618a4903335a6345c0fcb96d976d3b63e2821ee6ea1953a3e3e373867e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1
| MD5 | 0b8a4e5500a953f00f1107b8ed40a686 |
| SHA1 | e032eca6e88f6646f1488b45a7aadc628e8ded2c |
| SHA256 | 422ac6c6491b964a720a7327b7d79f1fb5c42cd4dfae8cc85fc82c337159a19f |
| SHA512 | 18ed2d2452ea0f0801cf4431dd96dada42a73743d30a85d34d7a6c3674b7d83213c6cc158fe0657d2cce02624da4aa30846ee88dc6074e87ae775eeb987d3ce4 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-08-05 16:18
Reported
2024-08-05 16:21
Platform
win11-20240802-en
Max time kernel
149s
Max time network
151s
Command Line
Signatures
Quasar RAT
Quasar payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\system32\Bootstrapper.exe | N/A |
Enumerates physical storage devices
Scheduled Task/Job: Scheduled Task
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SYSTEM32\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\schtasks.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\Bootstrapper.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Roaming\system32\Bootstrapper.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\system32\Bootstrapper.exe | N/A |
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\system32\Bootstrapper.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\system32\Bootstrapper.exe | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2812 wrote to memory of 2212 | N/A | C:\Users\Admin\AppData\Local\Temp\Bootstrapper.exe | C:\Windows\SYSTEM32\schtasks.exe |
| PID 2812 wrote to memory of 2212 | N/A | C:\Users\Admin\AppData\Local\Temp\Bootstrapper.exe | C:\Windows\SYSTEM32\schtasks.exe |
| PID 2812 wrote to memory of 2392 | N/A | C:\Users\Admin\AppData\Local\Temp\Bootstrapper.exe | C:\Users\Admin\AppData\Roaming\system32\Bootstrapper.exe |
| PID 2812 wrote to memory of 2392 | N/A | C:\Users\Admin\AppData\Local\Temp\Bootstrapper.exe | C:\Users\Admin\AppData\Roaming\system32\Bootstrapper.exe |
| PID 2392 wrote to memory of 1704 | N/A | C:\Users\Admin\AppData\Roaming\system32\Bootstrapper.exe | C:\Windows\SYSTEM32\schtasks.exe |
| PID 2392 wrote to memory of 1704 | N/A | C:\Users\Admin\AppData\Roaming\system32\Bootstrapper.exe | C:\Windows\SYSTEM32\schtasks.exe |
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\Bootstrapper.exe
"C:\Users\Admin\AppData\Local\Temp\Bootstrapper.exe"
C:\Windows\SYSTEM32\schtasks.exe
"schtasks" /create /tn "Spotify" /sc ONLOGON /tr "C:\Users\Admin\AppData\Roaming\system32\Bootstrapper.exe" /rl HIGHEST /f
C:\Users\Admin\AppData\Roaming\system32\Bootstrapper.exe
"C:\Users\Admin\AppData\Roaming\system32\Bootstrapper.exe"
C:\Windows\SYSTEM32\schtasks.exe
"schtasks" /create /tn "Spotify" /sc ONLOGON /tr "C:\Users\Admin\AppData\Roaming\system32\Bootstrapper.exe" /rl HIGHEST /f
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | wefdwef-34180.portmap.host | udp |
| DE | 193.161.193.99:34180 | wefdwef-34180.portmap.host | tcp |
| DE | 193.161.193.99:34180 | wefdwef-34180.portmap.host | tcp |
| DE | 193.161.193.99:34180 | wefdwef-34180.portmap.host | tcp |
| DE | 193.161.193.99:34180 | wefdwef-34180.portmap.host | tcp |
| DE | 193.161.193.99:34180 | wefdwef-34180.portmap.host | tcp |
| DE | 193.161.193.99:34180 | wefdwef-34180.portmap.host | tcp |
| DE | 193.161.193.99:34180 | wefdwef-34180.portmap.host | tcp |
| US | 52.111.229.19:443 | tcp | |
| DE | 193.161.193.99:34180 | wefdwef-34180.portmap.host | tcp |
| DE | 193.161.193.99:34180 | wefdwef-34180.portmap.host | tcp |
| DE | 193.161.193.99:34180 | wefdwef-34180.portmap.host | tcp |
| DE | 193.161.193.99:34180 | wefdwef-34180.portmap.host | tcp |
| DE | 193.161.193.99:34180 | wefdwef-34180.portmap.host | tcp |
Files
memory/2812-0-0x00007FFAB5AC0000-0x00007FFAB5E34000-memory.dmp
memory/2812-1-0x0000000000300000-0x0000000000624000-memory.dmp
memory/2812-2-0x00007FFAB5AC0000-0x00007FFAB5E34000-memory.dmp
C:\Users\Admin\AppData\Roaming\system32\Bootstrapper.exe
| MD5 | 14b871855a9046ef9aedeec80f9c2d86 |
| SHA1 | 32c0ad34f524748b76c090fc881b75b928341e7e |
| SHA256 | b14b916cd2f188ea09035489056e0bff9f8cb8e4a30eff50172f86319fabc940 |
| SHA512 | 7ada8280b9a5a4dcb427da5f7634335c191645614148ed550dbbbacfaed72e1e99202caedddc02f48dc73d96bf0ecd4d35c2ed2d6206e9b25efba4f29dcc8e96 |
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Bootstrapper.exe.log
| MD5 | b4e91d2e5f40d5e2586a86cf3bb4df24 |
| SHA1 | 31920b3a41aa4400d4a0230a7622848789b38672 |
| SHA256 | 5d8af3c7519874ed42a0d74ee559ae30d9cc6930aef213079347e2b47092c210 |
| SHA512 | 968751b79a98961f145de48d425ea820fd1875bae79a725adf35fc8f4706c103ee0c7babd4838166d8a0dda9fbce3728c0265a04c4b37f335ec4eaa110a2b319 |
memory/2392-10-0x00007FFAB5AC0000-0x00007FFAB5E34000-memory.dmp
memory/2812-9-0x00007FFAB5AC0000-0x00007FFAB5E34000-memory.dmp
memory/2392-11-0x00007FFAB5AC0000-0x00007FFAB5E34000-memory.dmp
memory/2392-12-0x000000001BCF0000-0x000000001BD40000-memory.dmp
memory/2392-13-0x000000001BE00000-0x000000001BEB2000-memory.dmp
memory/2392-14-0x00007FFAB5AC0000-0x00007FFAB5E34000-memory.dmp