Analysis Overview
SHA256
a87498030439ddd09263e5a676ab9bd44df9f36cfb3485a6fa7048c93bfcb1ab
Threat Level: Likely malicious
The file 45b3c819-d6a3-4eb2-b100-f27de8fd43cd.jpg was found to be: Likely malicious.
Malicious Activity Summary
Possible privilege escalation attempt
Creates new service(s)
Downloads MZ/PE file
Stops running service(s)
Modifies Windows Firewall
Manipulates Digital Signatures
Modifies file permissions
Loads dropped DLL
Reads user/profile data of web browsers
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Adds Run key to start application
Enumerates connected drives
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
Drops file in System32 directory
Enumerates processes with tasklist
Subvert Trust Controls: Mark-of-the-Web Bypass
Drops file in Windows directory
Launches sc.exe
Drops file in Program Files directory
Browser Information Discovery
Enumerates physical storage devices
Event Triggered Execution: Netsh Helper DLL
System Location Discovery: System Language Discovery
Suspicious use of SendNotifyMessage
Uses Volume Shadow Copy WMI provider
Suspicious use of SetWindowsHookEx
Enumerates system info in registry
Checks processor information in registry
Suspicious use of WriteProcessMemory
Uses Volume Shadow Copy service COM API
Kills process with taskkill
Modifies registry class
Suspicious behavior: AddClipboardFormatListener
NTFS ADS
Suspicious behavior: GetForegroundWindowSpam
Uses Task Scheduler COM API
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious behavior: LoadsDriver
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Runs net.exe
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-10 00:22
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-10 00:22
Reported
2024-08-10 01:07
Platform
win11-20240802-en
Max time kernel
2699s
Max time network
1144s
Command Line
Signatures
Creates new service(s)
Downloads MZ/PE file
Manipulates Digital Signatures
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function = "SoftpubLoadMessage" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.2\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.16.1.1\Dll = "cryptdlg.dll" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.30\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2130\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{DE351A43-8E59-11D0-8C47-00C04FC295EE}\FuncName = "CryptSIPVerifyIndirectData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.20\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2002\FuncName = "WVTAsn1SpcFinancialCriteriaInfoEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "SoftpubCheckCert" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function = "SoftpubCheckCert" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2003\FuncName = "WVTAsn1SpcIndirectDataContentEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2007\FuncName = "WVTAsn1SpcSpOpusInfoEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2002\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.16.4\FuncName = "DecodeRecipientID" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{7801EBD0-CF4B-11D0-851F-0060979387EA}\$Function = "CertTrustCleanup" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$Function = "SoftpubCheckCert" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2008\FuncName = "WVTAsn1SpcLinkDecode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$Function = "DriverCleanupPolicy" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2012\FuncName = "WVTAsn1SealingTimestampAttributeDecode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.4.2\FuncName = "WVTAsn1IntentToSealAttributeEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2010\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllRemoveSignedDataMsg\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$Function = "GenericChainCertificateTrust" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2008\FuncName = "WVTAsn1SpcLinkEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2221\FuncName = "WVTAsn1CatNameValueDecode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2007\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2005\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.11\FuncName = "WVTAsn1SpcStatementTypeDecode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.12.2.2\FuncName = "WVTAsn1CatMemberInfoEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.4.1.311.10.3.3\CallbackFreeFunction = "SoftpubFreeDefUsageCallData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function = "SoftpubLoadMessage" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2006\FuncName = "WVTAsn1SpcStatementTypeEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2012\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$Function = "SoftpubLoadMessage" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{7801EBD0-CF4B-11D0-851F-0060979387EA}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.16.1.1\FuncName = "EncodeAttrSequence" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.26\FuncName = "WVTAsn1SpcMinimalCriteriaInfoEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.16.1.1\Dll = "cryptdlg.dll" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.12.2.2\FuncName = "WVTAsn1CatMemberInfoDecode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.16.4\Dll = "cryptdlg.dll" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.28\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function = "HTTPSCertificateTrust" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{DE351A42-8E59-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.20\FuncName = "WVTAsn1SpcLinkEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{DE351A42-8E59-11D0-8C47-00C04FC295EE}\FuncName = "CryptSIPVerifyIndirectData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllCreateIndirectData\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}\FuncName = "CryptSIPCreateIndirectData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$Function = "SoftpubCheckCert" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\CRYPTOGRAPHY\OID\ENCODINGTYPE 0\CRYPTSIPDLLPUTSIGNEDDATAMSG\{C689AAB9-8E78-11D0-8C47-00C04FC295EE} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
Modifies Windows Firewall
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SYSTEM32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\netsh.exe | N/A |
Possible privilege escalation attempt
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
Stops running service(s)
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000\Software\Microsoft\Windows\CurrentVersion\Run\electron.app.BlueStacks Services = "C:\\Users\\Admin\\AppData\\Local\\Programs\\bluestacks-services\\BlueStacksServices.exe --hidden" | C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe | N/A |
Checks installed software on the system
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\F: | C:\Users\Admin\AppData\Local\Temp\7z3B26C72C\nemu-downloader.exe | N/A |
| File opened (read-only) | \??\F: | C:\Windows\SysWOW64\takeown.exe | N/A |
| File opened (read-only) | \??\F: | C:\Windows\SysWOW64\takeown.exe | N/A |
| File opened (read-only) | \??\F: | C:\Windows\SysWOW64\takeown.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | N/A | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\system32\storage.json | C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe | N/A |
| File opened for modification | C:\Windows\system32\storage.json | C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe | N/A |
Enumerates processes with tasklist
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\translations\qt_fi.qm | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\libssl-1_1.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\plugins\video_chroma\libyuy2_i422_plugin.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\QtQml\qmldir | C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\family\Rubik-Regular.ttf | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\family\Rubik-Regular.ttf | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\image\radioButton\unselected_normal.svg | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\translations\qtwebengine_locales\ro.pak | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\QtQml\qmldir | C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\QtQuick\Controls\qtquickcontrols2plugin.dll | C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\Assets\BlueStacks.ico | C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\BstkVMM.dll | C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\image\radioButton\selected_normal.svg | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\QtQuick\Controls\impl\qmldir | C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\translations\qtwebengine_locales\sl.pak | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\www\js\jquery.min.js | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\BstkC.dll | C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\Qt5Compat | C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\ro.pak | C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe | N/A |
| File opened for modification | C:\Program Files\MuMuVMMVbox\LoadedDrivers\msvcr100.dll | C:\Users\Admin\AppData\Local\Temp\MuMuNG-setup-V3.8.18.2845-overseas-0417125205.exe | N/A |
| File opened for modification | C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMBalloonCtrl.exe | C:\Users\Admin\AppData\Local\Temp\MuMuNG-setup-V3.8.18.2845-overseas-0417125205.exe | N/A |
| File opened for modification | C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMSharedClipboard.dll | C:\Users\Admin\AppData\Local\Temp\MuMuNG-setup-V3.8.18.2845-overseas-0417125205.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\image\SideBar\add_pressed.svg | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\translations\qt_uk.qm | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\HD-Astcdecoder_SSE42.dll | C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\Qt6Widgets.dll | C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\ml.pak | C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\cef\locales\gu.pak | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\image\TypeIndicator\CS_hover.svg | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMAuth.dll | C:\Users\Admin\AppData\Local\Temp\MuMuNG-setup-V3.8.18.2845-overseas-0417125205.exe | N/A |
| File opened for modification | C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMSupLib.dll | C:\Users\Admin\AppData\Local\Temp\MuMuNG-setup-V3.8.18.2845-overseas-0417125205.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\image\account\icon_ photoicon_camera.png | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\image\Search\History_ButtonDelete_pressed.svg | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\plugins\video_filter\libblendbench_plugin.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMVMMR0.r0 | C:\Users\Admin\AppData\Local\Temp\MuMuNG-setup-V3.8.18.2845-overseas-0417125205.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\HD-Vdes-Service.dll | C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\vi.pak | C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\BstkTypeLib.dll | C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\www\localization | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\image\MyGames\no_game_image.png | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\plugins\audio_output\libwaveout_plugin.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\plugins\video_filter\libedgedetection_plugin.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\image\LocalAPK\close_pressed.svg | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\image\TypeIndicator\MyGame_hover.svg | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\Qt6QuickControls2BasicStyleImpl.dll | C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\Qt6QuickTemplates2.dll | C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\translations\qt_pt_BR.qm | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\plugins\video_filter\libripple_plugin.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files\MuMuVMMVbox\Hypervisor\tools\vcruntime140_1.dll | C:\Users\Admin\AppData\Local\Temp\MuMuNG-setup-V3.8.18.2845-overseas-0417125205.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\Microsoft.Win32.TaskScheduler.dll | C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\plugins\audio_filter\libequalizer_plugin.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\sr.pak | C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe | N/A |
| File created | C:\Program Files\ldplayer9box\libssl-1_1-x64.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\Assets\checked_gray.png | C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\cef\locales\hr.pak | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\image\dialog\Close.svg | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\plugins\codec\liba52_plugin.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files\MuMuVMMVbox\LoadedDrivers\SUPInstall.exe | C:\Users\Admin\AppData\Local\Temp\MuMuNG-setup-V3.8.18.2845-overseas-0417125205.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\QtQuick\Dialogs\qtquickdialogsplugin.dll | C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\translations\qtwebengine_locales\pt-PT.pak | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\Qt5Network.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\BstkVMM.dll | C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\tls\qcertonlybackend.dll | C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Logs\DISM\dism.log | C:\Windows\SysWOW64\dism.exe | N/A |
| File opened for modification | C:\Windows\Logs\DISM\dism.log | C:\Users\Admin\AppData\Local\Temp\B89BBB56-BC03-4934-84C1-F09B32BF588A\dismhost.exe | N/A |
Launches sc.exe
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\BlueStacksInstaller_5.21.505.1008_native_d52a51ddd73f6866b5420f1f2f853ec1_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\MuMuInstaller_3.1.7.0_gw-overseas12_all_1712735105.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\LDPlayer9_ens_10080_ld.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
Event Triggered Execution: Netsh Helper DLL
| Description | Indicator | Process | Target |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\LDPlayer9_ens_10080_ld.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | F:\LDPlayer\LDPlayer9\LDPlayer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7z3B26C72C\nemu-downloader.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\HD-CheckCpu.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\HD-CheckCpu.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MuMuInstaller_3.1.7.0_gw-overseas12_all_1712735105.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\taskkill.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\taskkill.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\net.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\net1.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\ProgramData\BlueStacksServicesSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\find.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7z3B26C72C\MuMuDownloader.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\dism.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-CheckCpu.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\net.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\takeown.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\BlueStacksSetup\BlueStacksInstaller_5.21.505.1008_native_d52a51ddd73f6866b5420f1f2f853ec1_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\net1.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ | C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\BlueStacksInstaller.exe | N/A |
| Key queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\BlueStacksInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\BlueStacksInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\BlueStacksInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\ldnews.exe = "11001" | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\dnplayer.exe = "11001" | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\dnplayer.exe = "11001" | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\ldnews.exe = "11001" | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\ldnews.exe = "11001" | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\dnplayer.exe = "11001" | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-D612-47D3-89D4-DB3992533948}\NumMethods | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-5FDC-4ABA-AFF5-6A39BBD7C38B}\NumMethods | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-659C-488B-835C-4ECA7AE71C6C}\ProxyStubClsid32 | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-4022-dc80-5535-6fb116815604} | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-3e8a-11e9-825c-ab7b2cabce23} | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6C0A7133-CD31-4644-A83B-06DB7407026C} | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-35F3-4F4D-B5BB-ED0ECEFD8538}\ = "IEventSource" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-1F8B-4692-ABB4-462429FAE5E9}\TypeLib | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-762E-4120-871C-A2014234A607}\NumMethods | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23cd1535-edaa-4f21-a4ab-45d97fd1d58b}\TypeLib | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{20191216-1750-46F0-936E-BD127D5BC264} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-1F8B-4692-ABB4-462429FAE5E9}\ = "IDnDModeChangedEvent" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-F4C4-4020-A185-0D2881BCFA8B}\TypeLib | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3753605F-620D-4093-861B-04A5B6EC8A35}\NumMethods | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-6679-422A-B629-51B06B0C6D93}\ = "IUSBDeviceStateChangedEvent" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-8384-11E9-921D-8B984E28A686}\ProxyStubClsid32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1F046C75-9336-4D11-A181-B93EE1F74E3B} | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F4C95B43-1D05-48C8-84E0-24248D8BA206}\NumMethods\ = "13" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-E1B7-4339-A549-F0878115596E}\ = "IVRDEServerInfoChangedEvent" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-32E7-4F6C-85EE-422304C71B90}\NumMethods | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-6588-40A3-9B0A-68C05BA52C4B}\ProxyStubClsid32 | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{21B6AB43-C688-4445-9A7C-F6FD082DBDAD}\ = "IProgressTaskCompletedEvent" | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-6E0B-492A-A8D0-968472A94DC7} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-71b2-4817-9a64-4ed12c17388e} | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{692277D0-9F3B-4E47-B046-C74C6473D2A6}\NumMethods | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-416B-4181-8C4A-45EC95177AEF} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-3CF5-4C0A-BC90-9B8D4CC94D89}\TypeLib\ = "{20191216-1750-46f0-936e-bd127d5bc264}" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-04D0-4DB6-8D66-DC2F033120E1}\ProxyStubClsid32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-ebf9-4d5c-7aea-877bfc4256ba} | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-A227-4F23-8278-2F675EEA1BB2}\TypeLib | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{119369B5-7FA4-4281-B386-D22490661103}\ = "INATNetwork" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5C73A321-4772-4ECE-873C-1141563E2D8C}\NumMethods\ = "25" | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-057D-4391-B928-F14B06B710C5} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-73A5-46CC-8227-93FE57D006A6}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\VirtualBox.VirtualBoxClient | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6BBFA2EB-5C42-41AF-BD27-82F6D92035FB}\ProxyStubClsid32 | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-0547-448E-BC7C-94E9E173BF57}\ = "IHostUpdate" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-319C-4E7E-8150-C5837BD265F6}\NumMethods\ = "20" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-762E-4120-871C-A2014234A607}\TypeLib | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-2F05-4D28-855F-488F96BAD2B2}\TypeLib | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-44E0-CA69-E9E0-D4907CECCBE5}\TypeLib | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{88390768-0A21-4432-8C5D-C4B8BB79EED2} | C:\Windows\system32\regsvr32.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B74BE542-BAC3-4E9A-9C95-AEE7BB97C874}\ProxyStubClsid32 | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-B7DB-4616-AAC6-CFB94D89BA78}\ProxyStubClsid32 | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-32E7-4F6C-85EE-422304C71B90} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{20191216-26c0-4fe1-bf6f-67f633265bba}\TypeLib\ = "{20191216-1750-46f0-936e-bd127d5bc264}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-A227-4F23-8278-2F675EEA1BB2}\TypeLib\Version = "1.3" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-4453-4F3E-C9B8-5686939C80B6}\ProxyStubClsid32 | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-0721-4cde-867c-1a82abaf914c} | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6401FA3B-7FAB-422B-B62D-4E1B447EC232}\ProxyStubClsid32 | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5151471-9389-4A0D-8019-277A7E3DD0C7}\ProxyStubClsid32\ = "{208DF701-79C8-426C-814B-18828F6A0B61}" | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7245E489-8969-4659-B0A5-5BD14907802B}\NumMethods | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C5E4D34D-77E2-4DBA-86EC-AEAC69E88C58} | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-26F1-4EDB-8DD2-6BDDD0912368}\ProxyStubClsid32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-8384-11E9-921D-8B984E28A686}\TypeLib | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{799781CD-3C2B-4543-81D2-631FCA5F4A97} | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{150FDDFF-6919-49C1-B10C-51ED162C4B9E}\ProxyStubClsid32\ = "{208DF701-79C8-426C-814B-18828F6A0B61}" | C:\Windows\system32\regsvr32.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F4C95B43-1D05-48C8-84E0-24248D8BA206}\ProxyStubClsid32 | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-0C60-11EA-A0EA-07EB0D1C4EAD}\NumMethods | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-D8ED-44CF-85AC-C83A26C95A4D}\ProxyStubClsid32 | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{221F753B-585B-4037-803A-CA50508A0337} | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-34B8-42D3-ACFB-7E96DAF77C22}\ = "ISnapshotEvent" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-1BCF-4218-9807-04E036CC70F1}\ = "IProgressPercentageChangedEvent" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B33BB58D-48C6-40AF-B5F6-D64048FF6FF3}\ = "IBIOSSettings" | C:\Windows\system32\regsvr32.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\Vega.X.V636.apk:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 730071.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\BlueStacksInstaller_5.21.505.1008_native_d52a51ddd73f6866b5420f1f2f853ec1_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 409706.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 555280.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\MuMuInstaller_3.1.7.0_gw-overseas12_all_1712735105.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\LDPlayer9_ens_10080_ld.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Users\Admin\Downloads\MicrosoftCorporationII.WindowsSubsystemForAndroid_2407.40000.0.0_neutral_~_8wekyb3d8bbwe.Msixbundle:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\MicrosoftCorporationII.WindowsSubsystemForAndroid_2407.40000.0.0_neutral_~_8wekyb3d8bbwe(1).Msixbundle:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 347346.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Runs net.exe
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe | N/A |
| N/A | N/A | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\45b3c819-d6a3-4eb2-b100-f27de8fd43cd.jpg
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1996 -parentBuildID 20240401114208 -prefsHandle 1904 -prefMapHandle 1912 -prefsLen 23600 -prefMapSize 244628 -appDir "C:\Program Files\Mozilla Firefox\browser" - {56effcb1-41f9-47dd-951d-a8bd982a92a9} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2396 -parentBuildID 20240401114208 -prefsHandle 2388 -prefMapHandle 2384 -prefsLen 23636 -prefMapSize 244628 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {955a623b-ae13-4eca-90fc-104baeae73e6} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3044 -childID 1 -isForBrowser -prefsHandle 3036 -prefMapHandle 3032 -prefsLen 23777 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0e4919e1-c880-44ea-8048-ea2deba1aa12} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2688 -childID 2 -isForBrowser -prefsHandle 1480 -prefMapHandle 2836 -prefsLen 29010 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {27d39004-4e48-45bb-9784-914524b26a6d} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4676 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4652 -prefMapHandle 4648 -prefsLen 29010 -prefMapSize 244628 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c51e1a4e-7ff5-4abd-b74c-20134c87638c} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5324 -childID 3 -isForBrowser -prefsHandle 5396 -prefMapHandle 5344 -prefsLen 26989 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {292e4d79-72fb-4bf9-9e59-40d4ce99f466} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5632 -childID 4 -isForBrowser -prefsHandle 5552 -prefMapHandle 5556 -prefsLen 26989 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ab67e4ab-821d-4ba4-9fe8-969198e9e6fe} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5760 -childID 5 -isForBrowser -prefsHandle 5836 -prefMapHandle 5832 -prefsLen 26989 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b564232b-338c-4768-b518-b2a943f4c406} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3488 -childID 6 -isForBrowser -prefsHandle 5208 -prefMapHandle 5996 -prefsLen 27211 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {71cb77ce-7e5c-414b-9834-cc767a66cd67} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6516 -childID 7 -isForBrowser -prefsHandle 3600 -prefMapHandle 6488 -prefsLen 28038 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0da822be-612c-43cb-bc85-761d6c8cf9b0} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7780 -childID 8 -isForBrowser -prefsHandle 7428 -prefMapHandle 5704 -prefsLen 28103 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a27a8ca8-7125-43dd-86c7-ffe1c6a42ac2} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument microsoft-edge:?url=https%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3Dwindows%2Bsubsystem%2Bfor%2Bandroid%26form%3DWSBEDG%26qs%3DAS%26cvid%3Db8216081ff474eb588a27a456cc3d735%26pq%3Dwindows%2Bsubsystem%26cc%3DUS%26setlang%3Den-US%26nclid%3DF2BBA3ADCEBB9D650A9359BA036AE76E%26ts%3D1723249496498%26nclidts%3D1723249496%26tsms%3D498%26wsso%3DModerate×tamp=1723249496498&source=WindowsSearchBox&campaign=addedgeprot&medium=AutoSuggest
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ffcf7d03cb8,0x7ffcf7d03cc8,0x7ffcf7d03cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1912 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2304 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2532 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4716 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4644 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4696 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5292 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5520 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004E4 0x00000000000004D0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4544 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5184 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5868 -childID 9 -isForBrowser -prefsHandle 6192 -prefMapHandle 7356 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {740ef3b5-d0d1-4960-bac4-0d2e117d14a2} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6512 -parentBuildID 20240401114208 -prefsHandle 6524 -prefMapHandle 6676 -prefsLen 31013 -prefMapSize 244628 -appDir "C:\Program Files\Mozilla Firefox\browser" - {990033b9-a349-4981-ad70-15d1bbbc7fe5} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7356 -parentBuildID 20240401114208 -sandboxingKind 1 -prefsHandle 6620 -prefMapHandle 6540 -prefsLen 31013 -prefMapSize 244628 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {11459da1-c6b6-472f-8032-ae963f59a1c8} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7196 -childID 10 -isForBrowser -prefsHandle 7788 -prefMapHandle 6848 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5de60fa2-3d3f-4464-a7a9-10bf8b85d055} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7848 -childID 11 -isForBrowser -prefsHandle 7472 -prefMapHandle 5756 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {49b6fb33-2842-45ef-83e1-ad7e01c06a43} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6440 -childID 12 -isForBrowser -prefsHandle 7012 -prefMapHandle 3632 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a4dd6d9a-974f-412b-8dd2-f568b6c11f87} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8064 -childID 13 -isForBrowser -prefsHandle 8040 -prefMapHandle 7652 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7e0250c8-7853-4384-afbf-ea777869858f} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5948 /prefetch:2
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7600 -childID 14 -isForBrowser -prefsHandle 7756 -prefMapHandle 7892 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8a85e5d5-01b8-4fc7-b27f-1a174f5abcff} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8480 -childID 15 -isForBrowser -prefsHandle 4132 -prefMapHandle 8304 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cd49ea40-ad92-4923-8190-06d7469816de} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8260 -childID 16 -isForBrowser -prefsHandle 7760 -prefMapHandle 7684 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a8e6ca20-4f75-45fd-b53d-5058a3bca42e} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8360 -childID 17 -isForBrowser -prefsHandle 8724 -prefMapHandle 8720 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {13594300-fe0b-4b6f-aad7-7553a963bc31} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1640 -childID 18 -isForBrowser -prefsHandle 1428 -prefMapHandle 1636 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d0045aab-08d4-4863-a2de-202f4535174a} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9080 -childID 19 -isForBrowser -prefsHandle 9108 -prefMapHandle 6496 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {51480813-c722-40fe-abc1-02e90862f9e1} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9388 -childID 20 -isForBrowser -prefsHandle 9380 -prefMapHandle 9376 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {983c4b5a-a9bc-4e9b-a5ce-2c0e372e2fb7} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8924 -childID 21 -isForBrowser -prefsHandle 8444 -prefMapHandle 7716 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f7ee5afd-f931-4975-bc56-e622a3d81931} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8968 -childID 22 -isForBrowser -prefsHandle 10804 -prefMapHandle 10808 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {12993d8d-adc2-4c4d-b85a-16a98383497d} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10908 -childID 23 -isForBrowser -prefsHandle 10900 -prefMapHandle 10904 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d4bcf11f-9a87-45ef-b184-4750e5b2d2e4} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11044 -childID 24 -isForBrowser -prefsHandle 11120 -prefMapHandle 11116 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {53a67921-4374-4bfc-b75e-fe3877a07443} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11312 -childID 25 -isForBrowser -prefsHandle 11304 -prefMapHandle 11024 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d8635e4d-4259-4e06-9d1c-dc2fc6152f68} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11468 -childID 26 -isForBrowser -prefsHandle 11544 -prefMapHandle 11540 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {10f233d3-935d-4820-9ca2-133ecf3859e5} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11740 -childID 27 -isForBrowser -prefsHandle 11728 -prefMapHandle 11724 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1b24a888-b08b-44fe-b953-7c03c2b7b10b} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11844 -childID 28 -isForBrowser -prefsHandle 11852 -prefMapHandle 11860 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {067be2e4-8955-46e2-9bb0-7729963f1fc4} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=12064 -childID 29 -isForBrowser -prefsHandle 11080 -prefMapHandle 12068 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {618c4929-0ebc-465b-897b-6accaf220a7f} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=12336 -childID 30 -isForBrowser -prefsHandle 12044 -prefMapHandle 12364 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2fb0229d-6a8e-404b-839e-fe23d983c73e} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=12500 -childID 31 -isForBrowser -prefsHandle 12576 -prefMapHandle 12572 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {54630639-e54f-4f00-bf09-ee167e20d411} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11544 -childID 32 -isForBrowser -prefsHandle 11716 -prefMapHandle 11720 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4c64247f-1741-4d97-bc72-02e6554f3182} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=12676 -childID 33 -isForBrowser -prefsHandle 12684 -prefMapHandle 12688 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f33253ac-e0ef-427e-b3da-fd65906c2e77} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=12944 -childID 34 -isForBrowser -prefsHandle 13024 -prefMapHandle 13020 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bb1101ca-e7ba-449a-b1b3-db6a89549b7d} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=13220 -childID 35 -isForBrowser -prefsHandle 13232 -prefMapHandle 13228 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {eaeb1715-7f93-45ae-9f34-27b675c1dc65} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=13492 -childID 36 -isForBrowser -prefsHandle 13484 -prefMapHandle 13476 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {946ae626-6e38-41d9-ba1b-30dcad362e95} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=13476 -childID 37 -isForBrowser -prefsHandle 12808 -prefMapHandle 12812 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7637d514-6a4e-4e03-941b-a81cfdc9b71f} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=12988 -childID 38 -isForBrowser -prefsHandle 12980 -prefMapHandle 12976 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3104717c-c1ef-4630-9b60-12cbf7e60d62} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10764 -childID 39 -isForBrowser -prefsHandle 12228 -prefMapHandle 11080 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7caa2f1b-b9aa-4a2c-9fae-3907782173d5} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10644 -childID 40 -isForBrowser -prefsHandle 12824 -prefMapHandle 10176 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {45842a1b-139f-4e72-87d5-3d5ce81e9503} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=13820 -childID 41 -isForBrowser -prefsHandle 13912 -prefMapHandle 13904 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ad4442d2-f2ff-43d8-a989-9f8a5962994e} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=13632 -childID 42 -isForBrowser -prefsHandle 8912 -prefMapHandle 8936 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e3913a82-1f1e-4147-9f8d-2170d44af42b} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=14052 -childID 43 -isForBrowser -prefsHandle 12684 -prefMapHandle 7692 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c0a0db3d-f655-4513-b731-9f941885a32f} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=13036 -childID 44 -isForBrowser -prefsHandle 14208 -prefMapHandle 14204 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6337c4e1-e699-4ff8-9eb5-281a227b67b7} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6668 -childID 45 -isForBrowser -prefsHandle 8344 -prefMapHandle 5032 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e5084d13-a3ec-44d8-9d4a-4252ad220b2f} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7236 -childID 46 -isForBrowser -prefsHandle 7228 -prefMapHandle 6884 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {77fb2fe3-0d34-46bd-af7c-e02864968f9b} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=14644 -childID 47 -isForBrowser -prefsHandle 7232 -prefMapHandle 7192 -prefsLen 28347 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b521c760-7bb9-434c-9c06-c178b94c7b09} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8776 -childID 48 -isForBrowser -prefsHandle 8764 -prefMapHandle 13056 -prefsLen 28403 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {32e6a6b4-76b9-41b8-bfca-341133387533} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=14396 -childID 49 -isForBrowser -prefsHandle 14260 -prefMapHandle 14420 -prefsLen 28403 -prefMapSize 244628 -jsInitHandle 1248 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {14743ae1-c7c4-4307-8409-1a95b2da992c} 3428 "\\.\pipe\gecko-crash-server-pipe.3428" tab
C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.42251.0_x64__8wekyb3d8bbwe\AppInstaller.exe
"C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.42251.0_x64__8wekyb3d8bbwe\AppInstaller.exe" -ServerName:App.AppX9rwyqtrq9gw3wnmrap9a412nsc7145qh.mca
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.42251.0_x64__8wekyb3d8bbwe\AppInstaller.exe
"C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.42251.0_x64__8wekyb3d8bbwe\AppInstaller.exe" -ServerName:App.AppX9rwyqtrq9gw3wnmrap9a412nsc7145qh.mca
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.42251.0_x64__8wekyb3d8bbwe\AppInstaller.exe
"C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.42251.0_x64__8wekyb3d8bbwe\AppInstaller.exe" -ServerName:App.AppX9rwyqtrq9gw3wnmrap9a412nsc7145qh.mca
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6536 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5016 /prefetch:8
C:\Users\Admin\Downloads\BlueStacksInstaller_5.21.505.1008_native_d52a51ddd73f6866b5420f1f2f853ec1_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe
"C:\Users\Admin\Downloads\BlueStacksInstaller_5.21.505.1008_native_d52a51ddd73f6866b5420f1f2f853ec1_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe"
C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\BlueStacksInstaller.exe
"C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\BlueStacksInstaller.exe"
C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\HD-CheckCpu.exe
"C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\HD-CheckCpu.exe" --cmd checkHypervEnabled
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\HD-CheckCpu.exe
"C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\HD-CheckCpu.exe" --cmd checkSSE4
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4796 /prefetch:1
C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe
"C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe" -s
C:\Windows\SysWOW64\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Program Files (x86)\BlueStacks X\green.vbs"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c green.bat
C:\Windows\SysWOW64\netsh.exe
netsh advfirewall firewall delete rule name="BlueStacksWeb"
C:\Windows\SysWOW64\netsh.exe
netsh advfirewall firewall delete rule name="Cloud Game"
C:\Windows\SysWOW64\netsh.exe
netsh advfirewall firewall add rule name="BlueStacksWeb" dir=in action=allow program="C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe"
C:\Windows\SysWOW64\netsh.exe
netsh advfirewall firewall add rule name="Cloud Game" dir=in action=allow program="C:\Program Files (x86)\BlueStacks X\Cloud Game.exe"
C:\Users\Admin\AppData\Local\BlueStacksSetup\BlueStacksInstaller_5.21.505.1008_native_d52a51ddd73f6866b5420f1f2f853ec1_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe
"C:\Users\Admin\AppData\Local\BlueStacksSetup\BlueStacksInstaller_5.21.505.1008_native_d52a51ddd73f6866b5420f1f2f853ec1_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe" -versionMachineID=66fc8dd9-d705-4017-8657-3310e519adb1 -machineID=05b6d8b7-4bdf-4a0e-9304-49ad69a1e284 -pddir="C:\ProgramData\BlueStacks_nxt" -defaultImageName=Pie64 -imageToLaunch=Pie64 -isSSE4Available=1 -appToLaunch=bs5 -bsxVersion=10.41.503.1001 -country=GB -isWalletFeatureEnabled
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\Bootstrapper.exe
"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\Bootstrapper.exe" -versionMachineID=66fc8dd9-d705-4017-8657-3310e519adb1 -machineID=05b6d8b7-4bdf-4a0e-9304-49ad69a1e284 -pddir="C:\ProgramData\BlueStacks_nxt" -defaultImageName=Pie64 -imageToLaunch=Pie64 -isSSE4Available=1 -appToLaunch=bs5 -bsxVersion=10.41.503.1001 -country=GB -isWalletFeatureEnabled
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\BlueStacksInstaller.exe
"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\BlueStacksInstaller.exe" -versionMachineID="66fc8dd9-d705-4017-8657-3310e519adb1" -machineID="05b6d8b7-4bdf-4a0e-9304-49ad69a1e284" -pddir="C:\ProgramData\BlueStacks_nxt" -defaultImageName="Pie64" -imageToLaunch="Pie64" -appToLaunch="bs5" -bsxVersion="10.41.503.1001" -country="GB" -isWalletFeatureEnabled -parentpath="C:\Users\Admin\AppData\Local\BlueStacksSetup\BlueStacksInstaller_5.21.505.1008_native_d52a51ddd73f6866b5420f1f2f853ec1_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe" -md5=d52a51ddd73f6866b5420f1f2f853ec1 -app64=
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\CommonInstallUtils.zip" -o"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\" -aoa
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\QtRedistx64.zip" -o"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\" -aoa
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\HD-ForceGPU.exe
"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\HD-ForceGPU.exe" 1 "C:\Program Files\BlueStacks_nxt"
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\HD-GLCheck.exe" 1 2
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\HD-GLCheck.exe" 4 2
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\HD-GLCheck.exe" 2 2
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\HD-GLCheck.exe" 1 1
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\HD-GLCheck.exe" 4 1
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\HD-GLCheck.exe" 2 1
C:\ProgramData\BlueStacksServicesSetup.exe
"C:\ProgramData\BlueStacksServicesSetup.exe"
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\HD-CheckCpu.exe
"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\HD-CheckCpu.exe" --cmd checkSSE4
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\PF.zip" -o"C:\Program Files\BlueStacks_nxt" -aoa
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\\HD-GLCheck.exe" 2
C:\Windows\SysWOW64\cmd.exe
cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq BlueStacksServices.exe" | find "BlueStacksServices.exe"
C:\Windows\SysWOW64\tasklist.exe
tasklist /FI "USERNAME eq Admin" /FI "IMAGENAME eq BlueStacksServices.exe"
C:\Windows\SysWOW64\find.exe
find "BlueStacksServices.exe"
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\\HD-GLCheck.exe" 3
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\\HD-GLCheck.exe" 1
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\QtRedistx64.zip" -o"C:\Program Files\BlueStacks_nxt" -aoa
C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe
"C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe" --hidden --initialLaunch
C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe
"C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\bluestacks-services" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1564 --field-trial-handle=1704,i,10364088596093087523,13309509375833263130,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
C:\Windows\system32\cscript.exe
cscript.exe
C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe
"C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\bluestacks-services" --mojo-platform-channel-handle=1964 --field-trial-handle=1704,i,10364088596093087523,13309509375833263130,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A HKCU\SOFTWARE\BlueStacksServices
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A HKCU\SOFTWARE\BlueStacksServices
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regPutValue.wsf A
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regPutValue.wsf A
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\PD.zip" -o"C:\ProgramData\BlueStacks_nxt" -aoa
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A "HKCU\SOFTWARE\BlueStacks X"
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe" x "C:\ProgramData\Pie64_5.21.505.1008.exe" -o"C:\ProgramData\BlueStacks_nxt\Engine\Pie64" -aoa
C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe
"C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\bluestacks-services" --app-user-model-id=com.bluestacks.services --app-path="C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\app.asar" --enable-sandbox --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2548 --field-trial-handle=1704,i,10364088596093087523,13309509375833263130,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A "HKCU\SOFTWARE\BlueStacks X"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A HKLM\SOFTWARE\BlueStacks_nxt
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\SYSTEM32\netsh.exe
"netsh.exe" advfirewall firewall delete rule name="BlueStacks Service"
C:\Windows\SYSTEM32\netsh.exe
"netsh.exe" advfirewall firewall add rule name="BlueStacks Service" dir=in action=allow program="C:\Program Files\BlueStacks_nxt\HD-Player.exe" enable=yes
C:\Windows\SYSTEM32\netsh.exe
"netsh.exe" advfirewall firewall delete rule name="BlueStacksAppplayerWeb"
C:\Windows\SYSTEM32\netsh.exe
"netsh.exe" advfirewall firewall add rule name="BlueStacksAppplayerWeb" dir=in action=allow program="C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe" enable=yes
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\HD-CheckCpu.exe
"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\HD-CheckCpu.exe" --cmd checkSSE3
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\SYSTEM32\cmd.exe
"cmd.exe" /c "sc.exe delete BlueStacksDrv_nxt"
C:\Windows\system32\sc.exe
sc.exe delete BlueStacksDrv_nxt
C:\Windows\SYSTEM32\reg.exe
"reg.exe" EXPORT HKLM\Software\BlueStacks_nxt "C:\Users\Admin\AppData\Local\Temp\e0200yhe.jr5\RegHKLM.txt"
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\7zr.exe" a "C:\Users\Admin\AppData\Local\Temp\Installer.zip" -m0=LZMA:a=1 "C:\Users\Admin\AppData\Local\Temp\e0200yhe.jr5\*"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6356 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3644 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5032 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7076 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2988 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3596 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3428 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4828 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6824 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6464 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6932 /prefetch:8
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Users\Admin\Downloads\MuMuInstaller_3.1.7.0_gw-overseas12_all_1712735105.exe
"C:\Users\Admin\Downloads\MuMuInstaller_3.1.7.0_gw-overseas12_all_1712735105.exe"
C:\Users\Admin\AppData\Local\Temp\7z3B26C72C\nemu-downloader.exe
C:\Users\Admin\AppData\Local\Temp\7z3B26C72C\nemu-downloader.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Users\Admin\AppData\Local\Temp\7z3B26C72C\ColaBoxChecker.exe
"C:\Users\Admin\AppData\Local\Temp\7z3B26C72C\ColaBoxChecker.exe" checker /baseboard
C:\Users\Admin\AppData\Local\Temp\7z3B26C72C\HyperVChecker.exe
"C:\Users\Admin\AppData\Local\Temp\7z3B26C72C\HyperVChecker.exe"
C:\Users\Admin\AppData\Local\Temp\7z3B26C72C\HyperVChecker.exe
"C:\Users\Admin\AppData\Local\Temp\7z3B26C72C\HyperVChecker.exe"
C:\Users\Admin\AppData\Local\Temp\7z3B26C72C\HyperVChecker.exe
"C:\Users\Admin\AppData\Local\Temp\7z3B26C72C\HyperVChecker.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe
"C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --user-data-dir="C:\Users\Admin\AppData\Roaming\bluestacks-services" --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3416 --field-trial-handle=1704,i,10364088596093087523,13309509375833263130,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Users\Admin\AppData\Local\Temp\7z3B26C72C\MuMuDownloader.exe
"C:\Users\Admin\AppData\Local\Temp\7z3B26C72C\MuMuDownloader.exe" --log="C:\Users\Admin\AppData\Local\Temp\nemu-downloader-aria.log" --log-level=notice --check-certificate=false --enable-rpc=true --rpc-listen-port=53894 --continue --max-concurrent-downloads=10 --max-connection-per-server=5 --async-dns=false --file-allocation=prealloc --enable-mmap=true --connect-timeout=5 --rpc-max-request-size=1024M --stop-with-process=8012
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5568 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Users\Admin\AppData\Local\Temp\MuMuNG-setup-V3.8.18.2845-overseas-0417125205.exe
"C:\Users\Admin\AppData\Local\Temp\MuMuNG-setup-V3.8.18.2845-overseas-0417125205.exe" /S /auto_start=false /fchannel=gw-overseas12 /D=F:\Program Files\Netease\MuMuPlayerGlobal-12.0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3604 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6076 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6844 /prefetch:1
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7904 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc.exe" query MuMuVMMDrv
C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMSVC.exe
"C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMSVC.exe" /UnregServer
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32.exe" /u /s "C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMC.dll"
C:\Windows\system32\regsvr32.exe
/u /s "C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMC.dll"
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32.exe" /u /s "C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMProxyStub.dll"
C:\Windows\system32\regsvr32.exe
/u /s "C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMProxyStub.dll"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMSVC.exe
"C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMSVC.exe" /RegServer
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32.exe" /s "C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMC.dll"
C:\Windows\system32\regsvr32.exe
/s "C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMC.dll"
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32.exe" /s "C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMProxyStub.dll"
C:\Windows\system32\regsvr32.exe
/s "C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMProxyStub.dll"
C:\Program Files\MuMuVMMVbox\LoadedDrivers\SUPUninstall.exe
"C:\Program Files\MuMuVMMVbox\LoadedDrivers\SUPUninstall.exe"
C:\Program Files\MuMuVMMVbox\LoadedDrivers\SUPUninstall.exe
"C:\Program Files\MuMuVMMVbox\LoadedDrivers\SUPUninstall.exe"
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc.exe" query MuMuVMMDrv
C:\Program Files\MuMuVMMVbox\LoadedDrivers\SUPInstall.exe
"C:\Program Files\MuMuVMMVbox\LoadedDrivers\SUPInstall.exe"
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc.exe" query MuMuVMMDrv
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc.exe" create MuMuVMMDrv binPath= "C:\Program Files\MuMuVMMVbox\LoadedDrivers\MuMuVMMDrv.sys" type= kernel start= auto
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc.exe" create MuMuVMMDrv binPath= "C:\Program Files\MuMuVMMVbox\LoadedDrivers\MuMuVMMDrv.sys" type= kernel start= auto
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc.exe" query MuMuVMMDrv
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc.exe" start MuMuVMMDrv
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc.exe" start MuMuVMMDrv
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc.exe" query MuMuVMMDrv
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc.exe" query MuMuVMMDrv
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc.exe" query MuMuVMMDrv
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc.exe" query MuMuVMMDrv
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc.exe" query MuMuVMMDrv
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc.exe" query MuMuVMMDrv
C:\Program Files\MuMuVMMVbox\LoadedDrivers\SUPUninstall.exe
"C:\Program Files\MuMuVMMVbox\LoadedDrivers\SUPUninstall.exe"
C:\Program Files\MuMuVMMVbox\LoadedDrivers\SUPUninstall.exe
"C:\Program Files\MuMuVMMVbox\LoadedDrivers\SUPUninstall.exe"
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc.exe" query MuMuVMMDrv
C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMSVC.exe
"C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMSVC.exe" /UnregServer
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32.exe" /u /s "C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMC.dll"
C:\Windows\system32\regsvr32.exe
/u /s "C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMC.dll"
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32.exe" /u /s "C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMProxyStub.dll"
C:\Windows\system32\regsvr32.exe
/u /s "C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMProxyStub.dll"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe" /c "comregister.cmd -u"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\SysWOW64\net.exe
NET FILE
C:\Windows\SysWOW64\net1.exe
C:\Windows\system32\net1 FILE
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c cd
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c cd
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c ver
C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMSVC.exe
"C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMSVC.exe" /UnregServer
C:\Windows\SysWOW64\regsvr32.exe
C:\Windows\system32\regsvr32 /s /u "C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMC.dll"
C:\Windows\system32\regsvr32.exe
/s /u "C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMC.dll"
C:\Windows\SysWOW64\regsvr32.exe
C:\Windows\syswow64\regsvr32 /s /u "C:\Program Files\MuMuVMMVbox\Hypervisor\x86\MuMuVMMClient-x86.dll"
C:\Windows\SysWOW64\regsvr32.exe
C:\Windows\system32\regsvr32 /s /u "C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMProxyStub.dll"
C:\Windows\system32\regsvr32.exe
/s /u "C:\Program Files\MuMuVMMVbox\Hypervisor\MuMuVMMProxyStub.dll"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\SysWOW64\regsvr32.exe
C:\Windows\syswow64\regsvr32 /s /u "C:\Program Files\MuMuVMMVbox\Hypervisor\x86\MuMuVMMProxyStub-x86.dll"
C:\Program Files\MuMuVMMVbox\LoadedDrivers\SUPUninstall.exe
"C:\Program Files\MuMuVMMVbox\LoadedDrivers\SUPUninstall.exe"
C:\Program Files\MuMuVMMVbox\LoadedDrivers\SUPUninstall.exe
"C:\Program Files\MuMuVMMVbox\LoadedDrivers\SUPUninstall.exe"
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc.exe" query MuMuVMMDrv
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Users\Admin\AppData\Local\Temp\7z3B26C72C\7z.exe
"C:\Users\Admin\AppData\Local\Temp\7z3B26C72C\7z.exe" a -tzip "C:\Users\Admin\AppData\Local\Temp\nemux.zip" "C:\Users\Admin\AppData\Local\Temp\nemux"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7048 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6944 /prefetch:8
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Users\Admin\Downloads\LDPlayer9_ens_10080_ld.exe
"C:\Users\Admin\Downloads\LDPlayer9_ens_10080_ld.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\SysWOW64\taskkill.exe
"taskkill" /F /IM dnplayer.exe /T
C:\Windows\SysWOW64\taskkill.exe
"taskkill" /F /IM dnmultiplayer.exe /T
C:\Windows\SysWOW64\taskkill.exe
"taskkill" /F /IM dnmultiplayerex.exe /T
C:\Windows\SysWOW64\taskkill.exe
"taskkill" /F /IM bugreport.exe /T
F:\LDPlayer\LDPlayer9\LDPlayer.exe
"F:\LDPlayer\LDPlayer9\\LDPlayer.exe" -silence -downloader -openid=10080 -language=en -path="F:\LDPlayer\LDPlayer9\"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
F:\LDPlayer\LDPlayer9\dnrepairer.exe
"F:\LDPlayer\LDPlayer9\dnrepairer.exe" listener=918370
C:\Windows\SysWOW64\net.exe
"net" start cryptsvc
C:\Windows\SysWOW64\net1.exe
C:\Windows\system32\net1 start cryptsvc
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" Softpub.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" Wintrust.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" Initpki.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" Initpki.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" dssenh.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" rsaenh.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" cryptdlg.dll /s
C:\Windows\SysWOW64\takeown.exe
"takeown" /f "F:\LDPlayer\LDPlayer9\vms" /r /d y
C:\Windows\SysWOW64\icacls.exe
"icacls" "F:\LDPlayer\LDPlayer9\vms" /grant everyone:F /t
C:\Windows\SysWOW64\takeown.exe
"takeown" /f "F:\LDPlayer\LDPlayer9\\system.vmdk"
C:\Windows\SysWOW64\icacls.exe
"icacls" "F:\LDPlayer\LDPlayer9\\system.vmdk" /grant everyone:F /t
C:\Windows\SysWOW64\dism.exe
C:\Windows\system32\dism.exe /Online /English /Get-Features
C:\Users\Admin\AppData\Local\Temp\B89BBB56-BC03-4934-84C1-F09B32BF588A\dismhost.exe
C:\Users\Admin\AppData\Local\Temp\B89BBB56-BC03-4934-84C1-F09B32BF588A\dismhost.exe {EBF5A16E-51E2-44E3-B3B8-FE9DFDF9B9F1}
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\SysWOW64\sc.exe
sc query HvHost
C:\Windows\SysWOW64\sc.exe
sc query vmms
C:\Windows\SysWOW64\sc.exe
sc query vmcompute
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files\ldplayer9box\Ld9BoxSVC.exe
"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" /RegServer
C:\Windows\SYSTEM32\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\VBoxC.dll" /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\x86\VBoxClient-x86.dll" /s
C:\Windows\SYSTEM32\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\VBoxProxyStub.dll" /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\x86\VBoxProxyStub-x86.dll" /s
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc" create Ld9BoxSup binPath= "C:\Program Files\ldplayer9box\Ld9BoxSup.sys" type= kernel start= auto
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc" start Ld9BoxSup
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"powershell.exe" New-NetFirewallRule -DisplayName "Ld9BoxSup" -Direction Inbound -Program 'C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe' -RemoteAddress LocalSubnet -Action Allow
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"powershell.exe" New-NetFirewallRule -DisplayName "Ld9BoxNat" -Direction Inbound -Program 'C:\Program Files\ldplayer9box\VBoxNetNAT.exe' -RemoteAddress LocalSubnet -Action Allow
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"powershell.exe" New-NetFirewallRule -DisplayName "dnplayer" -Direction Inbound -Program 'F:\LDPlayer\LDPlayer9\dnplayer.exe' -RemoteAddress LocalSubnet -Action Allow
F:\LDPlayer\LDPlayer9\driverconfig.exe
"F:\LDPlayer\LDPlayer9\driverconfig.exe"
C:\Windows\SysWOW64\takeown.exe
"takeown" /f F:\LDPlayer\ldmutiplayer\ /r /d y
C:\Windows\SysWOW64\icacls.exe
"icacls" F:\LDPlayer\ldmutiplayer\ /grant everyone:F /t
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://discord.gg/4bUcwDd53d
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffcf7d03cb8,0x7ffcf7d03cc8,0x7ffcf7d03cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3096 /prefetch:1
F:\LDPlayer\LDPlayer9\dnplayer.exe
"F:\LDPlayer\LDPlayer9\\dnplayer.exe"
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004E4 0x00000000000004D0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13771913333495656171,16157731560469209580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7340 /prefetch:1
C:\Program Files\ldplayer9box\Ld9BoxSVC.exe
"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" -Embedding
C:\Windows\SysWOW64\sc.exe
sc query HvHost
C:\Windows\SysWOW64\sc.exe
sc query vmms
C:\Windows\SysWOW64\sc.exe
sc query vmcompute
C:\Program Files\ldplayer9box\vbox-img.exe
"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\..\system.vmdk" --uuid 20160302-bbbb-bbbb-54d7-bbbb00000000
C:\Program Files\ldplayer9box\vbox-img.exe
"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\leidian0\data.vmdk" --uuid 20160302-cccc-cccc-54d7-000000000000
C:\Program Files\ldplayer9box\vbox-img.exe
"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\leidian0\sdcard.vmdk" --uuid 20160302-dddd-dddd-54d7-000000000000
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.ldplayer.net/blog/how-to-enable-vt.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffcf7d03cb8,0x7ffcf7d03cc8,0x7ffcf7d03cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1948 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2760 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3568 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4932 /prefetch:1
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6764 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9920 /prefetch:8
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1928,18062251191998360322,17895746241304117987,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8040 /prefetch:8
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe
"C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe"
C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe
BlueStacksWeb.exe --type=renderer --disable-speech-api --enable-threaded-compositing --enable-features=AllowContentInitiatedDataUrlNavigations,NetworkServiceInProcess,TracingServiceInProcess --disable-features=BackgroundFetch,ConsolidatedMovementXY,DnsOverHttpsUpgrade,InstalledApp,MojoVideoCapture,PictureInPicture,SmsReceiver,UseSkiaRenderer,WebPayments,WebUSB --lang=en --webengine-schemes=qrc:sLV --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=3 --mojo-platform-channel-handle=3712 /prefetch:1
C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe
BlueStacksWeb.exe --type=renderer --disable-speech-api --enable-threaded-compositing --enable-features=AllowContentInitiatedDataUrlNavigations,NetworkServiceInProcess,TracingServiceInProcess --disable-features=BackgroundFetch,ConsolidatedMovementXY,DnsOverHttpsUpgrade,InstalledApp,MojoVideoCapture,PictureInPicture,SmsReceiver,UseSkiaRenderer,WebPayments,WebUSB --lang=en --webengine-schemes=qrc:sLV --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=3816 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\BlueStacks X\7z.exe
"C:\Program Files (x86)\BlueStacks X\7z.exe" x C:/Users/Admin/Downloads/Vega.X.V636.apk AndroidManifest.xml "-oC:/Users/Admin/AppData/Local/BlueStacks X/cache/ApkParser"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
F:\LDPlayer\LDPlayer9\dnplayer.exe
"F:\LDPlayer\LDPlayer9\dnplayer.exe" index=0|
C:\Program Files\ldplayer9box\Ld9BoxSVC.exe
"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" -Embedding
C:\Windows\SysWOW64\sc.exe
sc query HvHost
C:\Windows\SysWOW64\sc.exe
sc query vmms
C:\Windows\SysWOW64\sc.exe
sc query vmcompute
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Users\Admin\AppData\Local\BlueStacks X\BlueStacks-Installer_5.21.505.1008_amd64_native.exe
"C:\Users\Admin\AppData\Local\BlueStacks X\BlueStacks-Installer_5.21.505.1008_amd64_native.exe" -s -defaultImageName Pie64 -imageToLaunch Pie64 -skipBinaryShortcuts -appToLaunch=bsx
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Bootstrapper.exe
"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Bootstrapper.exe" -s -defaultImageName Pie64 -imageToLaunch Pie64 -skipBinaryShortcuts -appToLaunch=bsx
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\BlueStacksInstaller.exe
"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\BlueStacksInstaller.exe" -s -defaultImageName="Pie64" -imageToLaunch="Pie64" -skipBinaryShortcuts -appToLaunch="bsx" -parentpath="C:\Users\Admin\AppData\Local\BlueStacks X\BlueStacks-Installer_5.21.505.1008_amd64_native.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\CommonInstallUtils.zip" -o"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\" -aoa
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtRedistx64.zip" -o"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\" -aoa
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-ForceGPU.exe
"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-ForceGPU.exe" 1 "C:\Program Files\BlueStacks_nxt"
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-GLCheck.exe" 1 2
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-GLCheck.exe" 4 2
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-GLCheck.exe" 2 2
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-GLCheck.exe" 1 1
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-GLCheck.exe" 4 1
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-GLCheck.exe" 2 1
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-CheckCpu.exe
"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-CheckCpu.exe" --cmd checkSSE4
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\PF.zip" -o"C:\Program Files\BlueStacks_nxt" -aoa
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\\HD-GLCheck.exe" 2
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\\HD-GLCheck.exe" 3
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\\HD-GLCheck.exe" 1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtRedistx64.zip" -o"C:\Program Files\BlueStacks_nxt" -aoa
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\PD.zip" -o"C:\ProgramData\BlueStacks_nxt" -aoa
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe" x "C:\Users\Admin\AppData\Local\BlueStacks X\Pie64_5.21.505.1008.exe" -o"C:\ProgramData\BlueStacks_nxt\Engine\Pie64" -aoa
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\SYSTEM32\netsh.exe
"netsh.exe" advfirewall firewall delete rule name="BlueStacks Service"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\SYSTEM32\netsh.exe
"netsh.exe" advfirewall firewall add rule name="BlueStacks Service" dir=in action=allow program="C:\Program Files\BlueStacks_nxt\HD-Player.exe" enable=yes
C:\Windows\SYSTEM32\netsh.exe
"netsh.exe" advfirewall firewall delete rule name="BlueStacksAppplayerWeb"
C:\Windows\SYSTEM32\netsh.exe
"netsh.exe" advfirewall firewall add rule name="BlueStacksAppplayerWeb" dir=in action=allow program="C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe" enable=yes
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-CheckCpu.exe
"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-CheckCpu.exe" --cmd checkSSE3
C:\Windows\SYSTEM32\cmd.exe
"cmd.exe" /c "sc.exe delete BlueStacksDrv_nxt"
C:\Windows\system32\sc.exe
sc.exe delete BlueStacksDrv_nxt
C:\Windows\SYSTEM32\reg.exe
"reg.exe" EXPORT HKLM\Software\BlueStacks_nxt "C:\Users\Admin\AppData\Local\Temp\sovd2uby.fqq\RegHKLM.txt"
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\7zr.exe" a "C:\Users\Admin\AppData\Local\Temp\Installer.zip" -m0=LZMA:a=1 "C:\Users\Admin\AppData\Local\Temp\sovd2uby.fqq\*"
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe
BlueStacksWeb.exe --type=renderer --disable-speech-api --enable-threaded-compositing --enable-features=AllowContentInitiatedDataUrlNavigations,NetworkServiceInProcess,TracingServiceInProcess --disable-features=BackgroundFetch,ConsolidatedMovementXY,DnsOverHttpsUpgrade,InstalledApp,MojoVideoCapture,PictureInPicture,SmsReceiver,UseSkiaRenderer,WebPayments,WebUSB --lang=en --webengine-schemes=qrc:sLV --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2564 /prefetch:1
F:\LDPlayer\ldmutiplayer\dnmultiplayerex.exe
"F:\LDPlayer\ldmutiplayer\dnmultiplayerex.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
F:\LDPlayer\LDPlayer9\dnplayer.exe
"F:\LDPlayer\LDPlayer9\dnplayer.exe" index=0|
C:\Program Files\ldplayer9box\Ld9BoxSVC.exe
"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" -Embedding
C:\Windows\SysWOW64\sc.exe
sc query HvHost
C:\Windows\SysWOW64\sc.exe
sc query vmms
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\sc.exe
sc query vmcompute
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k netsvcs -p -s NetSetupSvc
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\backgroundTaskHost.exe
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:Global.Accounts.AppXqe94epy97qwa6w3j6w132e8zvcs117nd.mca
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
Network
| Country | Destination | Domain | Proto |
| N/A | 127.0.0.1:49785 | tcp | |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 34.120.158.37:443 | tracking-protection.prod.mozaws.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.prod.mozaws.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.prod.mozaws.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.prod.mozaws.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.prod.mozaws.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.prod.mozaws.net | tcp |
| N/A | 127.0.0.1:49792 | tcp | |
| US | 34.120.158.37:443 | tracking-protection.prod.mozaws.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.prod.mozaws.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.prod.mozaws.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.prod.mozaws.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.prod.mozaws.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.prod.mozaws.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.prod.mozaws.net | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | objects.githubusercontent.com | tcp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | objects.githubusercontent.com | tcp |
| GB | 2.18.66.65:443 | tcp | |
| GB | 184.28.176.104:443 | r.bing.com | tcp |
| GB | 184.28.176.104:443 | r.bing.com | tcp |
| GB | 184.28.176.104:443 | r.bing.com | tcp |
| GB | 184.28.176.104:443 | r.bing.com | tcp |
| GB | 184.28.176.104:443 | r.bing.com | tcp |
| GB | 184.28.176.104:443 | r.bing.com | tcp |
| FR | 51.11.192.49:443 | browser.pipe.aria.microsoft.com | tcp |
| US | 35.190.72.216:443 | location.services.mozilla.com | udp |
| US | 35.190.72.216:443 | location.services.mozilla.com | tcp |
| GB | 88.221.134.155:80 | a19.dscg10.akamai.net | tcp |
| NL | 142.250.179.174:443 | redirector.gvt1.com | tcp |
| NL | 142.250.179.174:443 | redirector.gvt1.com | udp |
| DE | 173.194.187.41:443 | r4.sn-4g5e6nsd.gvt1.com | tcp |
| DE | 173.194.187.41:443 | r4.sn-4g5e6nsd.gvt1.com | udp |
| US | 185.199.111.133:443 | objects.githubusercontent.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 150.171.74.254:443 | bx-ring.msedge.net | tcp |
| US | 131.253.33.254:443 | a-ring-fallback.msedge.net | tcp |
| US | 13.107.246.254:443 | t-ring-s.msedge.net | tcp |
| US | 34.149.128.2:443 | us-west1.prod.sumo.prod.webservices.mozgcp.net | tcp |
| US | 13.107.3.254:443 | s-ring.msedge.net | tcp |
| US | 4.150.240.254:443 | arm-ring.msedge.net | tcp |
| US | 52.123.129.254:443 | dual-s-ring.msedge.net | tcp |
| GB | 143.204.72.186:443 | www.mozorg.moz.works | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 13.107.234.254:443 | t-s2-ring.msedge.net | tcp |
| GB | 79.133.176.222:80 | ocsp.digicert.cn | tcp |
| GB | 184.28.176.56:443 | r.bing.com | tcp |
| GB | 184.28.176.56:443 | r.bing.com | tcp |
| GB | 184.28.176.56:443 | r.bing.com | tcp |
| GB | 184.28.176.56:443 | r.bing.com | tcp |
| GB | 184.28.176.56:443 | r.bing.com | tcp |
| GB | 184.28.176.56:443 | r.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| GB | 184.28.176.104:443 | r.bing.com | tcp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| GB | 184.28.176.104:443 | r.bing.com | tcp |
| GB | 184.28.176.10:443 | r.bing.com | tcp |
| GB | 184.28.176.10:443 | r.bing.com | tcp |
| GB | 184.28.176.10:443 | r.bing.com | tcp |
| GB | 184.28.176.10:443 | r.bing.com | tcp |
| GB | 184.28.176.10:443 | r.bing.com | tcp |
| GB | 184.28.176.10:443 | r.bing.com | tcp |
| GB | 184.28.176.104:443 | r.bing.com | tcp |
| US | 204.79.197.237:443 | c.bing.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 152.199.19.161:443 | fp-vs.azureedge.net | tcp |
| GB | 184.28.176.104:443 | r.bing.com | tcp |
| GB | 184.28.176.104:443 | r.bing.com | tcp |
| GB | 173.222.211.40:443 | aefd.nelreports.net | tcp |
| GB | 173.222.211.40:443 | aefd.nelreports.net | tcp |
| GB | 173.222.211.40:443 | aefd.nelreports.net | udp |
| US | 34.149.128.2:443 | us-west1.prod.sumo.prod.webservices.mozgcp.net | tcp |
| US | 172.67.174.18:80 | store.rg-adguard.net | tcp |
| US | 172.67.174.18:80 | store.rg-adguard.net | tcp |
| US | 172.67.174.18:443 | store.rg-adguard.net | tcp |
| US | 172.67.174.18:443 | store.rg-adguard.net | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | top-fwz1.mail.ru | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | st.top100.ru | udp |
| US | 8.8.8.8:53 | top-fwz1.mail.ru | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| DE | 151.236.71.248:443 | st.top100.ru | tcp |
| US | 8.8.8.8:53 | 2e2qdr4l9f.a.trbcdn.net | udp |
| RU | 95.163.52.67:443 | top-fwz1.mail.ru | tcp |
| RU | 77.88.21.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.71.236.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.52.163.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.21.88.77.in-addr.arpa | udp |
| RU | 81.19.89.16:443 | kraken.rambler.ru | tcp |
| RU | 87.250.251.119:443 | mc.yandex.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| NL | 172.217.168.195:443 | www.google.co.uk | tcp |
| RU | 87.250.250.145:443 | adfstat.yandex.ru | tcp |
| RU | 95.163.52.89:443 | krf.r.mail.ru | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| NL | 172.217.168.195:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.250.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.52.163.95.in-addr.arpa | udp |
| NL | 142.250.179.174:443 | fundingchoicesmessages.google.com | tcp |
| NL | 142.250.102.156:443 | stats.g.doubleclick.net | tcp |
| NL | 142.250.179.174:443 | fundingchoicesmessages.google.com | udp |
| NL | 142.250.102.156:443 | stats.g.doubleclick.net | udp |
| RU | 95.163.52.89:443 | krf.r.mail.ru | tcp |
| US | 74.125.250.129:19302 | stun3.l.google.com | udp |
| US | 74.125.250.129:19302 | stun3.l.google.com | udp |
| US | 74.125.250.129:19302 | stun3.l.google.com | udp |
| US | 74.125.250.129:19302 | stun3.l.google.com | udp |
| US | 74.125.250.129:19302 | stun3.l.google.com | udp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 97.39.251.142.in-addr.arpa | udp |
| RU | 77.88.44.55:443 | yandex.ru | tcp |
| RU | 95.163.52.89:443 | krf.r.mail.ru | tcp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | tcp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | tcp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | udp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| NL | 172.217.23.206:80 | google.com | tcp |
| NL | 172.217.23.206:80 | google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 204.79.197.200:80 | bing.com | tcp |
| US | 204.79.197.200:80 | bing.com | tcp |
| GB | 184.28.176.10:80 | r.bing.com | tcp |
| GB | 184.28.176.10:80 | r.bing.com | tcp |
| GB | 184.28.176.10:80 | r.bing.com | tcp |
| GB | 184.28.176.104:443 | r.bing.com | tcp |
| GB | 184.28.176.104:443 | r.bing.com | tcp |
| GB | 184.28.176.104:443 | r.bing.com | tcp |
| GB | 184.28.176.104:443 | r.bing.com | tcp |
| GB | 184.28.176.104:443 | r.bing.com | tcp |
| GB | 184.28.176.104:443 | r.bing.com | udp |
| US | 8.8.8.8:53 | microsoft365.com | udp |
| US | 8.8.8.8:53 | www.onenote.com | udp |
| US | 8.8.8.8:53 | sway.office.com | udp |
| US | 8.8.8.8:53 | onedrive.live.com | udp |
| US | 8.8.8.8:53 | calendar.live.com | udp |
| US | 8.8.8.8:53 | outlook.live.com | udp |
| GB | 184.28.176.10:80 | www.bing.com | tcp |
| US | 8.8.8.8:53 | a4.bing.com | udp |
| GB | 184.28.176.104:443 | www.bing.com | udp |
| GB | 2.17.209.64:80 | a4.bing.com | tcp |
| GB | 2.17.209.64:80 | a4.bing.com | tcp |
| GB | 184.28.176.10:80 | www.bing.com | tcp |
| GB | 2.17.209.64:80 | a4.bing.com | tcp |
| GB | 2.17.209.64:80 | a4.bing.com | tcp |
| GB | 2.17.209.64:80 | a4.bing.com | tcp |
| GB | 2.17.209.64:80 | a4.bing.com | tcp |
| GB | 2.17.209.138:443 | assets.msn.com | tcp |
| GB | 184.28.176.10:80 | www.bing.com | tcp |
| US | 204.79.197.237:80 | dual-a-0034.a-msedge.net | tcp |
| NL | 40.126.32.133:443 | www.tm.ak.prd.aadg.trafficmanager.net | tcp |
| US | 104.18.33.89:80 | www.bing.com.cdn.cloudflare.net | tcp |
| GB | 184.28.176.10:443 | www.bing.com | tcp |
| GB | 184.28.176.10:443 | www.bing.com | udp |
| GB | 2.17.209.138:443 | assets.msn.com | tcp |
| GB | 184.28.176.10:443 | www.bing.com | tcp |
| GB | 184.28.176.10:443 | www.bing.com | tcp |
| GB | 184.28.176.56:443 | www.bing.com | tcp |
| GB | 184.28.176.56:443 | www.bing.com | tcp |
| GB | 184.28.176.10:80 | www.bing.com | tcp |
| GB | 184.28.176.56:80 | www.bing.com | tcp |
| GB | 184.28.176.56:80 | www.bing.com | tcp |
| GB | 184.28.176.56:80 | www.bing.com | tcp |
| GB | 184.28.176.56:80 | www.bing.com | tcp |
| GB | 184.28.176.56:80 | www.bing.com | tcp |
| GB | 184.28.176.56:80 | www.bing.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| GB | 184.28.176.10:80 | www.bing.com | tcp |
| GB | 2.17.209.64:80 | a4.bing.com | tcp |
| GB | 2.17.209.64:80 | a4.bing.com | tcp |
| GB | 184.28.176.10:80 | www.bing.com | tcp |
| GB | 184.28.176.10:443 | www.bing.com | udp |
| US | 44.196.161.176:443 | www.androidpolice.com | tcp |
| US | 44.196.161.176:443 | www.androidpolice.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | unpkg.com | udp |
| US | 8.8.8.8:53 | launchpad.privacymanager.io | udp |
| US | 8.8.8.8:53 | launchpad-wrapper.privacymanager.io | udp |
| US | 8.8.8.8:53 | cdn.sentinelbi.com | udp |
| US | 8.8.8.8:53 | cdn.adsninja.ca | udp |
| US | 8.8.8.8:53 | applets.ebxcdn.com | udp |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 8.8.8.8:53 | sentinelbi.com | udp |
| US | 8.8.8.8:53 | dn6rwwtxa647p.cloudfront.net | udp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | carrick-ui.advoncommerce.com | udp |
| US | 8.8.8.8:53 | d15kdpgjg3unno.cloudfront.net | udp |
| GB | 143.244.38.136:443 | cdn.adsninja.ca | tcp |
| US | 151.101.65.91:443 | n.sni.global.fastly.net | tcp |
| US | 104.26.2.116:443 | beacon.tru.am | tcp |
| US | 104.17.245.203:443 | unpkg.com | tcp |
| GB | 143.244.38.136:443 | cdn.adsninja.ca | tcp |
| GB | 143.244.38.136:443 | cdn.adsninja.ca | tcp |
| GB | 108.156.46.37:443 | launchpad.privacymanager.io | tcp |
| US | 151.101.129.21:443 | paypal-dynamic.map.fastly.net | tcp |
| GB | 143.244.38.136:443 | cdn.adsninja.ca | tcp |
| GB | 143.244.38.136:443 | cdn.adsninja.ca | tcp |
| US | 172.67.212.172:443 | applets.ebxcdn.com | tcp |
| US | 54.157.59.36:443 | sentinelbi.com | tcp |
| GB | 18.165.196.70:443 | dn6rwwtxa647p.cloudfront.net | tcp |
| US | 172.66.42.246:443 | carrick-ui.advoncommerce.com | tcp |
| GB | 99.86.105.199:443 | d15kdpgjg3unno.cloudfront.net | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 104.26.2.116:443 | beacon.tru.am | udp |
| US | 172.67.212.172:443 | applets.ebxcdn.com | udp |
| GB | 99.86.105.199:443 | d15kdpgjg3unno.cloudfront.net | tcp |
| US | 172.67.212.172:443 | applets.ebxcdn.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| SE | 192.229.221.25:443 | cs1150.wpc.betacdn.net | tcp |
| US | 151.101.195.1:443 | t.paypal.com | tcp |
| NL | 172.217.168.195:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | 172.212.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.196.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.42.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.59.157.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 199.105.86.99.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| NL | 172.217.23.202:443 | imasdk.googleapis.com | tcp |
| US | 35.190.59.101:443 | r.skimresources.com | tcp |
| NL | 172.217.168.195:443 | www.google.co.uk | udp |
| US | 172.66.42.246:443 | carrick-ui.advoncommerce.com | tcp |
| US | 172.66.42.246:443 | carrick-ui.advoncommerce.com | tcp |
| US | 104.18.25.111:443 | nebulacrescent.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| US | 35.190.59.101:443 | r.skimresources.com | udp |
| NL | 172.217.23.202:443 | imasdk.googleapis.com | udp |
| US | 3.239.232.203:443 | sqs.us-east-1.amazonaws.com | tcp |
| US | 104.26.2.116:443 | beacon.tru.am | tcp |
| US | 104.18.25.111:443 | nebulacrescent.com | udp |
| NL | 142.250.102.84:443 | accounts.google.com | udp |
| GB | 52.84.90.96:443 | static.adsafeprotected.com | tcp |
| GB | 18.172.153.106:443 | d2hznjffoeqs0a.cloudfront.net | tcp |
| US | 35.201.67.47:443 | t.skimresources.com | tcp |
| NL | 142.250.102.156:443 | stats.g.doubleclick.net | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | tcp |
| US | 104.26.2.116:443 | beacon.tru.am | udp |
| US | 35.201.67.47:443 | t.skimresources.com | udp |
| NL | 142.250.102.156:443 | stats.g.doubleclick.net | udp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| US | 34.120.117.212:443 | ls.skimresources.com | tcp |
| US | 34.120.117.212:443 | ls.skimresources.com | tcp |
| US | 34.120.117.212:443 | ls.skimresources.com | udp |
| GB | 54.192.137.41:443 | launchpad-wrapper.privacymanager.io | tcp |
| US | 172.67.23.234:443 | a.ad.gt | tcp |
| US | 35.190.91.160:443 | p.skimresources.com | tcp |
| US | 35.190.91.160:443 | p.skimresources.com | tcp |
| GB | 13.224.223.9:443 | d1ykf07e75w7ss.cloudfront.net | tcp |
| US | 35.190.91.160:443 | p.skimresources.com | udp |
| US | 8.8.8.8:53 | 47.67.201.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.117.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.23.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.91.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.137.192.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.223.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.179.250.142.in-addr.arpa | udp |
| GB | 18.244.179.43:443 | geo.privacymanager.io | tcp |
| GB | 18.244.179.43:443 | geo.privacymanager.io | tcp |
| GB | 13.224.223.9:443 | d1ykf07e75w7ss.cloudfront.net | tcp |
| US | 104.18.25.111:443 | nebulacrescent.com | udp |
| GB | 18.172.153.25:443 | d2hznjffoeqs0a.cloudfront.net | tcp |
| GB | 18.164.68.6:443 | check.analytics.rlcdn.com | tcp |
| GB | 18.244.138.116:443 | aax.amazon-adsystem.com | tcp |
| GB | 18.244.138.116:443 | aax.amazon-adsystem.com | tcp |
| US | 104.18.19.49:443 | images.getadmiral.com | tcp |
| GB | 52.84.90.126:443 | config.aps.amazon-adsystem.com | tcp |
| GB | 23.49.161.153:443 | secure.cdn.fastclick.net | tcp |
| GB | 18.245.143.100:443 | tags.crwdcntrl.net | tcp |
| GB | 108.156.46.101:443 | d-code.liadm.com | tcp |
| US | 104.22.52.173:443 | cdn.hadronid.net | tcp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| GB | 23.49.161.153:443 | secure.cdn.fastclick.net | tcp |
| US | 172.67.23.234:443 | a.ad.gt | tcp |
| US | 172.67.23.234:443 | a.ad.gt | tcp |
| IE | 34.240.201.67:443 | bcp.crwdcntrl.net | tcp |
| GB | 18.165.242.8:443 | sb.scorecardresearch.com | tcp |
| NL | 63.215.202.146:443 | proc.ad.cpe.dotomi.com | tcp |
| US | 8.8.8.8:53 | 146.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.201.240.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p.ad.gt | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ex.ingage.tech | udp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| US | 8.8.8.8:53 | report2.hb.brainlyads.com | udp |
| US | 8.8.8.8:53 | pbs.nextmillmedia.com | udp |
| US | 8.8.8.8:53 | hb.undertone.com | udp |
| US | 8.8.8.8:53 | s.seedtag.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | prebid-server.rubiconproject.com | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | exchange.cootlogix.com | udp |
| US | 8.8.8.8:53 | prebid.cootlogix.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | krk2.kargo.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | g2.gumgum.com | udp |
| US | 8.8.8.8:53 | shb.richaudience.com | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 54.84.92.154:443 | report2.hb.brainlyads.com | tcp |
| US | 54.84.92.154:443 | report2.hb.brainlyads.com | tcp |
| US | 54.84.92.154:443 | report2.hb.brainlyads.com | tcp |
| US | 54.84.92.154:443 | report2.hb.brainlyads.com | tcp |
| US | 54.84.92.154:443 | report2.hb.brainlyads.com | tcp |
| US | 8.8.8.8:53 | report2.hb.brainlyads.com | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 104.18.26.216:443 | ex.ingage.tech | tcp |
| US | 104.18.26.216:443 | ex.ingage.tech | tcp |
| US | 8.8.8.8:53 | rtb-csync-euw2.smartadserver.com | udp |
| US | 15.204.241.81:443 | vin2.pbs.ovhnextmillmedia.com | tcp |
| US | 15.204.241.81:443 | vin2.pbs.ovhnextmillmedia.com | tcp |
| US | 15.204.241.81:443 | vin2.pbs.ovhnextmillmedia.com | tcp |
| US | 15.204.241.81:443 | vin2.pbs.ovhnextmillmedia.com | tcp |
| US | 15.204.241.81:443 | vin2.pbs.ovhnextmillmedia.com | tcp |
| IE | 52.95.115.196:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 52.24.140.246:443 | ids.ad.gt | tcp |
| US | 52.24.140.246:443 | ids.ad.gt | tcp |
| NL | 185.89.211.84:443 | ib.adnxs.com | tcp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| NL | 198.47.127.205:443 | pug-ams-bc.pubmnet.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.net.akadns.net | tcp |
| US | 52.24.140.246:443 | ids.ad.gt | tcp |
| US | 69.166.1.67:443 | iad-2-sync.go.sonobi.com | tcp |
| FR | 149.202.238.105:443 | rtb-csync-euw2.smartadserver.com | tcp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| US | 104.22.5.69:443 | pixels.ad.gt.cdn.cloudflare.net | tcp |
| NL | 185.89.210.90:443 | ib.adnxs.com | tcp |
| IE | 54.229.131.172:443 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | tcp |
| GB | 18.244.179.12:443 | d2dwiwtjj7ipd3.cloudfront.net | tcp |
| US | 34.149.50.64:443 | s.seedtag.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| NL | 145.40.97.77:443 | am6-tmp.a-mx.net | tcp |
| NL | 69.173.156.150:443 | prebid-server-perf-eu.rubiconproject.net.akadns.net | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| GB | 108.138.217.48:443 | hb.yellowblue.io | tcp |
| US | 104.18.10.176:443 | mp.4dex.io | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 159.223.162.198:443 | exchange.cootlogix.com | tcp |
| US | 157.230.210.166:443 | prebid.cootlogix.com | tcp |
| US | 159.223.162.198:443 | exchange.cootlogix.com | tcp |
| US | 157.230.210.166:443 | prebid.cootlogix.com | tcp |
| DE | 18.157.230.4:443 | eu-tlx.3lift.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| DE | 18.192.52.52:443 | krk2.kargo.com | tcp |
| US | 172.64.152.89:443 | cdn-ima.33across.com | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| NL | 178.250.1.3:443 | static.nl3.vip.prod.criteo.net | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| IE | 79.125.117.202:443 | g2.gumgum.com | tcp |
| IE | 79.125.117.202:443 | g2.gumgum.com | tcp |
| IE | 79.125.117.202:443 | g2.gumgum.com | tcp |
| DE | 157.90.0.38:443 | shb.richaudience.com | tcp |
| DE | 157.90.0.38:443 | shb.richaudience.com | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 8.8.8.8:53 | 48.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.211.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.152.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.238.202.149.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.210.89.185.in-addr.arpa | udp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 8.8.8.8:53 | 150.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.131.229.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.52.192.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.230.157.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.210.230.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.162.223.159.in-addr.arpa | udp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| GB | 18.164.68.6:443 | check.analytics.rlcdn.com | tcp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | pixels.ad.gt | udp |
| US | 8.8.8.8:53 | seg.ad.gt | udp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 34.102.146.192:443 | oa.openxcdn.net | udp |
| DE | 141.95.98.65:443 | lb.eu-1-id5-sync.com | tcp |
| US | 52.24.140.246:443 | ids.ad.gt | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | udp |
| DE | 51.89.9.252:443 | onetag-sys.com | udp |
| US | 104.22.5.69:443 | seg.ad.gt | tcp |
| US | 172.67.23.234:443 | seg.ad.gt | tcp |
| US | 34.149.50.64:443 | s.seedtag.com | udp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | udp |
| NL | 142.250.179.193:443 | cb1c8e9e3bed59b5a97dc8aaa2fa39ae.safeframe.googlesyndication.com | tcp |
| NL | 142.250.179.193:443 | cb1c8e9e3bed59b5a97dc8aaa2fa39ae.safeframe.googlesyndication.com | udp |
| US | 104.22.5.69:443 | seg.ad.gt | tcp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | tcp |
| GB | 184.25.193.115:443 | e9957.b.akamaiedge.net | tcp |
| US | 34.120.107.143:443 | oajs.openx.net | tcp |
| US | 35.190.39.111:443 | esp.rtbhouse.com | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| US | 52.35.172.133:443 | prod.tahoe-analytics.publishers.advertising.a2z.com | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | tcp |
| GB | 184.25.193.115:443 | e9957.b.akamaiedge.net | tcp |
| US | 35.190.39.111:443 | esp.rtbhouse.com | udp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | udp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| FR | 185.235.86.58:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.188:443 | gbc6.nl3.eu.criteo.com | tcp |
| US | 34.120.107.143:443 | oajs.openx.net | udp |
| GB | 108.138.217.48:443 | hb.yellowblue.io | tcp |
| FR | 185.235.86.58:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.188:443 | gbc6.nl3.eu.criteo.com | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.193.25.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.172.35.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cs.ingage.tech | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| US | 8.8.8.8:53 | sync.cootlogix.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | cs.seedtag.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | cookies.nextmillmedia.com | udp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | udp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| US | 8.8.8.8:53 | cdn.undertone.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 34.199.48.32:443 | 3dc8122e-default-sspbacken-ca08-247245088.us-east-1.elb.amazonaws.com | tcp |
| US | 34.199.48.32:443 | 3dc8122e-default-sspbacken-ca08-247245088.us-east-1.elb.amazonaws.com | tcp |
| US | 159.223.126.40:443 | sync.cootlogix.com | tcp |
| GB | 184.26.56.245:443 | e6603.g.akamaiedge.net | tcp |
| NL | 147.75.81.235:443 | sync.a-mo.net | tcp |
| US | 104.18.38.76:443 | js-sec.indexww.com | tcp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| GB | 184.26.56.245:443 | e6603.g.akamaiedge.net | tcp |
| GB | 184.25.192.27:443 | contextual.media.net | tcp |
| US | 104.16.183.87:443 | cs.seedtag.com | tcp |
| US | 76.223.111.18:443 | eu-eb2.3lift.com | tcp |
| GB | 13.224.222.76:443 | cdn.undertone.com | tcp |
| US | 34.226.132.220:443 | cookies.nextmillmedia.com | tcp |
| GB | 184.25.193.73:443 | e8960.b.akamaiedge.net | tcp |
| US | 151.101.129.108:443 | prod.appnexus.map.fastly.net | tcp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| DE | 168.119.72.236:443 | sync.richaudience.com | tcp |
| NL | 147.75.81.235:443 | sync.a-mo.net | tcp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| GB | 184.25.192.27:443 | contextual.media.net | udp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| IE | 63.33.54.152:443 | ap.lijit.com | tcp |
| DE | 168.119.72.236:443 | sync.richaudience.com | tcp |
| US | 34.199.48.32:443 | 3dc8122e-default-sspbacken-ca08-247245088.us-east-1.elb.amazonaws.com | tcp |
| NL | 208.93.169.131:443 | am1-direct-bgp.contextweb.com | tcp |
| US | 104.16.183.87:443 | cs.seedtag.com | udp |
| US | 8.8.8.8:53 | 108.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.48.199.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | match-eu-central-1-ecs.sharethrough.com | udp |
| DE | 35.156.61.253:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | am1-direct-bgp.contextweb.com | udp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | tcp |
| US | 104.19.158.19:443 | assets.a-mo.net | tcp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | udp |
| US | 104.18.36.155:443 | ssum.casalemedia.com | udp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| GB | 108.138.233.49:443 | d1wsawskf2klzj.cloudfront.net | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| GB | 2.22.101.110:443 | secure-assets.rubiconproject.com | tcp |
| DE | 3.71.149.231:443 | ups.analytics.yahoo.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| NL | 145.40.97.77:443 | sync.a-mo.net | tcp |
| US | 67.202.105.23:443 | pixel.33across.com | tcp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 104.18.36.155:443 | ssum.casalemedia.com | tcp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | user-data-eu.bidswitch.net | udp |
| US | 8.8.8.8:53 | ssum.casalemedia.com | udp |
| US | 104.18.36.155:443 | ssum.casalemedia.com | udp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| FR | 185.255.84.153:443 | visitor-fra02.omnitagjs.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| NL | 35.214.149.91:443 | user-data-eu.bidswitch.net | tcp |
| IE | 52.19.151.150:443 | ad.360yield.com | tcp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| NL | 193.3.178.4:443 | ads.us.e-planning.net | tcp |
| GB | 173.222.211.137:443 | csync.smartadserver.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 8.8.8.8:53 | euw-ice.360yield.com | udp |
| US | 70.42.32.255:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | ads.us.e-planning.net | udp |
| DK | 37.157.6.233:443 | cm.adform.net | tcp |
| US | 8.8.8.8:53 | a577.dscb.akamai.net | udp |
| US | 8.8.8.8:53 | user-data-eu.bidswitch.net | udp |
| US | 8.8.8.8:53 | nydc1.outbrain.org | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 34.1.224.11:443 | envoy-hl.envoy-csync1.core-b8mf.ov1o.com | tcp |
| US | 34.1.224.11:443 | envoy-hl.envoy-csync1.core-b8mf.ov1o.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| IE | 52.210.192.32:443 | match.prod.bidr.io | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 8.8.8.8:53 | outspot2-ams.adx.opera.com | udp |
| US | 8.8.8.8:53 | a577.dscb.akamai.net | udp |
| US | 8.8.8.8:53 | ads.us.e-planning.net | udp |
| US | 8.8.8.8:53 | nydc1.outbrain.org | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | track-eu.adformnet.akadns.net | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | 153.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.252.227.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.211.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.178.3.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.151.19.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 172.64.149.180:443 | cdn.indexww.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| US | 54.205.9.1:443 | k8s-kongow-generalp-4b9a3bfec6-974801183.us-east-1.elb.amazonaws.com | tcp |
| US | 35.168.53.250:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 172.111.38.86:443 | tracker-use.ortb.net | tcp |
| US | 104.17.44.93:443 | gum.aidemsrv.com | tcp |
| GB | 13.224.222.60:443 | eu-west-1-cs-rtb.openwebmp.com | tcp |
| GB | 92.123.140.19:443 | player.aniview.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 8.8.8.8:53 | dckrl2e5yf7xg.cloudfront.net | udp |
| US | 104.18.36.155:443 | ssum.casalemedia.com | udp |
| US | 8.8.8.8:53 | a1970.dscd.akamai.net | udp |
| US | 8.8.8.8:53 | bc-sync.com | udp |
| FR | 217.182.178.229:443 | ssbsync-euw2.smartadserver.com | tcp |
| GB | 92.123.140.19:443 | a1970.dscd.akamai.net | udp |
| US | 104.17.44.93:443 | gum.aidemsrv.com | udp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| NL | 178.250.1.9:443 | widget.nl3.vip.prod.criteo.com | tcp |
| IE | 52.210.192.32:443 | match.prod.bidr.io | tcp |
| US | 70.42.32.255:443 | b1sync.zemanta.com | tcp |
| US | 54.157.75.223:443 | sync.srv.stackadapt.com | tcp |
| IE | 52.48.205.230:443 | jadserve.postrelease.com.akadns.net | tcp |
| NL | 35.214.199.88:443 | dorpat.geo.iponweb.net | tcp |
| US | 192.132.33.68:443 | bttrack.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| NL | 35.214.199.88:443 | dorpat.geo.iponweb.net | udp |
| US | 8.8.8.8:53 | 68.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.75.157.54.in-addr.arpa | udp |
| US | 80.77.87.166:443 | cs.admanmedia.com | tcp |
| NL | 81.17.55.171:443 | ssbsync-global.smartadserver.com | tcp |
| US | 172.67.40.173:443 | spl.zeotap.com | tcp |
| GB | 173.222.211.137:443 | a577.dscb.akamai.net | tcp |
| US | 3.224.44.192:443 | qvdt3feo.com | tcp |
| US | 8.8.8.8:53 | qvdt3feo.com | udp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 89.149.192.200:443 | rtb-csync-euw1.smartadserver.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.net.akadns.net | tcp |
| US | 74.121.140.211:443 | sync.mathtag.com | tcp |
| DK | 37.157.5.132:443 | c1.adform.net | tcp |
| NL | 154.57.158.115:443 | eu-west-dual.ads.stickyadstv.com.akadns.net | tcp |
| GB | 173.222.211.98:443 | a1845.dscb.akamai.net | tcp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 132.5.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.44.224.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.140.121.74.in-addr.arpa | udp |
| US | 34.98.64.218:443 | us-u.openx.net | tcp |
| DE | 35.156.61.253:443 | match.sharethrough.com | tcp |
| US | 44.234.213.9:443 | visitor-ow.omnitagjs.com | tcp |
| US | 34.98.64.218:443 | us-u.openx.net | udp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| GB | 108.138.233.104:443 | d1mee2k02h94hw.cloudfront.net | tcp |
| GB | 108.138.233.104:443 | d1mee2k02h94hw.cloudfront.net | tcp |
| GB | 108.138.233.104:443 | d1mee2k02h94hw.cloudfront.net | tcp |
| GB | 108.138.233.104:443 | d1mee2k02h94hw.cloudfront.net | tcp |
| GB | 108.138.233.104:443 | d1mee2k02h94hw.cloudfront.net | tcp |
| GB | 108.138.233.104:443 | d1mee2k02h94hw.cloudfront.net | tcp |
| US | 172.240.45.78:443 | sync-sc-main-was.aniview.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 172.240.45.78:443 | sync-sc-main-was.aniview.com | udp |
| IE | 54.216.70.131:443 | cs.yellowblue.io | tcp |
| US | 104.18.36.155:443 | ssum.casalemedia.com | udp |
| US | 172.67.174.18:443 | store.rg-adguard.net | udp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | udp |
| US | 104.18.36.155:443 | ssum.casalemedia.com | udp |
| FR | 185.235.86.56:443 | ag.gbc.criteo.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 104.18.36.155:443 | ssum.casalemedia.com | udp |
| NL | 185.235.87.178:443 | gbc6.nl3.eu.criteo.com | tcp |
| FR | 185.235.86.56:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.178:443 | gbc6.nl3.eu.criteo.com | tcp |
| GB | 108.138.217.48:443 | hb.yellowblue.io | tcp |
| US | 104.18.36.155:443 | ssum.casalemedia.com | udp |
| US | 54.84.92.154:443 | report2.hb.brainlyads.com | tcp |
| US | 159.223.162.198:443 | exchange.cootlogix.com | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | udp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | udp |
| US | 104.18.36.155:443 | ssum.casalemedia.com | udp |
| NL | 185.89.210.90:443 | ib.adnxs.com | tcp |
| NL | 185.89.210.90:443 | ib.adnxs.com | tcp |
| FR | 185.235.86.62:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.170:443 | gbc6.nl3.eu.criteo.com | tcp |
| FR | 185.235.86.62:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.170:443 | gbc6.nl3.eu.criteo.com | tcp |
| FR | 185.235.86.81:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.195:443 | gbc6.nl3.eu.criteo.com | tcp |
| FR | 185.235.86.81:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.195:443 | gbc6.nl3.eu.criteo.com | tcp |
| US | 104.18.36.155:443 | ssum.casalemedia.com | udp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 34.149.50.64:443 | s.seedtag.com | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | g2.gumgum.com | udp |
| US | 8.8.8.8:53 | krk2.kargo.com | udp |
| NL | 185.89.210.90:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | g2.gumgum.com | udp |
| US | 8.8.8.8:53 | krk2.kargo.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 104.18.36.155:443 | ssum.casalemedia.com | udp |
| US | 54.84.92.154:443 | report2.hb.brainlyads.com | tcp |
| US | 159.223.162.198:443 | exchange.cootlogix.com | tcp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| US | 8.8.8.8:53 | a1856.dspw65.akamai.net | udp |
| US | 8.8.8.8:53 | a1856.dspw65.akamai.net | udp |
| US | 8.8.8.8:53 | 106.144.22.2.in-addr.arpa | udp |
| FR | 185.235.86.76:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.173:443 | gbc6.nl3.eu.criteo.com | tcp |
| FR | 185.235.86.76:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.173:443 | gbc6.nl3.eu.criteo.com | tcp |
| GB | 2.22.144.106:80 | a1856.dspw65.akamai.net | tcp |
| GB | 2.22.144.106:80 | a1856.dspw65.akamai.net | tcp |
| NL | 185.235.87.191:443 | gbc6.nl3.eu.criteo.com | tcp |
| FR | 185.235.86.65:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.191:443 | gbc6.nl3.eu.criteo.com | tcp |
| FR | 185.235.86.65:443 | ag.gbc.criteo.com | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | a.teads.tv | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 54.84.92.154:443 | report2.hb.brainlyads.com | tcp |
| US | 54.84.92.154:443 | report2.hb.brainlyads.com | tcp |
| US | 54.84.92.154:443 | report2.hb.brainlyads.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 185.89.210.90:443 | ib.adnxs.com | tcp |
| US | 157.230.210.166:443 | prebid.cootlogix.com | tcp |
| US | 104.18.36.155:443 | ssum.casalemedia.com | udp |
| US | 8.8.8.8:53 | e9957.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e9957.b.akamaiedge.net | udp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 185.89.210.90:443 | ib.adnxs.com | tcp |
| NL | 142.250.179.193:443 | cb1c8e9e3bed59b5a97dc8aaa2fa39ae.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cdn.mediago.io | udp |
| US | 8.8.8.8:53 | images.mediago.io | udp |
| US | 8.8.8.8:53 | images.mediago.io | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | gtrace.mediago.io | udp |
| US | 8.8.8.8:53 | gtrace.mediago.io | udp |
| US | 8.8.8.8:53 | images.mediago.io | udp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | udp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | tcp |
| NL | 35.214.168.80:443 | gtrace.mediago.io | tcp |
| NL | 35.214.168.80:443 | gtrace.mediago.io | udp |
| US | 8.8.8.8:53 | 80.168.214.35.in-addr.arpa | udp |
| US | 34.111.60.239:443 | images.mediago.io | tcp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| GB | 52.84.90.79:443 | cdn.mediago.io | tcp |
| US | 8.8.8.8:53 | cdn.mediago.io | udp |
| GB | 52.84.90.79:443 | cdn.mediago.io | tcp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | udp |
| US | 8.8.8.8:53 | cdn.mediago.io | udp |
| US | 34.111.60.239:443 | images.mediago.io | udp |
| US | 8.8.8.8:53 | static1.anpoimages.com | udp |
| US | 8.8.8.8:53 | 239.60.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.90.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | udp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| US | 8.8.8.8:53 | sqs.us-east-1.amazonaws.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| NL | 172.217.168.195:443 | www.google.co.uk | udp |
| NL | 172.217.168.195:443 | www.google.co.uk | tcp |
| NL | 172.217.168.195:443 | www.google.co.uk | tcp |
| NL | 172.217.168.195:443 | www.google.co.uk | tcp |
| NL | 172.217.168.195:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | csm.nl3.vip.prod.criteo.net | udp |
| NL | 142.250.102.156:443 | stats.g.doubleclick.net | udp |
| NL | 142.250.102.156:443 | stats.g.doubleclick.net | tcp |
| NL | 178.250.1.25:443 | csm.nl3.vip.prod.criteo.net | tcp |
| NL | 178.250.1.25:443 | csm.nl3.vip.prod.criteo.net | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 3.239.232.28:443 | sqs.us-east-1.amazonaws.com | tcp |
| US | 8.8.8.8:53 | sqs.us-east-1.amazonaws.com | udp |
| US | 3.239.232.28:443 | sqs.us-east-1.amazonaws.com | tcp |
| GB | 184.28.176.10:443 | www.bing.com | tcp |
| GB | 108.138.233.9:80 | www.bluestacks.com | tcp |
| GB | 108.138.233.9:80 | www.bluestacks.com | tcp |
| GB | 108.138.233.9:443 | www.bluestacks.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 34.120.235.88:443 | webapi-cloud.bluestacks.com | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | 6.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.235.120.34.in-addr.arpa | udp |
| GB | 173.222.211.51:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.51:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.51:443 | cdn-icon.bluestacks.com | tcp |
| GB | 92.123.140.8:443 | cdn-www.bluestacks.com | tcp |
| GB | 92.123.140.8:443 | cdn-www.bluestacks.com | tcp |
| GB | 92.123.140.8:443 | cdn-www.bluestacks.com | tcp |
| GB | 92.123.140.8:443 | cdn-www.bluestacks.com | tcp |
| GB | 92.123.140.8:443 | cdn-www.bluestacks.com | tcp |
| GB | 92.123.140.8:443 | cdn-www.bluestacks.com | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| GB | 18.244.114.102:443 | cmp.inmobi.com | tcp |
| GB | 92.123.140.8:443 | cdn-www.bluestacks.com | udp |
| GB | 92.123.142.67:443 | cdn.now.gg | udp |
| GB | 18.244.114.102:443 | cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | 102.114.244.18.in-addr.arpa | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| DE | 52.57.223.191:443 | api.cmp.inmobi.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | udp |
| NL | 142.250.102.154:443 | stats.g.doubleclick.net | tcp |
| NL | 172.217.168.195:443 | www.google.co.uk | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 34.120.235.88:443 | webapi-cloud.bluestacks.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 34.120.235.88:443 | webapi-cloud.bluestacks.com | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | udp |
| GB | 92.123.142.194:443 | ak-build.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.194:443 | ak-build.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| N/A | 127.0.0.1:54944 | tcp | |
| N/A | 127.0.0.1:54952 | tcp | |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| N/A | 127.0.0.1:50823 | tcp | |
| US | 34.96.124.47:443 | wallet.now.gg | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 8.8.8.8:53 | wallet.now.gg | udp |
| US | 8.8.8.8:53 | wallet.now.gg | udp |
| US | 34.96.124.47:443 | wallet.now.gg | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| NL | 142.250.179.138:443 | fcmregistrations.googleapis.com | tcp |
| NL | 142.250.27.188:5228 | mtalk.google.com | tcp |
| NL | 216.58.208.123:443 | storage.googleapis.com | tcp |
| GB | 184.28.176.97:443 | www.bing.com | tcp |
| US | 34.36.74.73:80 | mumuplayer.com | tcp |
| US | 34.36.74.73:80 | mumuplayer.com | tcp |
| GB | 92.123.142.144:443 | www.mumuplayer.com | tcp |
| US | 8.8.8.8:53 | ps.res.netease.com | udp |
| US | 8.8.8.8:53 | www.mumuglobal.com | udp |
| US | 8.8.8.8:53 | 73.74.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.142.123.92.in-addr.arpa | udp |
| GB | 92.123.142.144:443 | www.mumuglobal.com | tcp |
| GB | 79.133.176.224:443 | ps.res.netease.com | tcp |
| GB | 96.17.179.82:443 | comm.res.easebar.com | tcp |
| GB | 96.17.179.82:443 | comm.res.easebar.com | tcp |
| GB | 92.123.142.144:443 | www.mumuglobal.com | tcp |
| GB | 92.123.142.144:443 | www.mumuglobal.com | tcp |
| GB | 92.123.142.144:443 | www.mumuglobal.com | tcp |
| GB | 92.123.142.144:443 | www.mumuglobal.com | tcp |
| GB | 92.123.142.144:443 | www.mumuglobal.com | tcp |
| GB | 96.17.179.77:443 | r.res.easebar.com | tcp |
| GB | 96.17.179.77:443 | r.res.easebar.com | tcp |
| GB | 96.17.179.77:443 | r.res.easebar.com | tcp |
| CN | 42.186.122.69:443 | mumu.163.com | tcp |
| CN | 42.186.122.69:443 | mumu.163.com | tcp |
| GB | 92.123.142.144:443 | www.mumuglobal.com | tcp |
| CN | 42.186.122.69:443 | mumu.163.com | tcp |
| US | 8.8.8.8:53 | 82.179.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.179.17.96.in-addr.arpa | udp |
| GB | 92.123.142.144:443 | www.mumuglobal.com | tcp |
| GB | 92.123.142.144:443 | www.mumuglobal.com | tcp |
| GB | 92.123.142.144:443 | www.mumuglobal.com | tcp |
| GB | 92.123.142.144:443 | www.mumuglobal.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| RU | 87.250.251.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | comm.v.easebar.com | udp |
| GB | 96.17.179.82:443 | comm.v.easebar.com | tcp |
| GB | 96.17.179.82:443 | comm.v.easebar.com | tcp |
| GB | 79.133.176.226:443 | nie.v.netease.com | tcp |
| GB | 79.133.176.226:443 | nie.v.netease.com | tcp |
| GB | 96.17.179.82:443 | comm.v.easebar.com | tcp |
| GB | 96.17.179.82:443 | comm.v.easebar.com | tcp |
| GB | 96.17.179.82:443 | comm.v.easebar.com | tcp |
| US | 8.8.8.8:53 | 226.176.133.79.in-addr.arpa | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 8.8.8.8:53 | adl.easebar.com | udp |
| US | 8.8.8.8:53 | sixhorse.game.163.com | udp |
| US | 34.111.242.40:443 | adl.easebar.com | tcp |
| US | 34.111.242.40:443 | adl.easebar.com | tcp |
| CN | 45.253.144.31:443 | sixhorse.game.163.com | tcp |
| CN | 45.253.144.31:443 | sixhorse.game.163.com | tcp |
| CN | 45.253.144.31:443 | sixhorse.game.163.com | tcp |
| CN | 45.253.144.31:443 | sixhorse.game.163.com | tcp |
| CN | 45.253.144.31:443 | sixhorse.game.163.com | tcp |
| US | 8.8.8.8:53 | a11.gdl.netease.com | udp |
| US | 8.8.8.8:53 | h.clarity.ms | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| JP | 35.221.121.192:443 | bee.tc.easebar.com | tcp |
| JP | 35.221.121.192:443 | bee.tc.easebar.com | tcp |
| GB | 92.123.143.233:443 | a11.gdl.netease.com | tcp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| US | 204.79.197.237:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | 192.121.221.35.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | timejs.game.easebar.com | udp |
| JP | 34.146.213.177:443 | timejs.game.easebar.com | tcp |
| JP | 34.146.213.177:443 | timejs.game.easebar.com | tcp |
| CN | 59.111.137.212:443 | mumu.163.com | tcp |
| CN | 59.111.137.212:443 | mumu.163.com | tcp |
| CN | 59.111.137.212:443 | mumu.163.com | tcp |
| CN | 42.186.122.69:443 | mumu.163.com | tcp |
| CN | 42.186.122.69:443 | mumu.163.com | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| CN | 45.253.144.31:443 | sixhorse.game.163.com | tcp |
| GB | 96.17.179.82:443 | comm.v.easebar.com | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 34.36.47.246:443 | api.mumuglobal.com | tcp |
| US | 34.36.47.246:443 | api.mumuglobal.com | tcp |
| US | 8.8.8.8:53 | 246.47.36.34.in-addr.arpa | udp |
| GB | 2.22.98.8:443 | dns.update.easebar.com | tcp |
| US | 8.8.8.8:53 | 8.98.22.2.in-addr.arpa | udp |
| CN | 59.111.137.212:443 | mumu.163.com | tcp |
| CN | 59.111.137.212:443 | mumu.163.com | tcp |
| US | 76.223.88.1:80 | 76.223.88.1 | tcp |
| GB | 92.123.143.233:80 | a11.gdl.netease.com | tcp |
| N/A | 127.0.0.1:53894 | tcp | |
| US | 8.8.8.8:53 | 1.88.223.76.in-addr.arpa | udp |
| GB | 92.123.143.233:80 | a11.gdl.netease.com | tcp |
| GB | 92.123.143.233:80 | a11.gdl.netease.com | tcp |
| GB | 92.123.143.233:80 | a11.gdl.netease.com | tcp |
| GB | 92.123.143.233:80 | a11.gdl.netease.com | tcp |
| GB | 92.123.143.233:80 | a11.gdl.netease.com | tcp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 184.28.176.104:443 | th.bing.com | tcp |
| GB | 184.28.176.104:443 | th.bing.com | tcp |
| GB | 184.28.176.104:443 | th.bing.com | tcp |
| GB | 184.28.176.104:443 | th.bing.com | tcp |
| GB | 163.181.57.232:443 | www.ldplayer.net | tcp |
| GB | 163.181.57.232:443 | www.ldplayer.net | tcp |
| US | 8.8.8.8:53 | cdn.ldplayer.net | udp |
| US | 8.8.8.8:53 | cmp.setupcmp.com | udp |
| US | 172.67.70.36:443 | cmp.setupcmp.com | tcp |
| US | 172.67.70.36:443 | cmp.setupcmp.com | tcp |
| GB | 18.172.153.86:443 | cdn.ldplayer.net | tcp |
| US | 172.67.70.36:443 | cmp.setupcmp.com | tcp |
| NL | 142.250.179.174:443 | fundingchoicesmessages.google.com | tcp |
| NL | 142.250.179.174:443 | fundingchoicesmessages.google.com | tcp |
| GB | 79.133.176.235:443 | res.ldplayer.net | tcp |
| GB | 79.133.176.235:443 | res.ldplayer.net | tcp |
| NL | 142.250.179.174:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 235.176.133.79.in-addr.arpa | udp |
| NL | 142.251.36.14:443 | apis.google.com | tcp |
| GB | 52.84.90.3:443 | apien.ldplayer.net | tcp |
| GB | 52.84.90.3:443 | apien.ldplayer.net | tcp |
| GB | 52.84.90.3:443 | apien.ldplayer.net | tcp |
| NL | 172.217.168.246:443 | play-lh.googleusercontent.com | tcp |
| NL | 142.251.36.14:443 | apis.google.com | udp |
| SG | 8.219.223.66:443 | usersdk.ldmnq.com | tcp |
| SG | 8.219.223.66:443 | usersdk.ldmnq.com | tcp |
| GB | 163.181.57.235:443 | ldcdn.ldmnq.com | tcp |
| US | 8.8.8.8:53 | 14.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.90.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.223.219.8.in-addr.arpa | udp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.31.49:443 | stpd.cloud | tcp |
| GB | 23.200.147.41:80 | apps.identrust.com | tcp |
| NL | 142.251.39.98:443 | googleads.g.doubleclick.net | tcp |
| NL | 216.58.214.2:443 | www.googletagservices.com | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 2.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tagan.adlightning.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| GB | 216.137.44.108:443 | tagan.adlightning.com | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | udp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| NL | 142.251.39.98:443 | googleads.g.doubleclick.net | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| DE | 141.95.98.65:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | rtb.adxpremium.services | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | adx.adform.net | udp |
| US | 104.26.8.178:443 | prebid-stag.setupad.net | tcp |
| US | 104.26.8.178:443 | prebid-stag.setupad.net | tcp |
| NL | 185.184.8.90:443 | prebid-eu.creativecdn.com | tcp |
| NL | 81.17.55.160:443 | prg.smartadserver.com | tcp |
| US | 104.18.11.176:443 | mp.4dex.io | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| NL | 145.40.97.77:443 | prebid.a-mo.net | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| DK | 37.157.6.254:443 | adx.adform.net | tcp |
| DK | 37.157.6.254:443 | adx.adform.net | tcp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| NL | 185.106.140.18:443 | rtb.adxpremium.services | tcp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| DE | 141.95.98.64:443 | id5-sync.com | tcp |
| DK | 37.157.6.254:443 | adx.adform.net | tcp |
| GB | 52.84.90.126:443 | config.aps.amazon-adsystem.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | 160.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.11.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 254.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.140.106.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.23.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.98.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.154.172.18.in-addr.arpa | udp |
| GB | 23.49.161.153:443 | secure.cdn.fastclick.net | tcp |
| GB | 23.49.161.153:443 | secure.cdn.fastclick.net | tcp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| GB | 18.245.143.58:443 | tags.crwdcntrl.net | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| FR | 217.182.178.229:443 | ssbsync.smartadserver.com | tcp |
| US | 172.67.36.110:443 | cdn.hadronid.net | tcp |
| US | 172.67.36.110:443 | cdn.hadronid.net | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| FR | 217.182.178.229:443 | ssbsync.smartadserver.com | tcp |
| GB | 184.28.176.56:443 | r.bing.com | tcp |
| GB | 184.28.176.56:443 | r.bing.com | tcp |
| GB | 184.28.176.104:443 | r.bing.com | tcp |
| GB | 18.172.153.76:443 | cdn.ldplayer.net | tcp |
| GB | 18.245.158.75:443 | d19mtdoi3rn3ox.cloudfront.net | tcp |
| GB | 216.137.34.187:443 | d1arl2thrafelv.cloudfront.net | tcp |
| GB | 216.137.34.187:443 | d1arl2thrafelv.cloudfront.net | tcp |
| GB | 18.172.153.36:443 | encdn.ldmnq.com | tcp |
| GB | 173.222.211.41:443 | aefd.nelreports.net | udp |
| GB | 173.222.211.41:443 | aefd.nelreports.net | tcp |
| SG | 8.219.48.146:443 | middledata.ldplayer.net | tcp |
| SG | 8.219.48.146:443 | middledata.ldplayer.net | tcp |
| GB | 13.224.132.14:443 | apien.ldmnq.com | tcp |
| SG | 8.219.48.146:443 | middledata.ldplayer.net | tcp |
| SG | 8.219.4.49:443 | middledata.ldplayer.net | tcp |
| SG | 8.219.4.49:443 | middledata.ldplayer.net | tcp |
| SG | 8.219.4.49:443 | middledata.ldplayer.net | tcp |
| US | 162.159.135.234:443 | discord.gg | tcp |
| US | 162.159.135.234:443 | discord.gg | tcp |
| US | 162.159.135.232:443 | discord.com | tcp |
| GB | 18.172.153.8:443 | cdn.ldplayer.net | tcp |
| GB | 18.172.153.8:443 | cdn.ldplayer.net | tcp |
| GB | 18.165.201.6:443 | ad.ldplayer.net | tcp |
| GB | 163.181.57.232:443 | en.ldplayer.net | tcp |
| GB | 18.172.153.8:443 | cdn.ldplayer.net | tcp |
| GB | 18.172.153.8:443 | cdn.ldplayer.net | tcp |
| GB | 18.172.153.8:443 | cdn.ldplayer.net | tcp |
| SG | 8.219.4.49:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 8.153.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.201.165.18.in-addr.arpa | udp |
| GB | 79.133.176.235:443 | res.ldplayer.net | tcp |
| SG | 8.219.4.49:443 | middledata.ldplayer.net | tcp |
| GB | 79.133.176.235:443 | res.ldplayer.net | tcp |
| US | 162.159.130.233:443 | cdn.discordapp.com | tcp |
| GB | 79.133.176.235:443 | res.ldplayer.net | tcp |
| GB | 79.133.176.235:443 | res.ldplayer.net | tcp |
| GB | 79.133.176.235:443 | res.ldplayer.net | tcp |
| GB | 79.133.176.235:443 | res.ldplayer.net | tcp |
| GB | 18.172.153.128:443 | encdn.ldmnq.com | tcp |
| GB | 79.133.176.235:443 | res.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 128.153.172.18.in-addr.arpa | udp |
| GB | 79.133.176.235:443 | res.ldplayer.net | tcp |
| GB | 79.133.176.235:443 | res.ldplayer.net | tcp |
| GB | 18.165.201.6:443 | ad.ldplayer.net | tcp |
| GB | 79.133.176.235:443 | res.ldplayer.net | tcp |
| GB | 79.133.176.235:443 | res.ldplayer.net | tcp |
| GB | 79.133.176.235:443 | res.ldplayer.net | tcp |
| GB | 18.172.153.128:443 | encdn.ldmnq.com | tcp |
| NL | 172.217.168.246:443 | play-lh.googleusercontent.com | tcp |
| GB | 13.224.132.14:80 | apien.ldmnq.com | tcp |
| GB | 13.224.132.14:443 | apien.ldmnq.com | tcp |
| NL | 142.250.179.131:80 | o.pki.goog | tcp |
| NL | 142.250.179.131:80 | o.pki.goog | tcp |
| NL | 142.250.179.131:80 | o.pki.goog | tcp |
| GB | 79.133.176.235:443 | res.ldplayer.net | tcp |
| GB | 79.133.176.235:443 | res.ldplayer.net | tcp |
| GB | 18.172.153.8:443 | cdn.ldplayer.net | tcp |
| GB | 13.224.132.14:443 | apien.ldmnq.com | tcp |
| GB | 18.165.201.6:443 | ad.ldplayer.net | tcp |
| GB | 163.181.57.235:443 | www.ldplayer.net | tcp |
| NL | 142.250.179.174:443 | fundingchoicesmessages.google.com | udp |
| NL | 142.250.179.174:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | encdn.ldmnq.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 18.172.153.8:443 | cdn.ldplayer.net | tcp |
| GB | 18.172.153.23:443 | encdn.ldmnq.com | tcp |
| GB | 18.172.153.23:443 | encdn.ldmnq.com | tcp |
| GB | 18.172.153.23:443 | encdn.ldmnq.com | tcp |
| GB | 18.172.153.23:443 | encdn.ldmnq.com | tcp |
| GB | 18.172.153.23:443 | encdn.ldmnq.com | tcp |
| GB | 18.172.153.23:443 | encdn.ldmnq.com | tcp |
| NL | 142.250.179.174:443 | www.youtube.com | tcp |
| US | 172.67.70.36:443 | cmp.setupcmp.com | tcp |
| NL | 142.251.39.118:443 | i.ytimg.com | tcp |
| US | 104.18.31.49:443 | stpd.cloud | tcp |
| US | 8.8.8.8:53 | apien.ldplayer.net | udp |
| GB | 52.84.90.122:443 | apien.ldplayer.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| NL | 142.251.39.98:443 | googleads.g.doubleclick.net | udp |
| US | 104.26.8.178:443 | prebid-stag.setupad.net | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| DK | 37.157.6.254:443 | adx.adform.net | tcp |
| NL | 185.106.140.18:443 | rtb.adxpremium.services | tcp |
| US | 104.18.11.176:443 | mp.4dex.io | tcp |
| NL | 185.184.8.90:443 | prebid-eu.creativecdn.com | tcp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| NL | 81.17.55.99:443 | prg.smartadserver.com | tcp |
| NL | 147.75.102.143:443 | prebid.a-mo.net | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.250.179.134:443 | static.doubleclick.net | tcp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | tcp |
| NL | 142.250.179.170:443 | jnn-pa.googleapis.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 172.67.36.110:443 | cdn.hadronid.net | tcp |
| NL | 142.250.179.170:443 | jnn-pa.googleapis.com | udp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | 99.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.102.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.179.250.142.in-addr.arpa | udp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | udp |
| NL | 142.250.102.84:443 | accounts.google.com | udp |
| NL | 185.106.140.18:443 | rtb.adxpremium.services | tcp |
| NL | 81.17.55.99:443 | prg.smartadserver.com | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| GB | 23.53.174.156:443 | secure.cdn.fastclick.net | tcp |
| FR | 5.135.209.101:443 | ssbsync-global.smartadserver.com | tcp |
| US | 104.22.4.69:443 | id.hadron.ad.gt | tcp |
| IE | 34.240.201.67:443 | bcp.crwdcntrl.net | tcp |
| IE | 34.240.201.67:443 | bcp.crwdcntrl.net | tcp |
| IE | 34.240.201.67:443 | bcp.crwdcntrl.net | tcp |
| DE | 3.124.135.75:443 | 1x1.a-mo.net | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| GB | 18.165.201.6:443 | ad.ldplayer.net | tcp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | 5766a3173a0fae3b2200d81e2f06f931.safeframe.googlesyndication.com | udp |
| DK | 37.157.6.254:443 | adx.adform.net | tcp |
| ZA | 192.178.54.35:443 | csi.gstatic.com | tcp |
| DE | 3.124.135.75:443 | 1x1.a-mo.net | tcp |
| IE | 54.171.134.196:443 | ice.360yield.com | tcp |
| NL | 185.89.210.180:443 | ib.adnxs.com | tcp |
| NL | 142.250.179.193:443 | 5766a3173a0fae3b2200d81e2f06f931.safeframe.googlesyndication.com | tcp |
| NL | 142.250.179.193:443 | 5766a3173a0fae3b2200d81e2f06f931.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 6f5b2faf260934f49cd35ec0b79acbfa.safeframe.googlesyndication.com | udp |
| ZA | 192.178.54.35:443 | csi.gstatic.com | tcp |
| FR | 154.54.250.81:443 | ads.stickyadstv.com | tcp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | 194.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.174.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.209.135.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.4.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.135.124.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.134.171.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.54.178.192.in-addr.arpa | udp |
| US | 35.244.159.8:443 | setupad-d.openx.net | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | udp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | tcp |
| NL | 64.158.223.146:443 | proc.ad.cpe.dotomi.com | tcp |
| US | 172.67.23.234:443 | a.ad.gt | tcp |
| US | 35.244.159.8:443 | setupad-d.openx.net | udp |
| US | 34.149.40.38:443 | u.4dex.io | tcp |
| US | 34.149.40.38:443 | u.4dex.io | tcp |
| NL | 142.250.179.163:443 | p4-fmal4m6prqcmu-zf6ftqsjti2he7ef-if-v6exp3-v4.metric.gstatic.com | tcp |
| NL | 142.250.179.163:443 | p4-fmal4m6prqcmu-zf6ftqsjti2he7ef-if-v6exp3-v4.metric.gstatic.com | udp |
| US | 104.18.36.155:443 | ssum.casalemedia.com | tcp |
| GB | 108.138.217.110:443 | setupad-tagan.adlightning.com | tcp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| US | 34.149.40.38:443 | u.4dex.io | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| DE | 159.89.25.223:443 | node.setupad.com | tcp |
| DE | 159.89.25.223:443 | node.setupad.com | tcp |
| DE | 159.89.25.223:443 | node.setupad.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| DE | 141.95.98.65:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| DE | 141.95.98.64:443 | id5-sync.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| GB | 2.22.101.110:443 | secure-assets.rubiconproject.com | tcp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | s.company-target.com | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| NL | 193.3.178.4:443 | ads.us.e-planning.net | tcp |
| IE | 79.125.121.240:443 | ap.lijit.com | tcp |
| US | 104.21.48.215:443 | adxbid.info | tcp |
| US | 151.101.130.49:443 | sync-tm.everesttech.net | tcp |
| FR | 5.196.111.72:443 | rtb-csync.smartadserver.com | tcp |
| FR | 5.196.111.72:443 | rtb-csync.smartadserver.com | tcp |
| US | 34.96.71.22:443 | s.company-target.com | tcp |
| NL | 147.75.34.47:443 | sync.a-mo.net | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| IE | 52.212.48.12:443 | ce.lijit.com | tcp |
| US | 34.96.71.22:443 | s.company-target.com | udp |
| US | 104.19.158.19:443 | assets.a-mo.net | tcp |
| US | 8.2.110.113:443 | as.ck-ie.com | tcp |
| US | 8.8.8.8:53 | 72.111.196.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.71.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.34.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.48.212.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| FR | 5.196.111.72:443 | rtb-csync.smartadserver.com | tcp |
| US | 64.74.236.63:443 | b1sync.zemanta.com | tcp |
| US | 54.88.142.103:443 | pxl.iqm.com | tcp |
| NL | 35.214.195.156:443 | csync.loopme.me | tcp |
| DK | 37.157.2.230:443 | c1.adform.net | tcp |
| DE | 3.71.91.116:443 | match.sharethrough.com | tcp |
| GB | 89.187.167.38:443 | vid.vidoomy.com | tcp |
| GB | 95.100.245.168:80 | x2.i.lencr.org | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 209.192.201.180:443 | user-sync.adxpremium.services | tcp |
| GB | 89.187.167.39:443 | vpaid.vidoomy.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| ES | 212.36.83.246:443 | a.vidoomy.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| ES | 212.36.83.246:443 | a.vidoomy.com | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | udp |
| ZA | 192.178.54.35:443 | csi.gstatic.com | udp |
| ZA | 192.178.54.35:443 | csi.gstatic.com | udp |
| NL | 185.235.87.23:443 | ag.gbc.criteo.com | tcp |
| FR | 185.235.86.155:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.23:443 | ag.gbc.criteo.com | tcp |
| FR | 185.235.86.155:443 | gem.gbc.criteo.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| GB | 163.181.57.235:443 | x-api.bluestacks.com | tcp |
| US | 8.8.8.8:53 | bsxplayerv2.bluestacks.com | udp |
| GB | 163.181.57.235:443 | x-api.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| GB | 79.133.176.166:443 | bst-launcher-sgp.bluestacks.cn | tcp |
| SG | 8.214.38.30:443 | dev-x.bstkinternal.net | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| SG | 8.214.38.30:443 | dev-x.bstkinternal.net | tcp |
| GB | 79.133.176.166:443 | bst-launcher-sgp.bluestacks.cn | tcp |
| US | 8.8.8.8:53 | 166.176.133.79.in-addr.arpa | udp |
| SG | 8.214.38.30:443 | dev-x.bstkinternal.net | tcp |
| GB | 79.133.176.222:443 | bst-launcher-sgp.bluestacks.cn | tcp |
| GB | 92.123.142.194:443 | ak-build.bluestacks.com | tcp |
| US | 8.8.8.8:53 | cloud-api-cdn.bluestacks.com | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| GB | 92.123.142.146:443 | cloud-api-cdn.bluestacks.com | tcp |
| GB | 18.244.114.85:443 | now.gg | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| GB | 173.222.211.51:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.51:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.51:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.51:443 | cdn-icon.bluestacks.com | tcp |
| GB | 92.123.142.145:443 | cdn.now.gg | tcp |
| GB | 92.123.142.145:443 | cdn.now.gg | tcp |
| GB | 92.123.142.145:443 | cdn.now.gg | tcp |
| GB | 92.123.142.145:443 | cdn.now.gg | tcp |
| GB | 173.222.211.51:443 | cdn-icon.bluestacks.com | tcp |
| GB | 92.123.142.145:443 | cdn.now.gg | tcp |
| GB | 92.123.142.145:443 | cdn.now.gg | tcp |
| GB | 92.123.142.145:443 | cdn.now.gg | tcp |
| GB | 92.123.142.145:443 | cdn.now.gg | tcp |
| GB | 92.123.142.145:443 | cdn.now.gg | tcp |
| GB | 92.123.142.145:443 | cdn.now.gg | tcp |
| GB | 92.123.142.145:443 | cdn.now.gg | tcp |
| GB | 92.123.142.145:443 | cdn.now.gg | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.194:443 | ak-build.bluestacks.com | tcp |
| GB | 92.123.142.194:443 | ak-build.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.146:443 | cloud-api-cdn.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.146:443 | cloud-api-cdn.bluestacks.com | tcp |
| GB | 92.123.142.146:443 | cloud-api-cdn.bluestacks.com | tcp |
| GB | 92.123.142.146:443 | cloud-api-cdn.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.146:443 | cloud-api-cdn.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.146:443 | cloud-api-cdn.bluestacks.com | tcp |
| US | 8.8.8.8:53 | cdn-icon.bluestacks.com | udp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| US | 8.8.8.8:53 | 57.211.222.173.in-addr.arpa | udp |
| N/A | 127.0.0.1:6463 | tcp | |
| N/A | 127.0.0.1:6464 | tcp | |
| N/A | 127.0.0.1:6465 | tcp | |
| GB | 92.123.142.210:443 | tcp | |
| GB | 92.123.142.194:443 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| GB | 18.172.153.8:443 | tcp | |
| GB | 18.172.153.8:443 | tcp | |
| GB | 18.165.201.6:443 | tcp | |
| N/A | 163.181.57.233:443 | tcp | |
| GB | 18.172.153.8:443 | tcp | |
| GB | 18.172.153.8:443 | tcp | |
| GB | 18.172.153.8:443 | tcp | |
| GB | 18.165.201.6:443 | tcp | |
| SG | 8.219.48.146:443 | tcp | |
| US | 8.8.8.8:53 | udp | |
| SG | 8.219.48.146:443 | tcp | |
| GB | 18.165.201.6:443 | tcp | |
| GB | 13.224.132.14:80 | tcp | |
| GB | 13.224.132.14:80 | tcp | |
| US | 34.160.86.181:443 | tcp | |
| US | 34.160.86.181:443 | tcp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 142.251.39.123:443 | tcp | |
| US | 34.160.86.181:443 | tcp | |
| US | 34.160.86.181:443 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| GB | 18.172.153.86:443 | tcp | |
| GB | 18.172.153.86:443 | tcp | |
| N/A | 163.181.57.233:443 | tcp | |
| N/A | 18.165.201.46:443 | tcp | |
| SG | 8.219.48.146:443 | tcp | |
| GB | 18.172.153.86:443 | tcp | |
| GB | 18.172.153.86:443 | tcp | |
| GB | 18.172.153.86:443 | tcp | |
| N/A | 18.165.201.46:443 | tcp | |
| SG | 8.219.48.146:443 | tcp | |
| N/A | 18.165.201.46:443 | tcp | |
| N/A | 13.224.132.98:80 | tcp | |
| N/A | 13.224.132.98:443 | tcp | |
| N/A | 18.165.201.46:443 | tcp | |
| N/A | 40.126.32.72:443 | tcp | |
| N/A | 40.126.32.72:443 | tcp | |
| N/A | 40.126.32.72:443 | tcp | |
| N/A | 20.223.36.55:443 | tcp | |
| N/A | 20.223.36.55:443 | tcp | |
| N/A | 20.223.36.55:443 | tcp | |
| SE | 192.229.221.95:80 | tcp | |
| N/A | 20.223.36.55:443 | tcp | |
| N/A | 20.223.36.55:443 | tcp | |
| N/A | 20.234.120.54:443 | tcp | |
| N/A | 150.171.27.10:443 | tcp | |
| N/A | 150.171.27.10:443 | tcp | |
| N/A | 150.171.27.10:443 | tcp | |
| N/A | 150.171.27.10:443 | tcp | |
| N/A | 150.171.27.10:443 | tcp | |
| SE | 192.229.221.95:80 | tcp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 20.103.156.88:443 | tcp | |
| N/A | 20.103.156.88:443 | tcp | |
| N/A | 20.234.120.54:443 | tcp | |
| SG | 8.219.4.49:443 | tcp | |
| N/A | 8.219.136.97:443 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| SG | 8.219.4.49:443 | tcp | |
| US | 8.8.8.8:53 | udp | |
| SG | 8.219.48.146:443 | tcp |
Files
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\datareporting\glean\pending_pings\a140a487-bf43-4499-89b1-3d440fbfac8e
| MD5 | 43969505f59b4e0e2310b9d611ce8a49 |
| SHA1 | bb1d8270071cee9a0fd7be375e83ff0992b23aee |
| SHA256 | c8e50598864337372ebf96fd95d5a56601347fd22e9412a03791e32b52690a38 |
| SHA512 | c965ee4c7f534826631852b47cd6d236a839966a627e82056027c9d40609c8cc6cfdf90027cf983e83ba72e0f7bc1c9277458c4a62a9508898921fccc17ea68b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\datareporting\glean\pending_pings\e22bc936-c135-40cd-96ee-fbbc227f9bac
| MD5 | 91e85adf3797c42aa5b3584d81e93fec |
| SHA1 | 749754aa3f6564f0c6fc6537282752b5eb03d980 |
| SHA256 | 51916e9e6b352a11a61f2e8dc6e5fefa6ba1690b2654f71d6ecdbdb972917fea |
| SHA512 | f3a9c89b41327807ec64e0b52413810ac946f9bd1d6afd8763792d4f277601fd0bd46a92699aa8075952dbea46dc24f5ae6d49637f442e676fc85f081b5ff520 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 45553bdbf954439bc7fef52411271bea |
| SHA1 | 2ba95ac9bae3fe9941eaa655616220a806a86115 |
| SHA256 | 0b3a8a7223ff0ecf847a0e75c52c6df6b084b505acd0d7130e07cefc2fe05e08 |
| SHA512 | 8cb70b6c2dc00f80b9d8d736e4364999b474c9f40ce06887d3dd6a99967957c15b2f38cae0d953e6a9a672eedfb524af386463df93c0a8c75cf68b4b43e227a8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 1be559e08d8363a84aee99b68e8f6cb1 |
| SHA1 | c3d21ad8367b6953c20ef1c259c36e2a44f5c722 |
| SHA256 | 870e14e82c9b76867abc4e76c269f8bd503cd893f6686e9e303496f25b7d9020 |
| SHA512 | 3308d9902b37e82f583eed5c89e0379799b9b84bf6f6a4af177efbe80cee2008013e237f8de81622d2eaba20ed89a3f606ab0d4ee956bcdc3bb40cc9040eeb0f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\activity-stream.discovery_stream.json
| MD5 | d4fbf3b6d6d372f369cc58223788ef0a |
| SHA1 | 46500243c15852286424b7451a561053710d3410 |
| SHA256 | 79fd3638c6bc6c4dbed06f8e3893a0124988919ddf17183054ef79bfcfb6279b |
| SHA512 | 249f6f6d5882369336d91f2e3aaae657ca18f7b3b93bfbd47f5819554e736f6796e253f79af1874787a8bc1361c3d5dcc71e548d03836222235692331ae82153 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\prefs.js
| MD5 | 0f80c047d89c078dbcc64b42922f2001 |
| SHA1 | f981a71cfada38edf3c6d14a5f7e4142d61636a3 |
| SHA256 | de6c348696af28726b52eabd640d858496f7b354b86db80f9d5f54f22f55a3b6 |
| SHA512 | ad72a8d543ffbb7445fe9fd6b4a05e9680329f5a90d0b1661b0a1c843b80dbd2b440445a4aaee4cf43096cbc6852b9c9da24db4d9d35b55e7d26ee00e6a3a4c8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\prefs.js
| MD5 | ddcbabfb205ace4a10aecd3acb6fe1d7 |
| SHA1 | 10571850e09607d9fc7b72f276b9b089c25fa668 |
| SHA256 | 7b44cf479944afb6140fe989e66ce9a5eeac09546d85f97940685c15fac6d6dc |
| SHA512 | 0c4f8c3c1e58e70e7c47c7525f5845ea2fa0267cc1a43ff4540cd63e272bea35092ec3875369d4a77aa3303be7eecfe094ee119e82d52e4f0e313b23ff92e903 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\doomed\6556
| MD5 | 61b33c06961cecd1de88b0e2eb074fa0 |
| SHA1 | 5c29b0ef20a2fd4772a7113e3829730ecfde7c1c |
| SHA256 | 59440df89cbf8f17fb888c49676348fb284c043dc479fe8af76b865601d3587d |
| SHA512 | 227ce88e3876a6e6fe52f235b7c06e7251e2df5b3d48a2142f755d10b0217ebfc2eb64e74bef07cea83c3d6ac2971081675e48c6bf9e054582a5ca42d130da17 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\2492994A253B970917AF5CDF605580B1C2DC16A0
| MD5 | 3da9c92fe850264df1150077a84174d9 |
| SHA1 | 6b93433cbd99d7cb09313553df6967a21704572f |
| SHA256 | 6528a75d010e43f8e13e05567c571363f5a4287fc4f890eaaf0036d6adba7d0d |
| SHA512 | 0823ba0ab257aa08c78058291511bb6c2d8005673dd8f1ba9cc322c54a0f7401b5ca27c84a75823e9558481ca1027d539c752d4603c95a5444b281ba4f1ab35c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\ECE281212C7D34C2D33214DAB8505B450499A76C
| MD5 | 97a0ad3bad7cd25b78c7e74ded812d01 |
| SHA1 | bbbb0137283a8b1401722b408826597917ed6052 |
| SHA256 | 80bb7c7f27b8af55a5e9d20675cacf24e0848fbd94e3bac27257dbc7dfba335c |
| SHA512 | c151355d4812229b3ef10905ee8317ff4cea4d8acb14e83e5a7cc324a298e745f54ed752209796a44bc05759924aeb8bd72d7f9b06db089ceae2f64417b00ca5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\03C5414C101F2F03E0251F68E14AC8998D89E1D8
| MD5 | 8f09d603d858c062d8d23953a828990a |
| SHA1 | f7da983708ab5eb0a8855cbd84551809cd4fd8a3 |
| SHA256 | f9301997bce86ad13f7931e1be65d1069ba7c2a16ccd37ea1cbcc091ced57dd2 |
| SHA512 | 49230e206385c5f65fb1aea03f12b2a2a0e168de948256e634567dfdbd79792c32f9501479f06a5acc6bbc7de9b01311b52e5a56f547864c84dac949e6412cca |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\BF0923D6C9AC3F4148AB74C98E937ACD57DCEAD3
| MD5 | f7d254b8603dee06b631c8013b315c5f |
| SHA1 | d5ffe6e9f586c366e700993d886a96bdde19e942 |
| SHA256 | ad0c476f23a4249d48860bdd22d59ff10779e5b49e796f0275c9da09b96d72a8 |
| SHA512 | 9911939e4fa43f0dfaeaa81068925f08dcb4d58b44bb888aed2b68af59429742fc41ccb9e8edd48bbe150f8a41ce8d7cfe3d530cb663050f9d661801fe625fbe |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\F5A1FBDEF4E6F115791D6C8EF1598942067B8080
| MD5 | f6a0f7ade600bc00be07b1a1c3f35e4e |
| SHA1 | 75df88a0bcde54c7f5a43666fecc3a964044698e |
| SHA256 | 9c60817f62a455f74728ce636e49d8c99201bec691ce0aad593542a22b2fc6d1 |
| SHA512 | eeb5383286f8652c77912619b0268ad7a9f40d94d5f2f33f058d1bbd8b2f828e61b13ca64a39c39cc55ff5973532b7fffbfc8fc0984303423d36dbe3c5f07e12 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\4BCF7D608B2663D7D1515223C0F13E5D72484770
| MD5 | 0d22d7ac6e2b55233fd616035c2cf6f1 |
| SHA1 | 5c83c58fba05703a05c1e93b9b9cac957a1b63d6 |
| SHA256 | 258ada107000ec70f29541d51446194502ba530d8a3fab494aefdf39b3b17c3c |
| SHA512 | 93d72377d58229e9e50ce9c020fa81593ce06f14009b4ffa606a020b7cae071a41a501e266fb6823a54bb0f830d80e1fe702ac8e225bcd657bb9818dcafef1a5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\AF6E7B7DB9908D7B867517AC33D094ABD56E38F7
| MD5 | 3125a904d2a6c2d845507809c3fd73ce |
| SHA1 | cac8e6d3fff6d1979010c0761a4f6f0e696af2ba |
| SHA256 | e38c68e3b2f68f6c994f9fbe0a1d1b62c86a4d7f1f0258b1dc73e8c472cc04a1 |
| SHA512 | 1ed0adf7d2c5219c3ba176de623ef18434417549d00a4b0f3dbbe31ad2c3068e1ada954ea42bcc2b622f30c2a466b9223438ae80d5387fe042bac554cf264f88 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\C88FE6FE8ED0018995E76FB6B4CAEB37655B5835
| MD5 | 1e1ea8dd0382263d5dceb8fe4a1517c2 |
| SHA1 | d03d3cd52edbcb0175da8ccf11c3952647cfcae0 |
| SHA256 | 8405b66a51c5c746d9ada81b2621f83c5f5609b637af8d3db4bdca51510f77b4 |
| SHA512 | 69967627d4baadea6367d251cb1596efd41db6834815ae9f5518722726fd65c0f82368bf0a53d8ee538d4f1a885e0e746e4ecfaf2eb6720d0247d1b1990913d5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | a763fbea9c62991a4b9dd76d0021e28e |
| SHA1 | e30fc7ba3419069678de339a88f7124b2014fe19 |
| SHA256 | 5bd5c2791e46053739c6f108a1c3389a2675696ea2f7c43aa1abc93a2dd6ceea |
| SHA512 | 6e7a269972ac68b6c835c5312160a7b88cd049ab9b853fc69baab7505c21587c9ea1517600586a507d63bba4714289eea03e567369f752af29afd6e36bb6fbfe |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\prefs-1.js
| MD5 | 3c56634a1e260afc57d56b0cf8218ad6 |
| SHA1 | eb635ad0f358a3fc38e6c1245efc8e6dc82287eb |
| SHA256 | 4f512e9a8c74a9bdc803ce53682cb75e47cbc767e540a509e8952109507e6378 |
| SHA512 | 4ec3335550eb6edb13d3fb2e54cf0d058e3f9142d30d0f252ff467abb645f6e9085d12cc923c3a2185fcb669fd001585b73cc7c4d91618246f949699b1f82ac6 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 09372174e83dbbf696ee732fd2e875bb |
| SHA1 | ba360186ba650a769f9303f48b7200fb5eaccee1 |
| SHA256 | c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f |
| SHA512 | b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info
| MD5 | 2a461e9eb87fd1955cea740a3444ee7a |
| SHA1 | b10755914c713f5a4677494dbe8a686ed458c3c5 |
| SHA256 | 4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc |
| SHA512 | 34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll
| MD5 | 842039753bf41fa5e11b3a1383061a87 |
| SHA1 | 3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153 |
| SHA256 | d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c |
| SHA512 | d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\AlternateServices.bin
| MD5 | 06bf151ff615127fded446dc6b744b66 |
| SHA1 | 0ee9e54975e9953316a3f15f977aee5bb35f9d24 |
| SHA256 | a47656174541ef31f1acd4b6c762040fcbbce4ff359a0386381332e7033186bf |
| SHA512 | 11e94b833899df83a88cbdee8c86a7e1d42dc0bb7d319c4f7be435767ed9c3664c79560ceceb9a31c2acb6bcd89680524611e7f2215da52bb074638ad009b1ea |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | e8be9387d2b5ec1ea9dfb3c68e2a3757 |
| SHA1 | d628e1d8550b0c619ea9afb3435cd320002ce1a5 |
| SHA256 | 20da96722618aa9ff539d83017d6f621591483bf524b713fb4d671c5b9a76e3a |
| SHA512 | ee1eee61ef50d91c82051004aadb879d1acfe63d8b9375d7e968fa748adb442251dd80f917df6f4bcc455c6336ec418189b10130d10454ddd98b590679016757 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | 0a8747a2ac9ac08ae9508f36c6d75692 |
| SHA1 | b287a96fd6cc12433adb42193dfe06111c38eaf0 |
| SHA256 | 32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03 |
| SHA512 | 59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json
| MD5 | bf957ad58b55f64219ab3f793e374316 |
| SHA1 | a11adc9d7f2c28e04d9b35e23b7616d0527118a1 |
| SHA256 | bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda |
| SHA512 | 79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll
| MD5 | daf7ef3acccab478aaa7d6dc1c60f865 |
| SHA1 | f8246162b97ce4a945feced27b6ea114366ff2ad |
| SHA256 | bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e |
| SHA512 | 5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\prefs-1.js
| MD5 | 851732be733b18e68720473e8a72603b |
| SHA1 | 1866dfbb5f5e94439e5082d97843570aeb7592df |
| SHA256 | 384e9c4121e5df85760cba24ce96b2c6516bd2e3e3f49c81a07587c72e08dfde |
| SHA512 | 38e51c0e8f05cd1c319891ecf3a59907410bb15e10ce27765833990d37f49f5d56ac3f4e086dccbd5379cbfce4e1593a458e6d58f7cd67f5f45bed0194093a1b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 963e8de2f9cfb52f1f6f6602ba79fdae |
| SHA1 | 00692df7d550d788c911de6794133795f1eb8ca3 |
| SHA256 | 69ac6152e733fee3088b5dd9fae49beedac117fc2f45df5e4f01b468de815dd7 |
| SHA512 | 86ee4af068d73c8ab3e0baf1ca95e87ccf2c287211e35a5e2908fe6d26018a79273d0045ae32b646a1d5ef5a09a6f05d19cf131b2c352e5539615afe8ce5fd85 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 52ab2815b95176f490256c5aa911b2f8 |
| SHA1 | de53433eae5d26eb0cc671471618f8d5399a4968 |
| SHA256 | 1b5a2ffc98d60740c0a2f7d199920143c4d9cf1b4a2e1df1d8672c1426a1eb6e |
| SHA512 | 5a4ea30cab495d0b1e2de2b7268a1e6f0bfe73e7387bdd7527746e5e1d95d1c933f8251ef45118dcfbd2c3ba275e57c55770173071cbca2a69e628d0de014c9a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\3E0BA236C349B890C6496284ED887C7C5B4654A5
| MD5 | 078e81393659948bb4f7017ea22714ce |
| SHA1 | 5dde09b298e1f9862f4c4fa15e35c321619cb91a |
| SHA256 | 8abef3bbed3ddd1fccc93f8dfa22c6a53fa33d32c1c279328d82903f4e139a17 |
| SHA512 | a437e6c51ac7e0779981041f7efcd239a862cc15111809378cca805562234da02cf58c0479e9ace325bf217db149a40f4acd7abbe6fa2e257e09a84d8a969a59 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | fc57e802864ceba64658728cbf436a1a |
| SHA1 | 547cf0d499ffa093901608cbec324d753be4c3d2 |
| SHA256 | 5277da17323aa2bd3e8d0fd334a2f1c41706dd4645d51830636709733bb11509 |
| SHA512 | 05a44ae910be83cce43fdc5afe1c0d2bd292e1b9d244127cd6f330609b255982cefe3e5eec4599b51c830daea9393ed341778db82b88635fed21a489afeaab1f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 3a3aa4c6409d2cf53ecbe8bae8b861e9 |
| SHA1 | ffc3640c69cc4e08a16b5bb91279a3fe4e31d49d |
| SHA256 | 6ea046f60954ef05c68ffc105cf6a34cbe0a263c84b17c500c9250cd2cb18658 |
| SHA512 | 9173e42706f31ab8a4117b7d24eb575bc8f9c850452f9106fa83266ddae200d2f1bc7452be6ca6089465d13f46c81aa5433a7c8f770bcdfa39f525128f713f31 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 84e2c4d568db549ea9de95c4aa9a6e13 |
| SHA1 | 78b0853ea1fd395689947d5082773fada35a9fd3 |
| SHA256 | 7eba9758e81a6aaac083671ec947ff676014eb7c01cf81f6d2409db6151f3f4e |
| SHA512 | 6c9312791cd5d01e579bb4aa13bfb022b873b086b06c0ee1907aae5d2ae584ca1c29c17bbf064d1623360f47af8f337b3fb44bc321392b3fdeadf715c3ac0ac4 |
C:\Users\Public\Desktop\Firefox.lnk
| MD5 | a6e4bafc951beed0a3eab9e38eb325f2 |
| SHA1 | 78ad34b34c1cf4ae7f3452f199719642bcf7b3fd |
| SHA256 | 76908e1679a822eb851c245348d3e4e661a4236bdd9f9a480c0e27bca37872ea |
| SHA512 | 8eae0a56a491e39d0ad7b62dfc25af73cc10bd3c22eeac769fdce45f2410abe2c6f78b208bf39c3286604d43102906f48cf9b13a73713fed7be71e5549650b67 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 9a9848c5fdfa90f2967257f00d8cfba8 |
| SHA1 | 977b3312c3a6cb05708e34a3f84d4ea80f234274 |
| SHA256 | 062fc4e9c0ed542063307da64aed43d2fd21304081256069bc7374210059ed2f |
| SHA512 | 370a985a225c0530ecbbb508cf25a86879243efa73db936a9d8da76fd8d1e5a0ae50d1699000c8bfabf0ce5c7bbff8339269b0813a7373cbf5e36192c5f9c102 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\8999BC8CB7B8114B87D8185D8CE1BBF1E6377016
| MD5 | 2acfbf30d986dd03e6b8b7cd665f776c |
| SHA1 | 5bf2ff1dbff7e4e8e1163a19f3ad80ed717c9e96 |
| SHA256 | 9e97be2b7e3b82383590ac1e72804748921c4732e77d473c192c01665988aa78 |
| SHA512 | b4d74a4e51d072a5e22c12ac8a2de77f2775ee7dd0809e9f3ee8fcb40d347cd4e842498f672d7d301a6df5daff0ec4332364c01a2a9fda7f751529580af7ae03 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 674c3e81e1377ce8fafc4e300c12a538 |
| SHA1 | 402bd66380e79ef3f8b257bda0f70aa9e6894fc2 |
| SHA256 | b76cd15d2f33c04a02b6537a0c3110803d2b86a754df5e378cfbef9372b475f2 |
| SHA512 | c6a051cabd6abfb4a0d945dcd064cbff0fd8b7c7e0fca2467342888208ddb842c067cde8e09836f7bfa03e858ae343b2f94fcd9a1abc1e7906dc63310583288d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | f07539e3cf6237936852292eaa2122bf |
| SHA1 | b769d74055713430608bd06d16371c2a143cfcfa |
| SHA256 | 42cf286c7677f0172a7c1f6627e26211e608b201a5441e7b29640ca9a61755b4 |
| SHA512 | 64852b90259216a9c8441183de187d3927bd4fd87b76b437f31abcc4fa83eac4ce84af362ddaf0efd9ab9ff4be8783125d8c3e0734cd103c3ffbc1197048b6fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4bf4b59c3deb1688a480f8e56aab059d |
| SHA1 | 612c83e7027b3bfb0e9d2c9efad43c5318e731bb |
| SHA256 | 867ab488aa793057395e9c10f237603cfb180689298871cdf0511132f9628c82 |
| SHA512 | 2ec6c89f9653f810e9f80f532abaff2a3c0276f6d299dce1b1eadf6a59e8072ed601a4f9835db25d4d2610482a00dd5a0852d0ef828678f5c5ed33fe64dddca9 |
\??\pipe\LOCAL\crashpad_1368_WMKBWGRVYKMTNFQT
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 606f34e76caedb472b32b3a10bbe6893 |
| SHA1 | 8cc03daacb1225fa380be37c664340035dac1b5b |
| SHA256 | 507ea19b99c35d3cabd396bc00ef9d32b654ddc90224180ac0cfa4e37b351b50 |
| SHA512 | d6a6913c596b8bc82fec8ea0b5ecd845cc010989d5d66203156287ee7d56b2a9779f2ffecfcd6d3d17e191d0d85c011474001c731e860e42a92eb6b62a9a15bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | b4ae6009e2df12ce252d03722e8f4288 |
| SHA1 | 44de96f65d69cbae416767040f887f68f8035928 |
| SHA256 | 7778069a1493fdb62e6326ba673f03d9a8f46bc0eea949aabbbbc00dcdaddf9d |
| SHA512 | bb810721e52c77793993470692bb2aab0466f13ed4576e4f4cfa6bc5fcfc59c13552299feb6dfd9642ea07b19a5513d90d0698d09ca1d15e0598133929c05fe1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | 00d4cc262b70dd3d386111ff78fb0812 |
| SHA1 | 628d4dcee1e82d04ab3969c29e256cef10101407 |
| SHA256 | 956916ddd6bb5ebde0f5df3605a524d1624ea335cdc6bd5bf26681d3a5ac5239 |
| SHA512 | 12f3cf77c4ee58eb00b08ced394d35e35237da4bc9ca62b1408c6dca4350068aa94d3a0e98132aa0e6cbcbdb7dee9c2b9c5399ba7c4780442200ad37a4c2b1a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 76ca3f208ededa9d455a37145a467a24 |
| SHA1 | d75da860598fe305fb584c5bd16a3cc7f8d77b2b |
| SHA256 | 2dfc616833cbe017414d8294f74191a4e3440b8eb1a5701eeba3c32fc94f3914 |
| SHA512 | 79764a3d83a00eefc89c8aba071daf43d42fb037c1c21c146a898d9a583e8a03711acafb0ca7261aa0624bb5370dbd69899685ea2c8794a12363b2fd164d93ea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\1c74b315-35d3-40d0-96b3-56607d561eec.tmp
| MD5 | 38ba9713343ed81fd1f392543b6cd91e |
| SHA1 | 0a0d6d3a3db2ed6d8dec9bb61470b37db5fa0d7e |
| SHA256 | 269bac1cfd054337a07a0cfe6c73cea570994d10f7e0ee1a9f06accf0759c661 |
| SHA512 | bd6f1c34664fd6d499768e120abe00d1b08e63b32310a1fb42df2b53142fd108a9ad64cade8bbb3e0355f90e875d58655784f97f040c879b629c7b3c36881b62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 8b6e4df4fd576b6b949df082fd50ecaa |
| SHA1 | bfd527f52101d0a3102ada78c876d7944e31fb4b |
| SHA256 | 9517bed2c0016eb11b90e59a2138ac8794f26befdb5ee26d35198bad12a46acb |
| SHA512 | b862a6320cbe98895df50c3abd780dd6daaa14ea42e960693f3f378c0a7f6a439fce9f0cc147f461292cfa401deac88e118405b00a38a5550613021b807bd62a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 4e59d2c19ccf50acdeec108a13582731 |
| SHA1 | ed58f2e2fc147c961a1264851e85904754fc9215 |
| SHA256 | 4076c7f47177019c7cbd351223ef6a7e8fa7f506cabc238afcf20abb92ee52c0 |
| SHA512 | b57ca5a8dbc88097f85eab749d01ee2449664d815b93aa4aebda89ea6d219e271bb79238c8aaee5923f2b65c7f7b3a5aa7c225a86ca0f5f6cbcda97579a52144 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4dd90880c924bbc5b45fa6577e016965 |
| SHA1 | 71effc0be569f5ac8cfc73a3a1b36bddea99f73e |
| SHA256 | c30b68aac901b76c7eb60a5c6a0966e70351a18df2c3a8181e639c01a0aeaf77 |
| SHA512 | ae5d84b279df50b2cf095e28aec50b8d0da4e1a1ef0a0c4b198ae05fa3b9dcb2ec97f4ee0a769e5eb741bf2d7145db308743d058a2483743c3000a248e2dd378 |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | c3e08121cabb9380e3d50cadde97d53a |
| SHA1 | 0e666954e83e97e3883e52092fe2be88a520e8f8 |
| SHA256 | 76e1d3ab7320c4b863adb091b5b77205d81e13eafb539a18ebe3d8ea46b29433 |
| SHA512 | 9a6ef7710781d2f3a1f873129b21990548c1b275720080d87fe4051b464b0aef4ad8625656c388a65163563c6fb2086c29c01ba5f518c5b9679e7227fcc7941f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4c74512b15f57f38fb93c525d75de4d9 |
| SHA1 | a0e7d990a31145ebf2a9ce822c3fee05dcb785cf |
| SHA256 | 129ea473e8453ec1faea474b451fe996b89c8a6ad967c085229fe71b96b8cd0e |
| SHA512 | 041ffe6b199d915080afff129bbc35a3bc832caf8a5026b6d13ac7061bca89f7abfba5aec027a0847c2d6584ef0a534c8489d41a9fb224d25d6bacfe3b3a66f3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 50f61dd2abe31c97949de5028fc26805 |
| SHA1 | 49e425dae935f8e455e1603404ed15bcb3a7ad8b |
| SHA256 | c2791380868b177caf5bb43941b9a48677b6d2106e7762bcad5b52fae5ce7ebb |
| SHA512 | a56f6db9e6044cf1b4d8bd581a5fde28eca14582672074ca5f3fbc3dcbb6636ee657d9011641aeb2240ff0f3238dfe525316f7225b3c2405b9844515702e6a2a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 4d979b6e48a55c168062fcb638983fc3 |
| SHA1 | 47b303c3b9dfc1abb09e5af951931cc6bd5e104a |
| SHA256 | f169fcbe93aaa5cb5b4e62f0d5bd4f2b02c7c6fcda331e42896350d8f2f76eb7 |
| SHA512 | 8dea15ef17bcfca40e14d2d1703c354508f83c9db8ae0645af6c86637751f9a101b39625a03aaa2d98a968a39e4e9591430b3b3b27ac89cff53f354fa3a6034f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 64441fda18d97a7dddd904d1d0d13f99 |
| SHA1 | 540699dd6345471ac8ac32d809f6d3607b7fdcc3 |
| SHA256 | 74164a5c494bd448a0245da68bc39ee8a53b27e91680908335df66d2b13dc51d |
| SHA512 | 20fd65ce8775c6c72fcebb4d7816b17f4aab54c91f384d4b0df7fad8a9eba9a8f9b69c86e86535fbbf42fc8be72c9f2316321a8dc154a709dfd82bee9d559176 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 42a75cf3bfb8924857852c6cf4793b7a |
| SHA1 | 04b5f1b8145e8ff413617a0ebc044099e3035adb |
| SHA256 | 2c2e1fcec71343fc6a0e6752ff6b1d3edeac2eda79ffe1a70add37f39e74d890 |
| SHA512 | f8dfda82de014bd7e5bbc732b484a4ec2be7220cc1de5cee9af38d2a4d15fcc9986f23985abf7e132ea67f86d2f926184165c6ea0343af683db06b1f99077103 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | b1ff670bbda34ec22bb9881b3f31073a |
| SHA1 | 7b1bb3b0446449e3da5df84612df668e1b0ce5cd |
| SHA256 | cdee1cff799f4a614b42ed843b0737da798f51fd2d988b93eea14c17b9b3c06e |
| SHA512 | f2be59041484954520513de55ad487e4ef31014a78cf7faaa783943270566543932ba2c656fd142b68186ef113af40db8e77acf7f46c12fc1f67a989f9aa339e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 91cda0bb323c965313aa227cf212d8f5 |
| SHA1 | ec009c8a146692210e99a251710065f8a695729f |
| SHA256 | 22412b0d03c60c1daf3781c907372ed56e28aaa0bd851e87e8156feb20d850ee |
| SHA512 | fddb28c94bb2859816aede06c475f56d2527a9ed5bc100ffc5ab8c58eefb38e882313b3603c7cbe7e7375d0d429605eeba5c1e8c25b8a3107da8a789d48a17b4 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\thumbnails\c8fb87006751f16bc12f3938d0fa5874.png
| MD5 | baa53b2df46357d9c518cab9116dc818 |
| SHA1 | 8fcceba901d097d2ef3e8a3ff6a2f148d22d0b58 |
| SHA256 | 1b0828cec504b507d09d734b1880837c3bae643309e2a844cc066d55bef84e0b |
| SHA512 | fa7d857bb9d555587d4efc21f3bdf442f5db05e8934c485e577a804a017ee62c9fb58f489ed94d81b38e6054a77e36f5d5301895e3289d5f5a4d851a2f320136 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\storage\default\https+++store.rg-adguard.net\idb\3285085342rcbn_ys.sqlite
| MD5 | d180420799b98a8ade9377f17acfbb00 |
| SHA1 | 7a1aad97343d28102aaa4588f7d447a0a04fd860 |
| SHA256 | af5342f971b48a26064bac2bf8e7b6f5dedc506ede6fb474449ae9ebf51b0aa7 |
| SHA512 | 2a39c7794d7ef37e08e0017c2a1cb8cdaaf3a8edd578c741452d3239422e55ddb26701edf06d2ecd3fb3eb81dee0ef11ad6b936a48920854e0c0ebe438b46207 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 149acb52361b751b851e435b82930e46 |
| SHA1 | e53aa897615901bd93bd711f902a221f381e49ed |
| SHA256 | dbf46d3c6baeed6c31d3ec61e3d36d1d8a1e703a5eaac13002e6961c278b7326 |
| SHA512 | 52b45259ad7a4f2d6a2da70a79eb3c18cbb403db936683d5719c8e1157201525135934b33bc973e6c6079ce071fd338e5afea7052b6819140968dbedec5ee6e9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\76E7147E90F950CD5C9FEF108FF5987AED18E9F2
| MD5 | 9f28fef689606d272e9540faaeb012f3 |
| SHA1 | 0a8c4cc08121279966507cfaab7df673b57eba9d |
| SHA256 | 676c536f675b85e6ac9f6d40e21dbec168d6aa2ee9d77cbc7db505334073be60 |
| SHA512 | 09aa821c2a0132a74b7417aa730068ba0d6b7e49b0e6fe85c57ca1b1a59a4194c764ec65a940ff685fc59227454cf8516878589e0a1cd8a50599729fac0f1930 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f35d6acbc84df27633b8ec329ffb841e |
| SHA1 | c91b788621f9bb412dbe23631ec872973679b71c |
| SHA256 | 4b9a207f61e70eadef16b3d58f05b844c3e2ca8b2facccd3beb1e8e37d75d150 |
| SHA512 | 882830dfac3d52ab39f1b99126e95086c5409861a1a85a93e94b8fb84383798a61437a0dbe46c2f2cbb69a6208bddf9b4066aabff4f32a01f3af14dbf00c4a3b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 135a1abe5c6b622e2ab2604e1810d092 |
| SHA1 | 52f8ec1e1a6fad0a392576eff7333e960636deb3 |
| SHA256 | 803e00962c1d4efb6ba0f45f5081c52b26f1765fc230f6d8e07f0c8a19610c92 |
| SHA512 | c9e307280a56615e3a057725b3587b4fbf33c6266401fa216356425b410d6737a7a8e586d14e9a95d6cd613ffe5999de510d200fbca621aa54d93bf7a0f835d5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\98AF737DD946CA3B37F8CD63EC1E1756F57F2E19
| MD5 | d8ada47168ed612e5e7175f27375957f |
| SHA1 | 2d82a8973afa458e9f53525c1f9b339d68dcc7ed |
| SHA256 | 5a2ed3c643e73a5b28572321dcee156eaedfdbf575a2bcb564384b84e67c1b86 |
| SHA512 | 1d9950e415680aca927980da9103ebb3014fba58606d11b1e6348b5563128f91816d24fa2ae863fcd307a74ab8cc92b15cf14012195f5225acded9bdf0b36f7a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\96BF59410547F9E8E134E4074777005D8058D26B
| MD5 | faa10de299d4897a3cc27397c0f11cf5 |
| SHA1 | 5abac86e6aec7054f2508e8325cf7bb0e2377b0b |
| SHA256 | e7bc90734bb8f0bb414f0b8f29c993ce2aee1c98e27ca93d2132e92dd61615c1 |
| SHA512 | 57d26c195093d0234bd35aee0c7bb64b2b361f9a4eeba89a577a8626d8800baf14554492ff0f9facc9b1b68ee260f58525c6a83d3f9e902b1a1ef7c9ef108bbf |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\78C5602AD9B870C6C4D381677456A348D0186FE6
| MD5 | f848ef634ac561f2d311d38d42659b5f |
| SHA1 | 85787ad9c565a7766f829f76990d71c4a01c3c3c |
| SHA256 | b760088c83eac70d47626851209dac2acc3a1ea870bef7432f33cbdaa75bc50e |
| SHA512 | 7ca534518548c91a8fef5cbebe9fc71147851fab6955f4496b7162cb9f56972051d1d2aacbb7989ae63c060cd3a72e3d9188794176fd632f2a170f107993b1dd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\46C625DB4964C00323A8EF4C60828B52A454EBB4
| MD5 | f63cde313087ca2c325af6dc61dcde62 |
| SHA1 | 60be398b910ab57622377e953b1762a552d26498 |
| SHA256 | 0f86abff7ecc950d3dbd801d3f183926cdc31add3241c1afe034d7ab43cd1d13 |
| SHA512 | e1eb038ca52858af1d32483497fdd8527b275d82d6d31e37b880cfd386ac5eba599f2388e2b5404af52d9a972df546e9059caa9e775827a67d6b84b1a2f0de18 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\971254C7341460E85C93D0821B91E9985A0B32D6
| MD5 | f24ad2c4e8e1c4cfab024b3090ed5cac |
| SHA1 | cd65aa9bcb83688a7aba54e046f0ea25bba87640 |
| SHA256 | ca34d177f69daa820e5e73986b165ed0bcc9e0222a519a799391bf84636d64d0 |
| SHA512 | d5af2c5b169ff9aa53e16abb0c0f3ebfb755d28b4a4c93d9225bf58bf069f07153183adc4959da3d8344ad091d17dd439b51917e8e1f3e78b3a9b3351dd89f89 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\storage\default\https+++www.google.com\ls\data.sqlite
| MD5 | d6b28a3b20b7a33145e2f0bfe0f7d9d9 |
| SHA1 | 1cabee12920865be264a4b2effc3060a75255cbe |
| SHA256 | f894632bcefc9b52dc6b3672c967e823335b139a318ecb370a1fe47d2efc4b1b |
| SHA512 | a2c7272d2b8733926a01ed9dd771373b432c0a4d6bb245d50576aa583033a5e8e879b97505a5b59541649e041a0c5911c3d1af3aa545889981b2286626f1f663 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 2f194606d104662d7d0b28b6d03c02d1 |
| SHA1 | 88ee4dcc75cfd547779823124f6ff40a1318eb9e |
| SHA256 | 28c2a5846920d61d1f30aafc84802c36a3c86420f862df787e1900193a019af4 |
| SHA512 | e7e829059e4b959c7dfa03e951316379942f1338189f96cd4580a9c5d58f093f0d0bc930744e5e6061e983cfe2be9ab93d27dcbcd48294d8bb66eb7622eb230f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | e6d8215af130a8c4bb533672ccc5f930 |
| SHA1 | 4bcfa3a676ac7f280fe153ed18d2cc0768258f56 |
| SHA256 | 34b16d4b25eca9297ae2d2deaf920ac52867ba3c179f841cea1918e581d68be9 |
| SHA512 | 1cecefbcee17509d456f886640fb959c27cabc90c8e364358a2a8d02883215b4bea32ef3611e8efac5ccdc94b2ac63f3e456fdff67bdcc4eb283613bac1f7dcb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\prefs-1.js
| MD5 | 45818704e3b9ceed152cfd4db5591481 |
| SHA1 | b55bb0bb2f23e2266259766816c188349bc3416f |
| SHA256 | 4aee89bd02b56bdde042227e9fb4292c8e3f439d045a5561f3a79a761499bbec |
| SHA512 | f5c3dfabe9ba5089e93860b644a7f668f4676c6a3c4e97997f0a3d5f45c9a2206709c81258ec01230666b8210afeb29e748b3efbae7ef6dc14e25c8b4342f503 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\F0CD8658612AEBCCA0162FB050224536BD5D06D1
| MD5 | 4617527c99d8f3378d6d41a9b49da27f |
| SHA1 | efa34e28f02de09beea9295f01eebde56194cf1c |
| SHA256 | 8c138b7fc6cc717d121581c2b68cf9ecb1a472e29a4f33fbe81e968040c85f62 |
| SHA512 | d30c62dcc26660e05dc4be4c934a8a4246d38410dd45b63a90860c75fb5784a3f4b801e2045798de1b521061a6fe7d756fa4084a0e035945d2d11166d66d1b58 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\F7E132CEFDAED416568336AA42835A81480A4F9A
| MD5 | 64a851d9bf698ad6233626e14ddfb7ea |
| SHA1 | 5d27c28b322a58119e87c19adb68595bae4d60c2 |
| SHA256 | 8d4b65de014cbe97c063dc43db7b1656ff2f7d2669eaba3a3b7eb251c5c05416 |
| SHA512 | cd9533d0a8ae76247b2a137171755a70bfdce06d400c04dacd7ddc71d969ac4f41324a39fad3e19ebe1fb062d6139f2d9c5dd7dcdd65a162ac501f24493a675e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\24D0A6A1E4AD947F1F4FF07DA5310F165128FED8
| MD5 | c29a4457a012c3deb3137244a23577bc |
| SHA1 | 8df6d8bc215dfabd7c7075d001755752523d5c27 |
| SHA256 | 6071d82194e9dc97951f0379de5ec3f0ee35a3299b2aca37d61473cfd1778b9c |
| SHA512 | e7d222f1b6304198cd4f3d5cf91c4302f0718e5c7aaf8413d0da90d6f0d8b315da01fd7bc3b85c2a60db3e09c8430dd4c9b7753b56eea7045221e3b2621452a9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 9c8a7b30e1e2c2ad73a7e608a33036c3 |
| SHA1 | c5a749b25becd9e02b529af091731910596914b2 |
| SHA256 | 354b18f9d0aee7f08f8c9fd67d0ba17d8baafaf5d38e40d863c5cd15866f7e6a |
| SHA512 | 11056516eb50d9776109db28c80b62e903709e57b01103520a52d1502f5f84bdb9223944af6471d51040c27675360e6ccc4a1783d7ca2d1d1b993b9a6fd7aaeb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | fbcf5ce5b542d3e8af57d7c8fa80a106 |
| SHA1 | 3adbb19be7a2e9ae521b94f3b314dc22f4589b15 |
| SHA256 | fab02c2d924500a87b2ec9c11556bf13946bdbef100c9fd24a3d5fe4885c8e45 |
| SHA512 | ace6846b850a7b7521068e3ed1ce88eefa4592e068c53014c59d8fa2a2bd2bd3fda8ad7f8d8ebde007ad9fc04528bd1d227bc0b6d9ca8e6a3df438c9a733aa2f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\1E5A8413966C7755E0218AB057C31CD0E628B9BC
| MD5 | 23c9061af61d00b057e8e7fff7b3f547 |
| SHA1 | 1005ed277f379005c14035f02a18ebc730cbbeb8 |
| SHA256 | 18dabaaae833fc5a968535f3bc53a11665e996d604ad71daff3c5c4ea8a7d1c2 |
| SHA512 | 6cf2f7786eb9cf0394d584d4b8529339315350d4fbf46b0b3935775d59a6dc2f8a9786b1b3b8487d9f37de255a131af71266c837f9d6a37d81a3cf5511aae8f3 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\2CC49D6CF5E86A1833B1C6B5E184B1A899F77B05
| MD5 | bd7bc800e9927bc552d3c8ef307ea928 |
| SHA1 | a36f0be9231aa4e8caec0888afd38735a0c20e3e |
| SHA256 | 61857058bf203a25af070a13bafac6fca7f00d415884791a56541569f056a9e0 |
| SHA512 | ed7c216711b27cac36f4b69720eb56e8cb7f146f7e549d457211b299b55d121bb01a8f52f343469a10b3ac563709f47a3e4613fe5d1a349463879f1803fe7326 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\5F6BC1B6E63D119B45912BB7B8253524B2A7F017
| MD5 | e60778fac653260cd411dbaf86b721d3 |
| SHA1 | d8d780e2c7786719efb17bf01cff5cc89ebc3969 |
| SHA256 | ca6a3f460aeedd43ddb68e96bbf8c4d581cebfbb7dc0becfa81588305a6eb036 |
| SHA512 | 23751814347cac0a4faca9385cb7e9f705a9885b548393769d9934d8ac8b847cd6f989e8eeb1fe1e25f7405bdbbbf426a6b2f03273be9c678b82311cf51f231f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | e79bec931f4ec995e10926d901f1e762 |
| SHA1 | b83952567e90e9bf167007f898c07a92f4f78d89 |
| SHA256 | c663df1462130c61962dfd8ba727dcb95d410d9c73b38a36d84f1e83174c091c |
| SHA512 | abe6c985d43371e2389d041987e1765836fb7eaf04498ec0b55b5cd001fa4d8081c8f3e19dd4cb35f28f42bb4552acd034685ea540c3def9c1b6e4e51e841d75 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\storage\default\https+++www.androidpolice.com\ls\usage
| MD5 | ffe60150b6377fcd5f24bd574d5be838 |
| SHA1 | a6efa8d06c5a2f55de60db6abfb55cf92459e17b |
| SHA256 | 5d6cf4b13b954c85b848d540805f6c07e48ce3bf91a3077df72f9b1c4b02ebb7 |
| SHA512 | f4955e2f4d2fc97e513f8ac9dbd51ffa939872aa75d2a87972074d88ca23b7be2331cee49f164f05b321789afa13abed7efbecdf41a3aa1c5ea5603292004dc1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 3c5e2560e597b8947a8297b0a5faf3c2 |
| SHA1 | fb8c32c88bb5a9f7b3e23e10b0f4fe2783069269 |
| SHA256 | 060d9b970474e11e8cd871de1fafff51323499c2904732b174f5e0044c12da97 |
| SHA512 | 08b98035443e1ed33cecf5fcfe416602ab3cce1895fc6f7234d2a54e9078981da10ed74d59c2ecb4c35c107e7d8e40c98c065e6dc531ab00e82d41993242e667 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | c2a9e82e83f324cd8874bce0f16f7891 |
| SHA1 | eb81d96285496a0bc2b74426b7fa5ebc17a59e61 |
| SHA256 | 55508544949ff6af1ae6d25fa7aa5d61d69803d9bf3512c43919a3a96c3a90b6 |
| SHA512 | 2aa278299fbecc5e93b58262f4987a7b2c5032d9a9cff47fbfcd4943fe63988aef69065e366ff72ba8f151ad73909b90ea8c3ed9e9a0fa3b101ff3e7818128d2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 26e9d99da98be89c965e9d243541e721 |
| SHA1 | 90ae6b29a71c8278c760b7e8931eb2fe55e84e70 |
| SHA256 | dfec85f0dbb4e22a2eec0d4903194626d0f9271d32c06a1a575e84a696056a54 |
| SHA512 | e4ac5bfef7763776bd04147dbc424264187f9dd33771a49a2dd1038fc9ac5a99c4bd16cadb3d4a672ecc0ad17bf656610f98163c14772fe8857c60cebdc2a0eb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\storage\default\https+++store.rg-adguard.net\ls\usage
| MD5 | c662f60a76d164c47d638088666d969a |
| SHA1 | edaa824f314035e866339528556d39d270b87e60 |
| SHA256 | a2b0df96f2cd8747e82aad511f040c9a7be785f0146fba1bd5d4cf54f1fde93a |
| SHA512 | 7e6d2a3dbf76cf01a1c27c5ba42ff2c28abf2981b06f241677aff4aceef4a9506c17e9bd4a35fa440464f9fbe71308ec0b5e19808fff38fa06b4c1ca5e7c48e9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 09c50fab7879afef288d7bf5017edcdd |
| SHA1 | 40805510f1851ef7775f418cb173099bd3e85552 |
| SHA256 | a9b89a71ff2f6453c3a50fe5edef8d5e9ec9fecb2dcb9da321cfe859350d9987 |
| SHA512 | 19d6a702fb37a783aea3f158a74f5a23ba23b7b2fe1e051c81ba69a408b14f8095511b32529a01459b3fb1d992b8e704315e10634d7f86fa3c28d034057a181c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\D91D3F5C8FA7CF63B86DAB97A87215297C693F0A
| MD5 | b1e7e999db795567eabc36c2d9f2adca |
| SHA1 | c42c18a34f03b499ea343cbe87bd53b012c86269 |
| SHA256 | 1ad6efb74c65bd72db80c98a50cd4178efe47d4941852794112f0a3ec13bc17b |
| SHA512 | 2e927cc985ae25e83cfc072e94c98d05b68b06aca4313f0fce7bc7d8cb73d7892e88fe62fcda1a39fef8cc67ec0b3c68d6a54a18aa6fce5d57e0a8c8aac26a91 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6o52671h.default-release\cache2\entries\61A57CBAEC8AD4C5A859E8D3401B698C5D038BD0
| MD5 | 7cb7010aed97b9b89d341447db196ac1 |
| SHA1 | 0ce000d6b650a1542aa5d10e08dc251ac3bbdd26 |
| SHA256 | a26d9381d0336c36e4b656e6e13f3c426eda7ecd426ee5d2fd5bf0e23c26f1f7 |
| SHA512 | 307a3e1e614c1f2f119abce8005009c6185cfaca9892724161e3541f6415149913a6d939c82215a242a0d884e33cb72c754672da9b67f3e01d0d8363b37c824b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | ee813da294f83abb1e0b10b8553976b8 |
| SHA1 | 15c1000f217573d4c4aa09c8d78e6b6895498411 |
| SHA256 | 53468af15bf91df3578276b64ae60cbc2665e40c73ff0f0e0cc7fee08c894663 |
| SHA512 | 9483605b3c327b04d9995fbb094072bf5ff206ad5ca48672e6b53703e7246d37c11ce32649ff2646d67c60a449931966ac346c03a664147e3c352fcb88f16527 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\datareporting\glean\pending_pings\8d2e7b94-5c28-4a77-b0dc-dbc36dbbfef1
| MD5 | ab70225f024c30dda4abc33bd879a75d |
| SHA1 | 7f7127708355916fcce368f429d8c4b749e8f8d4 |
| SHA256 | 9fd319657b61c9a698db00f30a27a1a6254e3b354c949f532b3df6147c397353 |
| SHA512 | 53fe0326fa26ed1e9fc2c190767071e04917537ac727e50ba7756eae297d44a2a8b804d33c5132eaf945502f4fe683dded3885404aa6fec60dc2ac4fd0b91b33 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\datareporting\glean\pending_pings\06f5c3d1-1665-4249-9e29-c51570b66fb4
| MD5 | 21b41ccef6dc402595ce6ab603c19d4f |
| SHA1 | ba5df2690fdbd8a88b95bafb511f120eccef34a9 |
| SHA256 | 1c6ebab83a9906494f2475fd657a39fe11c40f6a9443283f1db03b301ec06f52 |
| SHA512 | 3adbca2f8b03099019294e2a3ee481dbf9f79c40097b6ce08827e986c9a036009be1384b334170b35c24fa1c121bb8abbfff40a3e080f1bded7a636130e36225 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | a22cfb9e8caa5e302333e1cae7a918c6 |
| SHA1 | 011186dba1658a1d8bfa43791ef46a53a8959f22 |
| SHA256 | ac6b78ef6e2e1ee7eb00972c6cecf5fac06cc587f0c173b27bb0838fbfdea5d0 |
| SHA512 | 99b30ebc60b05e5d9815a5a7f82ba0de0c66670bf1a415813892b042091fdfddae6619b8f279f14bcba84c6a26b30805546cdd74edbebaa0c021d5694f8d6bcd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 5bf4d17c3d7e1184f14b44399e96df3a |
| SHA1 | 5ee19a10bcac380cb32c306cdca9dadf42688619 |
| SHA256 | 3d0f3e274083d4ba58292b054d6b2a86db258660d00861965c010cd35e08431c |
| SHA512 | b2ecbf46a0a2b1d50fdce908f6c968689ef70fce12a9150fa987ee57856619b5f7cebd6ac4b3faf05d3873e31c8252af7fd3b6fcc5126d7e7adb2041ecdddaa0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 6888facfc87cfc7051f1bb2f57a1e63d |
| SHA1 | 11cf3bf65a7451c3a68b4b3eb9441f766197d29c |
| SHA256 | 4c9fefecac21ce4cc594bec853ca7bc576d4479f15df6f506bea7669e960c354 |
| SHA512 | 6d0301dcec50068d9c438e6e46a4ff5235264465c7d7d6f888f3fb99f90cec67586ef1da99fbe0482a5acf82d25436bbfe7ac01313559250f85ecf446e1faafd |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 21c00ad11d9b28c3aff14ea353c4b124 |
| SHA1 | 321d122e75cd49209c990c1dbbdc0fa660847285 |
| SHA256 | fe79859e014e39a922ddddebc20478b45e7abb46e3742b5b5786014fafa72503 |
| SHA512 | 5000420ddf3a76ebc9aad1204a067c0f32252bc3322abaea26be39bcf9cf4cad6658cf1c2cba3b9207d9acab57d45eab2de87b98fbae325e51570bf6a8e82033 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\TempState\AILog.txt
| MD5 | 8d6ede6e53c614448c5d3b37a717cef6 |
| SHA1 | 43f6200fd73e9e4c8949837417c5497160066a47 |
| SHA256 | 7fcff518c840de6bb48a83810b0471db135dc7980fcd1ea2e47af55ab80e01f1 |
| SHA512 | 372e117dd54630182b7020e25488b048ad94347e33b551886f6bf69fe37898a74b814f01ab3d43fb3aed05a364bd4600841465169a8e2ec3a89cec5a2657e2e4 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\TempState\AILog.txt
| MD5 | 254558f42f628248edc4a194c037dec1 |
| SHA1 | ae201f5e2c484acf3977857512ab096e955fc0b5 |
| SHA256 | 8a615f27aeb2abbe56ddd9ed7bf8424cea40fc9dbad159112d0a6794f7468ab5 |
| SHA512 | 50a96d54aa9be74136f392bd0314ef4a49f53db57ab057cf40e7daa855b3ebb2a2d685bf512dc46d365c23429f8993b71e29347da545dba7fed818b3d3d901bc |
C:\Users\Admin\AppData\Local\Packages\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\TempState\AILog.txt
| MD5 | 3318deeeed02c16abf1d4549876c40ef |
| SHA1 | 9c02f1e0dd1b12ed3b7e0f145b86faed7756864b |
| SHA256 | 5c68ce8bbcd182b7f5d74970ad929cfa14bf396cf494296eace00693a6985317 |
| SHA512 | a38428d872435a857124dbc6c0d73399995a90e23f77ce4b22c3db2e20c30443c06b5f745cc79a56b09e4a271fcd403fc6bab1a42802ca80f2d681dd1892a282 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | a95f98ebc908d83918e9c1087fec17fb |
| SHA1 | 7b8b6dc450a7bdc44692a22d5d2d1f8b482ae30d |
| SHA256 | d6e1fed419d395e247dba353212818a4ffc0e900f18a208750257ca971985410 |
| SHA512 | 9eca6a321fc892577cd346c569313e12657190e02f7a956766ec3f41bd831f82e045933a72ef3c1a234b208e6c5481578a584d96def74b1f09cefdefa85433de |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\sessionCheckpoints.json.tmp
| MD5 | 362985746d24dbb2b166089f30cd1bb7 |
| SHA1 | 6520fc33381879a120165ede6a0f8aadf9013d3b |
| SHA256 | b779351c8c6b04cf1d260c5e76fb4ecf4b74454cc6215a43ea15a223bf5bdd7e |
| SHA512 | 0e85cd132c895b3bffce653aeac0b5645e9d1200eb21e23f4e574b079821a44514c1d4b036d29a7d2ea500065c7131aef81cfc38ff1750dbb0e8e0c57fdc2a61 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o52671h.default-release\prefs-1.js
| MD5 | 101fb646b20b3bfdba6add8fd0308a28 |
| SHA1 | cfe8cc961927856232bc326bb99c3eb5d7015ed9 |
| SHA256 | fc92f5925fbca19bf1d33ee97d710a272f348ddd3c5d5c0ef0d1818615d648e4 |
| SHA512 | 411542aaaf6fe0fb4e84b1a3c5de3916862ccda85d8af18fbd766a7248238a5f06537973d9f417b26ec27653f5ab20cf318812d2cf1eb9b0f458e65189cad7eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 941bbd57852ba9f27c07dccb022542f2 |
| SHA1 | 881cebe6bb5bfcf74e51279b1c802e4cf852dabd |
| SHA256 | bc53fd26e9128c0577eddf8ba6fcb581c88dcb632ce744d3811544e6651ba8e4 |
| SHA512 | 8990ebe8d67ef7a20ee05bc4bb1ad9f167231761536ca63dfb4782c4ab2623c96a1576342359b6cc0393e4a39bdaf1b74cb631ad220a22e18db82e4d25182c98 |
C:\Users\Admin\Downloads\Unconfirmed 730071.crdownload
| MD5 | 335e1e56cc42c560d968c9045381f1e8 |
| SHA1 | a9d8683b6bc00c00ae7e63197560542422ee82c4 |
| SHA256 | d161fc024ff279db7a1e9f59d36f411911b158cb4d9ba6a2ada7aaaa6f9594d0 |
| SHA512 | 9ef8de7fd17f022034b686e86f3ebdf2c12b1ee5e6f9b02564b618e81b821fb8f3a3fe0375d0258ff815eb317962e2d73e37a52f500581e476e0cb1215e64d57 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 871d2b9305d1784fab2a401260b4f9cf |
| SHA1 | 3db4be0f0d218bf69f0d59fb680a1b16b2d153ac |
| SHA256 | 7f69283f40953b51d7f30cdd2621cd58c80238b82523f6f2025c89fac557b447 |
| SHA512 | a15cfbb91b132c390fa50b9e72f9ba14cf84d12f218d44c0cf7db0e071ef74ab6a6b8adfd3bc1ec0938af1b61d2f555e088abc4fecfa044791eb78270157426a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe60c538.TMP
| MD5 | 8d9174b62d465c5c85020bb59cd93dd4 |
| SHA1 | a93273607f57cde89396d3539d1514fafc573520 |
| SHA256 | 55ec8eae66386a8aed2bb172757dcb05b771817ff8be4f6109659d5c4b4c001e |
| SHA512 | d101287ef45d43373ec685bbdbf4e78dd441f367f2e3b914e53a4f6ed1d1d897cbf855044a569bf0ef0bcc11ce234d7e01367d79e8473581353e16278f5f3a27 |
C:\Users\Admin\Downloads\BlueStacksInstaller_5.21.505.1008_native_d52a51ddd73f6866b5420f1f2f853ec1_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe:Zone.Identifier
| MD5 | 7d0d75dfbff0915f05072ac3114201b4 |
| SHA1 | 8deb1c8cbc5333351a21d711d1dc172d7453a3ad |
| SHA256 | c677685c757eb77d80a635c8690e89bd77013e5da79ff46db640cdd13768c79c |
| SHA512 | 15a56bf0e4ffe02c9be75de34fe0262ed55c5d5a45e62b103d8ac6ea997809ebf678eaaefc7bdca80742f04f18a75240993bdb1b17f6cc7cc962a770d1244a24 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 783814cede9726e55c7ff1d10e207ba6 |
| SHA1 | 973ae4f25f58d45b41db850aff80620d3ef6ae6d |
| SHA256 | a83b0c2e256e24e9f7df372a93495728371369f5d10121f964939c6a43dfc2a8 |
| SHA512 | c048c7700627daa37f386f40e3b51fa6774c6a663a3f0fbc47fb85bbffe87981ab8a772ae361534d6fae1a3d0466542cf204bea67da6ece1aa8af16232a250f0 |
C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\Assets\change_hover.png
| MD5 | 57092634754fc26e5515e3ed5ca7d461 |
| SHA1 | 3ae4d01db9d6bba535f5292298502193dfc02710 |
| SHA256 | 8e5847487da148ebb3ea029cc92165afd215cdc08f7122271e13eb37f94e6dc1 |
| SHA512 | 553baf9967847292c8e9249dc3b1d55069f51c79f4d1d3832a0036e79691f433a3ce8296a68c774b5797caf7000037637ce61b8365885d2a4eed3ff0730e5e2a |
C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\BlueStacksInstaller.exe
| MD5 | 61649b18be49277188fb628ad4208ce1 |
| SHA1 | 7d601413b233c6f8f579275841449852bec9b279 |
| SHA256 | 0231016bb24e3b91fd80dc779b9617e5dbc36af45ede2b32b204691541ad4f08 |
| SHA512 | 71263084b20816a209e6ebd141f5543c4da7b4f99679063a7bed94c7f3345e3b801dedb1ccb7241241620ca73c8044d24a03315acd42cf86b5e56957dfcd4f1c |
C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\BlueStacksInstaller.exe.config
| MD5 | 1b456d88546e29f4f007cd0bf1025703 |
| SHA1 | e5c444fcfe5baf2ef71c1813afc3f2c1100cab86 |
| SHA256 | d6d316584b63bb0d670a42f88b8f84e0de0db4275f1a342084dc383ebeb278eb |
| SHA512 | c545e416c841b8786e4589fc9ca2b732b16cdd759813ec03f558332f2436f165ec1ad2fbc65012b5709fa19ff1e8396639c17bfad150cabeb51328a39ea556e6 |
memory/8312-4476-0x0000000000BB0000-0x0000000000C50000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\JSON.dll
| MD5 | f5fd966e29f5c359f78cb61a571d1be4 |
| SHA1 | a55e7ed593b4bc7a77586da0f1223cfd9d51a233 |
| SHA256 | d2c8d26f95f55431e632c8581154db7c19547b656380e051194a9d2583dd2156 |
| SHA512 | d99e6fe250bb106257f86135938635f6e7ad689b2c11a96bb274f4c4c5e9a85cfacba40122dbc953f77b5d33d886c6af30bff821f10945e15b21a24b66f6c8be |
memory/8312-4478-0x000000001B940000-0x000000001B9A8000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\Locales\i18n.en-US.txt
| MD5 | a1e3293265a273080e68501ffdb9c2fc |
| SHA1 | add264c4a560ce5803ca7b19263f8cd3ed6f68f0 |
| SHA256 | 1cb847f640d0b2b363ce3c44872c4227656e8d2f1b4a5217603a62d802f0581f |
| SHA512 | cb61083dc4d7d86f855a4cc3fe7c4938232a55188ad08b028a12445675fbff6188bb40638bd1ce4e6077f5bfc94449c145118c8f9b8929d4e9c47ed74cf7bece |
C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\HD-CheckCpu.exe
| MD5 | 81234fd9895897b8d1f5e6772a1b38d0 |
| SHA1 | 80b2fec4a85ed90c4db2f09b63bd8f37038db0d3 |
| SHA256 | 2e14887f3432b4a313442247fc669f891dbdad7ef1a2d371466a2afa88074a4c |
| SHA512 | 4c924d6524dc2c7d834bfc1a0d98b21753a7bf1e94b1c2c6650f755e6f265512d3a963bc7bc745351f79f547add57c37e29ba9270707edbf62b60df3a541bc16 |
memory/8312-4483-0x000000001CE00000-0x000000001D328000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\Assets\loader.png
| MD5 | 03903fd42ed2ee3cb014f0f3b410bcb4 |
| SHA1 | 762a95240607fe8a304867a46bc2d677f494f5c2 |
| SHA256 | 076263cc65f9824f4f82eb6beaa594d1df90218a2ee21664cf209181557e04b1 |
| SHA512 | 8b0e717268590e5287c07598a06d89220c5e9a33cd1c29c55f8720321f4b3efc869d20c61fcc892e13188d77f0fdc4c73a2ee6dece174bf876fcc3a6c5683857 |
C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\ThemeFile
| MD5 | c3e6bab4f92ee40b9453821136878993 |
| SHA1 | 94493a6b3dfb3135e5775b7d3be227659856fbc4 |
| SHA256 | de1a2e6b560e036da5ea6b042e29e81a5bfcf67dde89670c332fc5199e811ba6 |
| SHA512 | a64b6b06b3a0f3591892b60e59699682700f4018b898efe55d6bd5fb417965a55027671c58092d1eb7e21c2dbac42bc68dfb8c70468d98bed45a8cff0e945895 |
memory/8312-4487-0x000000001F480000-0x000000001F48E000-memory.dmp
memory/8312-4486-0x000000001F4B0000-0x000000001F4E8000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\Assets\installer_minimize.png
| MD5 | 38b539a1e4229738e5c196eedb4eb225 |
| SHA1 | f027b08dce77c47aaed75a28a2fce218ff8c936c |
| SHA256 | a064f417e3c2b8f3121a14bbded268b2cdf635706880b7006f931de31476bbc2 |
| SHA512 | 2ce433689a94fae454ef65e0e9ec33657b89718bbb5a038bf32950f6d68722803922f3a427278bad432395a1716523e589463fcce4279dc2a895fd77434821cc |
C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\Assets\installer_logo.png
| MD5 | e33432b5d6dafb8b58f161cf38b8f177 |
| SHA1 | d7f520887ce1bfa0a1abd49c5a7b215c24cbbf6a |
| SHA256 | 9f3104493216c1fa114ff935d23e3e41c7c3511792a30b10a40b507936c0d183 |
| SHA512 | 520dc99f3176117ebc28da5ef5439b132486ef67d02fa17f28b7eab0c59db0fa99566e44c0ca7bb75c9e7bd5244e4a23d87611a55c841c6f9c9776e457fb1cbf |
C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\Assets\close_red.png
| MD5 | 93216b2f9d66d423b3e1311c0573332d |
| SHA1 | 5efaebec5f20f91f164f80d1e36f98c9ddaff805 |
| SHA256 | d0b6d143642d356b40c47459a996131a344cade6bb86158f1b74693426b09bfb |
| SHA512 | 922a7292de627c5e637818556d25d9842a88e89f2b198885835925679500dfd44a1e25ce79e521e63c4f84a6b0bd6bf98e46143ad8cee80ecdbaf3d3bc0f3a32 |
C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\Assets\setpath.png
| MD5 | b2e7f40179744c74fded932e829cb12a |
| SHA1 | a0059ab8158a497d2cf583a292b13f87326ec3f0 |
| SHA256 | 5bbb2f41f9f3a805986c3c88a639bcc22d90067d4b8de9f1e21e3cf9e5c1766b |
| SHA512 | b95b7ebdb4a74639276eaa5c055fd8d9431e2f58a5f7c57303f7cf22e8b599f6f2a7852074cf71b19b49eb31cc9bf2509aedf41d608981d116e49a00030c797c |
C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\Assets\custom.png
| MD5 | 03b17f0b1c067826b0fcc6746cced2cb |
| SHA1 | e07e4434e10df4d6c81b55fceb6eca2281362477 |
| SHA256 | fbece8bb5f4dfa55dcfbf41151b10608af807b9477e99acf0940954a11e68f7b |
| SHA512 | 67c78ec01e20e9c8d9cdbba665bb2fd2bb150356f30b88d3d400bbdb0ae92010f5d7bcb683dcf6f895722a9151d8e669d8bef913eb6e728ba56bb02f264573b2 |
C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\Assets\backicon.png
| MD5 | 7ff5dc8270b5fa7ef6c4a1420bd67a7f |
| SHA1 | b224300372feaa97d882ca2552b227c0f2ef4e3e |
| SHA256 | fa64884054171515e97b78aaa1aad1ec5baa9d1daf9c682e0b3fb4a41a9cb1c1 |
| SHA512 | f0d5a842a01b99f189f3d46ab59d2c388a974951b042b25bbce54a15f5a3f386984d19cfca22ba1440eebd79260066a37dfeff6cb0d1332fca136add14488eef |
memory/8312-4508-0x0000000002DE0000-0x0000000002DE8000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\7zS8C0BCBD0\Assets\installer_bg.jpg
| MD5 | 3478e24ba1dd52c80a0ff0d43828b6b5 |
| SHA1 | b5b13bbf3fb645efb81d3562296599e76a2abac0 |
| SHA256 | 4c7471c986e16de0cd451be27d4b3171e595fe2916b4b3bf7ca52df6ec368904 |
| SHA512 | 5c8c9cc76d6dbc7ce482d0d1b6c2f3d48a7a510cd9ed01c191328763e1bccb56daeb3d18c33a9b10ac7c9780127007aa13799fa82d838de27fbe0a02ad98119d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 151a8fdc53da6fdf0482ff6d3bd86067 |
| SHA1 | fbfa700b5f20ad81b58f96b772c1bf463d09ff37 |
| SHA256 | 0f8f5c259adcfd79cd06dd1bbb9651d28c9a69abd957386b3e915f8339a46f17 |
| SHA512 | 2254144fbed164f071020d7bd5d245e3191e520c2c69aef41a3b414c39529be1c87725083edb429bd10481c78d3a3dc646a82e335b90c6321832a589eb70dc54 |
C:\Users\Admin\AppData\Local\Temp\nsc378B.tmp\nsDui.dll
| MD5 | 00b6133cfc90765dc003b02644e99723 |
| SHA1 | 50cfe98a05ca6c964d899bd8532cf20091a9710a |
| SHA256 | 7e490c705c4fe27aa70ddab2e36a5f9c54a3eff2903642c170b89b9b67e90efd |
| SHA512 | 4db73e1fdcf25d85008deea08568c52839ff4328f3ae58836f1d944409d045d474f6fc15f16eaad993928264ffd3e1761793be7dc7349b13409e98b9ccb18df9 |
C:\Users\Admin\AppData\Local\Temp\nsc378B.tmp\BgWorker.dll
| MD5 | 36c81676ada53ceb99e06693108d8cce |
| SHA1 | d31fa4aebd584238b3edc4768dd5414494610889 |
| SHA256 | a9e4f7ec65670d2ce375ffaf09b6d07f4cd531132ca002452287a4d540154a38 |
| SHA512 | 1300de7b3e1ac9e706e0aad0b70e3e2a21db8c860e05b314a52e63dd66b5dffdf6be1e38ab6ede13bfd3a64631cc909486bf4b1403e7d821e3b566edc514c63c |
C:\Users\Admin\AppData\Local\Temp\nsc378B.tmp\nsDialogs.dll
| MD5 | f7b92b78f1a00a872c8a38f40afa7d65 |
| SHA1 | 872522498f69ad49270190c74cf3af28862057f2 |
| SHA256 | 2bee549b2816ba29f81c47778d9e299c3a364b81769e43d5255310c2bd146d6e |
| SHA512 | 3ad6afa6269b48f238b48cf09eeefdef03b58bab4e25282c8c2887b4509856cf5cbb0223fbb06c822fb745aeea000dd1eee878df46ad0ba7f2ef520a7a607f79 |
C:\Users\Admin\AppData\Local\Temp\nsc378B.tmp\nsis7z.dll
| MD5 | 95f6f6ab9509bc366ab9215defe4251a |
| SHA1 | e3f4a6effd6ca5838cfe91a01967cb72edcc7b0b |
| SHA256 | a896a9ece055d334d431cd0f856113ab925d9ee86d2dee383c0bfbbef11a5b50 |
| SHA512 | a853f70d2ea7f384df99be067724bf3ca73c63f3c3573c112f5528fc86a96bd34509d934b038e2a81833f3abb3eedbc5894921291139100e01df6e35696c0ecc |
C:\Users\Admin\AppData\Local\Temp\nsc378B.tmp\System.dll
| MD5 | 959ea64598b9a3e494c00e8fa793be7e |
| SHA1 | 40f284a3b92c2f04b1038def79579d4b3d066ee0 |
| SHA256 | 03cd57ab00236c753e7ddeee8ee1c10839ace7c426769982365531042e1f6f8b |
| SHA512 | 5e765e090f712beffce40c5264674f430b08719940d66e3a4d4a516fd4ade859f7853f614d9d6bbb602780de54e11110d66dbb0f9ca20ef6096ede531f9f6d64 |
C:\Program Files (x86)\BlueStacks X\image\LocalAPK\close_pressed.svg
| MD5 | dfddf8d0788988c3e48fcbfb2a76cd20 |
| SHA1 | 463bb61f0012289e860c32f1885a3a8f57467f2e |
| SHA256 | 9585f41eb6202e89f2087266fa31852d7f41ca8cc659b907c96753fe165f937d |
| SHA512 | e708c5114c60f7574589d6a56c9faedda26ee4a40f0eeb25f5e12eadcf790f24fdbf393fa0aa6ad449b5337d625b092d6f8822472fa8a6ce1339aca59c50c3ca |
C:\Program Files (x86)\BlueStacks X\image\LocalAPK\close_normal.svg
| MD5 | 3221ac69d7facd8aa90ffa15aea991b0 |
| SHA1 | e0571f30f4708ec78addc726a743679ca0f05e45 |
| SHA256 | 92aeae68e9e0973d9e0dc575941f1cb2e24afd0574341a46b870be7384eaa537 |
| SHA512 | 5e2de0abfe60a4db16ea5e8739260c19962fbfc60869a77bde6ab3547ad8ee3ad88e74e97da31fa23be096afddad018e431d152d6d0fa21a75357a11dacb1328 |
C:\Program Files (x86)\BlueStacks X\image\LocalAPK\close_hover.svg
| MD5 | 76166804e6ce35e8a0c92917b8abc071 |
| SHA1 | 8bd38726a11a9633ac937b9c6f205ce5d36348b0 |
| SHA256 | 1bca2e912184b8168ee8961de68d1d839f4f9827fde6f48ab100fb61e82eff90 |
| SHA512 | 93c4f1af7e9f89091a207ab308e05ddd4c92406c039f7465d3b8aca7e0cc7a6c922a22e1eee2f5c88db5e89016ef69294b2a0905d7d6a90fd32835bc11929005 |
C:\Program Files (x86)\BlueStacks X\image\LocalAPK\close_disabled.svg
| MD5 | e7fdf6a9c8cae1fc1108dc5a803a1905 |
| SHA1 | 2853f9ff5e63685ebb1449dcf693176b17e4ab60 |
| SHA256 | 8ee5aa84139b2ea5549f7272523aeb203d73954c5ccdcf6f7407bf1a3469f13e |
| SHA512 | a6388b24926934e20ccf7fcab41bd219dc6c0053428481d7f466bf89f26bf1a36fdff716a9ddd9ab268df73b04dff1449c6bac1f5c707e31ae2ee71c2087e0d9 |
C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe
| MD5 | 824fb5970ee20c8205d0a128e610e2d8 |
| SHA1 | e2341a3a786de0898cef220e5c7716059cdeba20 |
| SHA256 | d1983c6f709e0a45d97182317d5d4a2f2ea6bb7533aa14e735aad51b54c02dac |
| SHA512 | 7ef37534d4626f53bc363de095493b53ef3279d12ccbd6e855fc8452ef2394746b27c935380fcbeba628b2ca29df3af85879668cf5a8c44a292a086261898015 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e9181273e81f5fbeb606ed0362657af1 |
| SHA1 | bad37c936bb1a32ff29f106a0b998f1040ab270d |
| SHA256 | 188ade98c564e021744d974e87ec5c67b5468d418d4c697ebe36f003a80bc0b5 |
| SHA512 | 509bfcef47664867dd8650f377e28d3d1519f116db1389ac6c40fc5808d5c4e790ce8aabf170112d280fbf43f9f00abd8792b59b6fd93363900ab3f757e91110 |
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\Assets\minimize_progress.png
| MD5 | 1504b80f2a6f2d3fefc305da54a2a6c2 |
| SHA1 | 432a9d89ebc2f693836d3c2f0743ea5d2077848d |
| SHA256 | 2f62d4e8c643051093f907058dddc78cc525147d9c4f4a0d78b4d0e5c90979f6 |
| SHA512 | 675db04baf3199c8d94af30a1f1c252830a56a90f633c3a72aa9841738b04242902a5e7c56dd792626338e8b7eabc1f359514bb3a2e62bc36c16919e196cfd94 |
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\Assets\exit_close.png
| MD5 | 26eb04b9e0105a7b121ea9c6601bbf2a |
| SHA1 | efc08370d90c8173df8d8c4b122d2bb64c07ccd8 |
| SHA256 | 7aaef329ba9fa052791d1a09f127551289641ea743baba171de55faa30ec1157 |
| SHA512 | 9df3c723314d11a6b4ce0577eb61488061f2f96a9746a944eb6a4ee8c0c4d29131231a1b20988ef5454b79f9475b43d62c710839ecc0a9c98324f977cab6db68 |
C:\Users\Admin\AppData\Local\Temp\7zSCB07B312\Bootstrapper.exe
| MD5 | b2e3067e232c3e7240e9f2fda16c32d6 |
| SHA1 | f024aaedda326285bd0a9a23fb98b616907812d6 |
| SHA256 | 43d8be3c07628b53a3b5ba65362a96a79fcb9b5ecc84b0c772d2fc0705d4cb18 |
| SHA512 | 166baf6954aa3423a5d24e3b396c054708defd1232f0e9af95b0b54ee5d8e63536b9b10f09a0595c8a8a6d96576c54271ccdf58bbe2184f87d0cf12da33e287a |
memory/5556-16966-0x000000001B140000-0x000000001B224000-memory.dmp
memory/5556-16965-0x0000000000410000-0x0000000000438000-memory.dmp
memory/7560-16967-0x0000000000960000-0x00000000009B6000-memory.dmp
memory/7560-16968-0x00000000202E0000-0x0000000020360000-memory.dmp
C:\Program Files\BlueStacks_nxt\Assets\checked_gray.png
| MD5 | ce144d2aab3bf213af693d4e18f87a59 |
| SHA1 | df59dc3dbba88bdc5ffc25f2e5e7b73ac3de5afa |
| SHA256 | d8e502fab00b0c6f06ba6abede6922ab3b423fe6f2d2f56941dabc887b229ad3 |
| SHA512 | 0f930edd485a0d49ef157f6cc8856609c087c91b77845adeb5cc8c8a80ebc7ec5416df351ffa1af780caad884dbb49dcc778b0b30de6fb7c85ffef22d7220ebe |
C:\Program Files\BlueStacks_nxt\7zr.exe
| MD5 | fbaba140f30a11e5ff4f97d921de6d45 |
| SHA1 | d12360b79d9fe7ddc5380a22539dc7d4768ff5f3 |
| SHA256 | 4889c0826c633c0291264d37834363be90ee39d07fcea228494ed151386dcb16 |
| SHA512 | cd18bb1b057b1b077fde372ca5f98701614b196b692ac42ec56e5b839535022d884a2cd9b6bf644a520c6f48f12f673574a24e60580c70c695067b66442ea7a5 |
C:\Program Files\BlueStacks_nxt\Assets\unchecked_gray_hover.png
| MD5 | 62d7f14c26608f8392537d68f43dece1 |
| SHA1 | add4f30e7c3af4f7622e6bc55d960db612f3bb0a |
| SHA256 | a631e26bd5b6ea19c8c65b766a056c92ba8a47e1483768dcf12b05293c9a7a0d |
| SHA512 | e41210a78e6076954f75a2f73c0f7628e8604a09ecbb1d2ee0972741d4ef1d814b366828977c02944736b03ed116bc559a2ae47ddb7cbc6f4e54578c8263edf4 |
C:\Program Files\BlueStacks_nxt\BlueStacksUninstaller.exe.config
| MD5 | ca0a329097316832e4a6ea5d870c9268 |
| SHA1 | 4a36b93361d3dc9df9b00313f2c2b394be9e1e72 |
| SHA256 | 4b7df915d706af6459c38d75b09c5e14f951842ae0678078400f204ad1c7a7c2 |
| SHA512 | 51f9a874e84f130be4fa29fcc4bc934105318234b5dd9ceedaf569e3f0e6b38e29f3bec056044724476ae24295a510b16d8a737b994fd6f1268609defa315271 |
C:\Program Files\BlueStacks_nxt\Assets\unchecked_gray.png
| MD5 | e50df2a0768f7fc4c3fe8d784564fea3 |
| SHA1 | d1fc4db50fe8e534019eb7ce70a61fd4c954621a |
| SHA256 | 671f26795b12008fbea1943143f660095f3dca5d925f67d765e2352fd7ee2396 |
| SHA512 | c87a8308a73b17cbdd179737631fb1ba7fdaeb65e82263f6617727519b70a81266bb695867b9e599c1306ee2cf0de525452f77ce367ca89bf870ea3ae7189998 |
C:\Program Files\BlueStacks_nxt\Assets\powered_by_bs.png
| MD5 | 7a2e5c21140aa8269c2aafd207f5dbaa |
| SHA1 | 4e0d9e7e1b09e67eba10100d73dc51623517821e |
| SHA256 | 3d2afe5236ec813d9e8063bc43eb34b88c2155784e1bce19c6a533c32767af35 |
| SHA512 | 63f512559f2068a9702c7c527c126f6017cd8d1d16af52e41b884aa9a64ff4294a57243ec78c3a416f70fb6178a79877d68345357725ff92c935709a2ef8adde |
C:\Program Files\BlueStacks_nxt\Assets\close_red_hover.png
| MD5 | 5ceab43aa527bc146f9453a1586ddf03 |
| SHA1 | 88ffb3cadccb54d4be3aabf31cf4d64210b5f553 |
| SHA256 | 7c625ae4668cc03e37e4ffc478b87eace06b49b77e71e3209f431c23d98acdd0 |
| SHA512 | 8a5c81c048fb7d02b246ed23a098ae5f95cdf6f4ca58fd3d30e4fe3001c933444310ca6391096cfaeed86b13f568236f84df4ea9a3d205c0677e31025616f19e |
C:\Program Files\BlueStacks_nxt\Assets\close_red_click.png
| MD5 | 6db7460b73a6641c7621d0a6203a0a90 |
| SHA1 | d39b488b96f3e5b5fe93ee3eecb6d28bb5b03cf3 |
| SHA256 | d5a7e6fc5e92e0b29a4f65625030447f3379b4e3ac4bed051a0646a7932ce0cd |
| SHA512 | a0e6911853f51d73605e8f1a61442391fad25ff7b50a3f84d140d510fd98e262c971f130fb8a237a63704b8162c24b8440a5f235f51a5c343389f64e67c1c852 |
C:\Program Files\BlueStacks_nxt\Assets\checked_gray_hover.png
| MD5 | ea22933e94c7ab813b639627f2b38286 |
| SHA1 | c5358c5cb7fb1a0744c775f8148c2376928fb509 |
| SHA256 | d7c79677d2ef897fa0ad1efc90e916c46da29f571208f78f24505603b7165c20 |
| SHA512 | ba447a1aedec49419e2b4a8de85c6047886f1a5ebb94f1c45e205a3780c6826f412a3892e97115b35e43839f43e346f3c72ffbf0c57d57f6d26b360ae61b3964 |
C:\Users\Admin\AppData\Local\Temp\nsb8B44.tmp\StdUtils.dll
| MD5 | c6a6e03f77c313b267498515488c5740 |
| SHA1 | 3d49fc2784b9450962ed6b82b46e9c3c957d7c15 |
| SHA256 | b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e |
| SHA512 | 9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803 |
C:\Program Files\BlueStacks_nxt\HD-GLCheck.exe
| MD5 | b88a940f580970b240e23df45e70c27e |
| SHA1 | 73d8b651e74fb906da42b42f2c714610f830b6d9 |
| SHA256 | 277313ea55f808b207cd43fa39af1e5823028bd3d784d4268b70e4ca054e00cd |
| SHA512 | 778b535e6910c702f81d2375a76cc4ea8815917fb20042c421f5d5c2d71272e5af5e15241259a6d346000a88c587c08818efb07eaa38ae5bbcc281c50540b888 |
C:\Program Files\BlueStacks_nxt\HD-ForceGPU.exe
| MD5 | 94887c7bdec016cdffdd03df19429145 |
| SHA1 | 9a7ca11be6107954ffff2d5c11e9f629f4c165d1 |
| SHA256 | e38e6793bdf91452e06f049e848411f23e3cd581694b149c66da77be9ec7dbc4 |
| SHA512 | c54aa1353eb81b598e3fa11759072f26290de7c60510693ceb6309dfa29a8a6bc1d0e8cfb5e754a9d79aef44fe14e234c9c3141a064e9f0d6255ac6bbc806704 |
C:\Program Files\BlueStacks_nxt\ProductLogo.ico
| MD5 | 169706218f98a42594a8c5c5a65771fe |
| SHA1 | b8ded94180212578d86a031eb71ef93dcffe1a26 |
| SHA256 | 3803045963af064936d7071c178de8e40854968b3d3f9171c57a182c869f3697 |
| SHA512 | 1c3f18ed0a24ffa78fe938826eb88531eb8be134d6f209b87d7af5d0e8c4829f01947d7b0048996b9755562bbb7f52e000bcd15d07d646cacb2989ac881ce448 |
C:\Users\Admin\AppData\Local\Temp\nsb8B44.tmp\WinShell.dll
| MD5 | 1cc7c37b7e0c8cd8bf04b6cc283e1e56 |
| SHA1 | 0b9519763be6625bd5abce175dcc59c96d100d4c |
| SHA256 | 9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6 |
| SHA512 | 7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f |
C:\Users\Admin\AppData\Local\Temp\nsb8B44.tmp\System.dll
| MD5 | 0d7ad4f45dc6f5aa87f606d0331c6901 |
| SHA1 | 48df0911f0484cbe2a8cdd5362140b63c41ee457 |
| SHA256 | 3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca |
| SHA512 | c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9 |
C:\Users\Admin\AppData\Local\Temp\nsb8B44.tmp\Registry.dll
| MD5 | 2b7007ed0262ca02ef69d8990815cbeb |
| SHA1 | 2eabe4f755213666dbbbde024a5235ddde02b47f |
| SHA256 | 0b25b20f26de5d5bd795f934c70447112b4981343fcb2dfab3374a4018d28c2d |
| SHA512 | aa75ee59ca0b8530eb7298b74e5f334ae9d14129f603b285a3170b82103cfdcc175af8185317e6207142517769e69a24b34fcdf0f58ed50a4960cbe8c22a0aca |
C:\Users\Admin\AppData\Local\Temp\nsb8B44.tmp\nsis7z.dll
| MD5 | 80e44ce4895304c6a3a831310fbf8cd0 |
| SHA1 | 36bd49ae21c460be5753a904b4501f1abca53508 |
| SHA256 | b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592 |
| SHA512 | c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df |
C:\Users\Admin\AppData\Local\Temp\nsb8B44.tmp\nsExec.dll
| MD5 | ec0504e6b8a11d5aad43b296beeb84b2 |
| SHA1 | 91b5ce085130c8c7194d66b2439ec9e1c206497c |
| SHA256 | 5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962 |
| SHA512 | 3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57 |
C:\ProgramData\BlueStacks_nxt\Client\Assets\exit_close_click.png
| MD5 | b09525b48c0023f893d6b64d06add4b1 |
| SHA1 | 10ecd439ea04e02eefe17f6c110d0c0a78a1db21 |
| SHA256 | caa2a8fe9b282939a21b86f8f61fb0c9452222cc3409f06cbb0dcc45613aca8e |
| SHA512 | c6f5a7014c24133eb576708ca17d15becf2b45ec278b3f94e5275e47c78cf0f2eb8bb1a17d277d1a665039f38f2e25faf830e275f426b0a94c6a3da096b6204f |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.de-DE.txt
| MD5 | defbcf66edf5e18b0b13c8062fdfeff8 |
| SHA1 | 8c807de19b131831b72325455f1bcc3ead0a09cb |
| SHA256 | a9d87275086fd2d700d588f45c3121eb6a75c64a2e6c4a8714a61032403cdb03 |
| SHA512 | a30e142679e942932d82fb8179a9f8ca2cd5882577de64e8e4c38eb84c99e359235346c35b6237133159288261b0f6e9032dc6b14f512e2a431f093187e1447a |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.pl-PL.txt
| MD5 | c61810a689ad52145f3b644b3e4b01e9 |
| SHA1 | ee7f7229aeea4a0ec6e18805b69d0ff928afbf87 |
| SHA256 | c5cdf3696ccd6e3e600483836c81b290e5270984fd7ca12becafedea42cd64e4 |
| SHA512 | 79dcf55c6ac864764fa4c614667053c99cd37f408b2b573ce18077fd09ba70877b3cbbd1f57b680ba6e9b5ed5a4d257f11d12c67a0b56dc9a099bf2584e0c393 |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.ko-KR.txt
| MD5 | 299768cf839ca0926344233731549181 |
| SHA1 | 773aa661c5bbc1a92a41b2f02e59bf1d78b4b142 |
| SHA256 | 883cf4af6b2124bb70f51d683c7a1f4b3cecccc4ea61163b8c4ea967155ea839 |
| SHA512 | 0de4317aa9139b415d4d10aba7f64cbfe39f0417e2d19dd8e69ada7d0915a81f71be242caebf5e019a2638d6d0457c042493c80ea0d24c2dd43c18bfe76dd2c2 |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.ja-JP.txt
| MD5 | cb5797745966bfbded96d28cf53e2f93 |
| SHA1 | 1cdc380338f076c608a4143cb685e4cab2bee916 |
| SHA256 | 25fbeecfbeec0b2a8ad45f8b7da31c4eb6fdbe413f46e75f40cd22d874c8f7c3 |
| SHA512 | f42ef0a3566f02a4487daf50725c186a0cd8c03850c569eb0cf4134ad2c2004135730ff8f672207bf12837980fe722c4581bb0c6c1eea5dcc9014da5719901b7 |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.it-IT.txt
| MD5 | 444e991f12d84ad04baf6c8eeccc7a9d |
| SHA1 | f4bec5e01161d6f5cc9107f2cba325cc9b0ef325 |
| SHA256 | 4b1f6e0fbc834a783ab8230e678bfd1506ae6c18b0ac0a5bef1d8344b5b2531f |
| SHA512 | ff61397322d86f36a225e9be7444c643e2760a556311c97b230583b0b2788208d11f723e500c3d291d55d076b5cb0a52d92b50a8b1fdfe348fd61341b915f855 |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.id-ID.txt
| MD5 | 7e8631459def09a456900fa9d3cba360 |
| SHA1 | b5204153e26b303598c473e7e92b01a87818787f |
| SHA256 | 9620d50148651dc75d3741eb12a8a23fbdeb5efc29f1be24842fc37d01b71f8a |
| SHA512 | f813863475538f763733b0668f3b5cd7d4b6f7132c1a9df3b4665907fe6280d6d8c9dd4f6e3e06bfee7f90a2a527f7cd66bd647f08b8203664395f31321cf84b |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.fr-FR.txt
| MD5 | 3809a8d9df2f73bd1b2cb6a727e3768a |
| SHA1 | 78f7f511fb688e49827105109e73affcf0447040 |
| SHA256 | a0f88af33c36c2fdb71b4ef157c1fea12eaf4fb30b0c51e4fd2a574d3529fa10 |
| SHA512 | d698cd445159fb2ee672f719d99c1feb1a2bf0113f8f5cc17233b2dc01771a8c1cf3a979788a91f02f6e8e299dc7c55e31e5bd3eeac4fa028a7693f945e29f6a |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.es-ES.txt
| MD5 | 412ce0feb5a656c908775da52043c31d |
| SHA1 | 54a35431dc77d66fde2c828f10372142926b4c47 |
| SHA256 | 7db48c44d717c50011a2fe2d8f5eb0214c817c7eef5bf1f656feb70270a53458 |
| SHA512 | 2209d911c91d21ceb44a8e9375fefa9b5ea55cb800f49f709a7baaa56d52a94f5711fce850d880394f6ae78d23d0e3f1a5727514b970f940d0b670e2e978a997 |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.ar-IL.txt
| MD5 | 9fb07e066cc2f213a64d35a97a8c2922 |
| SHA1 | a70db989f5c562bc69caad89a1402c8ad7c9b80e |
| SHA256 | 65e7b0f37b5e2aa805ac8d57969804d803430186f34e9703ca9fa09ba908ef90 |
| SHA512 | 81680bff55b475a62a4bf29a8c219230b84894c1165f60e372209a5aacdba8e4819c3dfb76f3b55c15d472ababeabf0cd4b30c04e7daa26df63c8a5101970c3c |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.ar-EG.txt
| MD5 | 7dc7a16b5e42818c9249db888ca17075 |
| SHA1 | 42f6b065b90017078fca7161cc4c26ae530dfbdd |
| SHA256 | e696f4f231acef534d62ec9d99a3f4fc7b74a1c1deb3f9bbbeb4e94194bd9747 |
| SHA512 | f2706e0bb348a691d3cdc9d05ff4f71979804628547a41386aab068b008fe4933b8689500b5e45abf6afa6b6f1db3024ade2846659b2664b37b724fac5416a74 |
C:\ProgramData\BlueStacks_nxt\Client\Assets\radio_unselected_hover.png
| MD5 | 22efccf38e15df945962ac85ac3aa3b7 |
| SHA1 | b94a8615dc92982e1637680446896080f97c2564 |
| SHA256 | 0ec39ed4bf89a341f1b5aea56d0e99ff5c923b9c3a6a81adeb9ff21764136f92 |
| SHA512 | 41a4dbb57abed1a16aa84c72c202da461ca45cbaf68f69a10cb3e5529e8dff659e89f7f4459d1e2e8f3549c6fd51f23fc8422f86667577ebed5ab5df149c79ee |
C:\ProgramData\BlueStacks_nxt\Client\Assets\radio_selected_hover.png
| MD5 | 47ff3e4cc15b8c4a07e3ceb6cb619b62 |
| SHA1 | 0318e54c613b8ff00f54d843e90ef88310c1a96f |
| SHA256 | 4786cfb7c98edcf01d6b670abf19c50891d56a4de87b96a5e17be142b1af666a |
| SHA512 | 0212bd7f6cee390d3bc221a22189b75407fa660a0951c7f768645bf97e7b61ee86fa9b1de6f546ff1151560dcb3b071db8c14a7b08b0e771b539a817b31b154e |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.ru-RU.txt
| MD5 | a7748f70870a0f2cf2e5804d05f433fb |
| SHA1 | ee74469bbfa6e5d04043dae2a2cdec1a777c5b28 |
| SHA256 | f74bceefe2a7e7d39650128096f9b97aca5e929fa67e451bfa8238d7b90cea34 |
| SHA512 | 122025652c05ba9336b339db79b925b781862a635cdb0c8d5db0adacfeb6e0e43ef85c283d417f119d8622640d0ed15cdc6d915749ee3cc1a4f89b062ae71075 |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.pt-BR.txt
| MD5 | 162e3a28c1b32a605d84cc18a2998ec9 |
| SHA1 | 9c0a2ce21321f56a1ecc61879a9b2c1660cb4238 |
| SHA256 | 345f2c774e182f1dadf8dacb5539dfa94e33a4d3effb006053f9ba17db6c0f01 |
| SHA512 | d2377da38814cfc22950bfcc42545542e33ed6d4939ddb102d1fb11ec2ff019e53fb980e97ce9a9a9926c0d9665d101dc12655a1d67f506a1456e5b244ad50d9 |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.zh-CN.txt
| MD5 | 1eee99faa98b0385fd8077acdf53e81e |
| SHA1 | 3191f6c03d6fd3b4db1944e3e7b3a8b85ef20dde |
| SHA256 | 7d245f9271426eb08f976a83e8b229e9a830f51674e47b6bfc2181716ec0ecf5 |
| SHA512 | d2c116c7c56d7fd6154c2ab856adccba5848ba1fe1ce5ae38fd740e388cae77f095feaf90d4161527a4b3c99c129374156f85033c18f3293defde33f78708691 |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.zh-TW.txt
| MD5 | 3ab7d825111b89950d8ca4b3da1c00c1 |
| SHA1 | cdf4ec4344598ca9593665465497d370a35aa178 |
| SHA256 | dd286cac4e14fe69877e4c2f35eab8352de125f7dc757f47e4fc8329572460ce |
| SHA512 | ac0c2dfc6a963a88657304c83d9f00cdadb5735f208571e72d43c410d767ff6c2cd05c4fcfeb5d4c7f8882e079608e8eeee8b1aea1e2cb6442f78cafaa8ffd09 |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.vi-VN.txt
| MD5 | 2ffe813470cfedf7384207e61dabf1df |
| SHA1 | 1673c446a89a41afff299acd0f74b4df65cc29c1 |
| SHA256 | e666975aa6894c7d5230eb44a6ee85564cac7a51188ed05b77059beb60545ac1 |
| SHA512 | 3288001e68c5533ae092460d7bcb20ca42c37c04fbdfd412c1046ba41f0582ca3a135f136303125f680165c401536b9bacf6d6435e10ec1477d7f9b45942c34c |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.tr-TR.txt
| MD5 | 2ddee14b7986e234a208189d650a2e4d |
| SHA1 | ab60bc9393258e556c7ac20a8d68f632ad44ea6d |
| SHA256 | fd9c690e597fc7d8b3bbcba7e39816087c424227f89bf3107da7d16d444fb3dd |
| SHA512 | 116d06a37e836d4f48b59aa9cf4164e1ba4abc081e62adfc6f3c8d112f46b57c060381dd2fc361fb83a162ab12f915408df193bdac405490e3014bc0effecc9c |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.th-TH.txt
| MD5 | bfb84603722e804e4697a52285b867b2 |
| SHA1 | 5840e5e93319f981dc0f6df4c7d7be23547f6655 |
| SHA256 | 98f156d8184c10d504189eab0077aeac8687e1d6714d0bb228704d660e01446d |
| SHA512 | e26cc6ab7087a252471cd6233e3baa9d9a66c0a7a0b3703987b31ff4f91f89d00854d8d970f3090b2d90155d5eb5f724a096badddbc6a4dca7dd1a53fad6ffd5 |
memory/3492-18351-0x00007FFCFE580000-0x00007FFCFE581000-memory.dmp
C:\Users\Admin\AppData\Roaming\bluestacks-services\config.json.tmp-32500667895f7bb7
| MD5 | c80c4a7042ffdb602af8831a1ddd0e28 |
| SHA1 | 9ef4c99deabe877b24015c0c6385d757b2e6703b |
| SHA256 | 62ba1849bc05f03d587473c62911671aa53e4f486ffd74a14df21e152ca295ba |
| SHA512 | 977714b6fc2e1859450bcfed757d6cd74aba1cc04a75559886702628034e280662f0960b0fcf9003c9d647aeaba645a3e33fd09e1c8c76e5f460c9026646c23e |
C:\Users\Admin\AppData\Roaming\bluestacks-services\config.json
| MD5 | 2565f3f1689e7ed26b8ea09e13881093 |
| SHA1 | 471f98d4d82d10b715c13e88d8708463dc42fc8f |
| SHA256 | 4d01c9253bab1718d694014a9e9421a9971c8ae750ea6f85996dcaf0e18a2674 |
| SHA512 | 62aed63a68032ee94f38edb47486ff23cd9f9af088395060c40906db6aa72b8e14d210fce1fd3528b28d2d5545ad9faa4beb16b338c64ff280912f6d50e0d648 |
memory/3492-18350-0x00007FFCFC910000-0x00007FFCFC911000-memory.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Windows\System32\storage.json
| MD5 | aa9ab927f7bc1bc84ada9519e58f9650 |
| SHA1 | a9515474d15f9cd43c4f1c30b2c7041d6c6b05c4 |
| SHA256 | 3cb23b535845ddd6fd6160dbb5fb6b14096161d3e632e0dc424a788875c85094 |
| SHA512 | b5bb47ea20ec20587e29dd3b6f8f68e7f8ac567e087b1e432320c3264769ae5e03b16693f5c9d4ba38a0c67d2f2a071b3ee7d104e75cbfaa0aa9342515f0085c |
C:\Users\Admin\AppData\Local\Temp\e0200yhe.jr5\BlueStacks-Installer_5.21.505.1008.log
| MD5 | 36b6d644c3916edd064813e3785dbfcd |
| SHA1 | 21a41654398faf0198aaa599d419a2860339bb1e |
| SHA256 | b11ba1e7c2df40ec09a674dbe0fc65fbe4642f6e1cf0d241332425280cd1b26d |
| SHA512 | 0099e1e450ead39b97905b312592a5b8695d22d4f29b9a236770e2315a556db9eac07e74b4a9c96aea81014af800cd266252a2abf001c637599096922e0b0fa5 |
memory/7560-18886-0x0000000025070000-0x0000000025078000-memory.dmp
memory/7560-18887-0x00000000250B0000-0x00000000250D2000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004c
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\Origins\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d77442edc7ff3d2435aff3d1c5a863c5 |
| SHA1 | bc898afade57f903d7ffa9457dbcf6d306513d8b |
| SHA256 | 088022eb348f016b507fc79de38c0457923e1ab58ba000d6496f2afd5d2d990c |
| SHA512 | acb93eb4236d8440798636d1fc8ff4be457f6f7904c70f538ef75594bd58a7f05b6b1941357c93855ccb48a8d2b5e699aaa8447ce2fe4706debb2b03178a7e9a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 45bf940c9b4b36b35b23e55922076f3f |
| SHA1 | 801d55fac95575ba282bae54e5567dce73944d0a |
| SHA256 | 711471c2eb261cb26c1bd769723d79b1f285b48673b2db3a1b2b41a308a6a363 |
| SHA512 | 8431f75fb362255d96dba92d432f1b36039550164cd6ef879a1b4295f9f5bc35e0f81a7c232c1338dac75e8ae3d71ef48f6b4328444598d6369ae5c7e7928607 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 55565dfe29e9accf877f32d05b1d515d |
| SHA1 | 30a062890423f6b461e534d65d9c485167878fdb |
| SHA256 | 80e2aaeb75b94f8c692edba5d0b5dea44812700c5d6ae0c521ae0257c970fe69 |
| SHA512 | 1a1aefefafcd232bf3951e9a2cb6a2ad9e30fabd3d958cb7fe4f45b4b16416e337e0193dad1101d14d655b7334cc991c8de87bf08a593da76cdfeee54da1743f |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | e17cfaecbdfae172025816c1970fcae0 |
| SHA1 | ce5a763d06c8464491899b365fca3383f06700d2 |
| SHA256 | d179216b88ea5907c52a9b0d3ab0d0f470aec51862d1a7380ec3b26281241ec6 |
| SHA512 | 5293b93ee546886f9dee85484a3074dea2be31471a685d9b3cab34ca27d6af114f50c5d23812af6924ebe033a56f899af828986ad3f2c8558a1e8e00c70b96c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 27a603a4b9e89ac520a8f3c701356d2a |
| SHA1 | 70c38c44274311181d5bce2f0b7899608f00a84d |
| SHA256 | 297a62ada74b8bfcf69a1ae4b6025c5abf27097e725efa4db47fd027ccdff9ff |
| SHA512 | ac46ba942d3eafdffa27ce3a0f301723ef0d0b104d7b6e192ca92dea92012ed36f2f4205f61145d76ef18539660ceb5528ae4009d4296da1581833c4814b93f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9c6258e4edf70c4a455045b73843f916 |
| SHA1 | 2106e33478002ff3da0e0a44dcd9012d703a4307 |
| SHA256 | 7acf347b77f78726f01b3c417463329f840973240673f05fe14048dcee1bb873 |
| SHA512 | 7fc97817facac45a80f2eab0d9cc9110e1be1913eaa80fa8f1dd80570661dd0a5830e612f66846db2083d7951696b5761270a104c89e0ffa287b260bf1eddc81 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 24253f1997e84c80a3a9030ae25b4fbd |
| SHA1 | 5230d3755574fa9a130136503662c847945dfa59 |
| SHA256 | 8ddfa751bdb7a54c975f475c2a8c6cd79bb6106d8fe32065705b6fd0f2e4c5e6 |
| SHA512 | 0bd5e9f4428b4a9b6a0fd337025b897663b50404fe258bc326f471df140654da1017e846c315dce386efd92a43517ffe7388282f9cffa90b66108b75606be648 |
C:\Users\Admin\AppData\Roaming\bluestacks-services\Network\Network Persistent State
| MD5 | 1ae42911aece728d6766fa604edfdd41 |
| SHA1 | 1a303d7d850ad6786017aa99c184b2763f348e84 |
| SHA256 | e7137985a5e3a964acfc243c53ba91f0adb08cad56de7dd68916dc77e87f0db6 |
| SHA512 | 5a3814a7b794ea6851c4cb2f25858f82727bd84dc3aa6e8ece6ec8e2c585bd4001e80545bde8cc0c13bf621f41b6a4164b843dbf07d439b8e057e74d8165dbaf |
C:\Users\Admin\AppData\Roaming\bluestacks-services\Network\Network Persistent State~RFe63c960.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\Downloads\Unconfirmed 555280.crdownload
| MD5 | fbd9ad001bb2719f574c0705c5de05fb |
| SHA1 | d07e77a490ad677935ac8213b88237e94440e791 |
| SHA256 | f0031f9d7f25d4d29581879f62565a5a565995899adc60213f9e218147c78593 |
| SHA512 | 5724e3f858ae7ea92ba4ce325f3f8f4b90ecc6d7c19476e2888c4b09f0913463191b977f71314300918cceb0a6ae0b80e29d3c70891e8aeb9314da233a929e96 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 1d5f98e369261e1e261faea387d0dbed |
| SHA1 | 845d317286fe73e9edb3decc1f0d3ee1435214ae |
| SHA256 | 9491fe79adaf68e45a437c830f3dbe6230c6f9c47b5333ed00a505068c940b29 |
| SHA512 | 2a5df5cbe8049e51eeab7568c9f1f8e880dda880cd0eebb5d916c1e4e991535a2762679bc73380c50c7c48fae99fb52bca2c994e1333a45166b6b56c49f4d181 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | db433a8ca04d59fa1b43b25c9e5bc7fa |
| SHA1 | d3ecfc0b91f797f39de08c989c6144581f3f6760 |
| SHA256 | 6a3e4ae181d3b7e856add664e943e47e96b9107b0704f4062c200376cb499742 |
| SHA512 | 13a802b37eb2cfa1a452ff0fd315854b00eb1b6e01e4f00b8183b5f291dcfc57411419fa86b849d1104e8dc8c0236cfcbc47907c6b450c1322f67b9903d63d27 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | eac64bae518d3bc33dd99aecf2b3e6ea |
| SHA1 | 2b92dea7e15d65fa1df3e286c12d2efdd52347b3 |
| SHA256 | 4e91fbfe4d5eb0807ef6fc7edd98a82a369c7e25add6e66f8dbde33f0aa1364d |
| SHA512 | 810c0ed25336119da28247cb078f3ae900422988d44c33daffadb0e5401d6827980997bef256cb55e79c06db7b3fd71aeedf2e2c937643918f6af2c061475f89 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a85fdefc112a323ff6fb14f61750c59c |
| SHA1 | 0bfc47fc1208e7176f93e6512583693689b81961 |
| SHA256 | f2004284ae17318f8ae1ae3718386c08082e14d20f28dccc5a53c03e25e0ae37 |
| SHA512 | cd10377bad8bf76229509511bb18c458218b0782a0d7d91eff65fa5d9937d53178fc368a1792de09707c6abe915658202235a93823d2f685b959662ce98deca1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 29cdba77ae2c170aef0a97a313139520 |
| SHA1 | 94c26529bd95128d77ac28801340fd76c625be0f |
| SHA256 | c13d8caf5608ff94a0681ce6d57086323e2b47e0137f4fde447205065efd0285 |
| SHA512 | 91c1e0e5782d0ed09e077de557f838a2abdac133c7ea065f41db716bf881be785ce678e30fbf9b89d1cd8e3dd07a346d8245a1fb6a9cd83029a2f57370890541 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 7c08028b66bcaf835d8bdebe19ab0912 |
| SHA1 | 18892e6050e1868276aae2a49bdbae760b970858 |
| SHA256 | bec3007c102ebc8535890ef7557ae1a3e4eddfe423a67a5d2c8c4feaf02afd00 |
| SHA512 | 18cae59b7f273451c3d941245fc574998b848a17d738f3dd73b114193ed646068b6ad86730dab0caac90571ec6468fab5e038c16f51b78efc8f719fc88ebcd58 |
memory/8452-19737-0x0000023552CD0000-0x0000023552CD1000-memory.dmp
memory/8452-19739-0x0000023552CD0000-0x0000023552CD1000-memory.dmp
memory/8452-19738-0x0000023552CD0000-0x0000023552CD1000-memory.dmp
memory/8452-19743-0x0000023552CD0000-0x0000023552CD1000-memory.dmp
memory/8452-19746-0x0000023552CD0000-0x0000023552CD1000-memory.dmp
memory/8452-19749-0x0000023552CD0000-0x0000023552CD1000-memory.dmp
memory/8452-19748-0x0000023552CD0000-0x0000023552CD1000-memory.dmp
memory/8452-19747-0x0000023552CD0000-0x0000023552CD1000-memory.dmp
memory/8452-19745-0x0000023552CD0000-0x0000023552CD1000-memory.dmp
memory/8452-19744-0x0000023552CD0000-0x0000023552CD1000-memory.dmp
memory/4372-19764-0x0000000000B60000-0x0000000001115000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | c3c0eb5e044497577bec91b5970f6d30 |
| SHA1 | d833f81cf21f68d43ba64a6c28892945adc317a6 |
| SHA256 | eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb |
| SHA512 | 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | a074f116c725add93a8a828fbdbbd56c |
| SHA1 | 88ca00a085140baeae0fd3072635afe3f841d88f |
| SHA256 | 4cdcda7d8363be5bc824064259780779e7c046d56399c8a191106f55ce2ed8a6 |
| SHA512 | 43ed55cda35bde93fc93c408908ab126e512c45611a994d7f4e5c85d4f2d90d573066082cb7b8dffce6a24a1f96cd534586646719b214ac7874132163faa5f28 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | 710d7637cc7e21b62fd3efe6aba1fd27 |
| SHA1 | 8645d6b137064c7b38e10c736724e17787db6cf3 |
| SHA256 | c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b |
| SHA512 | 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | 2e86a72f4e82614cd4842950d2e0a716 |
| SHA1 | d7b4ee0c9af735d098bff474632fc2c0113e0b9c |
| SHA256 | c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f |
| SHA512 | 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | b38fbbd0b5c8e8b4452b33d6f85df7dc |
| SHA1 | 386ba241790252df01a6a028b3238de2f995a559 |
| SHA256 | b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd |
| SHA512 | 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
| MD5 | 3f06d90f781a40e2014b2b3a97c48b41 |
| SHA1 | 660682729eda776fef2b49c1e4be9860a032bed2 |
| SHA256 | c051c48247b58ba107b7ded31e6a3913c8e0c890e547047080132f4ad81545e2 |
| SHA512 | ebaca5aa11d984601460b0def00e974411397a00efa251b221145eab261a8180c8e35347693e1ec3a1528b8dc206259593f21fc1618fa79840f588286c7e6224 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a1
| MD5 | 80dd5ac8b13278c19192dcdb3fd2ca19 |
| SHA1 | 2c0d1fbf53d7bd34d9402daef495794fe46ca09f |
| SHA256 | fcd1bbd6e1f559d81b8887758bcc3fa907c77e10d87931bcd7afaaadf3531765 |
| SHA512 | 264f101df224bd09f4053ac1883cd30db19ca80b31c5af2ea5c54a765eec2b5a2df44a6df4f6f2be3621be62d38543d6268d53291ea2cff19dcf616b144230dc |
C:\Users\Admin\AppData\Local\Temp\nss7CED.tmp\UAC.dll
| MD5 | b7e1d609915cf0b3f9dfee488a92fc91 |
| SHA1 | d9c873b39e3cac648742568378fe788b2cae6e84 |
| SHA256 | fa3bb333f615689691ff98527dc3341e3b8ffee4bf97c6128820bf0d303930e7 |
| SHA512 | ae4a00659f522996600bd0754b2f2706e297939ea616ada66e590409c6c2f28ed7ed39b67a078ae72e9b472a97291c7f3da42339051ef1a3d1941b0368b2e775 |
C:\Users\Admin\AppData\Local\Temp\nss7CED.tmp\AccessControl.dll
| MD5 | bb0f26c7a18434ee1d648c7e6743d1fe |
| SHA1 | f7503b348aa7c7691668fbb64ccd541e247f87e5 |
| SHA256 | 1b4d25f2f544f520c20493ee1e9ac7b3043aab88e4ff87953390d357de4c2096 |
| SHA512 | 4311e960a4f8f441b25c5ec9a82d64112016ff9c4510dfb082a0c1bcce2d03cb2871912dcaafc5d00f07ed9ac4d6d7998cdcea2bfc84f7180b2f62a2cf24e08d |
C:\Users\Admin\Downloads\Unconfirmed 347346.crdownload
| MD5 | 9f9bbd12ae5894046810e6736ec4d892 |
| SHA1 | 9e81b764a40ec39f6667c54b8d40da0b97cb5a7f |
| SHA256 | 8d48d0a05d581922a4d30ba98cbf51ea981a37c95fad689e0b84b979e312f6a4 |
| SHA512 | 57d5b59de422394856e15b2d65c1f2a9e85a1b012c954ecad98682a84c7f90ff00be91819c8ae9cd123270e2cf446d69bfb248bde471a29846d57bf401417eaa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cc60d8dae3adb44bbef8d2896a9884c1 |
| SHA1 | 443c6ccc60110c3bdfc72047fb708cd9ce8ac8fc |
| SHA256 | 05cdd750ba171f412396bf11844871c297ce31ed0b36b9408f4e2e5b525f808a |
| SHA512 | adff62ed197d8f21c4df02aa93f10b656a2a56a755fc7f5e015c2cf8e9dbdcdc67b9c41e6cd2f0832209ad98a4d79d7c0e89917624e550ca8bcfdd7baa3181fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d0
| MD5 | 631c4ff7d6e4024e5bdf8eb9fc2a2bcb |
| SHA1 | c59d67b2bb027b438d05bd7c3ad9214393ef51c6 |
| SHA256 | 27ccc7fad443790d6f9dc6fbb217fc2bc6e12f6a88e010e76d58cc33e1e99c82 |
| SHA512 | 12517b3522fcc96cfafc031903de605609f91232a965d92473be5c1e7fc9ad4b1a46fa38c554e0613f0b1cfb02fd0a14122eaf77a0bbf3a06bd5868d31d0160e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7b6fc65e5f48d07839e4d038241e572e |
| SHA1 | 24142194a819138a1df527195a86350b96c01e92 |
| SHA256 | 60c10368cf11bf816ea46ef33f8a686019974b537414f24a03705eda2052a75d |
| SHA512 | d27015701fa8a8bfa5ee8683e23fc081c9910b6f885042cd096c4b7469d1fd8932e06bffbf20b32772405fd39c3f89e9f7f3d940620cc12cc5ef6f5b1a5c6fab |
C:\Users\Admin\AppData\Local\Temp\nss7CED.tmp\UserInfo.dll
| MD5 | cb310d97bd72a6ae8fc6e44c88ef9e8c |
| SHA1 | ed935c8f17340fecb7021dddd9dc7de0e23bf487 |
| SHA256 | d6fae2e57c84b25b73fe942fb7ba725158b21ec81c9d989845b64ba1ee337c27 |
| SHA512 | 8351004d0bf86c5577940613cee26803d797b2375038726ce31827d66038664aaf74399d7d5e11c6487012942fb4f147b7021d6e887ac09c39f541991f594f9f |
C:\Users\Admin\AppData\Local\Temp\nss7CED.tmp\nsProcess.dll
| MD5 | b6cd62358973125f52d756d6d3aee8b2 |
| SHA1 | 7c9fcfa85a88c507517a659f778355b56cef921f |
| SHA256 | 44c14f1edfe7deef518264675e3e4edb6991d5ea0d50f0f6b18a819dc31bbcba |
| SHA512 | a5b756e3e1a31ad7ad9026bc492de2ef8983385e7c920a2e3eea363df3c6d112cea2a0373cd9bd8be1fb3536ee9623c6844b3c7a92d8cf6ee050aeec7cee76bb |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMAuthSimple.dll
| MD5 | 271baf8cbf8282a9310a5026c2f42d03 |
| SHA1 | cafccdd75c95d06c9d4849b7009351a9459ec7a7 |
| SHA256 | 4e61790ff8ea8279a003c0427d86248dc74643ceef14dd0bc6543ed008b960aa |
| SHA512 | 9a9469920d86b75f1a95817e8c3bab4bd4d17d3240b5837d7777859a947c5a0e4a3987f1b0c91c4366ca970acdbe81288b9e2cc170202a972b8394d6c7667bd7 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\msvcr100.dll
| MD5 | df3ca8d16bded6a54977b30e66864d33 |
| SHA1 | b7b9349b33230c5b80886f5c1f0a42848661c883 |
| SHA256 | 1d1a1ae540ba132f998d60d3622f0297b6e86ae399332c3b47462d7c0f560a36 |
| SHA512 | 951b2f67c2f2ef1cfcd4b43bd3ee0e486cdba7d04b4ea7259df0e4b3112e360aefb8dcd058becccacd99aca7f56d4f9bd211075bd16b28c2661d562e50b423f0 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\comregister.cmd
| MD5 | 4c0c8a2aee978f63ff9c9bb91eaa98ef |
| SHA1 | 784043ee7acbedfa92ede9c6aface266e6ab0606 |
| SHA256 | dcddc8c892e73bdb7e3a05d3d7e5ff8cf193ec1e27497a3c0bf5641dc542ccbc |
| SHA512 | cb22df98ec3e32d315e19bb139e08354c30fd64bb7ae11fd86633c042e9128dea0be1af275a9438f90114d1013d6e662327c3add7ef60797aacfd0e22c83bc62 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMAuth.dll
| MD5 | 419874bf64461f173a2dcde30a9d068a |
| SHA1 | 0cedd525d703e5cd680570d79476ae5600cae796 |
| SHA256 | fc8b92180b01e3c0579a8ade48fe5c98aed818de0f93de16565905fe90b3d092 |
| SHA512 | b5389d13e36424b6d205334bff0c82de657463258aa8cced5cb5b6dcbac6b16c81339c8254fbed77d1f49896c8ae76ed05a05b6afe224abc34dd99cf744ce882 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMC.dll
| MD5 | 3aec0d63173a168c3867dc4b7702fc63 |
| SHA1 | 0393c5621e5f6f4e7e148d2dc97f7edd6dc78e5f |
| SHA256 | 5736d65e53f1663c72eae70f9446e2aad37493dd59007a105733afe34238f202 |
| SHA512 | 9e7cdd8d07e60962ebf3138225cc7be9fdfaaa333928bd3faf64ec2804ec730dc4935a2ceb9a213ba2055b5e177987727444f733420e9a629e3478fe65f9d769 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMDD.dll
| MD5 | 7d2a12509733e35ad5852e97d34e2f98 |
| SHA1 | a0a3f1302d0b3b547b6f41b6f9f3b107a208c80e |
| SHA256 | 9697fefe8185831374cd8bcc7d0c41ec5cfe40d0ba8a48929cbf8d0fac1e6721 |
| SHA512 | 6bc07d62d8a03b29f9eeb5113fb30a42d176f215cfc111303a904a9fb4ec2c61d2ca61db4cb2cab80c54736a857b2113b217cfcdc1c5dab740c2a098f135a5e2 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMDD2.dll
| MD5 | 6fefd079dd81cb94834423426653e19b |
| SHA1 | 3d34874275480f30f8332c3d02ced07dfc78fede |
| SHA256 | d8c3ca57a835272f29ada189c2c6425d513305d53042ccabed149dbccf828cf6 |
| SHA512 | 3f6fff313816cb89f603012faaf93b7b6d080af70d8f82d1155530958bb16297a84ef23dc0f056d357ec28044a4866e09153e6335a5a3fe6acae3e619e328b22 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMCAPI.dll
| MD5 | b94fedd54cfe88c84112cc31805faa68 |
| SHA1 | d8467b384573ae86861ef8f6ea905fbd838ae2fd |
| SHA256 | cbfca3fe8d0cee14707ead3bb781cfcdb71af1378054d09cbe5bf6f3c9259cf4 |
| SHA512 | 9a08e44af9f8ff000253cb3c8e801286203a99610b76b76d254d9b7ea1868aff653d9f73475fad93d83e5a5096624a2e044505ba7ea779244cd4b00a7c367eb5 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\msvcp100.dll
| MD5 | 4f096d96285e06cd51aef7d2d3de04da |
| SHA1 | c90ef0eb5b1a0b1b85ad6792291747fb6307dcdb |
| SHA256 | 5bb420fbe28315f2117376052bb8488ce84a3398dda65005b8ae1f792017e9a8 |
| SHA512 | 80f558c50a71ad9c4930b3838b481e4fb453c38d57c91f7f70c1f86e4043b9a4fbcec27d7c025285504cbf3bde7c50b4770f18121d7818ac58e2ee9c2071f97c |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\loadall.cmd
| MD5 | 571b20f2505a377eea3b6a2bcb2a31f9 |
| SHA1 | 6240b4fb57d2844fc7a5bade5096f096617a86b7 |
| SHA256 | 13f7090c7200549b7853e929931ccff1ba29e3497286d37866c14232f1048c8d |
| SHA512 | 930b966ce36d21014bfce9e117af38718ad0a0ea1b49bc1fedc6136ff71b043107cb07d8a879e3588dd64f45c2181fa7db6261363d80f5bb31144fda673d34d2 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\load.cmd
| MD5 | cc59f91feffd99c115c0a903cff28168 |
| SHA1 | e83df545f5d390d0b7210f7aac0d4ef37e00f0f2 |
| SHA256 | 25bd2bd5472fb2097f2e79e66ffc3bb6aa3d2f974bf9b43d08045f09928a2efc |
| SHA512 | 46369b7866fd4215620806a7c12938865bf7416447ccd3fc15cfc6f3905bc4ac07a162b015586183e3c35ff17b607ba963f6ade3de81f15401e2d6d3418756d8 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\libAccelerator.dll
| MD5 | 8041ed0f7b41a89d6aa0fae432ba9316 |
| SHA1 | 4c30b8a9647cd06a7c3c6d883e1dd9ccbd7f716d |
| SHA256 | 5a5f25c1d17557c9cd8740967f2c8de8b23d1caff2011043cf61e4b59cabb9ee |
| SHA512 | 3b3295605cd2d043ea6ebb0e0489f2225d85e2915a1f15e1f8b5424fd7140828f3e342a65c42aa5ca243ba3f10e1e27ecb5e16865484e407fcfce9aa8b96485f |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMBalloonCtrl.exe
| MD5 | 8a7994be6ea941296b492252de59cc74 |
| SHA1 | c5f3ef41482961a89f5649fa3a229fd334f2d268 |
| SHA256 | 865e6e5f38e3bcefd5d06c4591208f2d555af5294829a4cfff55299ca230dcbd |
| SHA512 | 9d20c3dc2582ed252dac46e323c31e019fa8d1e7b8c777596b0e512b57edf5c755112adad2d0e0db0ba8e733a07bc6b895ee024293b1045bb359fc0b0c70ddaf |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMDDU.dll
| MD5 | 8498781afeeae6dbe42441472a43f9e1 |
| SHA1 | a45d908054e6777915c97c2a64a00fc384e302d6 |
| SHA256 | 6d88fddd662a54924a979cdf1c3f072cbc3e2b12e3cf0a233009a78715435bf7 |
| SHA512 | 78bf1e68eb7109d71cd28776b59d2b3f38024615942298d411b98486ed60bd01be2dfa9dab4734d54c4559f6affb348c1ec6fa82fa446b376e92241575b21597 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMDragAndDropSvc.dll
| MD5 | 371caf53098440e460fbd066ed7f7151 |
| SHA1 | 4378dbb065a7a396d21746207e25f58863ca246d |
| SHA256 | 1e734e64d47242eb7ba4a6d128527cf5c7b4d32ad8640b5801921d579b626911 |
| SHA512 | 01cb377c8d43647da58d089ae027d2f483606afd6686c4bd59e50a1b98bcd422ea833a3bc2cfdebc8f247c10ac3e4692f9ee887dc1fa2ea6de1596bc6077521e |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMDrv.cat
| MD5 | 4d215ca4b7e3cccedc021955f3d8e0dc |
| SHA1 | 34281419e17cec26a26a39d74408d80c3a7dce6e |
| SHA256 | 67635e38e615cc70f6f6754ecc2d7485914a73b80685e057590eb4f72c1b5441 |
| SHA512 | 13cdc1f631fad080f4539a65a59d050c7e42fad545f3c190bee5a2ea1b3526df0790f3c8f423b73ca5ab3e71ccb40c603174ce31aee77d24702c77dee8ca1865 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMGuestPropSvc.dll
| MD5 | 1a8e7698d6a8fe8bb8fbdc1bc03e5026 |
| SHA1 | 43c16440a05bdba0bbeaa3dcf9c9e31563c75ef1 |
| SHA256 | c02694a3fe45084e7ef3749795b5fc3ed6f8515397ae78fc1a2ca5355457fce2 |
| SHA512 | 7b46b522880dd5a60a7e41ecfbaf0a36c7e91ca8699147e151ab2d0b0c663f7598266e6bf8a6c35276ad61d2314419f214d13afc496f3b20cb21e0338306f547 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMDTrace.exe
| MD5 | fbc3c4166043d110d30d388edf4b798d |
| SHA1 | a330be676147deea2c8f96131ccf881880064b6d |
| SHA256 | 791c8d5f7c1e2db1d380ac284b784714e29037a245033058d15b285ab87504bd |
| SHA512 | 21f04df9d9ac65faac9d8f3a523ca20ecc4e5bb89e27e7db66501654e1b8d5e66119db0080077959ae41287541ef3764177c902e071a6a21325fd87d207e881d |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMDrv.inf
| MD5 | 423a9e754c1d0067686b7dc1aeffa6b4 |
| SHA1 | a57450653e5d9c3126cebe754a1b7e4204044d06 |
| SHA256 | 586128bd5dc9f67aa56f6b91d133e295c2a2cf3d3eab52672db8bba7cadf3ac2 |
| SHA512 | b31f468dfb55de5894962610b09218f49ad4be1148ea8aca9e5e3b5ca4592f0a0ce25d92464e9059e8b52354d3c7befed3db3e57428937b898a8eb492485b580 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMDDR0.r0
| MD5 | 106dae22290adf78a229d6d3ced17d92 |
| SHA1 | 816485b26e9624174fa4cecebdcbd0a46d38f8e6 |
| SHA256 | d6d4b05170c02ce95c536ae1a2cdd7d3b7a5b54aa14a2a4c4aeed599f92dbb32 |
| SHA512 | a2c870bbb13a1bc9c133e3613d84d108d8a5b940bf416f7c82398125f5661102e8a9f41c9e3aa7b4ac11d7bb9beca2d3c101139b962bb5d77a502f2bc9f16957 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMHostChannel.dll
| MD5 | a847a9e20ed786d5b5838adbd8d6cae8 |
| SHA1 | beff339b2df315764c14c1794b217dee62d669a3 |
| SHA256 | d7f250cd9f5066b37d48562d92a8315fb5e0b6512d205cedc1297772af0c86b4 |
| SHA512 | 1446db9d00bd26f733b5fc0992343b4bcab8b7122bd3d36d1ea75835ea05eeee7c916c8a408150be8f52a60fdc33f882471dc408f05d3e2f43ca14234c047be8 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMRes.dll
| MD5 | 02efb4ef8c50a1d60c657dd19e870abc |
| SHA1 | 547069afe3dd59d709cefd8ddecc5bfd32798d7e |
| SHA256 | 5831c6fabdb5ff49e965c25184228c08c4c51ba3d5b6b7174ac051b752828687 |
| SHA512 | 26d35adeed6e81aadfd2e14d81feaf3100939ebeb8ac8983cfadeca1a9b3669e320292286fb07cf89808a027a1286c1bcdc5e8c0f23c8a2c301c3fd7d2fb2114 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\SUPUninstall.exe
| MD5 | 5406b2c9bf3b15691375fb30d1c333cf |
| SHA1 | c4968cd87617fb577c6f136be47b53e9dfd7d324 |
| SHA256 | c7eccba4a31e43d4b20a360c7858ed7eb12a6252202487b141422b25eb268fde |
| SHA512 | a37cc0750b2a1094b16fbf118a6dcc8745f6b0390c8286540868a77e98eeb17181f67a57c96767e89520d118381d50429f05b082bf509a9b763c7d16de0b5a66 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\vaddress\0.0.94.0\VAddressDevice.dll
| MD5 | d1b49099704f416236c17d028c2a601c |
| SHA1 | b7b04f381dab7838e7d42d5716652debe287ade7 |
| SHA256 | 1baa6c717e0b402a75872210e878749d021e6b354d21cb94e59012d2f19a9b32 |
| SHA512 | c98a3b8e4294240f556603bfb79fc06a92a436629c84284b7beed0999296469e4315ddab04ea0e76cca22a40641272dd53a88d5d0f2570aedd11c0dbb589dae6 |
C:\Users\Admin\AppData\Local\Temp\nss7CED.tmp\ExecDos.dll
| MD5 | e2716246ee731417abee9ea26cec1d56 |
| SHA1 | 6687e5d8b0b705fcdd9a4020215891d5b7723084 |
| SHA256 | 691ffd34264d1813827c35083367a08aec974e9f79fb585b7d2d367c83760fbd |
| SHA512 | 355bb040570a1ba64a03463a9e6695015c2ffda5f30b7ce801c39ab1a7ba36134bb8fa9b5a1ffd102f6d71091b77133f8d68d305d5c1949ccad2e8eab0258505 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\win7\MuMuVMMVMMR0.r0
| MD5 | a5c0e348e7cc0e4cc570aacf9ffcaf29 |
| SHA1 | 446506fde338687fcc91b176361b51b0a8133045 |
| SHA256 | 3ae59d3eacd1f837d3163817731820b93139846021aa8aa7220060d174d6cecd |
| SHA512 | 966f4100f17bb3a89f650c30f979f15023105f1db2f840a03b31bf53ba5188ff5994baf110e489060b858296b49d620551111695127da8d0ff34360a58c65822 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\win7\MuMuVMMVMMR0.inf
| MD5 | 3a31f44dff80797d944dc1c76abc306c |
| SHA1 | 02a336a7614ec019a65a90c971c648c34c814e66 |
| SHA256 | f39e3b98a17d4d946879284466a27ec946a07bf869f59ffecbb38451d81337d1 |
| SHA512 | 1e3382d8bb6f99d96ac9272d9aaac5012fcb31e83a072d22cb4b8965c8c636ccefd31f61e51ac6b8fa79b7fd70038fc259dd45d22b9bbb267f8f17c9b66472cc |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\win7\mumuvmmvmmr0.cat
| MD5 | 2e23d6718ce96dbfc1be7382fead6ced |
| SHA1 | 09b89d917222114b82ac1c3476ee31e01c33842d |
| SHA256 | 0885d7ea48192a21d5f37597315c961f6f6a569a4c79080c3229e3c443239efa |
| SHA512 | 54f8737e7d3139b654860ae0aed9ec28d5c2049b1e76bff244f8524196c4516023a7cf69b03e4151106eba7145f7c8ad5ae5c2cd62d96cf959e97071aa1b85d9 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\win7\MuMuVMMNetLwf.sys
| MD5 | a8071a473dcf9147820fa684fe725ac9 |
| SHA1 | 33bffd62c5555692d3d314ba211b40414f5f580a |
| SHA256 | f377895a45410c5585c27ffb7a44b68b1002985f0c03f562b4b21ff6399f8eca |
| SHA512 | 436af1b9bef2cadfd1ece3215cae1662217f4f2e5a299f4773db6748c6e26a78c3957a2e314c4faa22b930b08b811210b25e176f3a985ec0d9322d66077d4250 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\win7\MuMuVMMNetAdp6.sys
| MD5 | 565d6d7e77d6fd5be5ef21fa8188a652 |
| SHA1 | 02bbb60161ac4da75ced5257633b52462baeb908 |
| SHA256 | 8517e15ed543bc12a940b03ac5da50c63af1173813640bb1569ec62e45073584 |
| SHA512 | 7f4763249278e8c89559d0b32646ced82107b440a9819cf9ba967a0cc749114f02f45ce393ab89a07bdc89d6febe047304d5d2e85fa8ebf48cacde814e3dd2f1 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\win7\MuMuVMMNetAdp6.inf
| MD5 | 127d117df95f3a294b254f65ca929340 |
| SHA1 | 49f365425911dcfb17ce8f08aa156a66878f0e4b |
| SHA256 | 6421fe11bfd94be2a659b4a39483dd71d0c983de9d26caeb22ce92d0d224f39f |
| SHA512 | 13e9ee1496af276ae37e8dc236a48109e06b0b044fe05d88415939d3a1db0076a0c95cd7c88e715ac4df01603dd3808a6bf21ccf1ab19895b782b2f91f32f08f |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\win7\mumuvmmnetadp6.cat
| MD5 | cab436e5abe7f446f8848dea729679e1 |
| SHA1 | 6c6175df099341fdd9a67cce631e2fe55fb1dc2c |
| SHA256 | ff9525380df941cb1bd07fd72f27882db4b96699d9b785e4c3078b3cbd6ae618 |
| SHA512 | 15b3c72e20e3c1dd1f184e6bd6b8541efc798e7d57878bcab44bcd46f8d30593faf83596d5d1e0862558cfd316d5f1967be912056efd0582521548e9c963a9bb |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\win7\MuMuVMMDrv.sys
| MD5 | 55879de9dca1782537ae1064b2760007 |
| SHA1 | f5ad275c3ed5bd8baa829edfe008b626e49f42b4 |
| SHA256 | a9bb3be7ce97d0f4ecb78788ffbff7379ab0f7548715049b59a587ded1e8dfb7 |
| SHA512 | d8efac11593638fb2baadc7d173113601d3da3aa30efa0af3d295e8f814642bfe81cee7bbece2426ccccda48ecf1969f9de04fb54b44f185ff2f9f740178eb98 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\win7\MuMuVMMDrv.inf
| MD5 | 2741226667bdcd9e759f536756f56eda |
| SHA1 | cf437c8a63ce26b0e2a573409c976fa1f7c629c1 |
| SHA256 | 82606488633ca10859a8a80d00be705a08509b35a9c02aef8b3dc70335bdaa93 |
| SHA512 | 774699f466a423eb24c1d3b5ed45f49e2eac8f931fc7ca825d14a10a19402e3fd95ebdb5c7c2cfee6a4aa6219ffc157c09a222512fb7b3cef888756c1c12c810 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\win7\mumuvmmdrv.cat
| MD5 | 838ca6cdba04a33267a12f9af842154c |
| SHA1 | a85f476eec0f129676a5552e8984fe9ace437118 |
| SHA256 | f10c1616e67f2f9d4ccc15e59ee3df8e6413129f6905db6aa84d9ffe7e7fe662 |
| SHA512 | 3c522db4d5e835d8fd342ce65f0ec876b3e20dff1c9fd7044b04cf1a0f7fa9c7b8766bbbc8ca71a25c64a7e3ffdbc8a04c7b110494ec440806961439b5b9ae34 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\win7\MuMuVMMDDR0.r0
| MD5 | f4ed8c30dd14afd80baf61af4f8aef5c |
| SHA1 | e3d6f1480131e932c1473c6b1d4bec6ec6c2aaf1 |
| SHA256 | c65929b0e12123e079114fc67e6052e03de5934fb65429d637b6242fb021c5b3 |
| SHA512 | 922862e372048f29d4eb39c0a2e5fc921e6643e454825f476cfb98780b3d02181b91a9b6f5590d5f4206d7de391aeb6e5e3b72a8a9ca321b77bfc10d9040a3e8 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\VBoxEFI32.fd
| MD5 | 26b623e43df7cae3bd321164407c3e35 |
| SHA1 | 64ec6d9498e488d85a9161dda25ddcad7fe61e9d |
| SHA256 | 0ebd5e6f19f87499719bfdd5827444667eba1a43b35a584052886bca72ef99dc |
| SHA512 | c8e586c0bb46ba3fad49e57da85d0228f716094e31e216b82d3ef94a438f3254227466c0beb2903e51ff5c3a3cbbc9551f0f7097e2b1d2845f34988d76fac16d |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\vbox-img.exe
| MD5 | 258a8fdbfd2097c1eaf174544c40b193 |
| SHA1 | 80c0565244c49b9c2ac69e72e72e2bb23e625fb8 |
| SHA256 | 730ce3b17a58e26bdccafc9a929738e2f204bdc57281918d62cd9845531391a0 |
| SHA512 | c7e98caf9e0b5db6364a20bf6b518172524e4edaaaf3041ed00399cf57ac4474d95c0094596bc8b0447d88cc27c6c4d1995f2dc034535717fd86d755a0bf1f24 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\win7\MuMuVMMNetLwf.inf
| MD5 | d284b3ebd57e803451aee5aa7d07d496 |
| SHA1 | 4cf6e3f2984fadbd2fe71c6a0d403b2e5c2cc759 |
| SHA256 | f2eb223b9f3eb6383bbbfea0b195f3672e8492041d8bfe89505f2f3cc7d462bc |
| SHA512 | c11de75732b67fa2bbb695e60c0c7f75a52cabad86c58d72a05b4f6fca56bb886bf9451f6ef5abcb91c3e65f195176c45eff15846ccc60e7f782fe725685b5ee |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\win7\mumuvmmnetlwf.cat
| MD5 | 6744dc4f16200c37a96cc3a0e5556285 |
| SHA1 | e338196e4af4d5a19b42a2a03cb98447625673d2 |
| SHA256 | 5aa222dfd3ab9f7316c1c39441946973ab801c00763375a90cf7532b592c4086 |
| SHA512 | ba89277be0f910184f0a72a1b0f1d7aae2e540775e86d48f42ab9074e58b7ff6c3b2cf4c717d3d1923f7ff10886a76bf926ebd6189872c6c3fca799fb74b0213 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\vaddress\0.0.86.0\VAddressDevice.dll
| MD5 | e618cb77d4bb5f61a88fdb91303a2c1e |
| SHA1 | df3f87309db42eb084b46ac963e1c7d69eba8a78 |
| SHA256 | 55fd58e38c0a9e2f60b5c03750d45ecf0b1b7b873b84a531c224e4bcaa4bd064 |
| SHA512 | 5acd329ead414008cc670303f404ddfa68abb67dc6f4211d932bd74f7ccbf36e138caaef1ea35b783be5eb11d2efe2c33fb0088aff8036c3fa738db9f5c62020 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\vaddress\0.0.69.0\VAddressDevice.dll
| MD5 | 5396238bbc8c218e819f6715b20e6031 |
| SHA1 | 55ab28093742e28424688799729bc46d60a95a4c |
| SHA256 | 33236aa3dcaa4714e0e663799a3fac83593c8afb6e164c1c1c2fa3176a95b15f |
| SHA512 | 54df0b2dc50a26c1597932e2362c7c3c92afe83c262a8fea7221c15a3f77caa55897d34c675370eb9b7b955cf2398d26c1bfec4d3e0484b0606b57a4cf0f9c1b |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\vaddress\0.0.63.0\VAddressDevice.dll
| MD5 | 8c7fa231e13b7b380f8d2b456bfbedb8 |
| SHA1 | 66e153f427c44c90ef1e59e92723e95a99f75e8b |
| SHA256 | 310e5d67c32429145f05e82848fec26176fd1c50d01418a784669c32eb0288c5 |
| SHA512 | a62156e2f6db5b5efcaaa17d30233c167bf6b062d6410636d99e56fd0361d936ff3fcb8b80726165dda7bac0f7eb3b178dd604614a380addd1ba7be508e2e4dd |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\tools\ucrtbase.dll
| MD5 | aeea6662f0f7819a077b99441c36178c |
| SHA1 | c3a2ec7fd791235b8b1f2371e94f25a1670f7d00 |
| SHA256 | cd48756e96740f84a2aacd6c308997a4a36a953cd77f50cb54c27915a5c5c302 |
| SHA512 | b4b3c42e716fffe98f1c65bd2b0f522725ab8b43a7739c0a925b850fc0601e77cdc1e2071813229477d129caa73813ef6eb5c4c806d1c48c90332c429365d639 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\tools\my_upload_md5.exe
| MD5 | ece6882c94aaeab536fc8a168d744e04 |
| SHA1 | 9ac8a75b32c9f846231994ef43b2bc8e7bad44d9 |
| SHA256 | ab96dd5cc65c4bb1b827561496af5712722441cfd9fb3418847e274e7c114798 |
| SHA512 | b6b1a8bb1e3877e2280e9ef6164626da2b580e1e9471294898a1bf27e231560fd3540ce8821759a0dcc7b6680eca81500152d666492c1ff7fc9cdc8bd33080ae |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\NetLwfUninstall.exe
| MD5 | c1daa5ef4cbcdf5d4433a3b0e9825c6c |
| SHA1 | 2c5abc45abc8a58ab66528d666c2be2e7d22f294 |
| SHA256 | ec2c0a9e11a9072985132004c9962bc528269d7a92bd11d105b529e1d6e03e8b |
| SHA512 | ffc650aeb4c57e0e32020cfacc1845813d147cdc5c5fb76fc66fd7f7debffada389ea949f31e70a64d94c4d4d97d9ca2abf45345470bc6c9611a41d746e7f3b3 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\NetLwfInstall.exe
| MD5 | 0642ecf0ed6dca6938ebed269a3094c4 |
| SHA1 | ccd17c3e6e0eda4a701c5a8f25df50c948fc16e0 |
| SHA256 | d37b9ee12110b1fe757990b8f9fc7e4fe9350c4d26e52671de6c55203f629fff |
| SHA512 | 6e975d77e8766e686861cc6fc9fab195ecb172d4d4ded1ae02b962a285a8a5e9ed4abf46b04777582b2f6224f362db2c035329c78a9579c4f36fd8593afa0a6f |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\NetFltUninstall.exe
| MD5 | d7f6a5f24ca0d92d26075a002875832a |
| SHA1 | 64a27dbbfe27f4867ff8c0fa2f0aa5a3f1968b2b |
| SHA256 | d4f5d26bafa4c3e3c466fc9395be81eff8670cf00a01bacd3f5bd8c22eb460c6 |
| SHA512 | f0566e17920021feb18758302be8c3dcd3a02dd2f5f6402888b84daf6f86a668f8d692c8b448ddc275f92961a1abba7383591e2f77ef713447e498b9d7eed0ac |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\NetFltInstall.exe
| MD5 | da3e3159116e69f1f542892bd1e2ac3e |
| SHA1 | e48bbf9de386f2d067a29edec9332ef000e683e8 |
| SHA256 | 7a035ad151ef512f54cb4bf8c9bc8fb28e4ba09dc6035887a118aacf4fa50e6f |
| SHA512 | 4c514ca647283c1d2ffb5b28ef30c0cb701655a8edd3b9b5866aa7fd2a4e0e30012010794b451cfa8d2a00d7c1e0119cc627df93ec557fb0020d43ed0e4f1614 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\NetAdpUninstall.exe
| MD5 | 281bd3e5c84d35301ec837b59c503e5e |
| SHA1 | 4fd001158a33b77f15001549db38e4398de9336e |
| SHA256 | 10f55e5725a7044e9120403db8284eac76c05f485a6cbb5dbde10d2a616b88de |
| SHA512 | 47d02e1ef91d4bbd1d67ce1ee68d61efb29364b9b9066963cfecc423652e7fbdf06e475572f0f46f367e0c23ae0d01fe2dcaf907e84a822822842d3440846ca5 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\NetAdpInstall.exe
| MD5 | 0c7331875db82690b86948c1fb8eac1d |
| SHA1 | fb2e8cd541c721ef656013b2ae122f440902043e |
| SHA256 | 2eb76a57e7546b60b800c38cc340e84210317e16fb2c7329d09bc23deef90885 |
| SHA512 | 0b27c225c9139351c5dcaeac07e7ae0982bfe340ac6f7efe455807ee242107a7ecd3f2c86a9fe9426ab41913721b3c227d2a226c99ea48792fc887444e733bc2 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\NetAdp6Uninstall.exe
| MD5 | 2cf6860fbdd36126ae62cd6b9a68e082 |
| SHA1 | 0d6de2281c2f83ea206d6a6259e46f980033b3cc |
| SHA256 | 0d2e390ba3aa9f706ae4d5cd5ddab06adc8da485df30098c4fbe5b9b03abce19 |
| SHA512 | f48dd46a257cf219a0d79ec49d5622763e7db714c87b0f3c659b8e0528b1bda7cb4192f763fa6edead72fee3cd8488c004f8dad33d0048d7873b7756ab0b046c |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\NetAdp6Install.exe
| MD5 | 23fcfa8100447716302f10678ec252e6 |
| SHA1 | 910024cb56024a6c79465f82f55080e906210228 |
| SHA256 | e50bef29a5761e459f7a121aca4bd0c953005f501de7cddc35d681434bd2a13e |
| SHA512 | 8fe1a51c56fb349bad342c3cb353912b83327f5c51ca4545a1263b4b2af2228f127334837f095ed703cf0e46b5c72fef37ba35a9f2b862c0fd12defee8f36604 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\vaddress\0.0.92.0\VAddressDevice.dll
| MD5 | c452f408b06cf88692c03ba5c534bd76 |
| SHA1 | 8b3c315e115ba8ffbeecc7878a3034cefe65b5a3 |
| SHA256 | bc2f9fa16c1899e8d92a5d3a3f7dfbdbb9a1fc124e252259f2d86f207c2b09d4 |
| SHA512 | 3ba6e6ffe15a3db3c9a5531a6572de75e428f0608a8b8abbea8e1c3e84bd6a278524b818e9b2351d2cf10094d881696e8051272ad0bd741c893efe31b62f6ae2 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMVMMR0.inf
| MD5 | 9ef94bd0428340d94cec3ed921cc2eb4 |
| SHA1 | dd94165626d95ab1d351298843f77e9ca0ce0801 |
| SHA256 | 023cf519b63b84224cb092be487568cac6a75e5da2acb394873dcd48d8747954 |
| SHA512 | 161b31d7870f06b6fd6648f3106e9582825ab81d2279794ea08eef4ec947740b7c4b8a7b4f21e74dff0e2a654cdfcc9f1f1b5727a8c1abb952e31de3b796bc0e |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\mumuvmmvmmr0.cat
| MD5 | d554aec99709b5e977ac72b2e4cf31d8 |
| SHA1 | d12dc22ad13349970effd971c77f9d5a165ce2eb |
| SHA256 | 6f0ce3c8c3f125d56e6f6c19afc88d38c4679475c720afc1224ab29b8cfb451f |
| SHA512 | 4a441d764792e23d8749b2eec563a66d2a4fdb6c61e195fd76095aefde1b1806f7b5699080c0539df4081f0d15c53e8dd5eba76171abb9661b85a7004bb47038 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMVMM.dll
| MD5 | 0d7e37cfc49b2a947b37ed18967fddc1 |
| SHA1 | 134a6b26de675f999a8fdd0f2ee757c8338b5358 |
| SHA256 | 55eee5d11d82a19e7f7cef79223cc5800535d45592b598954d4466f5c1367138 |
| SHA512 | 0025a9bc8225c2079faac635d29e7d3e5dbf8d45724765a9055f7c74a97b791e51cf5f3290d118b6667473ae02903a2f3830d14caf69e670741e68ddf9cb53de |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMSVGA3D.dll
| MD5 | 3165c64b85d9d21a6ff2db42ff09f3ce |
| SHA1 | 16e35150c56d9bb9338563662e0185ae76930c18 |
| SHA256 | aaaf64798fbbe4cc7362cd3cb4d1aaa55400ae60f406799800415fb36c8367d2 |
| SHA512 | 1b29c47798f29062cab911a108e289a492d61dbcd019fbd42b7825ccf7720809d0b4f60e29a3bf60595e9b808154a6f61e4b7010174f770b7e208da86799146f |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMSVC.exe
| MD5 | 672417b44224f7c1ef624de683755c71 |
| SHA1 | d83a5b6d903b7c24ee0a458caeb7c3db80e52fa5 |
| SHA256 | 66a38209fac0f41ad3d6781169faa77c2e384620221c74fa569af278f427eeae |
| SHA512 | 9b5cd5fa4fac913a3c333106b7fc375b2fb1041c3ebd78961ee92c164d415fb5e6479ee33e559a7c869a49d1ad75d4e32ae956d7e127c31d06eeaf56cd1d5d2a |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\tools\vcruntime140_1.dll
| MD5 | 3b22b2ec303b0721827dd768c87df6ed |
| SHA1 | 86f8af095cf7368ccbff2d0fd6d33586145acd2b |
| SHA256 | 3b792da47040c3b3e0804cdc5153eef4e802b6975963029d8dc360cb824a7b62 |
| SHA512 | 79db774980ee132797f7e7dbc0e055b724d8fbf0e4917523b285f918730adfff81022cc6f5e15469b011d55501fd7b085bc070e9ecdfb75c05f4d6622a7f2475 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\tools\vcruntime140.dll
| MD5 | 0c583614eb8ffb4c8c2d9e9880220f1d |
| SHA1 | 0b7fca03a971a0d3b0776698b51f62bca5043e4d |
| SHA256 | 6cadb4fef773c23b511acc8b715a084815c6e41dd8c694bc70090a97b3b03fb9 |
| SHA512 | 79bbf50e38e358e492f24fe0923824d02f4b831336dae9572540af1ae7df162457d08de13e720f180309d537667bc1b108bdd782af84356562cca44d3e9e3b64 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMSupLib.dll
| MD5 | b1d93f06d3ff479cdbba4e1c9a64f0e4 |
| SHA1 | 9fd00492ed595e62e78e80b569e1c39cab9de1d3 |
| SHA256 | da0b8f8bc0c91b26477ae12d922a1bd9a16d2e40df36407c50f525e2ceaccb41 |
| SHA512 | f5471fd9051c055bc936154475f53c5caf538136f48ad593fa23159b1df31c74956afddd6064d56610789b672d12b2eeb8cd11abb91fd02fb74f8504cc90251e |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMSharedFolders.dll
| MD5 | d617ae87e5ec1821e9cce9c55595e4f9 |
| SHA1 | f39cd6f1528ba80a08b6136a0423804b78ac3050 |
| SHA256 | 60728396bfa0e5843855d4cc265411ca5ca3359cba2a76eae57afcb7b5967ed1 |
| SHA512 | 5c950841bf205e520261253171d38ec97b2c9cef0bba73d58e6b905f1062d0efb5097fae963d6b5b7372cab865c7cdbdf89d6f5b354c50d4716c503ff8b2bc14 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMSharedClipboard.dll
| MD5 | e9f78eeed4800371f7661e0cfd10a1d1 |
| SHA1 | 23fb352f858cfc5ddec37565285c1dc4f35aad32 |
| SHA256 | 5ab420b5b984105a5ada4bf8a5578dce6c3922bfcdfd1d5f15328ca31296e3e8 |
| SHA512 | 4ad7c3713a42341a881cb7037266af6b86072b886f4808e8745715c86317374b3f271cb8f36bc532af2646b7a6b0c9f25b11766c4b585e5a8a95b1f3b9add698 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMRT.dll
| MD5 | 63e8381bf53c0416252d1a014a0d928b |
| SHA1 | c4db51db0436b544226398800d71273d03c9680a |
| SHA256 | c0ab581ffc2859b29588b70b841d2a008674ed673a0e1717a855b41738269f60 |
| SHA512 | 813852361f6d4841b9c9fe7df4bf03d57e227fcd73cdf3c1e9ecf72df3e3a2632e0f8f7fda1241836aaa91f72ea03c90cff1a95dffe944b6fc868e685e0a9c2c |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMProxyStubLegacy.dll
| MD5 | a24d7cffa168b8f4a742f80f4f4ddfa0 |
| SHA1 | 885f8f3160e9b6d5b9cc959a1be91ad78c9f6adb |
| SHA256 | 8147c429192980729beab4393b5486520cebc2dcb6b95274d55a196e95d12dc9 |
| SHA512 | 74350a8937c1c46295bfd7b5ef96902a65de3e2d3bfcd482ffc9ba57a2c82998eb1044df81430038278b753c4b2c47b9ba839031da94a4490769d83741877972 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMProxyStub.dll
| MD5 | 7e75f6671b3cdfabf1e74dc6e0521bdf |
| SHA1 | da28f119b7707053abd8fe157edd9d7345ce4c63 |
| SHA256 | 08ccef96995cb4c22ce30c865515198366cb466bb2ef98fe6b36aab39c331170 |
| SHA512 | ff7f2121e381b710c276185e952957f922767e7e225e5a934997bee2c2dc3eab8ab4f8f275c090e9ab7f259879d64bc26b2fa5560d3ccbdf948d8de8e340d6f9 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMNetLwf.sys
| MD5 | 6c000ac4c46fd78b6599f8e45cc0ce7f |
| SHA1 | c1d7e2809834e62326af0a46cf78f14eaac9dd2e |
| SHA256 | 05adb854983e9da8821eff5e50cca5a59ad0fa501966c269bd6e937f29d971da |
| SHA512 | 9d590138e97f72307fcf431a273f5af80409c9f2eb848b86b889cd1bab4f6a154719588b85093f244ca912d256584b65d7440dec900aab1160f5cd478435eb68 |
C:\Program Files\MuMuVMMVbox\Hypervisor\SUPInstall.exe
| MD5 | e33988294e3bf2912a26b9f9192e7580 |
| SHA1 | 66ffa50a155fc6cedc1774b8720ee603045a38a3 |
| SHA256 | f6786abfcafc774f6c70dc85ff702c7779cc08c5e7bcc088bebf71b4ef46d58f |
| SHA512 | f3554a30480a2dc8981e86cb6bc32d64311a879d2e9cb922144e7c9dd471138673cfd1348d1d3295b48238cc5931c785cc02b6a4bab1e13b6e15719375e522de |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMNetLwf.inf
| MD5 | eeb987061c0c9fe0d0dc49532bc1d3d5 |
| SHA1 | ce2a9f432e29a78ddfdd20806cb5724d9e056c58 |
| SHA256 | bf673efdb64b7e81069eca5b0c50dfb7e6dbb3bb3295f5d034089cd16b528fef |
| SHA512 | 8703585843a33021f4bec2bf674702ca7f48a2fb6f8961539e256212c628660ac75edbf2fe9dae37f3d9267d1ab9451ba0e756307d6133f0875fa4f3898c0803 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMNetLwf.cat
| MD5 | e1712d82f582f98c3a0e78e0d4651c2c |
| SHA1 | 6dd1fdf141151ec19916cbb52b6489589bc8d584 |
| SHA256 | 7ef2dd59e21ca4845a9e09fb64b827cbf6e438e13091fc48ec649ae5fa69fb52 |
| SHA512 | 0c780fc05b95dea9d1f542e842481f3d18d153a87121ad4cf026d001c8520251641005df7b93c8f17a512cee28cca95afa9ca0ebfa66808e11e19c2ea18c04c5 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMNetFltNobj.dll
| MD5 | a3ef245f632306e11a5b64a2b97c9829 |
| SHA1 | d7dc4179114dfe5250c90267b67d82f2beaa9bf4 |
| SHA256 | a8de4f22825c5e406efbe4fdfdf63dcc967337848aa5d6a952abacac52bfaf4e |
| SHA512 | 2ebfa77be8475c8f0e60f5bdfa05e74c321e95537bd2e41ae4cafa2d5098bce8d68a3873897d8e26c8ff7758dc8fa11b87cbf2366a92ffad7d918d863af45a40 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMNetFltM.inf
| MD5 | e87981c99ff763113ca116a3ad696027 |
| SHA1 | f8ad4145189c6afc08fbf5429a6da96aa1d34840 |
| SHA256 | 4364c725e14a761776b123c92cc492c0404393cfa7960ffa173a54961774cdce |
| SHA512 | 4566c22c9c759cc5acd69846fc910760b68faf5aa4573d3f01c328d2bcd24d3cf735215682737752c22e3ebe11e6ff5e49ef8504fc72b1523bf995ac223cd8f5 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMVMMR0.r0
| MD5 | 3fba4bc28fcf269cae647d13a3b4cbe3 |
| SHA1 | 47eb1f7dfbbee99200ac47bc9d5cce17fdd78e62 |
| SHA256 | d33aa386475bd529f8c3c9edf9449e9b51b71d8a84515390e405bb246bd57807 |
| SHA512 | 5ac2042ae175938754ec9918014ea546bd70cea8ee2b9670360b9e4043982bfb103d3fcc6d5c811076fa52205532d5b00e3e6e8923144e4bfb37bb852e8bd041 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMNetFlt.sys
| MD5 | 0ac3c5231442f711d34748bc5d3144e3 |
| SHA1 | afcb04e915cbae553d82ae58d54c2531d144e395 |
| SHA256 | 2457a0c4a3176277e7db80e406f1ddd46c669e01f3f741c6cf3403da31e2ad07 |
| SHA512 | 7f94a88ceabd9ace0cd65cd49297b482f040ad31b5bbd34955b25f6aafce315cb6fac28fa0a1d61614d3eeae7cdf3bd63e4191d59f2d17267870294ad8a861fa |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMNetFlt.inf
| MD5 | e61b659c79361ee58dc58998e4cb6373 |
| SHA1 | d6e00c2002b23b7c4414319ebc435bbd404d3397 |
| SHA256 | 1a15705f3aa1cbbf47c1b7fac1ea8a3e00e17958e6ad6b674be2bd7389a0dfbe |
| SHA512 | 6d7eec93f8dd10184707c2d0c343eca5caf9f0467bd7efc2b1e1bacd2b36389ebe062e3b8f6d5bea479f7fd0b1f27458923c6866cf6e322dd928473b1c72f669 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMNetFlt.cat
| MD5 | 91bab7bfdb03f17ef945f26ba626fd47 |
| SHA1 | 79d5b9f174562756ce4649148bf9ee4bd2829dad |
| SHA256 | 5fab6bfc10c7feb4ab015373ad1368a7b5e2391c3b971341481a995f72fc07cb |
| SHA512 | e53cecbb9670ea918e1946419c40ef2fa3ebea1e067e66fc244a701721bdad108a102d6d7978d9741afc144d4a4540e1142f865ac9932709fe49b3e31419701d |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMNetAdp6.sys
| MD5 | 4310bfff02dedf0d13d0b763300bdce2 |
| SHA1 | 50aa2fbd794eba7a6018141eee510c139408d83f |
| SHA256 | 5150461b359ab6bd3be49edd77cd8ff429fb02d4e704155d794989f9b485aae9 |
| SHA512 | b181b835006ead6ddffe577a1089cef3b3f56475644433285d7274c6fd9e2bb4d2dd9e3bbced63a4e7778213aebeba5499ecb4aaf4dfc1751d895b862f4fa2f4 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMNetAdp6.inf
| MD5 | a8cf4a14790dcc315d764fa481adb5ea |
| SHA1 | 98d562c329fdbbcae881a4ea7148e6b15544d753 |
| SHA256 | 94bff036fd5caac9be2ce2b60695f5b881e06211d8fa3ac771a82974c6cbef79 |
| SHA512 | 05e08c8293f9faff2cb65aa0b5172324ae0adc1c73469fef4c42ad252ca4ce068f564bdfffaf134f1f72f6671ed4acf27d44d0dae17f354ef1c9e6c7373e37b6 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMNetAdp6.cat
| MD5 | 5b06844dd324d3429d14220f8e03b100 |
| SHA1 | d3c29644571053595da3eb84543fb2965fde125a |
| SHA256 | 821841dbd1549bf444e8f5082da3feb75fee3f4feabf117b131058d252e5f68d |
| SHA512 | a73a271ad633da89ffd112a9db387e9705edf30e03b18123abbc82671ea471c072be8a9ba81d1e4a7fd853138f64e265f1f01264a25b24a7118d7758b11d8db8 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMNetAdp.sys
| MD5 | e38eaf43e944f9c03104283f105f5363 |
| SHA1 | 166df8ae9d5e2d3039a5b9a96725c98e43c268c4 |
| SHA256 | e7c6793ec48fd075d74eed04933cd256720e4bc4609baa12eb201ef6c89b8108 |
| SHA512 | 39170fa2c6649106202a45f4dba9800efe0c9e93035df7a59ded989f746cd2d1de971069ef6aae60d34dfbcc7c33b14756a619b430c0289c54439970cc454e7f |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMNetAdp.inf
| MD5 | 92a337482c3995c561139ea8bd7c405b |
| SHA1 | a164ab90cd6e1abedba0c54a96a450d94be4c93b |
| SHA256 | 898574b40ca3ab0ce278899e4e585d653eb5dc3a2ac7da57c904a0bf4b0cc014 |
| SHA512 | d46f8d7abdf445697303567845390b52a31f3c0e45e8aa357802e667bd4a0816555b3d841f19672adf69c2c31e3dd62e7e6d788d50d95172ac81f5781403a102 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMNetAdp.cat
| MD5 | 4c8e27b491df706887eedcf71be13759 |
| SHA1 | e5e11388cd871f54c8c5602deab7ef8392843064 |
| SHA256 | 8d106e9f8e78d6890161ab12be359ca0e357ce6ad46d9bdc5d80af3448eb94f7 |
| SHA512 | e4ed33bd3adc12e62718d93e5d8c8c4fcb61079ff64d50df77014b6730ea2aac15fbca2abb664e19b84bc9d6bde5025a8f71274b7dd7f3e2e66ef07dd5ecc76f |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMManage.exe
| MD5 | a9e4af672f217ef535e9592f5dc971eb |
| SHA1 | 27670fb386427d240f91c8503b4f970cc1e6d078 |
| SHA256 | 7d5b9212da761a3edc07a2ba5f1547f0662be06ae997465e8d5ccae28714e744 |
| SHA512 | 2b48c4c52ff47d2373b5f3cfd5056595c3b7c7516e66eb3a8c40a5f5b20446fde9dd0440ea814c2817135b1e45a47d08e62539841803f2d1f7e9fbc52961fcd2 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMInstallHelper.dll
| MD5 | f4bbc0ff246a38ec930a455f995bd6f0 |
| SHA1 | 4f44a3b8002245a8648784fc28a6ec54a0c20679 |
| SHA256 | 1256e679cf2883bb44b4d4f6bfcc44cb332f3a802c396e787e2fbebe67a39dc1 |
| SHA512 | 2bddea41502aaf6731e3e3c599190001fbb23604b952bd26dd67b9be7d5a3b17bbe85d1fdda42d78b103394f27c13710f7d49e3272606b2cda267fd31014635c |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMHeadless.exe
| MD5 | c1ed3cbf64043c49052768c658f081eb |
| SHA1 | c809a1b955aaa13059f7a3c7a9ea70870c9cc217 |
| SHA256 | adc96ee91e917a7f5718a6a918327b3d081e289d097940c18da79d94036dbded |
| SHA512 | 947ed6e70046d99063788c56ab9b71ae6e144ba1929ec1910d02393acb132c5c4cd11304b4dfaace131f832770a06260d02c47b4aaba11e4666af30bf4ebfae3 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMGuestControlSvc.dll
| MD5 | d0fe3592f2ca04d63045927a4befc420 |
| SHA1 | c831f6dbd84e13170a13a0c8506eca32f1bfd70a |
| SHA256 | 42812bbac82102947c8f09911ed612408b0d8d851339da493de021f15c488c58 |
| SHA512 | 902b34937406d287b4453b78cdd4a2d4f92ff8cf526c03a58e7928d5e26afc5f1907f1d021168aa2f476db941b03dc18de36773d0939da910e922c8423c4e13f |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\hypervisor\MuMuVMMDrv.sys
| MD5 | 14e93c14b6d5d5d9db26275dfc987015 |
| SHA1 | 0585447d1400fcd57b86280453915799de24c7c3 |
| SHA256 | cfb29a2e7e938f7f2ec0443d5cf25261468e54c616eb74272c43924bb32e806e |
| SHA512 | 41da4d14075c3b47c4228cf1ad964b7a943b59c8e851bd2c264d88e37a7a3f525c9ad15683e5b0f512854eb1088c1d398fef8217a7c420d239c5de12c940639e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 733ef30fd40bed611207fac19c6db125 |
| SHA1 | 3617db82c011c4c7852f67b4847e762eeee7e544 |
| SHA256 | 3c30a3ac5abb2d94ef7eec465eac6967bb81fa9628c2ac64ef57bb2ded8d0329 |
| SHA512 | 370eb603d32ea8b9e2c24de9cf758b9680909910b988672b1c29716cb96ea8913821b1ff8f340575637a7fea2f6b89bef347d82ff8e830a0b0867663f82be0bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 504128e216344902112e1dd39a08c07c |
| SHA1 | 1619391bc986d37fc3c21316df7a2310f11e6f64 |
| SHA256 | a087c563d82c9f7a8656f757cc303b7bca11e8dda076d96dc0842ce93592eef4 |
| SHA512 | 0ba9c13c78f35472d824b35c91466849b26e9482ddb82376ce4e4b5aabb226a010d81df110eb302dcaaf9862c3f40f4d043fb0cc0a845ce642c6e9377c6c6254 |
C:\Users\Admin\AppData\Local\Temp\nemux\MuMuPlayerGlobal-12.0\nemux-scQueryMuMuVMMDrvBeforeScStart.log
| MD5 | 0649d4c069fb3136de50d9ebe44b7cac |
| SHA1 | a58bf5d93120eb91eab5ad7af282c99c0e36c4ba |
| SHA256 | aba93de5e732f49ecdd398b49f44752478a6ba279222bfce8b622a37124fbcf5 |
| SHA512 | 829daae9029c6741c06374f2b7f642e88d3f5707d7eb9ef45692a16d1a05f8d6f66305ddf51a222a8748157317f76c5115cbf1bcce0cbbb4b0c4e56a50813854 |
C:\Users\Admin\AppData\Local\Temp\nemux\MuMuPlayerGlobal-12.0\nemux-HypervisorDriverUninstall.log
| MD5 | abdafce361b743ce2b265c8fa2b9c1ae |
| SHA1 | dad27f32a35288ec4dd75115e2b73932968c0241 |
| SHA256 | 54aa3c35d1230b46f7b3db82936b288312f7b1ce654a77252d170c5f38aa9124 |
| SHA512 | fcb6f7c029dd38cee4d83af4af4a0942c94af053c2e69f32566ab214febb413509876c79cf0450d7a0f81b167994aa15f2d861c3d55ebcafdabef2fb9315a939 |
C:\Users\Admin\AppData\Local\Temp\nemux\MuMuPlayerGlobal-12.0\nemux-scQueryMuMuVMMDrvBeginUninstall.log
| MD5 | 6bbcfd360c0797e6650f0d3cb1c36109 |
| SHA1 | e22b5f6a4654134d687a3908464e67faa23d84ff |
| SHA256 | df023ca139e8dcb21f0d4a603b34af95f980c1e388c97e4735dd698d0329113c |
| SHA512 | 0281c1cc1b104c73f130068a905e37b75f3c3a40884d3e2cc421aeaf6a3c6b938393894fe750fa7de44b9d0a25f9b3c11bb386fd133b3d710a549632ed9ea604 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\shell\Shell\aria2.exe
| MD5 | 2f3d77b4f587f956e9987598b0a218eb |
| SHA1 | c067432f3282438b367a10f6b0bc0466319e34e9 |
| SHA256 | 2f980c56d81f42ba47dc871a04406976dc490ded522131ce9a2e35c40ca8616e |
| SHA512 | a63afc6d708e3b974f147a2d27d90689d8743acd53d60ad0f81a3ab54dfa851d73bcb869d1e476035abc5e234479812730285c0826a2c3da62f39715e315f221 |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\shell\Shell\qml\QtQuick\Controls.2\designer\SwitchSpecifics.qml
| MD5 | e6dd3db4f8a582e30f07b77e801428f0 |
| SHA1 | d207e34278440fc9b47c6480a47fef13870ffff6 |
| SHA256 | a3fff66cd7217029792e7fce403cc658b0ea03b2d3a2860f57479c8ea6bc1372 |
| SHA512 | f58e27d7f36e05cb1d6277629ee2e3cc239b2ba73a75d1399a048191e4443dbb1360922b2cc0d36c3a19b04fcdb64f5dbbd0a838736dca658b9caf856031c5ea |
F:\Program Files\Netease\MuMuPlayerGlobal-12.0\temp\shell\Shell\qml\QtQuick\Controls.2\designer\RadioDelegateSpecifics.qml
| MD5 | 5435f060331a523b9e5db9c9957756aa |
| SHA1 | e0f07b59a0ac83b7cea1716cdae4a59aeafa396b |
| SHA256 | 91d7772e4a193e91a093d59451508cdb89448eaffb4febda26789777afbacf3d |
| SHA512 | 536e731672c1348222490d39099712c7bbcbf8d0c6be5d0f3517c10feb1b47d7942c18703e18c28f36774546a41f18d61fa8096e022a82947d43b11a2641d187 |
C:\Users\Admin\AppData\Local\Temp\nss7CED.tmp\System.dll
| MD5 | 283555de06751c261b66243bbb1558da |
| SHA1 | 4532ed4e255ad0163494a02081b45e893ad666f9 |
| SHA256 | b6298637fea88a44e4de3f6b7fe254fb73857c08f1dcd8bd1af6f9eb5e6e7e3c |
| SHA512 | 469dbb4b7cc0d4f59d903415fbb7ea6417323f0daa2aeb2945a9744668f3d9fa95eb34a9d64a647835b563c74c3484c6d4b823a75119599aa5f975dbe471d3ab |
C:\Users\Admin\AppData\Local\Temp\nss7CED.tmp\LogEx.dll
| MD5 | 6eba32325d2db645c958c551f0aa2e31 |
| SHA1 | b116cc9ff0369af681ebf805a1a3befedd9ab868 |
| SHA256 | cf7b45a69a13551db95dcdefc8bfdd4128e1c1db67198347b43469b69c36b844 |
| SHA512 | 6c48038341bb16ce50b01c99f8ebfc919adfce61008d9718c06d55e92e54625ed2ab6ac850592e847bca61d7d57809dd531afeea4f0fb0c8310cfe1710f37927 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e158df4441212e58135d3b02e842c7cb |
| SHA1 | c5a4c2f9083765158fd22667b6a2b48b45154d2f |
| SHA256 | c4f4fb92547e4a224a1a704b474795e0de2af9a7e0d681da1b4d52a59f423a18 |
| SHA512 | 0a60e0c1b0e0cf78404b3c53b62e3e9c69f15d583b4d6408126f31fae4b2239c6d5256b0af84b15ce37e1d2f24545d40fdf0ee675720f273b407e189d92e56cb |
C:\Users\Admin\AppData\Local\Temp\nemux-downloader-ef1c4978-27af-4287-b4d4-1e7178ab54c3.log
| MD5 | c1d0547635fb976f4c9fa875fa61cb87 |
| SHA1 | 5d03d9f8ce6cca05cf43a0ee3c7b9a1836907f1e |
| SHA256 | a13335ada668dc3825a2b1d2510d765d6c928848cd1dbc603b9550963b37b22f |
| SHA512 | e0341fa7aef17f7d6d7e25829631cb90791a635bf574d05a62c1e34dae73da993fd76e8a227da1c56500d9995ef1bdb1f2bde5d91e32fef5c6cde6e514301b92 |
memory/4372-24504-0x0000000000B60000-0x0000000001115000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Setup\ds.dll
| MD5 | d9cb0b4a66458d85470ccf9b3575c0e7 |
| SHA1 | 1572092be5489725cffbabe2f59eba094ee1d8a1 |
| SHA256 | 6ab3fdc4038a86124e6d698620acba3abf9e854702490e245c840c096ee41d05 |
| SHA512 | 94937e77da89181903a260eac5120e8db165f2a3493086523bc5abbe87c4a9da39af3ba1874e3407c52df6ffda29e4947062ba6abe9f05b85c42379c4be2e5e6 |
memory/11064-24527-0x0000000074E90000-0x0000000074EA6000-memory.dmp
memory/11064-24526-0x0000000006350000-0x0000000006366000-memory.dmp
memory/11064-24529-0x0000000008E20000-0x00000000093C6000-memory.dmp
memory/11064-24530-0x0000000008BA0000-0x0000000008C32000-memory.dmp
memory/11064-24540-0x0000000003120000-0x0000000003164000-memory.dmp
memory/11064-24541-0x00000000093D0000-0x000000000946C000-memory.dmp
memory/11064-24542-0x0000000009B70000-0x0000000009BD6000-memory.dmp
memory/11064-24543-0x000000000A110000-0x000000000A63C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8c777481bc1b2c19dc079c10dca37e78 |
| SHA1 | 41540ca81837ac06d80805c1447f19b93736299c |
| SHA256 | c6c84e3512837cb7032929bfe7f1561e6537ec73c635c337002e47f25915b74f |
| SHA512 | ed9df1a50841d0692b099aaba0d30d12fa6a03de2a4274b418fc45d0d4f4b6d76b9497a56d78abfa9fe14997a22be5fd454467c9e220b9106335ed9131f6199f |
memory/11064-24553-0x000000000A0D0000-0x000000000A0DA000-memory.dmp
memory/11064-24554-0x000000000A9D0000-0x000000000AA20000-memory.dmp
memory/11064-24559-0x000000000B340000-0x000000000B3F2000-memory.dmp
memory/11064-24560-0x000000000AF10000-0x000000000AF2A000-memory.dmp
memory/11064-24561-0x000000000B300000-0x000000000B312000-memory.dmp
memory/11064-24562-0x000000000B430000-0x000000000B450000-memory.dmp
memory/11064-24563-0x000000000B490000-0x000000000B4C2000-memory.dmp
memory/11064-24564-0x000000000B540000-0x000000000B5A6000-memory.dmp
memory/11064-24565-0x000000000B4F0000-0x000000000B50E000-memory.dmp
memory/11064-24566-0x000000000B510000-0x000000000B52A000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f4490189499308f275e12e4304a6d72b |
| SHA1 | f884205c925e91153d0e68395c0c7fae7090eb1d |
| SHA256 | 3769695f4550917e22c1c3b7ed1b372d7ae17ce438794486ca9eb7566189be46 |
| SHA512 | be72c80378e3ae9d175c91f83d9fcc4d5cd4e195f57ceab4dd7d8d2d35ec9d1a3698fd3e46e585d24b2f71cb3d32132d470f8ec09d4b30d73268a7efcba801bc |
C:\Windows\Logs\DISM\dism.log
| MD5 | cbc5186ea6414928a46c9fd5705d41a0 |
| SHA1 | 576f9692f222bf6480d481804b542e3507e198bf |
| SHA256 | af74548a49aab370b0aaf68980320997d17fb9ee93731e354065f6b20227b361 |
| SHA512 | efc3b949ed2019bae67a62f4ef9f6888c78e6e7f45d11d8c794a79ef6ca8bce7702d2a0870282729eecadb9b9955af5bbe5f28583e15025829e1454800fb1db1 |
memory/10864-25173-0x0000000002DE0000-0x0000000002E16000-memory.dmp
memory/10864-25174-0x0000000005820000-0x0000000005E4A000-memory.dmp
memory/10864-25175-0x0000000005F40000-0x0000000005F62000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_k2wiu4o1.qtp.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/10864-25184-0x00000000060C0000-0x0000000006417000-memory.dmp
memory/10864-25185-0x00000000065A0000-0x00000000065BE000-memory.dmp
memory/10864-25186-0x00000000065E0000-0x000000000662C000-memory.dmp
memory/10864-25187-0x0000000007560000-0x0000000007594000-memory.dmp
memory/10864-25188-0x000000006E710000-0x000000006E75C000-memory.dmp
memory/10864-25197-0x00000000075A0000-0x00000000075BE000-memory.dmp
memory/10864-25198-0x00000000075C0000-0x0000000007664000-memory.dmp
memory/10864-25199-0x0000000007F40000-0x00000000085BA000-memory.dmp
memory/10864-25200-0x0000000007980000-0x000000000798A000-memory.dmp
memory/10864-25201-0x0000000007B90000-0x0000000007C26000-memory.dmp
memory/10864-25202-0x0000000007B10000-0x0000000007B21000-memory.dmp
memory/10864-25203-0x0000000007B50000-0x0000000007B5E000-memory.dmp
memory/10864-25204-0x0000000007C30000-0x0000000007C4A000-memory.dmp
memory/10972-25209-0x0000000005960000-0x0000000005CB7000-memory.dmp
memory/10972-25216-0x000000006E710000-0x000000006E75C000-memory.dmp
memory/4376-25236-0x0000000005730000-0x0000000005A87000-memory.dmp
memory/4376-25237-0x000000006E710000-0x000000006E75C000-memory.dmp
F:\LDPlayer\LDPlayer9\ldmutiplayer\7za.exe
| MD5 | ad9d7cbdb4b19fb65960d69126e3ff68 |
| SHA1 | dcdc0e609a4e9d5ff9d96918c30cb79c6602cb3d |
| SHA256 | a6c324f2925b3b3dbd2ad989e8d09c33ecc150496321ae5a1722ab097708f326 |
| SHA512 | f0196bee7ad8005a36eea86e31429d2c78e96d57b53ff4a64b3e529a54670fa042322a3c3a21557c96b0b3134bf81f238a9e35124b2d0ce80c61ed548a9791e7 |
F:\LDPlayer\LDPlayer9\fonts\Roboto-Regular.otf
| MD5 | 4acd5f0e312730f1d8b8805f3699c184 |
| SHA1 | 67c957e102bf2b2a86c5708257bc32f91c006739 |
| SHA256 | 72336333d602f1c3506e642e0d0393926c0ec91225bf2e4d216fcebd82bb6cb5 |
| SHA512 | 9982c1c53cee1b44fd0c3df6806b8cbf6b441d3ed97aeb466dba568adce1144373ce7833d8f44ac3fa58d01d8cdb7e8621b4bb125c4d02092c355444651a4837 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\ssleay32.dll
| MD5 | 0054560df6c69d2067689433172088ef |
| SHA1 | a30042b77ebd7c704be0e986349030bcdb82857d |
| SHA256 | 72553b45a5a7d2b4be026d59ceb3efb389c686636c6da926ffb0ca653494e750 |
| SHA512 | 418190401b83de32a8ce752f399b00c091afad5e3b21357a53c134cce3b4199e660572ee71e18b5c2f364d3b2509b5365d7b569d6d9da5c79ae78c572c1d0ba0 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcr120.dll
| MD5 | 50097ec217ce0ebb9b4caa09cd2cd73a |
| SHA1 | 8cd3018c4170072464fbcd7cba563df1fc2b884c |
| SHA256 | 2a2ff2c61977079205c503e0bcfb96bf7aa4d5c9a0d1b1b62d3a49a9aa988112 |
| SHA512 | ac2d02e9bfc2be4c3cb1c2fff41a2dafcb7ce1123998bbf3eb5b4dc6410c308f506451de9564f7f28eb684d8119fb6afe459ab87237df7956f4256892bbab058 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcr110.dll
| MD5 | 4ba25d2cbe1587a841dcfb8c8c4a6ea6 |
| SHA1 | 52693d4b5e0b55a929099b680348c3932f2c3c62 |
| SHA256 | b30160e759115e24425b9bcdf606ef6ebce4657487525ede7f1ac40b90ff7e49 |
| SHA512 | 82e86ec67a5c6cddf2230872f66560f4b0c3e4c1bb672507bbb8446a8d6f62512cbd0475fe23b619db3a67bb870f4f742761cf1f87d50db7f14076f54006f6c6 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcp120.dll
| MD5 | 50260b0f19aaa7e37c4082fecef8ff41 |
| SHA1 | ce672489b29baa7119881497ed5044b21ad8fe30 |
| SHA256 | 891603d569fc6f1afed7c7d935b0a3c7363c35a0eb4a76c9e57ef083955bc2c9 |
| SHA512 | 6f99d39bfe9d4126417ff65571c78c279d75fc9547ee767a594620c0c6f45f4bb42fd0c5173d9bc91a68a0636205a637d5d1c7847bd5f8ce57e120d210b0c57d |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcp110.dll
| MD5 | 3e29914113ec4b968ba5eb1f6d194a0a |
| SHA1 | 557b67e372e85eb39989cb53cffd3ef1adabb9fe |
| SHA256 | c8d5572ca8d7624871188f0acabc3ae60d4c5a4f6782d952b9038de3bc28b39a |
| SHA512 | 75078c9eaa5a7ae39408e5db1ce7dbce5a3180d1c644bcb5e481b0810b07cb7d001d68d1b4f462cd5355e98951716f041ef570fcc866d289a68ea19b3f500c43 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libssl-1_1.dll
| MD5 | e8fd6da54f056363b284608c3f6a832e |
| SHA1 | 32e88b82fd398568517ab03b33e9765b59c4946d |
| SHA256 | b681fd3c3b3f2d59f6a14be31e761d5929e104be06aa77c883ada9675ca6e9fd |
| SHA512 | 4f997deebf308de29a044e4ff2e8540235a41ea319268aa202e41a2be738b8d50f990ecc68f4a737a374f6d5f39ce8855edf0e2bb30ce274f75388e3ddd8c10b |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libssh2.dll
| MD5 | 52c43baddd43be63fbfb398722f3b01d |
| SHA1 | be1b1064fdda4dde4b72ef523b8e02c050ccd820 |
| SHA256 | 8c91023203f3d360c0629ffd20c950061566fb6c780c83eaa52fb26abb6be86f |
| SHA512 | 04cc3d8e31bd7444068468dd32ffcc9092881ca4aaea7c92292e5f1b541f877bdec964774562cb7a531c3386220d88b005660a2b5a82957e28350a381bea1b28 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libeay32.dll
| MD5 | ba46e6e1c5861617b4d97de00149b905 |
| SHA1 | 4affc8aab49c7dc3ceeca81391c4f737d7672b32 |
| SHA256 | 2eac0a690be435dd72b7a269ee761340099bf444edb4f447fa0030023cbf8e1e |
| SHA512 | bf892b86477d63287f42385c0a944eee6354c7ae557b039516bf8932c7140ca8811b7ae7ac111805773495cf6854586e8a0e75e14dbb24eba56e4683029767b6 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libcurl.dll
| MD5 | 2d40f6c6a4f88c8c2685ee25b53ec00d |
| SHA1 | faf96bac1e7665aa07029d8f94e1ac84014a863b |
| SHA256 | 1d7037da4222de3d7ca0af6a54b2942d58589c264333ef814cb131d703b5c334 |
| SHA512 | 4e6d0dc0dc3fb7e57c6d7843074ee7c89c777e9005893e089939eb765d9b6fb12f0e774dc1814f6a34e75d1775e19e62782465731fd5605182e7984d798ba779 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libcrypto-1_1.dll
| MD5 | 01c4246df55a5fff93d086bb56110d2b |
| SHA1 | e2939375c4dd7b478913328b88eaa3c91913cfdc |
| SHA256 | c9501469ad2a2745509ab2d0db8b846f2bfb4ec019b98589d311a4bd7ac89889 |
| SHA512 | 39524d5b8fc7c9d0602bc6733776237522dcca5f51cc6ceebd5a5d2c4cbda904042cee2f611a9c9477cc7e08e8eadd8915bf41c7c78e097b5e50786143e98196 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\cximagecrt.dll
| MD5 | 66df6f7b7a98ff750aade522c22d239a |
| SHA1 | f69464fe18ed03de597bb46482ae899f43c94617 |
| SHA256 | 91e3035a01437b54adda33d424060c57320504e7e6a0c85db2654815ba29c71f |
| SHA512 | 48d4513e09edd7f270614258b2750d5e98f0dbce671ba41a524994e96ed3df657fce67545153ca32d2bf7efcb35371cae12c4264df9053e4eb5e6b28014ed20e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 1d95168a1f88a8d875e5a36e3813baee |
| SHA1 | 7ac9fa31c893f0639c7fb2b8cebd5b17617ed7e4 |
| SHA256 | 1aa773959f1e49f34eecea1aa4784dd9af5509e0c13ec87a6bab21f3d903c58c |
| SHA512 | ab347d382d61af5b27e7473856acf6dcaad30a649dcf265604d5d236e9857a3a307bbdbcedfff0e43ad60eb03b3774c9e8ee52d6e64f9191f01d27cec6ed9eaf |
F:\LDPlayer\LDPlayer9\dnplayer.exe
| MD5 | 6fe5ee1daf303963482ffc414b1f4aed |
| SHA1 | 076ebaeeb02853d96e20085fbedaf7e61f3a60d3 |
| SHA256 | 2685e5c1aa3cdead02024f21abadb413c6dc130946f7b44ca01b0cea64bdd2ae |
| SHA512 | 8bc6758c95a53ebcd6b6fd27bdd3165f91bcd8f370d677afb7d599865b57ecad274eb21502235eeb64ad2624046cafa9f14576221b1503e333815df5a6dfe134 |
F:\LDPlayer\LDPlayer9\dnmultiplayer.exe
| MD5 | 77138e2662cdeffd61cf6210ae3fb8ca |
| SHA1 | a085b99630efc74cedd0be9a0eeb57eff7b3850f |
| SHA256 | 68c83685da55573ae966db3113ee513dd76ba489024373968e527bd44d814724 |
| SHA512 | a4621910aa3ae4b5dfa558e69d0270717341467cf067d9397e2bbf118f789c87eef8750ecb25ffd9c60f51f35ceb40b211ce9a738116c4dfc06e543ac90d1bcc |
C:\Users\Admin\AppData\Roaming\XuanZhi9\ldopengl32x.dll
| MD5 | b2e3ba2084f827f2e46a917983363f0b |
| SHA1 | 41fd27f8688b7a755abc0acc72a2a6a0e1045c78 |
| SHA256 | 7daa3d35584a7e87c3e8e3afeb436d088209966471d6c766328087823f1f3e73 |
| SHA512 | 4aea989bda6efc91836264f04f23fb3760764e3ef7809f618ad949c2e64b5a167fe5d054607535ec22fea4942d9ddc5ea7f70a1f529ee23633c1cd275d90e508 |
memory/7368-25373-0x0000000036FA0000-0x0000000036FB0000-memory.dmp
F:\LDPlayer\LDPlayer9\vms\leidian0\sdcard.vmdk
| MD5 | 4d592fd525e977bf3d832cdb1482faa0 |
| SHA1 | 131c31bcff32d11b6eda41c9f1e2e26cc5fbc0ef |
| SHA256 | f90ace0994c8cae3a6a95e8c68ca460e68f1662a78a77a2b38eba13cc8e487b6 |
| SHA512 | afa31b31e1d137a559190528998085c52602d79a618d930e8c425001fdfbd2437f732beda3d53f2d0e1fc770187184c3fb407828ac39f00967bf4ae015c6ba77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e183afb78d63368e270cb3defaee8e95 |
| SHA1 | 733a82b972b5b2a2f8b846e7766d91dcc538a1ef |
| SHA256 | 2217b2aea915ab312b9fc2970c8cfa817f1787dab7ae6ebe2953c4b07639cb24 |
| SHA512 | 68a8637d96d1f4a3a021c717de6516c42320600e96b30986ba4efec13f16eabb8e1990f2a50942dad8775eaf8ccc564fb9daf225e49af490c2d0d04a054edc19 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7d5b34bcc7f3be62838abd6d68ecfd9b |
| SHA1 | 93408978fad9326527f433ddbfe1f2bbd1810ce9 |
| SHA256 | 08b558002ed10878ec7099cdca88149ba351531dd6c7b9dbcada4a13b123a74f |
| SHA512 | f63b5a401ef769aaeb2aa2c4e581a48d24e4e3b493f9b3aca24fb75cd1ae66a597bd09194671bf21c952aa90b6e703b5d70b3acee7943fda7e88303c65570ef6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | da5ebe10b647f2273bc288fa7fcd1d1a |
| SHA1 | d60ad3818bbc29ec5ad3072d75609ccc4da9bf94 |
| SHA256 | 9759f88242dd9d1379995e07d7f7e37488f271eb8c4c17a2c8d3a3fb064bdd8d |
| SHA512 | c4f53426003b1f4fe460aba81df04bb4a41c16a5a70e1ace9059eb6311b4dc745923b87aae1d216993b62f9c31064b6d05850e95c035e821dcf3fe638333d992 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f6480d33f7b7c8c9880f83eac35f143b |
| SHA1 | c8d3c13ce6217e2a4ec2e322682afa921d13f876 |
| SHA256 | bc517f22638f02caa96b6bce7cf9b1216451eea429e279bba7b1eb04834f4310 |
| SHA512 | b6ed44d5376bb29191d431ebd236be9ced626158378b858326036927efb810c8452060daf53b7552ab9880d06b3afb3da5a7383840af226670158d63b57641f2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | d79b24543babe88ff42b144cc518045f |
| SHA1 | b364f4d2847d756057169de5cd3c041680c8f3e1 |
| SHA256 | 3bf0e799b8391e8a7c46e4042ebfced18967ce9ea8df4e8323a5158cce58048e |
| SHA512 | 552ae485cb917fd91b4fdff54894957f1cf10eec219dac25aff3375bfee4eb8b66d3b2ad902da46abc0bfc91d577cd3317af59559f5caae988a11d8c0b3d95d6 |
memory/7368-25666-0x000000006C170000-0x000000006C1EE000-memory.dmp
memory/7368-25669-0x000000006C090000-0x000000006C0E9000-memory.dmp
memory/7368-25668-0x000000006C0F0000-0x000000006C16A000-memory.dmp
memory/7368-25667-0x000000006C270000-0x000000006C816000-memory.dmp
memory/7368-25670-0x000000006C820000-0x000000006E21B000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e10aaa599f9ef2394900c27f536ca7a5 |
| SHA1 | e2f184b1367bdaf043e4834551814d8266e1d682 |
| SHA256 | f580f3f88a78ae9235493d95f357d83f95054919aaab43d70496062a484e2c9f |
| SHA512 | 0a2b246ef1e34753a0e94c1f1cb1af078cbb22bd7ffebd0b6fe04b571f5b59c9763a5850f59a6a0366fc7dc1321e3432ebfd4d3daa97ae57c6d8e7398962b843 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 07f2cb4a577653c57e9fc6a4e6eb9734 |
| SHA1 | d7e7997b646621f1cece870b2c1dc561cef7c435 |
| SHA256 | b7f5729efceb3712a7b56132afafcc32e9e3a513e117c4088ed69c0e9e020b9f |
| SHA512 | a407d8e820deb9e950edd2131c497a9703468b1321ef774db1fc8c39a77c02d42994710f5865e6270669c3f76c510666c985462c04a4960e0f7e1ca8514c2520 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f2
| MD5 | 67e59a06ec50dcd4aebe11bb4a7e99a5 |
| SHA1 | 5d073dbe75e1a8b4ff9c3120df0084f373768dae |
| SHA256 | 14be8f816315d26d4bc7f78088d502eff79dee045f9e6b239493a707758107fe |
| SHA512 | 6364515e92ed455f837dcc021cc5d7bbab8eac2a61140de17ff6a67dfdbbd8fbdded5ce739d001a0ba555b6693dafdb6af83424d6643ff6efddc46d391b21d95 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000fb
| MD5 | 6fb26b39d8dcf2f09ef8aebb8a5ffe23 |
| SHA1 | 578cac24c947a6d24bc05a6aa305756dd70e9ac3 |
| SHA256 | 774379647c0a6db04a0c2662be757a730c20f13b4c03fe0b12d43c0f09e7a059 |
| SHA512 | c40f4771c10add1b20efb81ee3b61fc5ede4701587f29a1c2cdde8b6faabd1c76d769bf8b99aa19082012f95d99ba448a472463fb9056acd2e43542e14e605cd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ff
| MD5 | 1aca735014a6bb648f468ee476680d5b |
| SHA1 | 6d28e3ae6e42784769199948211e3aa0806fa62c |
| SHA256 | e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a |
| SHA512 | 808aa9af5a3164f31466af4bac25c8a8c3f19910579cf176033359500c8e26f0a96cdc68ccf8808b65937dc87c121238c1c1b0be296d4306d5d197a1e4c38e86 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | bc847e07880b92e481f88e1fcb13ca2f |
| SHA1 | 54b478313db18ccb437214027c6ec0a95121322b |
| SHA256 | a3ef521b0e585738db772fa6125515a9756d0f89c3ab2f2fcd912024360d4a8f |
| SHA512 | e3f65453df36affc48f87920931146853aeab4552f98840afc71b62bb7b259667aea691989637e4768cbe7b03cf018d4c6ee9a8f4617ab649924182608b342dc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6d0291f8b8d15a75feec8efa603b0277 |
| SHA1 | 6adc8f4283bdf979f7b6cedda326eeb838008d9f |
| SHA256 | 333c9424372063857a16a220413aa7fc2e797accd85c697f8aceb8ec2e683026 |
| SHA512 | ecda587a699e9e90d9836564774a931652bb5a0ddb50d8f73036302084aac09b198f65bdc52c1c01349ec77524b9e004b08fd0d4b3e4fa23f4edf1379fa39dc9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e29fb56d481d022130dbd2a368346936 |
| SHA1 | 6b81721a355d71f618d7c22d2b7e155cd63bd924 |
| SHA256 | bfc30afff3097190851b2f99b279bdcee6e61b1071d9345c8752df883fc347b8 |
| SHA512 | d631317e541bfb5124017908cbe192689e55550a72f1db7cbe4ad96324751f6dddfe487610a300eda100a92c9acba4ce64d5c7dc7f4d568a85ab63f812c12190 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 085f27e02a885e0a1fa2d364d14cffa3 |
| SHA1 | af1a5d30bbcbf8037b6b1cc4414a0568332bd7b9 |
| SHA256 | 8235212d9481bd3d4cf733e47b7eee195fc27a74b1826d8d7485718de40dda16 |
| SHA512 | 49dc026ae70c553c23fcc813681c670bab1aec7d4dc71fa0a5df51ac5410012f641318fafc8904927f48ca018445dd20ec062011402487058e0dbd922060916b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 42de9c36993ba6f1c984ae60b06d3a7a |
| SHA1 | 0c7504200a5484dd461198727bbd547a73a039c1 |
| SHA256 | 475f48a050b17f2b2ed03ded3699c0d7f447ebafc00a767bb0c57eeb86f0f535 |
| SHA512 | 28a96274847f65b133e5847a965897cdbac27ecf39bf00a612ba611b95e97ce98a007a266f30e510ae7b5fd3dffee8176edaa1294a3a37201668722390f420b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 63790ca987dc6fff517afe232cd07183 |
| SHA1 | abd2cd4b197817a2bf43e20c0cca431a4855ee26 |
| SHA256 | fccc965f2ea3f641958e216c80a510a5a42a347483fdca5b170f93951658f290 |
| SHA512 | 0e956cb01f6122e90edf485a37421ec8f06685d527cd56b2782710e8a4f30f78de5f732ebcac393ebb839c90a194a18c090395aedb7ce67ab1d2351eba1285ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 7c05ec12726677e0306e85bdb44bfd80 |
| SHA1 | f76fc27cd804edf39b03f1399212785ac54665b6 |
| SHA256 | 35f0f3c912ffd00974a5e47ed29c9a569f684d09b4fb6dad0a1c2f50414bd678 |
| SHA512 | 0742322294c36be2418dcdc4ee1cfacf82a466842f4aa314263a241e2f1f8dce28ec73c16e9a96caac8d28a1c2505fe538e263492574089503492a14a37af257 |
C:\Users\Admin\AppData\Local\BlueStacks X\Log\log.txt
| MD5 | a501efd810d171228d884c71bd07bb4a |
| SHA1 | 27944690ee855f3741c1063b2f8b76a4abbb1381 |
| SHA256 | 499d703eb4b48bb2c557c07943753eddccd1179c05d09dc29f0310265c8e1338 |
| SHA512 | c3317831fdb9a3737e649a98c9da0e18a091dfb2e9fa6f22aa94c9d6e1959cef38aaeba958c29ec2ab36a783a7683cf636cf24e5597f837594dd6c222db9fc6b |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\data_0
| MD5 | 0413a836f1531f683cb20bdc6790019f |
| SHA1 | faea1a8face27f9a61777257a031539f4344e9a2 |
| SHA256 | 693d5f9743163d213ab6dc95c5b51fdd50fa73cc4d6a51babba30c6aff7d3a4c |
| SHA512 | 433744626345adaa5bfe455bd69a65b66c9ce0c45e4bb4f1099ea6887511dc4493fb43386a3fecb838115df07dee1055e626c7df199fb8bd6de9ad6ac88f8027 |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_00000c
| MD5 | 6014e3fe89acd7f5591857120a061408 |
| SHA1 | 266bf4b208c997969cd94ebcf644b92d7270d2e7 |
| SHA256 | a02c1c895841cf5651aaa2db0e6e8fd8d6d9e7ea57658a7b74d6ff283244f764 |
| SHA512 | b1aba3f15438f6f77b78ae82d40cfbefbf9b95f8f6b05b9ed558ae907886e360c8eabaae5a361e4886789a74337a2193490bdc11073d41231611b0c5e4fb2f86 |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_00000e
| MD5 | 762d651b3659b78aaadd643672f395b4 |
| SHA1 | 475f84a6cb0eda14d196ffae0b05ff224aa25ca1 |
| SHA256 | b15960fc83e52326bab2318e7d9966a7e2bb749f909a20ec8c79de9e67136588 |
| SHA512 | a3d62d4841571c5d0a89dc9ca17f3080be8a86e83aa059ba7e2c9e3dd57e7b65ea940f3713fb00f82207914a6a390d138c600a7c8f3cb7c3b1066dee297285df |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_000012
| MD5 | f15a275b4ec3f10a615a1e12a02f541b |
| SHA1 | bd17fb2b4a765e25f1dda8acfbb6c2e2d0b05b9a |
| SHA256 | 142b52d9f9b633a867d90f51a77fd04860105a6c074d8e29cd79c5f68215759f |
| SHA512 | c48f5196da298a34aabfa9d30b2735e3d88edd6251f06d85e8e6cc1f120e80bfb401edeaf22f15f84a75da0b9238bffa56f44eb835bea9895f253274f05bee12 |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\pcGames\com.fmjwyen.id24
| MD5 | bbc4187abbb2f9a9ae9900c932a5765c |
| SHA1 | 89a3cb9f9c8a0c45405e63b3732c43ba9c144e22 |
| SHA256 | 57e1bdb4cb31bd97a6766042daef89d87ff179f625d0dea038c96351b24b9949 |
| SHA512 | 6860f1f7e776dd8368b5dc6c38485b390b5ceaec4a17c41a4661821f7287a21cd32a8d159c3f0f287c723b83adca5ff930c816d2402e66ddaf2fe52ed59f8e42 |
C:\Users\Admin\AppData\Roaming\bluestacks-services\config.json.tmp-32504899236b1d61
| MD5 | c8b6f9d032e244abb4b036e701a6573b |
| SHA1 | 9fc187aef7e8404fd0d009947cf6a2fb07afaaf7 |
| SHA256 | d68614cfa3fd916ebeaa2081ba01ca8af7bb73ffdad48f8629c498cec78d2624 |
| SHA512 | 3b61823a10faebcf3cfc3901c5d42e132bb8edc791b94948d7bff8e4ba11653fbb7735a06c19353dae1abbfb68c623a2f0fa5bd772c55cb7c25c554343035882 |
C:\Users\Admin\AppData\Roaming\bluestacks-services\config.json
| MD5 | 568788435c51dfb42806ea26b1199b1f |
| SHA1 | d1b5768440a478be53a0abf112721c4398a39cc7 |
| SHA256 | 9ce7f43a7f549c18f179b2a91289887f555bef033a80302f395386c039cc2816 |
| SHA512 | c0276e3003770a8d7ba51073bb107830bb04d43c8bf5a10cf6dd8e55709261757765682b99ce3e5a7ad10f06ffddd93d61b7b16ddc5f7a91ded2691fce1a1491 |
memory/7368-36711-0x000000006C270000-0x000000006C816000-memory.dmp
memory/7368-36713-0x000000006C090000-0x000000006C0E9000-memory.dmp
memory/7368-36710-0x000000006C170000-0x000000006C1EE000-memory.dmp
memory/7368-36712-0x000000006C0F0000-0x000000006C16A000-memory.dmp
memory/6396-36723-0x0000000036FA0000-0x0000000036FB0000-memory.dmp
memory/7368-36714-0x000000006C820000-0x000000006E21B000-memory.dmp
F:\LDPlayer\LDPlayer9\vms\leidian0\sdcard.vmdk
| MD5 | d8671ec385e34ea5a4718e68c35948df |
| SHA1 | 61ab5ee029ba16f99eb8728d4b576ddc529d571e |
| SHA256 | f1a72cecaa4b2c2372b1c5a74870f290adff775129a0fce139328bc72c289b17 |
| SHA512 | 84b96df2a97a1a9187e7aa7f309274ddfab56fcf523a3bfa8d03559d2aae6cbdbe806347ccf4fcd629852c27adb4cde9afd01aa7340651c1f5f39d6a6865249f |
F:\LDPlayer\LDPlayer9\device.ini
| MD5 | dba7fefc48f3b90350effad166abf887 |
| SHA1 | 263d9ceb08d10685ff4222d7c89cb563d2c411f8 |
| SHA256 | 02cf1d1f11940dcc79c52917a12f52f3a0b3aa3a381ce86d86d3a15c50ac5292 |
| SHA512 | 34789e652fc0155e6d18e779d57fdea51c4fc439f96313e0d5290558402d4171d8f8abdcca31d01eb5d50b0bedbaa68b0f70d47df8a4ab714a4f40e6c5a1d2ab |
F:\LDPlayer\LDPlayer9\vms\config\leidian0.config
| MD5 | f42bc9dd4c3714788763398abfcb25ff |
| SHA1 | dada563968023408644c4345ab1dc35c301b863b |
| SHA256 | 20d6adf7d78537795bb46a1877ad99f467a474cc68c0b05a6d6684fda31d2573 |
| SHA512 | 205613c7a4b292146ef1d6baacbfa4d22c274dfd4867da8aa8f3423af4bfd14e4e87e586267d72c193c49e646dafd43b266afa070348e7a460398f6cc5de3f7e |
memory/6396-36744-0x000000006C0F0000-0x000000006C16A000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Assets\exit_close_hover.png
| MD5 | 92c2bf222d6ab81fe7a0c072bf31c107 |
| SHA1 | 8853eb08a2aa3e99fae6dabb9cff6461704f2a2e |
| SHA256 | bcc053a9a087e077d58114106d29701a34f7851f4052f3157102811355d3e709 |
| SHA512 | 6548d0038f4bda1db69de0729cc9648725d744953649a396b9147afb16abf018a5aef7ff7d3bb019031863f20c81bc202d6e37d171027ab9fde3b37402e179c7 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Assets\error_icon_72.png
| MD5 | 4aaf83d2b3fd56ad806708e60474df39 |
| SHA1 | 144777a265879b69fadea3eb3ac6939458918578 |
| SHA256 | 84e59d14d9433e6c3d92daeb8c443063b5e3be6c0b297f0403dbde473a05cb3f |
| SHA512 | 3b8485f054fe6ed2374bc81cb1786f09741219fbfcb22503707b11cf5db1ab262ba4349633597d5d9ddabc3415b170fa8eebc932f58d211d7092b8fb96fa1304 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Assets\error_icon.png
| MD5 | dab2c4538a83422b5deae0e0de9b7a30 |
| SHA1 | 78c2ab2271aa4020df1e0289bc3c1ba9a43fd424 |
| SHA256 | 666ad4fe456216ddc06618967846ed31f81d8db5be97da6531842c0667352b89 |
| SHA512 | 24cb30a68ce117ba16edd1e94c7d066343eb265c874cd55467db2f913c01b9d776b2ad846e3414cd820c0ba10d93f132aea27739d16165b6e9dd5fbc8890bfdc |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Assets\custom_hover.png
| MD5 | f3e05f142e742e25a98d4f5af3ae0623 |
| SHA1 | 88363e81ddef700803f4859d2f3f0b4af516bbf3 |
| SHA256 | d588ef0eaa334ed8482f32e5839a7ee0d0b544d5b8d5f7720b8c57010e080424 |
| SHA512 | 5f07a7163c9834564dc4de5a1a484ac8208151bc244f8e72d64556abf88c35f6a81dd6718a3e6f681265c10e2dbbadb07570fa64c31113342a88fd605019496a |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Assets\custom_click.png
| MD5 | ced07c9db242115400e159d9a02bb7b7 |
| SHA1 | 6f2bebd1714dd7522479b5f3e3f2b3f0d18e8c77 |
| SHA256 | 1318e0f34a551edae1e82818fdf7de5ac627493db5b24556d919f525052d5b90 |
| SHA512 | d52e63792a5b4172d4ac4e2d369b22b170578616d04de5a40be15b260a2741bf8158b3aed9509760c334283360dd13a4fa21538fc4547ba464be5dd700a22b70 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Assets\setpath_hover.png
| MD5 | b1e53a76b6ddb3ecff52bfc1a8e5b09d |
| SHA1 | 012b5879e879fa25bf48e4bb62c35ee829eea571 |
| SHA256 | 2da3f9367c847e47131370dd163f611c4639287512a47f487e0025c5665830e0 |
| SHA512 | 4369891858b4adaf9144636c44b55979290177bcff57f67f341071e42e90f992531024e122c0bc5436ddb8c55e994e7b913ec37137a642dc0164e6e2516f0b68 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Assets\setpath_click.png
| MD5 | 624e84e9b49bc150043aa9fb0eed2822 |
| SHA1 | f23f2a4ec609e3e9cff9319533e561968ccabb22 |
| SHA256 | c94924e95a49b175c8fc00bdc2821bb70a85b864cc193becc553b32f0024dde1 |
| SHA512 | 288e1954d29bd3d22b56fadb2e0d3d10580a540fa1f2bab1284d957708bad96df5e38b67c6dc14784e1e275b89082c57370b786c0d0c4307601c0d2bf3704460 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Assets\minimize_progress_hover.png
| MD5 | fc2a0361a751177d3aacdba9c31b2682 |
| SHA1 | 0a8f672d7a8777d1106e3b8ee36bd6e45bd322ab |
| SHA256 | 1a4aaa46893e2a9b011c478fbb0cd0e84c199f9f3520703189640088969ef5cd |
| SHA512 | a15542c90972387133d86f6a94c17435432b1493b02502533c4d7978428ed7d44a7d3c5564fe08946561638f8a5a3dd0b35b81979c2929dcc386ee5f6f7ecccb |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Assets\link.png
| MD5 | ae2c73ee43d722c327c7fb6fdbee905c |
| SHA1 | 96f238bf53ac80f5b7a9ad6ef2531e8e3f274628 |
| SHA256 | 28c0abc6bfe7a155815104883a37a53dd783d142300471064c95eddf3cae0eaf |
| SHA512 | 5a1e341f727cf1cb4832cced8e96c5a74971451629603c48bfb91ceb4561d0122ab9ae701f8b34681d5f13115a384467d430ccb8282494b40f4577ebc3ad825b |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Assets\installer_upgrade_image_bg.jpg
| MD5 | 3bb85d2c8cef28c89a2d07adf931e955 |
| SHA1 | 596d13e7742455afce8a534382b28cfd2f6aa185 |
| SHA256 | b7f75233e633107d50f24ca82099225c83a832571cd2ce92901f2db3897f058b |
| SHA512 | 7075fe989d69ad5f0f4cca5fbbbabad16e0949c2ab8538f3f96020b831a4ec1cc3a701dcb7332e577b5eceba230449efbbf8e288dad47a53d76e40c2337dc730 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Assets\installer_minimize_hover.png
| MD5 | 18fb6465b029206477d0222e8da6fdf9 |
| SHA1 | b7f91e5e3002a5d3c84a30ca6cebe1a89a65ba7b |
| SHA256 | 57aae4bf49dcbb0ad6cff6263200015c89d7752dc75c2ad918bf846e1ce9646d |
| SHA512 | f045dfed35ea9ff31336cd354a0dd2e9a7ac2582cea1d25a444fffa3bd01e03d73611f786873a81a27a370e5ddb3a6043713e29f064d274088df1c925eb6785f |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Assets\installer_minimize_click.png
| MD5 | 08fc39a69fa17e0f529915919cea1633 |
| SHA1 | 2966a3f739698e2ce368585fb7f6ac4eae4497b1 |
| SHA256 | 2599d6a55a8e12b1f05a6e8982d55559151a25ae3690e6637510b6283622dd95 |
| SHA512 | f5eae902f9b631410b03b6d4f9be1b4cf6547a94f1a2eee6bf70b0f3036499c01a42c9d58cf98ffbe10edbe79577a01e64faf0e527a70bc9470a1c3d9263b805 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\oem.cfg
| MD5 | 880dbbc36b6f1d4a6ca9a73419564776 |
| SHA1 | 1b4eaca846ca50a9fecb6a741dd19973eee9e557 |
| SHA256 | 0d111e0260b3c11e1dae2b5328bcfd2d1fb21f15f5b49064bd07e272a8bb0822 |
| SHA512 | 19980cae5bd279216d737cdabc9e9980c74f8918234879b9d5fe9aef1e265cf426931e9db798e2582399272258e18dc04d817b0dad6557010d04b6ff7a715322 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-Bridge-Native.dll
| MD5 | 5728e88228143295931dcb11cd02ea73 |
| SHA1 | 9b66872803f6692e38bd42d55e0597b586975202 |
| SHA256 | e2c6cb6213d0993a8e19aea8828049ebc08393b1944abc632cf405d53de86723 |
| SHA512 | 8b5fcb3eb86380c17b9e2db7d336138553edcfe27208511f976906202e31ef88f02c3b18c76f8b0d2358036412fed498de2c156456cd5857b4bc06c094f69683 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Microsoft.WindowsAPICodePack.Shell.dll
| MD5 | 46fa58ad3cadfca4307ab048a7002cf9 |
| SHA1 | b4ecb62b57cfdaee0da8bd67ed9252669dc88bc3 |
| SHA256 | a64bcae4784ffd95541f7ebc72cd7e52c00ef7545a8f743071192ab73735c573 |
| SHA512 | b137070b9733901d39eb41f326faeac853ddd2af3720c39b0657811860742fc4b9d8266bdf5417889493f62b3c7c19930e6bd3e38d28a26babda9aa36b685f68 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-Common.dll
| MD5 | 94a049c3275e3af7031582e2aa9a412f |
| SHA1 | 0c488da4104ab782cd807470cb157b5977fa34c7 |
| SHA256 | f2c482281cd571b4eedafc6f8f05ff1a7fb4218ac63a2e467a0e2c070930bba4 |
| SHA512 | 6387657e4f28ffcc1f164d8737baaa1c9997318f1075e86a42f57e2ece8c805b9f48bf255d5f839e567bc8d9ad185d7efb3e1787603d38b409b7baa89a5bda9b |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Microsoft.WindowsAPICodePack.dll
| MD5 | 2f47d71fc14c6f4d8aa7c09be7a224c4 |
| SHA1 | 7917dbebaac77ff55691d791735d2f03ebf0f0b2 |
| SHA256 | 7114040ec7f4afd81955eea1a4f506e5effb52a015df6c11c68081e48f86e80c |
| SHA512 | 699f6c4bfdfcf78e45561ecdeb1c0c72e1890dce06729ce62fc1fdc5ef25e7f6bee62c2f90acf929ea855de8324d69cc2418f141442e29005d849b0b72387d7e |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Newtonsoft.Json.dll
| MD5 | 3aaba077f88029f346cb16e35b83c06f |
| SHA1 | 1497eabbac624d4c46e18c9b94b95377e3924b41 |
| SHA256 | bbe9ae0b3f451cb885a8a91c096713bfeefd5fd17bb52ab1f70f61d6220b64c1 |
| SHA512 | 11622634b96c7696854d44b3898bb6739145ae2440d112e46e94d11d7f4a8ca7ca04d701ebc561670c325e248176b04c5d7aaed0dbda397a0483796a596934a8 |
C:\Users\Admin\AppData\Local\BlueStacks X\QtWebEngine\Default\b392de02-7d66-45de-b6ee-47dcebbab9f5.tmp
| MD5 | d831b37a197c903d0fa72c630a5e9610 |
| SHA1 | f46d647ec8257f13fb1104244f13923cff7b4a01 |
| SHA256 | 5c4404f9955a89fc8c9849fed61587bea9fb0404b4f4ca883116192a5d4bca5c |
| SHA512 | 622f02de17d87f4aa069e1dd804dc9169c05324f41daa61a38d2cd2c1126e9476dfb7a264ac6270ca5979f077d15398cdab77168e42083e42a40d7079638b45d |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\BstkTypeLib.dll
| MD5 | 14eaeddcdf2c09f7fb65ded924189684 |
| SHA1 | 479e6d68e8498d841089b6e16b0492a0a54b570b |
| SHA256 | a21e6b63ae0beb3e3e83fd0d845736f971375107278028a6c1b4ebad56483552 |
| SHA512 | 8c438ed3313e18edbcc597ec0ca85a48c521f2fc9cc59102d3401f385f0a4cb88c1b31a9427fb6fac494cc55fb7eb52078fdcfe43c678c7d372c06afc4b79639 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\concrt140.dll
| MD5 | c4fe3f03efd3188252caa101f954ffeb |
| SHA1 | 98b613aee45c71aed9d2be0d61d7ace323929e9c |
| SHA256 | 95bb425be3d515a6a58f7399d44dd9e032baea11667dfdba29517c460171880a |
| SHA512 | 80018e0bddf079367d3568433a5f89f0144aa0a75286b0105fe32aeeb5d80876c9b2e1ecaafb70fb041271e27a234a2cb88a2d3d160a4aa3768ccfcfc574704a |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\d3dcompiler_47.dll
| MD5 | 5faba8b020b313253703b07591d00379 |
| SHA1 | f5ea546901c3faf60122a4ec2d15a86b916d5d10 |
| SHA256 | bef3c125122bb459434bb02e763454cc21454257a78e63ceabfb5b347d46efd2 |
| SHA512 | b23f0df210b25996953e51ceb2304bd85aaed33c41c75ee1577f6d76f37bbd2a2e96be0ba7561270e23b26cf0db2c8ae60567cdf91fbbd2d0577ae88e9ce3939 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-Astcdecoder.dll
| MD5 | d557e5bef30f583512029a1668b68a71 |
| SHA1 | d91837c90d208e61ec78e9d783f14b1ce2412bc8 |
| SHA256 | 92ce421b8c23faba144c0923c41f45051c2d8ca3c9835f0fe7242ba7881341d6 |
| SHA512 | a0b1636748e394908bf72a7325e0d71cda1fe79f1d36be570de863b1e7f12e73917d259e17676bfbb469b2d8b5813657d465131c17e25c9cb5dad5d33e354e46 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\HD-Opengl-Native.dll
| MD5 | c0616b751eb8f1c52de8427b55cc754a |
| SHA1 | d4121e9f308380c81bf621adf9968672ed367214 |
| SHA256 | 6238e5f6379127466162a13dce89805c02cacb302f099ab26be2f460c274586d |
| SHA512 | 4b99b9e38858b69df13f754609b18be4a19153f7062068fa66637e76b1f1ba8238c28a5d10de24c489c6e13b06b41a1b30ba751ed734bed39da56c258af4d3d5 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\libEGL.dll
| MD5 | be6ff0ec680921380c04331351a1ca2f |
| SHA1 | 164a58758bd929d3f61f5193494dc4ea188c34c2 |
| SHA256 | 5e287e7e884504b524dc4610bebe79e013f0bc6f87fe788dd1f5562b70a6dd65 |
| SHA512 | 8603d539b08c32a9777eb5749ea9707a26a025dee72e8b44a34bc7e5270d8d88004a3dc0625986b4814402a3891ce32d815a27c6ec7e0079638a36b68d13890a |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\libGLESv2.dll
| MD5 | 35b10fb121ff7c4f85636c4ac075307c |
| SHA1 | ced4a1b68ec66eb8bad69651e8d2d7ea63028f8f |
| SHA256 | 5b0acf994cd091c5c07d707219a33de7d5d9ce2038bf93644a7c3d8d64de48d5 |
| SHA512 | 14fad63bbe5bc296206656b1b6075167d4d86278e2db7afe5ec68144e7896227a07ea07d93e3a5b042deae6089984ab1ff9f38f80c9c9b128787871d13f28d71 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\libOpenglRender.dll
| MD5 | 9cf4a61fc72929fe7aebf070ea3d28ad |
| SHA1 | 682a7f09a4dc0964e8063d45209321cb0ca2cf2d |
| SHA256 | 68321dc5898f921a21e536ad8a46f208c18c63d30611d14f2e39fe50bea1c99e |
| SHA512 | f9fb81089ab943f1ef873b69d9979d12041faaf14dab57177bfcdf909da00274ba695b94fd01a64e51b2504444d0fb2d5295b9a64df2307a0e65e7877fa0510a |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\msvcp140_atomic_wait.dll
| MD5 | 1d2a0d23e35b93464bb5b09e5e4c02b2 |
| SHA1 | 04d1a1eed3868433c5b7652ecae0fdcd29e1ef39 |
| SHA256 | a577b5fc4e3a14ae141657c30a38d11ff8593135e51e55485b252eb821d47e75 |
| SHA512 | 18a0db760e4c4d9c4e014cff5ee0f433b298b65fdeca95b8f5f172b9bc534a1c7f64a1b2751b90e89cf76f41ee1ab468415466d2a657905eca9835e41cae264e |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\msvcp140_codecvt_ids.dll
| MD5 | 4266e7bb9bfce998083d2f4f938b11c9 |
| SHA1 | 23fc9c4c9de9fd3e71941df86e26c4dd44f2a95b |
| SHA256 | e1ee6d29e30708ad5812035626bbc1058ea12fd5503d5a79d28c9cb67fab4a14 |
| SHA512 | 5dc1e769f973aec3f0f766ad7c2364a184b9f71c1266f5e5a874c3e63ca7082e9a2c38346d387aa516e2f23acaaf62979434819697b2695644883ce07bbfd867 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\vccorlib140.dll
| MD5 | 7ef7eab654df53e087ac4703c9ea0b16 |
| SHA1 | 743dc76d168326b60f09347945fe1342a6effc4c |
| SHA256 | 13e568fdcde1b7b7f2d1c97a474bdb8858f5ab761157f0fea7201ccecf84b9b8 |
| SHA512 | 0b860f10c03acb3866e82fd6044c29d63a2c6a1d5f6628f3d31f1cd1e44d7144e3660df3446b7a0b76b7811b261675e5aa39fb27efeec060d287fde3e630edd2 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\vcruntime140_1.dll
| MD5 | 7667b0883de4667ec87c3b75bed84d84 |
| SHA1 | e6f6df83e813ed8252614a46a5892c4856df1f58 |
| SHA256 | 04e7ccbdcad7cbaf0ed28692fb08eab832c38aad9071749037ee7a58f45e9d7d |
| SHA512 | 968cbaafe416a9e398c5bfd8c5825fa813462ae207d17072c035f916742517edc42349a72ab6795199d34ccece259d5f2f63587cfaeb0026c0667632b05c5c74 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\vcruntime140.dll
| MD5 | 11d9ac94e8cb17bd23dea89f8e757f18 |
| SHA1 | d4fb80a512486821ad320c4fd67abcae63005158 |
| SHA256 | e1d6f78a72836ea120bd27a33ae89cbdc3f3ca7d9d0231aaa3aac91996d2fa4e |
| SHA512 | aa6afd6bea27f554e3646152d8c4f96f7bcaaa4933f8b7c04346e410f93f23cfa6d29362fd5d51ccbb8b6223e094cd89e351f072ad0517553703f5bf9de28778 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\avcodec-60.dll
| MD5 | 5c9a91c44c5646c0d7d2ee4cf990cb5f |
| SHA1 | 65c34751b36fab3d4bdf6e79e34d1e9ad50c3291 |
| SHA256 | 639f445c807dfef8a42a5e1bc0b1a19f82fcf2523b46820c60465bd47d8e47a5 |
| SHA512 | 11f227a0431451e15426e5fd34fcdb69096f50d589762e2f17ff834b32f70d5305c5e707eb61efe07740f2f001405c905a7ebaf5b0e91b4b040a8b14062ede3d |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\avformat-60.dll
| MD5 | aaf5e285e8e8ed6a6e428b52728ed18e |
| SHA1 | 89794b8e834a617724f24aa18de745f413221045 |
| SHA256 | 17e49a141502a26655cb3adec68c45ea19491e713eea13b1c3c35e458e77cc1d |
| SHA512 | 67cb2a03ab2740ed4f10955be1c2b7025f5e16e1eff7814fa6176458cc676dc892dc4b6d53ab0ac94be1c6176916f29b49d9dd3e1dd8e08c002d968c90eaf051 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\avutil-58.dll
| MD5 | 203009102eef773a714cf83515723b4f |
| SHA1 | 7d3a4941e2ccc42e9d313a5ec2f1f7bad65c1a61 |
| SHA256 | a8da1bcec215e8b002c4f8da2ddbc340d93937c93c480cd30d42b1d506f77a7c |
| SHA512 | 919b8badcdb3e1a78b5a96ec81dcacdf5cc9b76bca53d27dc7916700cc1e77e416642338d456345a617118bacc6913fa62bfb43c8937048ae346c1d295b5d8b7 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\BlueStacksAppplayerWeb.exe
| MD5 | 33f277e986149e4b3cb590e052c4904e |
| SHA1 | 00d90936afc6183b612d03a3ec12db2bf4b0c8b0 |
| SHA256 | a753fb439c724ccfc00a0d5218ba540ed13e287fbaefa55017d2a96c6b616c29 |
| SHA512 | 7aa2f723d3c042d849ac771c190f2c06de532a8f263eb0ba3468f0594a1dd8c58ba545b58a77f611d1c4feb519138dab455dd47dcf483907660089c8f4c82546 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\imageformats\qgif.dll
| MD5 | cda2aa5f7792f7f6989fbfb976c76107 |
| SHA1 | 6f1f2a75b11689adb68175d2b382e9cdd435d395 |
| SHA256 | 4db6e6109b1771f966deba62abdbb80300fb7d154266a2fa8c77e2fa6d4abcb0 |
| SHA512 | 0068f8ba909533b2d876e80882a0ad10bc8323afdce405fc273b2c8dcae5f34be76bb2c04ed816c136c8dedb513356af0cd92d0cd832b066ef4c26f3149e138e |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\imageformats\qsvg.dll
| MD5 | b90e88e9952dc0a930895feab50348c0 |
| SHA1 | 768a2797e6d0732faf54ba3994a804374dc9bf98 |
| SHA256 | f04ec129d462e1bbf3fa4b8fefacab7fdaceafd4a2ecfc50a677e8c85f7238ea |
| SHA512 | 3d573d87bab03edf59dad9c30381e1f6da140c016967cfec801ae335cd6eb4d8bc169c03602d457974ce1d61667c13973f7c6ff57881c7ef416b20ece7039f15 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\imageformats\qjpeg.dll
| MD5 | 85089a44f0a801bf0df3e529d5dfdfe0 |
| SHA1 | 9eaf3133ee6e4f504092bb67ab86241b5734cbc7 |
| SHA256 | ed785d7a87abc60ef8e9df6fb9a68eeea65f354a6959fdaecd325e56182af7de |
| SHA512 | f95542b9357a911dcbbade0545f4121847c5bf64fc7fd01592bef7faa97b9a24af0ccb345893d14462a0bc32d139cac84849ce12ff02578f739041ada2001adc |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\multimedia\ffmpegmediaplugin.dll
| MD5 | 200a2431241ea2b1bebf61d1c242bbf6 |
| SHA1 | 80a6e9298c6ce3af44d7f829d5359534979de266 |
| SHA256 | 5b8b003a86e49e3c4d1c750c940c6620fe6d8f0c2cb4e35b01eebf5899c958ff |
| SHA512 | b4ce3565d780a8201a7f01f74cc830e577a026d1002f60c9de28a13491160213dc76831a80265539c8148044db92f9e4fa76b77f86fa82d0e84c93a3b09f5cac |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\platforms\qwindows.dll
| MD5 | b3c0fdf5e0c90b2b11ea47ac30d00dcb |
| SHA1 | f0e77ea6359b825483807c4791cc802afe584839 |
| SHA256 | 82886475a18ea367f9d409946c8d1ad99a6d926e20a40a6e2ff8edbff0dd3b4b |
| SHA512 | 70815fbdd030c0b174b186bb59ccb2705c4a9d5e04621c24f9c1e6908d0e223e7f5a3284c874ba9c3a34be92779ca3480eb6cfede5f4e2e40fbae59fb00432b0 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt\labs\platform\qmldir
| MD5 | e49a668b90132546b4d746fde6428b49 |
| SHA1 | 46870297a9a52118a50b846db083215b3233b2a7 |
| SHA256 | a56a9f3e36f099d7ecdc2d0f12bb1e4bca34f0c9b6218850a8dc676c29280e83 |
| SHA512 | 1da70221873392cf25856a76f2810a0290c4ffd490cae22bc8183a3b165f645a10a2e47eacf373ff34bd1f4ec7d9352fbb814e52bc84c1bb514bc905c39134cf |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\multimedia\windowsmediaplugin.dll
| MD5 | ecbfa8c49ca2fa398553fb71dbc3f2f0 |
| SHA1 | c20cf6528683d7d85d2498bdcb99816466b92c33 |
| SHA256 | d1ac17c7c60869dd6c974a443084e7b5956e8d3d15b36327d9ded665118577cd |
| SHA512 | 8f1604ea33b8a6363af531a4b8ce4ce8564a4e18e9c796f9a311181ab970aaa8339c286e924671b69b06fddcbd5580f40faa6f63b21e91124694fcf422b929d4 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt\labs\platform\qtlabsplatformplugin.dll
| MD5 | 5995705b62f1ca954f74b0a59dcc99d5 |
| SHA1 | 342077d1b46d5bba36e4f0333dd7258f55ade651 |
| SHA256 | 8df3e0528be697ca08e5c82cb2e77131bacdc8f2ed9324d14a3ce7fb8d2c7b25 |
| SHA512 | 5d391cfaa898a0501f54b5a6248b111f63950731427944d4d40341e4c0552692e8178297bc31e63fab4106d30099defa50785565eba01e23bee8215b0fe7f493 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt5Compat\GraphicalEffects\private\qmldir
| MD5 | f1a067104d9bd191b0f3d848a0fa6d64 |
| SHA1 | 53b15433f57c61c540c493963aff6a77f9fdff45 |
| SHA256 | bb9481e3e26069623c4dfaa9cb9c415529d084edd67edda1595854421bfac5ce |
| SHA512 | 71ec428d3ba43ea5c544f25dea40e58cc3f8605b6a15ea4312427003227637a99e74cb0e8f04a4a95a726026a65c2c02a31c1204db00dfac259298b3cf91b381 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt5Compat\GraphicalEffects\qtgraphicaleffectsplugin.dll
| MD5 | 40a9f3952037a83b01bfed728be9b2de |
| SHA1 | 61c643498ff17937e3e42925733220e88e207551 |
| SHA256 | 34e10130fb528670c01c03c3ab9e1ae7171df0de477211a050e797bf9b0eaf2f |
| SHA512 | 76d8b87dbb1ef249f9b46ccc57014a8d88b29c9603d2502993c30bfc8d394bfaa4caa2b7e1bc05de28ce65a1e82aa71e3ee493426b929ca1218f0d6cc9e77e66 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt5Compat\GraphicalEffects\qmldir
| MD5 | dff2761c6a369bb68fb64757f2ce7a1b |
| SHA1 | 1b8f6975a6ace9a806aa332af0f90a92d4cd3b38 |
| SHA256 | 746e523c5ab620100ae9331b0736a7b76013b432982c9aa68c10cf67fba0aa89 |
| SHA512 | fae63c67b220913fc81f385e9de05f55377eb3bbc1ca3c5d3f51a2aef05532631c1c9d34013eda3a4bd88b98cb86d5e5f78ebde6ed48f0737a16b670daf202c2 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt5Compat\GraphicalEffects\private\qtgraphicaleffectsprivateplugin.dll
| MD5 | 329586d78bd77e76e91c50602fd2c956 |
| SHA1 | 0a9aa198a6b1cb7dae7dc6d9faf8242f4e1acd7f |
| SHA256 | 19922327ad13710715304f6734ada287f6ca3fcd5921e27d5daa155381d03cb6 |
| SHA512 | f99747692ca92a1e5df9367d77ff20164e81fd0a3a986868555f935667bcffe290374a4b90c22a0cff6fb4e56e5d30da7a717f1e41d91fd66f94cdae7e9023df |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6Core.dll
| MD5 | b5fdc51aaabe8c0f1b611e003817b3e0 |
| SHA1 | e856cfb754a1f753c85f10e3e51914b76c916f5c |
| SHA256 | 8a1af6b5ea341ef0d01573a9005e5c68206cfef6853b5584e8a737c26c9d9ee7 |
| SHA512 | b9d9973d34087dad86a0b6fdaa0a8ffcb1261c73782459cdd16675001bea9333039e9a75da98c4f2f24891931fd4ce7dfdb090dfe046d47ece6b5ada99368afd |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6Gui.dll
| MD5 | 817b182e009f388672445e69144f8543 |
| SHA1 | a66cf9f9909bc2c4306dd7a6382965eedebbcde1 |
| SHA256 | cfce665b7c477ebff815fb27a9b55d0b629183c0cecb5282a87bad666d76daa8 |
| SHA512 | 3e7ac5cf005a11d0d0e23084efce3256a342fa559c393f40bb81ced616898e03ebdf265fbbc855864d402665471010210d6ed12a2688f9fdb4383a0c659043b6 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6Multimedia.dll
| MD5 | bdd2401c24e694769007d290744fa00b |
| SHA1 | b1d5b2333a643fa3010fd4d1de8a403f6a42f033 |
| SHA256 | d65d749813c1778264115ebd03ecccd87628dd1432a03560f13b009330459306 |
| SHA512 | 922ebff563f4c9a2c04526ae9b3d0eb63a4a3e2a60bb3843c08aeded55f6cce4dff247ddb70b44ff31de9c6e49fd9af78cbee45b4b05b2b8e6264fcb86ae134d |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6MultimediaQuick.dll
| MD5 | b5a48a332e16e6728a2d26714c126c49 |
| SHA1 | 5f6b55c7a2eb5afe58b5c09185d2ce1eb97e4518 |
| SHA256 | c87fa93fd57a6fb2f7d10e9c45ec09c9cbe1298ddd5f4d7458ff896e99b17b85 |
| SHA512 | 4a5f92f87c6eeade882d088ef6c46cc93a57786fb740422806e6a603db4dadfc9ddd018829add5c59db40ed86a4d5d25c933d97b712cb2b757a32a7c8771037c |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6Network.dll
| MD5 | 794760c25a8de30dcb152808dd5b7416 |
| SHA1 | 8a4fbca5e2a29e56e5d25db6912a23784fe1a644 |
| SHA256 | f6702966e341d9a2f1707df5833db984205b3717fb5ce3cd2a37383ac347905d |
| SHA512 | 7d03a3077644e394aaf0e9ebbb1dcb28c4394139a508006c4134891670541d599216a8fcc1e229debb84ddfd0c2248392510597e2fa1073675e01728a0d8dfd8 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6OpenGL.dll
| MD5 | 7e0773c305ab95833cb14884766fdad1 |
| SHA1 | 566c5942e445e42ccda7766bbb2c7a5ec7219948 |
| SHA256 | 5180dc9d9394d8c4de756d6e97e6f12e4f27639578124236589e08ba837f0d3f |
| SHA512 | 809599445c48b9fe486ad157891ba0459d446cc268374419f64650dbe2b11d3848d917811115aa11ad613761da9ff556a788a81cb2c5f390cf7150fd2fb75c39 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6Positioning.dll
| MD5 | 5918eade11bcca3d515081fa588d8483 |
| SHA1 | a83686f6612786a3749431a810b90cbbea6e4926 |
| SHA256 | ed4660c36afabf34e5ac18430c94ef82122e770c28a3f71b88a09fff0cbe7a69 |
| SHA512 | 78167e577f241d0ebf2fdae86bf4d89410c36043ff8bfea7544942d779297434e738db5c8d8f928d13244515d9fbf3535c8e8adbe99d351bb95242cf9cf73bee |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6Qml.dll
| MD5 | 903ee7dcbc454a86d6eb9827ea627966 |
| SHA1 | 2fd693ba9ea121e2055f12a966028f2264ce9275 |
| SHA256 | 578afdb3822eac599b48f6e101a35d40744afcbdea8f35bf3c69b57004c8ad51 |
| SHA512 | 042bdd2283578faeee87d8f338e47db5b138e0118de24fb4533c353e8a4c7f5d99c7dd6ff699a8d9da706dfc56e5d712d285e17e2088a0c56b531206cfef03ae |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6QmlModels.dll
| MD5 | 3d185167828e5b21ba37d2f7a366aa6c |
| SHA1 | a865604239a8c960695512e494b6a876ba052720 |
| SHA256 | 846d37da5d81570c08824fccc2a1fa7b10b40dc15bcb2a71b9da553b87680992 |
| SHA512 | 8d41b405fe4c1881b2f6aed9a4d655ed9a3041a92b977ef7e48ab7f27af1e61f6b8c97b48946a15ba7ac3b99ef06186670d42bc9f0f68b7f8e02ae79e0de8f55 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6QmlWorkerScript.dll
| MD5 | 48f041709a6b31471d6eeaa090232d19 |
| SHA1 | feb934bde6bc8d4042e96b579b7b8a2b01af3679 |
| SHA256 | c52c62b7feb5491d2d914ae10478f3a0bfa3fb58cb75189932f5dd5ffad31b1a |
| SHA512 | efd6169527836c8088d78741b2d813176ffd6050536187323d19e41ec1ee58eaf28ef51412665fab2425709955d046dce370f5d7613c64d2713e81111140482e |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6QuickControls2.dll
| MD5 | c6a5d1d04232d1f649ecec45b6a3f01b |
| SHA1 | 3a11301f621170b0aada088753f83b1c917edfbd |
| SHA256 | 3e8892f343a7850884d88935cf67c28a97e186271c34d33dda7e5d0c83ab22ea |
| SHA512 | 39ca3971179a6b11b1293d473f82cd22f8bbe0819773c96d9c952a42c93cff12e6050eab6b5b8b618c66ee93f72fa0862d271c1318e30c305e1a8cb828a2303a |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6Quick.dll
| MD5 | 59511eaa8c0fcb1af74123efd644e849 |
| SHA1 | 3538e0948e97f898745b0abd268ce15c97d00715 |
| SHA256 | 5deee180c5947e3370cbde40ca5151367d8cf48879fdae1d748fb1ee995744f5 |
| SHA512 | e2373982457febcb021e9eff401df3092d9edad7134e87f2ee6d0717da2df8ca47d7d089279c396502235a9ec4cbe748ac53a6613ee088f1fbd0814e49f63bf0 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6QuickControls2Basic.dll
| MD5 | 0efd67dea0c545954384c802b361830a |
| SHA1 | fbc6f799b9d048957dd58975a358f0c5706af5bb |
| SHA256 | 241f93951bd5354b645dc85db5fb4f886e7486f624bf007ba7d233a89e5e4f0e |
| SHA512 | ede83a52bcc79014fc752360f2cc72d7c82cc2a4a3daf5764758b5a200c434cedeafa299012b4f47f84a38004f449493010faa7e5dfb734327041d42cdf2e0b7 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6QuickShapes.dll
| MD5 | 70b3be941970285ab6c5df7da09c7995 |
| SHA1 | 9e9cf814123537cd6b4c2c78821d639457172e04 |
| SHA256 | 96c7d04941ce1e2aa053756c24cf770eb21d5d87488d12e0e52ff1aa23f2120b |
| SHA512 | 6a0094d53fd076e45ab445435590e3c36243517d97e31b054180298d9873d67986554be182e07a4c87f7ec03346c567ee2288e12d0c8bf7f9ffa2bebe21983e5 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6QuickLayouts.dll
| MD5 | 8a386180bd4c11a96a1ff7b2a9b47320 |
| SHA1 | 3a25f58ac2dd640469730045f77a1c8d36349c84 |
| SHA256 | ba807b732f8b380118a0dcab28aa75c2df3bbbe1952f0b14164430a7d348bf30 |
| SHA512 | 6d0ccec63889f4d7b54aac8ed97e11b5ca2179ddc0174b0fdc111ef670497f349e81e4a5961abd1d4b260ad9cebd25a1ee2c5ad8dde7a9a06192c52152498e4c |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6QuickDialogs2Utils.dll
| MD5 | 0206f58a2b914da1ac21bec6858cd61b |
| SHA1 | b0169cdba3e35229d29809e7da759b1fe198707f |
| SHA256 | e54f5c10133e2b331c5da0095dbee0b3df4c0f29f2341db9d3878ff5a825209e |
| SHA512 | 98e390617a5cc898d45ab3cb204a9c9a688158487e1bf55f47f3e492d9a66edc9e47a99d4610c39834b2488d06a8c0edb634a703f0188293eec6094fcb77c9bb |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6QuickDialogs2QuickImpl.dll
| MD5 | 1fed3fe9d304c1083e54ea30b383635b |
| SHA1 | aad2eb155460089e8d6d3cb00821bac8c5d00e7c |
| SHA256 | 2560952163e1de8d982e669dd271bde723e32b2c93de6721e3ac6174fee91cbf |
| SHA512 | 1121193477e8218e9aee2fdbdabf5b43f42f922b2af72143240e013268b6ba1fa4a42bb13099c7ba6e190715854798488706c44158408e2ebabc4c0983f7b099 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6QuickDialogs2.dll
| MD5 | 8edd41e58cc4203d53ff49d823afef39 |
| SHA1 | 38dfd9301113737d4d6fe3444e048d1bf4dd3dc6 |
| SHA256 | bfb0dc7f2d715f203b19a0a39f16542f00892c7c7d2c9789d878f97b8e646b2d |
| SHA512 | 5f68ef40292ba9133d43b259fd1441813ec130b935fc6a664a892fda75fadef38cd332b4175dc038ff75e60b4285c4992c0e61f6267e2961a2e0b1dd32045932 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6QuickControls2Impl.dll
| MD5 | cd9c82e899b96d90664d0fdbd3b9b328 |
| SHA1 | 533d7cbd433d88aa815e530c1898d2436c5cf26e |
| SHA256 | b1f431714c90b70c990378f4ed8d598f333125803a8f891b5f5d49d62f37045f |
| SHA512 | 539e7f6ba69be8d86187aca70af18e59104098a7979b2258e6a6b6459d3a40b34c70ea26af524d4961b0de3da6766ec672d36d6f8766b2c17758661e5d448b9b |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6QuickControls2BasicStyleImpl.dll
| MD5 | 8a6e9a37ba9e1b09c20db8e36ceca0b5 |
| SHA1 | fd2ab3d9e63dfdaaad1c5e0913e8b8988920fbd2 |
| SHA256 | e584ad5196ba39477c82b53c4494e2634f1d680662366e13e9d196974f4b09d9 |
| SHA512 | 462e37a8d7f49f15c62c495e4bef728603b37e3d521637c04c1f009b55acfeeb9b3f782f43795ead5a280663f086018a2197b665d82bafc275b3617b17e9e1ff |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6QuickTemplates2.dll
| MD5 | ac8c3b6ea0500c236b1f78f7084bfa2e |
| SHA1 | 3d93090b8d5b4023287fad1834413cf9ea838ae8 |
| SHA256 | 9ce15041acffb2a9c2967cfc8144f4353f26b70113ee7e0f12ce582fb6cf4a74 |
| SHA512 | 269d7fabf3dd5819402a0dd7fb2b7ac81abeb775ffaf4995f00acade78cfca81613d89476638c110898e9e1522ef3c2a477f410efc33860ccd6907b27e1dac4a |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6RemoteObjects.dll
| MD5 | d1996fa4136cd8c2f643a3770ecf5f5c |
| SHA1 | 74cf4b91731a518ee3124ce649884a2757d9c615 |
| SHA256 | f3e3ae32eddd2290021c4e55ce3b519f2000d20e7e648102a1d0a3976e718e47 |
| SHA512 | a9f6af09fef0f94fe7cc50a2f98e28a8148d91dbbef081ca73011f8335bc9a746e74d55b7a94d879a10ce7a3cf50e69113a9296d29beb8f5366f5be8c9d788c4 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6Svg.dll
| MD5 | 3b75cf39102e5152a34bab94edf82167 |
| SHA1 | ff99d035fba6f8e20e7ea5fecaa3435dec919cde |
| SHA256 | cc8fefc7bff06fe18e7994039b0943a26b3fed4d5c9b09845e464bad3adf4f66 |
| SHA512 | ff46d4a54e4b4c7915ee5172dc8e6b176039fc6c180cd49aba2308fd7143f49529f96471d0c7e7a0f9abf101600d4414a765fd0b9b7b80c5698918b1a62cefae |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6WebChannelQuick.dll
| MD5 | ddfd4bea4e325844d083ca06be370a61 |
| SHA1 | 85ac85fce3ed43db9cb8286b74a33e01b4b48b65 |
| SHA256 | e842737a7a88fd6e7822d85a93a8eb0b7873f09cf1c5ff7bef21b53d2c4dbf41 |
| SHA512 | e462089d9f01b93efb769bf75dc64fa8fb275aa3a37fe48e1a3d1bdd33a9f7ac9125f8fce538d39ec05f493a673611a69cc126d10e7e55212472d9a7c4c9e37d |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6WebChannel.dll
| MD5 | e1c366b3a51c734adecc49be9a0142ba |
| SHA1 | 342d3d3f03f3b56135b0f59a6f2b5191e3900b20 |
| SHA256 | 52653500fd113610125240f5d18b64c5373eb0b75c8fdcb2718eb68ba02acb70 |
| SHA512 | b84b4e3c1335277f8e94e297ea827cc1ea787a6d4508435b77d7c93aa093ee3aa81b2e6b6b1d87058acca4adbc42b3182e08db5d9ffebc4e683e70cec106dbfb |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6WebEngineQuick.dll
| MD5 | 97814a8961992936598f1b7683aca5cb |
| SHA1 | 6644cf3079595f1337116881e9cfcb2ef11c818f |
| SHA256 | 1585dda7eda1e6cca66d840257b23fc0b25b0f4b448b25c0896de790ec744cb4 |
| SHA512 | a6c2b88fca842a8aad3b3b1d878f50b90f573830009d0499248f3f1a38a8ceae42978cc106894855eda40708f09a215c77615960d06cdd1da634e280c94ea448 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6WebEngineQuickDelegatesQml.dll
| MD5 | 93c0440d85f375b171fd01c5b43ba85b |
| SHA1 | f05aeb8c34aa2269a1622d1748c6702334774fef |
| SHA256 | efabaf7879040b2ff01dc1db582f15ad1d28e04684eb67f3907e24c780c4e014 |
| SHA512 | b9b3c2af9678cd6610317fb7a64fdb2e1607980c515d213efc74851e8580301c9b9520bf6cc8a06d8abf8ceef47f169048dc7cf1bfd31ca268384c21752f4827 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6WebSockets.dll
| MD5 | 04cc26f549ab23a726f5625d773f659a |
| SHA1 | 66f7b72558335121d676fdb276e3679fe4b5da17 |
| SHA256 | d955e7ffdf0f3ebae045796a242949f851db07ddfac9cf50df45f601e04b0e57 |
| SHA512 | b3f8f4012f683444f09e3a7a48586143e3401e5d165c6455af4bebc04c6e01d92bc3255c3dbe3fcfad08f7b55f6badb3216b342854d1870951cb153ea50c5640 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQuick\Dialogs\quickimpl\qmldir
| MD5 | a732e1b574ca5ab3590b8c6d6de8b2a4 |
| SHA1 | 0bfcf7f7af86f82b196446e0542c367f88023f24 |
| SHA256 | 947b7856d7f3ac5e731045d2627973df06744aab3ff392248ef2eda5d42a6279 |
| SHA512 | 9dccaf5a9258c8907d58c0d72c9ba315e32d4878d3d31168a58e3e5c4cad234d34d668f6979d57e9e47bb5c5fbed538f4e4f7009ca3c17f614f7367addbda4b5 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQuick\Dialogs\qtquickdialogsplugin.dll
| MD5 | 3d45a03c422d0604517d735180f32b65 |
| SHA1 | cdd53042670df5cbd2a94b595553658ce21ab2bd |
| SHA256 | 00edeaf6b5447c16654d1e8f010d882d909aa2766afe44f4b6e38b260a9928e8 |
| SHA512 | 54e288db318376cbf782890bf46b51160122e69fe4a6a61cd6ca42b614c37ca74d38f85f24717ac78efafb6ee14d844a2240dd94a41597c09875d7d651ee3e6a |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQuick\Dialogs\qmldir
| MD5 | 82ef8bdd05ae26b81ed33e11d06e28d7 |
| SHA1 | 18fc845d32c1deca96d97d47a5a6900ab7f99747 |
| SHA256 | 6b547b8e506fd70e034967fa4678368a515dc8e7cdbbdd0fd2b1f263b28fe46c |
| SHA512 | 4541c30ecd7178dd6c238a99eb3f0a9fa46029e2366ae3eb1ea9684619038832534e5a4b0658973d47597ae7bbd6e344c8cee2d74e1126c2657a6be8048cb393 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQuick\Controls\qtquickcontrols2plugin.dll
| MD5 | 603a83e1eb93e0b4e1c7fe1b768fd105 |
| SHA1 | 3f5d29c06475ec16b7436a121fc23ecd861f87e8 |
| SHA256 | 932a269dd90d509b03f32abdd2d2008db697f4750df47bc25eb6b02e965f836d |
| SHA512 | 0f39d3091eb96348222a935f567509c7f5edfda74f7481453386c3e7053405517296d28cd264872fd1a50951d3bd417b4a40df24dfcd425d4077a3a78d4a0080 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQuick\Controls\qmldir
| MD5 | a098009511c5c0a59833180919453a5c |
| SHA1 | 90ecb87885d6fd7aa15cafd2c8d67a68c4d43f25 |
| SHA256 | 9fd5547623ce4b95247351517534bc5b4b29d43f36f57b7f3378b24acb58ef0f |
| SHA512 | 63ce67b9f9285453f5263a6b1ed612b9434c804cd0097ce56ca31448a45ddb7befc592f2901b83e66211b33cea7ea46635d9213277eaeec8bfd683ab65e62c8d |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQuick\Controls\impl\qtquickcontrols2implplugin.dll
| MD5 | 42cbd88fe9d6570f24b4b517e5f30694 |
| SHA1 | f7109c9ca08efbd9040d983b3f7b1f6bb6c4b1d0 |
| SHA256 | 0736118554729f3a01528082c106c0717f92e728dd93b4f9761e7d39b050d64d |
| SHA512 | 0f6e8f4c1b1d23197608d1a35827665454e3cc439b2ad80c6b358a8238ffbe2128b5196635e2f78f0ffb0302958c1b7a54eb0e8d5309a91c1ba00ad123093101 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQuick\Controls\impl\qmldir
| MD5 | 10b88077e9248124cc7eb9a17b5d6906 |
| SHA1 | a519e508367c7e7002fa17fbf1be61a0c7242e5a |
| SHA256 | d968aed9b217c5a95b8a0d3d3f48635302696b9b2f5f7e73ab16e8be6a9fc66b |
| SHA512 | 90c735b12bccfc14c8583450a7df0e0a8a0d56173e2ffcb377aaedf18e6d9960b5b52ad53494da8a53c69420175b56766a0cca29b096dcd2918c533f7cda5ab6 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQuick\Controls\Basic\qtquickcontrols2basicstyleplugin.dll
| MD5 | bbe4d4b6f282dcdf020edea17fa11234 |
| SHA1 | ea871074fb5abff1baa4087f1aaa6409f6a5f10f |
| SHA256 | 4907a1cd4ad812637b1c5f7359b12f1219c462962eadce8e6f8472fbea628104 |
| SHA512 | 50ad4997a84da6c272c79d3dc820d83438d83512f5c35c8250e319577863903f4a8eb4a2e995b6c3d023c15aa5aa147f8345ebf573dd5083746bc25521a57524 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQuick\Controls\Basic\qmldir
| MD5 | 3329231d19c34ec08997356bd2df27a2 |
| SHA1 | 9f7214d9f3b15263ee2fee5568a9940b3b023a06 |
| SHA256 | 142346c196c2b2674fd0f0e7f8c1fa23fb9964bce47c02d5029041d6a9248c69 |
| SHA512 | ae9a06615a5037a46eaaca120b4ccb176466d8aa0472fefea59dfcd7d83e5d05a1773f941981f41d268d8fafa421cb0f1b21bbb28e3918a3f548603a1a939c67 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQuick\Controls\Basic\impl\qtquickcontrols2basicstyleimplplugin.dll
| MD5 | 5bf2a01e2dd7ade5616ca79170a8d23f |
| SHA1 | cee7440be25c58c73600a50cb11bb6fac7136a61 |
| SHA256 | 554e784f16b2150058eaf4cd3003c018e980b4fc5cf93ce1e93f3eb14fbb74c9 |
| SHA512 | e42aea99eb87ea4a2bdd815c95c53b91b80a0df5603d7786e0d9b1c3fb0031a5670574f9360f17c5fe35582118e73595f4a6a5f2b830dcce32a6b8aeeb0329dd |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQuick\Controls\Basic\impl\qmldir
| MD5 | d6b02bd0093c8bb00347b387e01be80c |
| SHA1 | 06ad73d6ebf391957932c537f8b933ebc82d1bae |
| SHA256 | 89daa248ee0544aa92530173d3e969d4c5b05ac2122d836173cc50d069805cc8 |
| SHA512 | 3b0813529bf0b1fa3541798a1c1b8a738f13d0a3f769b0d49aa242aca18b5ba8bd3e3e2746ab7ac0d5cd680d916777814fdda5420bd31bdeed270be8e4428fe7 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQml\WorkerScript\workerscriptplugin.dll
| MD5 | 9db78074c4e988c40441b7f318d31a29 |
| SHA1 | b507f2a12d6698cc4acccc14423f8adcf6da5dae |
| SHA256 | e478700ec9dd0f1de166f43eaa408a38b9bc2f8b994a80846649ff934d8c0e07 |
| SHA512 | 917bc4a6f347b81e0b0bab1b6a9782d0a021771b98684cd9f9c2abedf155491006a01e3d56b5265a01ee7aea17965bdcee0ba290dcf92e782937aa816d2b041a |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQml\WorkerScript\qmldir
| MD5 | 2d775cb02542905e995fd826dda7c026 |
| SHA1 | 64ecb2070786b0d83f8f01b4f0fc8b44fe0a191a |
| SHA256 | 516dd5663b9e122cdbb2d212509724ccbb826b0774b1eb08cb96c5f82fd38ac3 |
| SHA512 | 3b2aa32bac27b3b384a518926d4e26d5655a4434a907b327cecd61a0c25ac5931f81fcc49d16d0b25cfc00f98d346bd269310829c6064a54df2664c60f43b718 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQml\qmlmetaplugin.dll
| MD5 | 852714229daa6a278feb0d01f8e34375 |
| SHA1 | 92e768efc89624434a610a7201721e74db49f0b5 |
| SHA256 | c02b6e8fa0a1b93c50096f56218d38e0d15099c7e1b58ddb31b24951d3e1bcb0 |
| SHA512 | 81152863a5758f73ef72f852e4435d5b147fc130805272a676dfe3fa415eddffeea9193ae70e6834513d0bcf09cf2881bccf18a98404f27bb3b84a1b466d49f9 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQml\qmldir
| MD5 | d23134f3e810ba1311f1526c8e784685 |
| SHA1 | 409d8050b045777b22529a814be8fc7daddda2db |
| SHA256 | 872dd0ad9c23701f8e551ca98f6b15b1551b3af0d4fafd2ceca61b328d45df60 |
| SHA512 | 3b113ace75caee2268f196aef8c636482b3ec84de6055fccda50eb518bec03f9b4db2f4930177ee3d4e6ac896069a3bf27d596d9c45475428c2fcdb1e3f3afd8 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtMultimedia\quickmultimediaplugin.dll
| MD5 | 006ce437705bb2b7b296dec8d971fe51 |
| SHA1 | e0f334a24c8710c044f5752b8d958885a49dbac4 |
| SHA256 | 46af14e6e6873f6c878ee68def05934a30d1ae4328bdf1904cba00d354322c5d |
| SHA512 | a0ea63d3bbc4f072449d9a5390f8a4e2394ec927ba390084c786446a72c8ba4cce94f50caa910a2ebca8b70d8ed5148542b08aac746db2f18f2902c4b2ddfcb2 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtMultimedia\qmldir
| MD5 | b7d5c74f4485b2550ad065e16252976a |
| SHA1 | af8c4cf1a294e7efa6bffb00bf3a66ed9750f18c |
| SHA256 | 2a0f427a8594e31ed6b3fbc1b2242856976a02131cddd8c59b23858dd3d67cf5 |
| SHA512 | 25581e90656d77023d91e2ec5797b6290e805caec2996ec58be98c618e2284c3657be93f5cc18dfabc6ecf662279a1854be08f888805b217628172ad040c47f7 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6Xml.dll
| MD5 | 8169c439135d3453614e28466d0f3e8b |
| SHA1 | 14cfaba32e6f878e94ac2137852dae5dcc67e3b7 |
| SHA256 | fd6e3dfc8be003418f40aeedd90aef4296ce39aeac544a3f4c04bc86ba1b06f2 |
| SHA512 | 6d2655020f76412a45adc3b6da7b0c5ea9e15031161f346ebb8b8875dd2356fbe0d66d9ef829292f5fe5bd6fb495e003413b4b6cefdd348188b8cb8892a66a34 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\Qt6Widgets.dll
| MD5 | c3241a2e538115dbaddf3a8c283c7966 |
| SHA1 | 0833370c511d9e44d6a9fd44eab950a77e6908e1 |
| SHA256 | 6a97350bbfe5518c5e41453062548f493014f8037a70645246549de33e6cfc17 |
| SHA512 | 3ee01be6b0f3f112cf0f64ea3d446bc819f310a9fa23b96e6839d4a4c007a70603a7cf595c25c107f04a65110639b3d617094c1b0d1240dbae9e54ee42e6b148 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQuick\Layouts\qmldir
| MD5 | 59476cc514bb3c0e6d94b0450fde47bf |
| SHA1 | ceddc40c1c97d5f88831e76460afb127b808fdde |
| SHA256 | be7bc0d0defd3037fd4493987ade323210f191bad527255eb32d1df15b1b8edf |
| SHA512 | 3331f35f7c6c6e278192017b73ead6802ff1c394111c82c061120cfc7cffa365c407328a5b31d239f847fd3567ecc2afdb3f005062ab948c504bbbae21a381c9 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQuick\Dialogs\quickimpl\qtquickdialogs2quickimplplugin.dll
| MD5 | abfd86b2b24ad23f3aab3edd952ab053 |
| SHA1 | 3f82656bff4f357ea40787d43f9610c9e4a2337d |
| SHA256 | c5ee749b4f347a1e00b1f912ebf5e4a4e6c34ffcb8877b5db556742b0c46eedb |
| SHA512 | 9768741702df37fb2bccade5d0118c114cd6440bff1bd7e76801a51c34c86b82e681cb4b195cbfceb4cb2936c81eed0b40b14507084ffbbe653b1e0f68ee27e6 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtWebEngine\qmldir
| MD5 | 305905ee8126ed39d5f4b5312aa2c99d |
| SHA1 | 46a27e297e6fc3846f64d23b6b54512c70ebe1cf |
| SHA256 | 9ce4a1ac66b6a7dc6950b0abf7040117c107aecf0432ede1d015d45a8883bbc3 |
| SHA512 | 2b2c9a56f77f5581ec3758622ae47adf28f790a68da61cb1759af3ba2c6c1906940d2cc9707b2ab4a2b564096dd144eb4eb453a864e36600a7ff8457be13becd |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtWebSockets\qmlwebsocketsplugin.dll
| MD5 | 6162f3f09fc11878e4850c1c0ca57d06 |
| SHA1 | c454f1985b65b8ff64ff133c559ed9528c8cbbc1 |
| SHA256 | 0935f9f612bfd0fc905e86535193663cffeee560a8af83433bd67cd7291eed1f |
| SHA512 | 7b5ffa2d36938585565954b564abcabd15ea3dae56495b199f09d51bd92421e2f5da26e5e99e6a79dc24b5ab73a155fedc147a347aa4eec77a0d88114ae74f73 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtWebSockets\qmldir
| MD5 | b37b47dc81d0ddd5733d3c3df54a0ad4 |
| SHA1 | de3b51b3fe652e502ee44061552affcbfe6448c7 |
| SHA256 | 4ee99fa9bbf2dc0c4526df9f10c54f7833fb503b508e6b2cccbe573b422128d8 |
| SHA512 | f3111cffb73bb28dc43afd5cb5ca6ba2ce68620ec363caeb7b86275def0f06236103f2d1753c731166d222918b0fb059b73fd5d6298a1a078b91a5ac038debb9 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtWebEngine\qtwebenginequickplugin.dll
| MD5 | fcc2017d74e088cbac65104c90474063 |
| SHA1 | 2b4d32cb48be3cad1f2bef4c6786065f5fd0b733 |
| SHA256 | cdd3e9f9c1dc7cdd1f20b0d932064f69081e84aa32f1061322dd84d4136ffec5 |
| SHA512 | 83a53d4cf8102131e2d400daeebe700da4964d80262848a72070931ed8046f2831f2bf9d37a53917ab36d25a31efc7f96e19a9495735d9985d32dee4a7afbbb0 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtWebChannel\webchannelquickplugin.dll
| MD5 | 42d0cc66b8adffd8db1c44d4c5ebc188 |
| SHA1 | 092487413fe9e4cc7d65b7fa7e7540a4f5761055 |
| SHA256 | 89e99655ed1de0d8daa34f7fd550509f0e64795ddbe4c866c66715adbdec97e0 |
| SHA512 | fdba365a2dbf7dc34bc67313ead8ed406f98412d87cec2f2c95656861c61e606929c15a834a9d8b8e339b11fb8db2deeec617a82bb4991b3f3cae268ac6b0786 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtWebChannel\qmldir
| MD5 | e0e05541afe2a4120f98b955aa43f663 |
| SHA1 | 8ca6194e64beef2352bd3df18770eb7cc478744a |
| SHA256 | 0d728adee8ed1308524a8b3e5234781d8207a15dd6c738b74e62246f9679d21d |
| SHA512 | 0333def621780792272b2c9af8ffab76ada8ebbb4733ecdcc6353cbceea94b83b25c861f424b9d5e37d4d63f198da76f58ed6d77196ba29483aaf1dcee786a71 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQuick\Window\quickwindowplugin.dll
| MD5 | 9703533f14281d6ddb3635ab0fac97f7 |
| SHA1 | bc26999f82b97e56aef84fff6b2adacfeccbfb49 |
| SHA256 | 9aea4a0ab67426a0ca989e62e8a5cd8290cc169fedea5dc6912be3d32144ab0d |
| SHA512 | 3a4472f522924f3e9a930438e514d034141732d9c0df76961dfc8ff4d8059ddd89fb89ab85bfabd5ce7493b15d3ecd4ee4b61110be4ce9cc011aac1d7612c938 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQuick\Window\qmldir
| MD5 | 94ebe16c3ede17a27d79716cf1b00d3c |
| SHA1 | 34f50446b26c05a86018c2fe587d0cecdeb7db29 |
| SHA256 | cf518c3574e25f91acaec7ad8831e28c18fccfe15411672ea56809b2eb94077c |
| SHA512 | f19b2326600b902bb124a8c5b07d70ac2e6b6f65a02be9bf7f95b7641e9c44ca3faaf3a409b5e47b4203fcd1fa62eb49ca4f09eee0e95c7806428e58971ade6a |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQuick\Templates\qtquicktemplates2plugin.dll
| MD5 | d804c42ee7783da45affec5016be7546 |
| SHA1 | 7128d899253257f14829ca2f28fb9b7606f38d15 |
| SHA256 | e931944d5eb53bd373d2b4dc9e2562951a44e49c40e177670aea7735f3a3497e |
| SHA512 | 0508477329365f2bc49176d358df4c5718eeab85ccdd74a928e2f8df23eb75203115980c6f3b9ae948cc3b9f3cf434b27784933ba36f89f43cee9ea77cec4a02 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQuick\Templates\qmldir
| MD5 | d6238b74f2a445964a7f223b96bc6442 |
| SHA1 | a7fbbe96872ca73d293470ff50f4a0a7278c10a7 |
| SHA256 | 60e185a2a878267d15f2b54f6088e1bcb3c7e66b67ac016b121b9e79b305a9ac |
| SHA512 | 5cbe2966e26f6ec1227fc36e3baa363fc9997e5e2322100d8f7dcb0faf520d18c210568a7682b85156d5d73c90465c4934e557de08d82a1ca95989eca1257d2e |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQuick\Shapes\qmlshapesplugin.dll
| MD5 | cf18f633aff01189246c1a2b257bd8e4 |
| SHA1 | e782db1781c57ebcae62b01d594ecc81022e6379 |
| SHA256 | 6be600ee9189a6c84e35eae24e91534ee5eecfdae33797e15472c6ffc8ef039c |
| SHA512 | 78473cc3e4d2cde99759988e47d4387b44a5b34245d59d0b6f2dd9206f96ccf7aa2f06d841c546fcfadf239fe0a6d1cc8d775f74797328bc4bdf2746345b43a5 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQuick\Shapes\qmldir
| MD5 | 29545ca5555980969d58494c03e810db |
| SHA1 | b56a6150c8d39708e502b53d2c7535438aa02568 |
| SHA256 | de2dab12c07574207db93315ebf5bd6ec6656d1aa506df756328f73342b2a7f9 |
| SHA512 | 6715f3b9f144ee65cb37cc200c1be14a827cc40b6fbc47e456a5ad04eeb751f69b1cdd8d4c3fb2a5ace30173c2d61b6633958e7b8753a2c6bd9c3d27275941fa |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQuick\qtquick2plugin.dll
| MD5 | 0c90675a28d95f6bb1050b69f6477de4 |
| SHA1 | bb8518a467430fc41322060361534ae73879f362 |
| SHA256 | e9f4fa73ea93efa6883c8256f74e4351c7cf808db721e0e1d49d4f5af97cdcac |
| SHA512 | c338061443eca85503619b9b9e5397a480ad60b2478cfe3468db360c88d0d5f938fc577e5393d8dd4ae8c40c335000bda9a7fbe9490f112a5ed0d2346be0a605 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQuick\qmldir
| MD5 | 229c819d9d388357c948f58e96513964 |
| SHA1 | 9580844569cb3de2d0f728695d9c83c6713d5c74 |
| SHA256 | 137c386f9b2ba49fb3a3417b55096f6f1bd15a794a98613a862b490a6fe4fa79 |
| SHA512 | 61fb9d95be728ea658b31b137216ca2db2a52ae4523ebac1f7bd7b20fdfde4442b6570b03c7defe9047a96905227cffd0160a6e3f42940e27ad58dbf3b3383ca |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\QtQuick\Layouts\qquicklayoutsplugin.dll
| MD5 | fe46bb3ebb124f1a49f3b057f53fc117 |
| SHA1 | c0b2d468629ab2f517d8bf91916b3d1361526a2b |
| SHA256 | 8b25efda99d9978b84c99fb5c63b423ebdbea40061611a835cbfde745e6892f3 |
| SHA512 | 74d428d7737f6d0ff723c92ef680f9807c8b5eafbc472a3ba021217e0d61e74847930c7a46e598b39bd8e792c205988da51b1776076a2be598dfe1d316798863 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\resources\icudtl.dat
| MD5 | e0f1ad85c0933ecce2e003a2c59ae726 |
| SHA1 | a8539fc5a233558edfa264a34f7af6187c3f0d4f |
| SHA256 | f5170aa2b388d23bebf98784dd488a9bcb741470384a6a9a8d7a2638d768defb |
| SHA512 | 714ed5ae44dfa4812081b8de42401197c235a4fa05206597f4c7b4170dd37e8360cc75d176399b735c9aec200f5b7d5c81c07b9ab58cbca8dc08861c6814fb28 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\resources\qtwebengine_resources.pak
| MD5 | f249e5dd0eaf7ffbcc2843fccce85ef2 |
| SHA1 | ab7449a0d3fc68daa29f2cce08263fc290c4b046 |
| SHA256 | 7e9c3c381c6a1bf31b4fc75c68a9c2f30ca34d9999291ada1d3eaf0b79618d4a |
| SHA512 | be88d39e01828788e5a8b8c436cfc73d2863debf7251b92323d2ca3c02a8737d8edf1c70d24b98a9b11388cb3650129ed46e8134ce3b168a8564e37c3c67e215 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\resources\qtwebengine_resources_200p.pak
| MD5 | 09da93dd890313c6051e3eb31cab562e |
| SHA1 | ca4281451381360393c0abac1029aa4c632b5ce1 |
| SHA256 | 70418cc40f2078d59972bfd5d182b1169beceec2a828a5b81cf6e77933adf6f4 |
| SHA512 | ad00145b99f09ba25ef886ba89e3339c52d09c8080d0d9cf33707f23091e9bc8fde035ba99be291303f727b99cfd798ec3c77644e9ff46c0c6bf64c8d3e91856 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\swresample-4.dll
| MD5 | 7eeba1942a05fe865cf997fc90430093 |
| SHA1 | b63c26c162b77f80bff2fad565d07b34c8051310 |
| SHA256 | baa987629e36f324a77a8922ddbdea7652a3ae8b5eb55a0f03b475facdda8293 |
| SHA512 | e466a02df89336002f2f2cabdc1b9f208c150702c5e1b1679d5012fa791631b99443e25867940e5d60e812c64874a5fb2847716e6712ea6743b6ff8a36cb8ea6 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\resources\v8_context_snapshot.bin
| MD5 | 38a09bcf4160f5b345942462b63c1c7e |
| SHA1 | c4de02fecac708d94096d6e3e16cfac3472781e0 |
| SHA256 | 3202f8ca18e49da8be573afdfe3ada8b98b351f8c5f1ec08ee92e8f00cd8d9b2 |
| SHA512 | 1dfc511b0b387db1876989d4faa74bdcfde66714af76379bf768f71252874a6743bb803035a137f87c530d120aa180009215e8ce1020dafbc6f531381e891995 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\resources\qtwebengine_resources_100p.pak
| MD5 | 698db9c6537b8d9dec4869a11355af2a |
| SHA1 | 0d2450a12e0b3405ae30b3c7f5ad233fd6cbbef2 |
| SHA256 | c471280e5c2b50d0089c069954c84b121a70a7c50a2865b061e6c5eda329e634 |
| SHA512 | deb7faffb6e3c28616e200d10e18707df229a649c9d16e6db8921c3eec7381aeb977e1308dbd07bbf2c2a839b19de25bb6f8a9ba9d094f1243c3aa2d2ebb3f16 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\swscale-7.dll
| MD5 | 60ee6404315f42cfd111ffda6d30a1a4 |
| SHA1 | 14aafa75e18202af1a4bf23d526d1738f96c4156 |
| SHA256 | 331c66b7974abbd85639c63e9ebf63c62858d5b1d8a47ba52c7bc10715aeebe0 |
| SHA512 | 8a4d858ef96a9cbe311bda94492d6759460f93751a79dfae826fb6b63748626134b11e3f30a37e19b6fff1567556d6a3f51d22211885bfad433f8a4451d2abea |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\tls\qopensslbackend.dll
| MD5 | 2ce461340c36cefe018d18bcfa0bc943 |
| SHA1 | f4116728002c0d1e1667af27b359ac0d90fdf356 |
| SHA256 | d78806f6c92310172e095240b112bc966c60c7a34eaaf3aac8497ba31e6cd95a |
| SHA512 | ca0822cec7e6f49a2d9f8ba889fe28d5309de4b6f25da585f1fb4d10420a815d2817f3e39cd82207fbe68e755ee98a9700c6053d5950e3442d865fe0eb487893 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\tls\qcertonlybackend.dll
| MD5 | 5240566cd1d97774f03c319606396659 |
| SHA1 | 7715e321e912f413561e0e3e5f6316ba1ea77525 |
| SHA256 | 9039e7af3cc64ff8d653b71f8bf9a90549ef5f35de6beed23cab336f4e3102fc |
| SHA512 | 4958b92c632253fd18c2816a3dc288285e92a96a265766679881efac284a8c49f9d49ad5596206ec374506e4341a9e10f5d66354fc8120f29375ed0feffcfb2e |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\tls\qschannelbackend.dll
| MD5 | a79fdae77d68c47599a2501224a1bb1a |
| SHA1 | 11d3bf27e0e54eab9c8cbba8639e37fd6c2cf647 |
| SHA256 | 8a25fc4b8d29ee934fac2a26f85f98b82eaa4eb5b0ea924a98bfe597cbe7cd71 |
| SHA512 | 5c2941da9cbe7973abe90d25b4e5e56a0bf94d67d43c0d5652859f032146461f9db5b0de5580e97abe0de067aa82bf213ae32b98c90ad1ea3cf25d5bef0743b5 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\ar.pak
| MD5 | 3368204e7ff3e30e61651b6872f7a6b7 |
| SHA1 | ef64940a8b0d955e4f2c441a967166fa55064137 |
| SHA256 | 65266af2212453cc9cab96296a516070375924119ec55754f41c8053af3d8048 |
| SHA512 | 2d0b4948e191a22837ef2dce2db59ccc12aa111ec378de6efa7281e875e98c9c160adb94b4b373e16744b65aad5c85eb1fef0fc7a12d2cb49ddcabdc95dc6d9d |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\bn.pak
| MD5 | e5bfbba7a15e8d989257ab6f4cc65550 |
| SHA1 | 40726da19598b58271c650311039ab6f7d7f2bb1 |
| SHA256 | 9d9bd667d75539698c1e1febc4f0d9f37accca2cd0813314fde01df8d130a20a |
| SHA512 | 7b26b407d51d27c73e3337e8430ecd5e53f07293edbd3865774f0cd76efd615d4d699bfce6c05ab3d44ecab6fae13c80359f2ea94a08ffc1d822d10033b82ca3 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\en-GB.pak
| MD5 | 1d94e3d6893a9f8e54962482186ede36 |
| SHA1 | 357a64334864a48d72b7d3ac8969c28fab065505 |
| SHA256 | 525d94f828b967070b72e6043e0b9d1c55364b382be1f040b010b90a41b6a815 |
| SHA512 | 3be8fc06e379df5d6389547a2d3ca122f367d8092c00e87089b23fffec60e6a4a8b1edc281bd96fbbaf3ff02b77548259d44edc93d7e5af46b0b32ce78f2efd1 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\es.pak
| MD5 | 7d3755aa3480aa469e6172b451ebd0d4 |
| SHA1 | f91b913cd06aac123678ccdaadcbb4f0cca4a5da |
| SHA256 | 97ed628a013d27736ab03547e5e68e25392e6b47d5b531d4fa8abbf1544a65c6 |
| SHA512 | 8613d17f6234ab5cc96cbf870e63a6622994b10ab4d135255131ee57b1757b1abdcf26678b978faf49175db183300cbb09613eabac82c6691179479c1bf1bf4d |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\es-419.pak
| MD5 | 41a4b6343b952185a4fada57ee9fcbc9 |
| SHA1 | e2475227c6f62da6f8a1467b2035f89d9741a132 |
| SHA256 | 803dd9d993d27ee7ada530046f6933dc5eaf35af1e43cb678b1f82e41375c5a2 |
| SHA512 | 66824110cff65417d12a46ca3d6c42030038dcf1032aa6dc6062323513eb781778851849f84f37dc0225f951be29bc94534a33f74647910bd4ecabe3edfc44c7 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\en-US.pak
| MD5 | f70ea9666c4b2d503da8e0237c46eca8 |
| SHA1 | f150561cbdfefb7327b9824fa3a291c792a44d26 |
| SHA256 | 2ba506930a8da5c3389d0616ada76630dd7f41d5cb8ee850f2406028f015d3db |
| SHA512 | e8e4b03c6b1e5b7c6ae082e372f903bc78f61fac0c2308e7c716b02ff2f8275eace5f541d7ada90b9fc6d33ede29008fdb3e6994fdcbc736a705244d360eab98 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\el.pak
| MD5 | 800026f5d9237f49835886db2c53b295 |
| SHA1 | 8a957b90218585fefb8c11a7d7fbc1e0dab02cc1 |
| SHA256 | b5e5c07f0a8837eee32bdb0954c1bfd5ea48e069a7fb50a97610457bb2d96de8 |
| SHA512 | c75df40d4e5be9c56fc3c5d1b6a0c2accf08ff714c62091165ff892655fc8dcfa28f3ce5129adc004b270c04fa3f63188f40320f1f235e90cbc720651b730e3d |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\de.pak
| MD5 | ef63e015c168179a884821c9db90bfe4 |
| SHA1 | 2dcab43076d76cd723e6d01e99fc6ac30271eb99 |
| SHA256 | 4fd6c23374b3bb860a705ab343bea2905cda824953cf2729f2da7c86ef314f99 |
| SHA512 | de21ce56b1f47fb42b671167265b8d493f6d0d27cde4bd97e1fe6d86f26ca07208a864b47b0d1ec7a3b2163447791c986e71fda255b1702f2f0f6bc7f50235f8 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\da.pak
| MD5 | 18300a43e13aa570e0ddad7205e4c528 |
| SHA1 | 3a13f35888d22437055347ec0fd8b2e67cfbef28 |
| SHA256 | dcf563b44cf1bce09dfb017a8e51da2e5653e834e312e7d9c3a868c4b90b5a7e |
| SHA512 | a1c4d8333461c723bf6ec51622759f9a7f3a89ffe03f63b3223d296ff99ed926d2836c819b5ac4da2cd33eddb8adcabcd15a18d5c9bf41d399da17c9bc65702d |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\cs.pak
| MD5 | 2fa44a92c2e2304f8180f703e2363d2c |
| SHA1 | 73ffa3b6999acba487a76b77e26d52d10a4ff69b |
| SHA256 | 6e6e158da321c3914399aabad1bb68f43d907e21c5568c182ac12539ed308672 |
| SHA512 | 3377284037652bcd9a7cd1b9397e0c7acf084c42c7ef5170cdd92c8e1eb2005b6cdd818abe6b9f24c1cea2c10531c1571c351f331da42d68320267197b1d21d1 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\ca.pak
| MD5 | dd10c97f6c8153faec769dec63aeed67 |
| SHA1 | 37fff3ede19be23bc01c4d297372ec2a4f4338bf |
| SHA256 | beec5dbddc73c0d80faa6677298f002c52dad4991deb5f533da8f07cef775be2 |
| SHA512 | a387606c54404e2b07db9541d23124a3d8ccdfe6e3f6f27492f5bcaa0fb5be4de59b50b3fb288c5261d02b719e4ec05ec767e53469ae96e6d943a3bf2920f412 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\bg.pak
| MD5 | fcae54e530f1c0b4cab64328c89e4128 |
| SHA1 | bc54613a70daac0cb08dc938ba830a3332bf5656 |
| SHA256 | bb6107701d4184539f914a33634ae0300d0a9e2deae979b88a3ece53605c5179 |
| SHA512 | 00b32d37822a1bb74a8e7fa22157b5034655c4be523df9060961bc81637b554fa78b3033b51253c2be9312e0caf3a0e30d8794d3593e038b24f8adac87f64322 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\am.pak
| MD5 | bc4c700b7c415ad4c92e3bef4ae7c4a8 |
| SHA1 | 345931d353f78872bd3b516e2252acfd72c534da |
| SHA256 | ee3bcc0a396a18e14e6ac1b4f2310cd6118c7fa9a317e67e273d5e2b8ca01d6d |
| SHA512 | fd0ca4632c6a7c166c226c8f84f3a39448b3e21e7dc1404ba912470eaaafe2c891e435d5b2c3347a7017aa5bf34fb45cb74abaf1bcb8a2a02946681ec49070fc |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\fa.pak
| MD5 | 4003031412d00fd89eb2700e6be45b66 |
| SHA1 | e903cacbbcaeecf37773f1491db4be0c727462f9 |
| SHA256 | 9915278c25a19420b400f28859c504e3f82fc8d44046d769e586d6b97deb44c0 |
| SHA512 | 8e72aaa570652d3f95ec5b963a5fb534826c3b32b0ef88627bd099934ec849516bffa43e3e3cd074eefb53f63ae9c1a9fbc9df533da82f62dd099dea63cd10fa |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\et.pak
| MD5 | 03aab03a3d067c79b8ad078af1aff9f6 |
| SHA1 | c5e402fa5b148f09895bfdce750033fe8e5c3e35 |
| SHA256 | 7b301a55543e15c5255db083b7156a5cbb1bd7669c863376651e7c536a0d3c03 |
| SHA512 | 3fbbf675a1b26e92625f30a245b92c80ab5cccbe3559e4d79bb81b6bde33f796e82e128bbfebfd29b324cb6a0718edaf4fc53be28648366288375fe615079538 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\fi.pak
| MD5 | 1fe6aff5d58a2e9078125a3eba51310d |
| SHA1 | bcd0b0afa94a51281558abe598ecd6916def3600 |
| SHA256 | 55fcad7f30965e07a749a79d4e304cb8aff79afc367c6870738b8dbe78ae3ced |
| SHA512 | f6dcaa2890347f05096de8f70e0c657b6c4c8bb1e428f3ed4d31c942f214949745afd5216c44a7f5cfa875825dd41c683f1156583646eeb1efab570ea3ae1dfa |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\fil.pak
| MD5 | 3a9fe4cb75cbf95a747e4a98e9a5134b |
| SHA1 | 1a39f169d11ee06ef63c028a7708af81926d7918 |
| SHA256 | af5917413713e97363a62aef1909cf7a800f031ca68bbf211cb243032a68b461 |
| SHA512 | bd2da49b2b6425708206aa4607a1c40c4da68847becf59ed9092ccf16a79f967c58428d2bf7b198bec0441358ef05141a56549572e206355a3bec7ddc088038a |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\fr.pak
| MD5 | c63cb62bf919064b0b6326a0e598da50 |
| SHA1 | b3b09ede4892391fcfe51288e55d9503b8848aa6 |
| SHA256 | 5b88cebd089e9bca4978cb9df076ed06f97fd5f6d496f6a47ef6d42441726566 |
| SHA512 | dd51706d7150367303dba7c99029d5468ecd1d57abdb28c1688b5937700547e14d707440b12f2040b4120cbd0f4c4dec67e99f175761b58c9f14581aa0e0923c |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\hi.pak
| MD5 | 248182b1fe577681f70dda64b046e120 |
| SHA1 | 3c3f2726be0921121486f5dee10886b74cb37556 |
| SHA256 | eef6fc72fe85670200ca23656e69804d9d02d9ef3d0c1ccf7d129d71474ef400 |
| SHA512 | 86365716669d960fb67e96e0ab903e1412a7c5387349b49cdbf8d0ebcaf118c0d99c93df0f166089f32aae2d0b5f2c2e34734506f6558c9a8819729abf7f55e8 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\it.pak
| MD5 | 84030ab6437d9279b2e93a4e83ab5d56 |
| SHA1 | 7cde75bf29eeeb84c6226983130e7fad0442f777 |
| SHA256 | 6f1cd9d09ec1be6033bcb0c2efba08a961214f1d6d7a9844b88e7d612e7a1860 |
| SHA512 | 86aefece3ac2862144f997ab3e69b9aed98be5ba5e9941baa02600ef63ca7ab9099b6e083f3263d077e4cc014df308ee8231c0268c06ed846f6c59f6f2e6460c |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\ja.pak
| MD5 | 286a4d7ee7e011a524e8f4c70592d1ff |
| SHA1 | f62452ecbbc5633bca65c6485dbfe9467333c290 |
| SHA256 | 87831c3227dad088afaf94a2dd03dc66fe14aee7c2e031c7b7798ff4b11b30d7 |
| SHA512 | 86bc78f53175372dba41be8ac4867f45e2d962eb3dab5798d9a71a22e450f6876d335fe347d07a86621d1560aa0538aa3c2180452f72076983d57d9db48d4c1c |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\id.pak
| MD5 | e1038c2d0ea1eebfd9e25dae192a868d |
| SHA1 | 6be7fe8751880e14ed8322f7d29794a8cdbc7467 |
| SHA256 | 3134fa4e6e3745d206aaff3d8b4fbc289ca29b687ef1d8f16ff22012efb3dfef |
| SHA512 | 5dba90a2850b2851314620be62cff5d593a048338cd984731eb4d6e5e77d806296c6e1746b5a7c08be19beca1695ff418d5cc9e1b84fcf5dfbce5e7953a6bdd4 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\hu.pak
| MD5 | 10f85e5fede463e2486ed890a561bed5 |
| SHA1 | bd0113b5573d79119fbb15d053da17fdfb4e2d50 |
| SHA256 | 2e6795aac09546926d93180082a3e4ef64b08a18ac513d79493ea8fa168e9cc4 |
| SHA512 | cac4858b1ba904d893250028afc8a10bd9ffa99c7301efa0448e316585a2a817db1936edfd325c1d6dbca5fa21af0f0a8f4b8ec0c6506df035d8d582688eaf08 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\hr.pak
| MD5 | b556be50b983d7d62a8f44dcb24efea5 |
| SHA1 | 6c6840dfdf83a69dde3536e8236358c32b6a8535 |
| SHA256 | 155a03a996003ae7cf7ba22894b0fa479f0fc6a04578baf6a888ff1b2e8473fd |
| SHA512 | 4dbe58000c5fe799be609597078535f321e62210dbfb6ec6e9613dfd569e04b16dc305e5a827c6706acafd250fe5c00eae2f24e9784ec304ff5d0446c194f847 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\he.pak
| MD5 | 3d3d2134b30ef1d443e07250229e2678 |
| SHA1 | fba103c120d78c07f3000ac7709d3681688809a1 |
| SHA256 | 4dad9b698b48ad90553bc3c82ce8faca6e4f8264ec6ac5b9e1bf2cd20f2ecce6 |
| SHA512 | c806b7f37d87957904c5f0097fa4951874a115f06392857a482ae50af6b19178acf478296a8859d031a71493960e7b807b6a772fac04bf56f88200d93073872a |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\gu.pak
| MD5 | e3074b687e6a6deb35bf1400caffb425 |
| SHA1 | 5e524e883b510a67e05b1ceb082f3661b5890341 |
| SHA256 | b558039d718858f3a15ceaf9c2ba5a89282bc5f6f15ede43a1e552fa458114ff |
| SHA512 | 489d922276ee9e7f42ca0d003caefd97e62abdb712d678d1cb8e8c756be707a1d07ce080201c6957b529c2b7a9eba26e7d0a5ffe7251051721ba1e44160f8fb0 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\kn.pak
| MD5 | 3638bfec55b3e6146eaacff7edac9976 |
| SHA1 | 0aac7b431980d1df51170c2ab5e5e960604364df |
| SHA256 | 77b514e529b8aba4da86653bbfae0fdf3fc4eee0d84caf40530a23bfa58d790f |
| SHA512 | 477410a6ab9db7b74e82e5de5101fcdc13a42fa8c9a9437419fbebe66cadb9b57d61930a3938b53135d90527419f30bcb5381997cfddc2cc51f65b121b5d5482 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\ko.pak
| MD5 | bd258202d84cb6cd398c38eb444d7c13 |
| SHA1 | 4b03cd62fd99f107dbac2f600130ab070cdd7e64 |
| SHA256 | d1e47481b8775c11c7b4b42fd73c7fca614e16950581e892ea739def6cc9dcbb |
| SHA512 | 0a0ea62530b9e8486b8d081057174b0bb6211f5ca4e23f1db4ff7316d252f4c1ab09803c33368b1c068045341d35977b1fd8d6b18efd068928b170d7adfe34c1 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\lt.pak
| MD5 | 82c786051cc71dac807c37fca436a91e |
| SHA1 | 7c663b0225b90bfb1dac4cc10f950349c0281b89 |
| SHA256 | 0050421881174da761b3177082de0862eeb1f20165169eb057ee74fcbdf95eee |
| SHA512 | dc8887aeeb5d2f88f5ff01a2b417c7f8d471ec386adeb848f4af2af32c97152eb9bb50f7c78ee9cc216cf64821f761c2a25367e96eb2064e4ce2d00021c7fa4c |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\lv.pak
| MD5 | 84509c858c9da5347db91821960af8e8 |
| SHA1 | 2e4edff02a0e429a9f4a633cbe3877e5ad7bb38f |
| SHA256 | 624c7917250b498c2e643421212989b7dfaec944d06a5a0954568f8e9e90b0b2 |
| SHA512 | 9aecf65282432c8b7bdb327f373b715a48438fd1730bec5d2e27270810b5ec880b98d13e8f4a0586a420a42b700feed50abd844fa7e3d655bf9f723bebeb8365 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\ml.pak
| MD5 | 3f2d7238334e87c1dd28508ae42ce499 |
| SHA1 | f368408c86e61a2fd972876f659247dc4f1a2090 |
| SHA256 | c182a95c3b75b2bc5795bba0af6badcb2588ba2d84cd68925e75cf5ffc0168da |
| SHA512 | 5f0ac10d7fa2e6fdb0d9f8fded6f055febb1a3926013e28db108f8f8a8ab8c24216329f1d4b0e8bfea6da9220294cccdddfab810e60253455e99d52ae26bfd44 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\nl.pak
| MD5 | a17f9d1ecc10a7da391a2fa71220e123 |
| SHA1 | 025d8fc0ee1eba270973fa2ad2f10701bbd708b9 |
| SHA256 | bf1b04e7fd896333e4e2ffbc411563d5de30e4c241e3f7e0c60548af1310bc1a |
| SHA512 | 47079ecc377e85e907ee779a332fe6dd8e66beb39c94dc0643a8b5baa400b97285b42d727ee32efe88fae26ff59e18671974766e9ed9b744bb7df11a3c5e74b9 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\nb.pak
| MD5 | bd58803d4cd991cc7b562da68428867b |
| SHA1 | fe36b791388d2a1137ab2377b72272fc8dacec82 |
| SHA256 | 43fbabc2a7b4ab2dddd00fb511aafa241a9905af40409b7c3f54210b6152302f |
| SHA512 | 6f546f39fd47f81e73bc1de8e105882c91b56d32d6517ac115401f173c4c7202d8db9de72bd131526ab54feb3aa3745d8550c2f993dac211b14ee99d71d4801f |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\ms.pak
| MD5 | 7321194b6267c9cdd0bda30e4203b859 |
| SHA1 | 86a4f9299ed0ddcf70b44aa65427a752af2dae35 |
| SHA256 | 47f77f32d6f18d95c15c0e4c04df8ba1a05784c8c671360aaf2db487520ddcf8 |
| SHA512 | 6a831e9afd3d50c698b1e6ddd18f6ec95bd07bb8d3f4d6cfa9a19b65371a430c5c63adb5276f44d3e9a7c2b4e1502f239ee793ee5035f60f57988685a918c110 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\mr.pak
| MD5 | 69217e4bad9444e0b36b9dec6d13587a |
| SHA1 | 21d7c31c656add29346bf61cc5f01b99cac4c24a |
| SHA256 | ec720a494da509c7f6d6581bf83a7194d20a4da8fd260c4cd5590399506fe89a |
| SHA512 | 7821f7291cd3fc1fcdd5a92cd189c5238fe2bd0806f58c2e6786b253d4f67924bfa63542511a40d88edc29418fc70db64206edbcaddd5bee0c0978200397123e |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\pl.pak
| MD5 | 1e6a60b03abd6dc4f8c869dbc774b680 |
| SHA1 | f3d02e9d34dd05bec55fb69846342282b32ab405 |
| SHA256 | cc4775d2d1a1751cd6ee4de5adc7d4a13b079e7b132898595cb2865e0a57c823 |
| SHA512 | 54c2d9eabc73ca873314336df35e5c38302dcc78da5194b097cf16c0bcf3b64ef4a9bf7230ea7367b23fa9785d1a2b94bbccdaf0f38eb45b3b4226f32be5a2eb |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\pt-BR.pak
| MD5 | fc5c376e32878058c7fb3dd691de3338 |
| SHA1 | 4791055d548d678c76fdbdd50c412273cf935630 |
| SHA256 | e2a95144584d124e754f20c743ea91ed31f96d375bd24df8b0df3c411c6e08b9 |
| SHA512 | ebd545258e4c4d1448bed9a94c5e0527df06527717b0f19edf83866673705859dcf13c53af8e5151bf50da024128da28f1d697a51ae4fc4293c9d9e55dae3004 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\ru.pak
| MD5 | 7cde65967d57746972a785d73223a7f0 |
| SHA1 | 16bddf07f603fa4281335a9f6c60e543aeefc0de |
| SHA256 | 2d4583e3bbe119224a4dbd80ece065a978890d294d0bc1f3948a10c33ea7f06d |
| SHA512 | c4e9a364bb1b36685d03ee7e5f1e847d99fb875151023c7ab2da446ad5d91bb73fe84622cb46da3b544854cda755912262260b445667da1d018f597f52653bf6 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\sr.pak
| MD5 | ff5e1f8f679fcf45ace4b095d23841d0 |
| SHA1 | dcb7cc4c3afe6a4c9baee3cf7e2c900f530ce3cc |
| SHA256 | b8d0bb2ef02f21acd435e4e969bce77b7b3410263763d2ed76a2fa73120e5e1a |
| SHA512 | fd4940cc1e3106eb73b35ce13a63556e5eae05fe03139dad255472d25d37a223f25fac85e5e45b468383edcb174e3d8bd342574b0a55ddd27bb530a1ca614a2d |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\sw.pak
| MD5 | a76199fc5387610c34c10fe432de8ae6 |
| SHA1 | 78beef278932682c53755d2ef2ec7bb702920fa5 |
| SHA256 | 8e37295c46adc0afe92ca7f4a1a2ed52a97e14423d11eb05e8a14b543493195b |
| SHA512 | 68990913627bbe34292b65074f24f399c0172282cb6b55a631b2aac1c2b12109135192f8eec22be5e533ebb25a590a69d91caa4c8bf304a2c26e512515610eb2 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\sv.pak
| MD5 | bcaa22655669b60765b38521b21da875 |
| SHA1 | f34e37dfdb5521ebc332a52baeab8c568722ffc0 |
| SHA256 | 9ba97cf45ed07f4b8b3304c55bade120fd01f6ef0c2d7685765151c40b2b3acb |
| SHA512 | 9e8d7d7d58ee7ef352d850ec14e22f5017c0059c66d7ae7ac7b3ae26a0c5cb7a11b90318e5cf189e2732928f658868fd5e13596369513ae45926e9dc1c0e8ae0 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\ta.pak
| MD5 | 984e4341b5b8077e4d0c76fdfd14785f |
| SHA1 | 2c41c6f0844c8e321120b8bd5808594ca686c03a |
| SHA256 | 3683217dba2149b98f418cbe50920561c6dc7d702a85dda98efe8981da669585 |
| SHA512 | 29823eb9c37d7c26324536a50fc80ee985995be8f0e59b57794c965f3b06b3e8d1fef6253b9afb4c7b8ad89386ebdeceff5920288b8ff7d5a59e626e4c9ea889 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\sl.pak
| MD5 | 790d7c9113c73b8a0274a1b5a43fd7cb |
| SHA1 | e1ed463fbd33e0731bd0c27acbe6a72841643e23 |
| SHA256 | d56f8cc78078bc7904203c078425d7e5ca943509e6ccc87947eb866671e5be7a |
| SHA512 | 177903a73763eca159cddd45a7b24b01f8a8867d4edc2befcdfbffc69af8191f6f476b8d6ebe0b0ff330343f005478fd375bb083288635c1849bee01ec12edb9 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\ro.pak
| MD5 | 3f570679307286594588bcad66a13f8c |
| SHA1 | dd3d0a1d51ed81e8620b9625ea5d43ad513d58e4 |
| SHA256 | f916fe52080eaccab979a8b527596e7196acde3aa90b1f836801d9f7b90df1fd |
| SHA512 | 11eac14c5a26810ecfe9130ddf96732dd567f222499ca4c7a5cc363ba4e29683569e9abf37f4fe695553fece3dd9a97c57a84376340f33ac7b463c03f14a3fa8 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\pt-PT.pak
| MD5 | c21418f325ad1b9d86b7957b41ecbeef |
| SHA1 | 27fef99b33f81f53cbb63c326aa386957db177a8 |
| SHA256 | 98e2b6e8c3e67da3a2069040330461f0a4b6feb05c6d3981d07b748ac191182e |
| SHA512 | 55c340510d92b938d2c696ed5c73ee3d54e9d931cc97ac2f425a83e4a25b2ebf48aadd8a06fd24902365da3ca2376f36c5339d8fd4c099aa3da8cd150a8328fb |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\sk.pak
| MD5 | 097248216acaad35198b979dd2bee4fb |
| SHA1 | d8d51024575138afa55217960a623469a7e65cb4 |
| SHA256 | c7609346fc5d8cf34d3f6e6b5fe4366f6eac06731e14e6453b7820f02c21b635 |
| SHA512 | 777aac33755b874e853f5f2189babd99d0d9408d182e4094f27af26f4d451d8ac3e6efa6892307f90c51df7008394f713d68efd76ef1963b8593c201031b8846 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\te.pak
| MD5 | ca628239fb9568e6badcdb848bf764de |
| SHA1 | c2d6324d2605a9e6186cc7e8dd7e341bd08010eb |
| SHA256 | 294f64705018a555ef7d76f82dfd783fd81d2bcd99d521841be0f2d887e4d3b9 |
| SHA512 | 859d07b604081925f3277d49586af78299313ddda6abe280dcf3f7be4d10a1ac65ab23db61d9babb35850fa48ef27b9aec942b049701cb251bd7c0149dc655f9 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\tr.pak
| MD5 | 0b215cb173e45ca6b3c5b117380249c3 |
| SHA1 | 54713fc7a589a39fa51b0b724e3b79f6af82846c |
| SHA256 | c85fc7d5f699150c5643702e694ba82f94f0e630730441223a214a9d9437242d |
| SHA512 | 7a62fdc6e19613192d4d80f7e59aacd8250181f92766603eb92320a1b9391781a7ed4f058094ef5b91aa42cb92a802b37bbcce95ffd67f654d9ff690a513a497 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\uk.pak
| MD5 | 42f48e833a462cacf030bb0a0e9f9439 |
| SHA1 | 31f08d6fec67b2c296ebf2dd2193fb8d4ecaf7f4 |
| SHA256 | dee2afb40fa3b7c6788b6d8e3a775953b9b0589a131841ad9b520f580cf92881 |
| SHA512 | e24ece15476c9fd77aa84c7139823bce7216fe06e7f8040db94cf46220cbe431dfd634696165950621961bdd045c0365287693b807f54bdfe5f28d56b6365f64 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\zh-TW.pak
| MD5 | ba9709f6d6363aa06a4838ac8344e262 |
| SHA1 | 3544dd9c7ec8720c3d135b5df32e71f4b1c88983 |
| SHA256 | b81e24415243f7470f714379363157f2bd7b2d22e203ec5966878ed4b68140d3 |
| SHA512 | 9ceb5e9340a3a38507419972754563823f0b3f808b39e17d78d8a18a171231100ed2bc0c677a75da16237219071996702dd7fb8a6a6dec098e69bdad0b3dbf40 |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\zh-CN.pak
| MD5 | 917ab791cb4d24be5f369956cd059e21 |
| SHA1 | 433a3aeaa06d6066ed55718564f5980e8c6d3ce8 |
| SHA256 | 331e9240251d1191c599b09230d7ca9f8b11e51e5d94ff8bd63108512c0ddc58 |
| SHA512 | 969f4662eaec6e3788fcc5823446135657b6816cd2419d8a3839acb07bee629d3c9ef69b2bef48856e16975fe31b7ee5d0d390ce4fd121a700d096348500b2fc |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\vi.pak
| MD5 | 844b68e44ccbaac773f36d442e59a339 |
| SHA1 | 915354dc412fd0d2a60f99520462720e7796b6c6 |
| SHA256 | 8b98769b3b97df10ebed4f25a0b115f2e0b059e9adedebb96c444a71e2eadf17 |
| SHA512 | 2107bf5ee8317c7c7e9b279255df376e53eeba56185071168a8246bfc50aa738329b2886711164eacd877c7f0bc0fda7137f766be03e7fd5d3fc3e93f7df60bf |
C:\Users\Admin\AppData\Local\Temp\7zS49A21B19\translations\qtwebengine_locales\th.pak
| MD5 | 3c92d82202b5169d4de9dcee45708772 |
| SHA1 | 4a7025840bcb20955c655528d23d41c155ba8fc3 |
| SHA256 | 719d26daf93fb83bd66e97984cc907a55210e0cb0af3a226bec535451d38fdb7 |
| SHA512 | 94c832de7b33e69ca8606d79ebc6a0b0b37bc61ea5e5be223bd639b9295300a9b1ba2b75860949fa7d452122bdc81f402bb8091035e79d5b2761566432ddeef7 |
C:\Program Files\BlueStacks_nxt\Assets\installer_bg.png
| MD5 | 08d091faf58df0ea8218d7e08140bbeb |
| SHA1 | 38ebf2763bd2082635a5971c4302021ecaddc0d1 |
| SHA256 | 7e5f6998d34d56aeca87f676c12a42c6c4362ae16a753dc567aae00e253b0817 |
| SHA512 | 5cfede2ea2ade7bbc4b63475af5eb52f78af567fa7096a2ead396056271b8745df4dc6e11e4328151ce59ab74c6c48fd49cd13e30f7f4b86c566757e310fd5e8 |
C:\ProgramData\BlueStacks_nxt\Client\Assets\minimize_progress.png
| MD5 | 90d5c0e2977d65b21b430f486114521e |
| SHA1 | cfb48cef2634d4be33210ba54e5b7c5c197530e4 |
| SHA256 | aa538477ded33f33e33cb9a21241dacaceaa0c3e5ad8eb1b6830a448262bc998 |
| SHA512 | 9a3f6690a638a69232335b746a4512ed1c623baa984d87cf4127663c4f85e818a4220564c63b764570e2ade8302989482580af7d9032052335d44b9c98d2d37b |
C:\ProgramData\BlueStacks_nxt\Client\Assets\menu_help.png
| MD5 | 2e82bd45c7a8b2e216c27a24d42f12a8 |
| SHA1 | 8ff552358b2d77090a54dad0c12c2757af2ec433 |
| SHA256 | e55ef002466578307998045edd5e10577161efd1cf8f1a71768a8046f4c2ee0d |
| SHA512 | d8f44a110bc31d5834b337553baa599c9a127d7335aeddd7e139ba5c7851db006d36ef74d841f10f7fe69e25edffd89a6faea9d3c72eba27bbbade843af440f7 |
C:\ProgramData\BlueStacks_nxt\Engine\Manager\BstkGlobal.xml.in
| MD5 | 8c11ed64e4cb4e992c891a1685f5e0bd |
| SHA1 | 1b125f8aa3f77ab5e23bcf18ff7fd9efa5232bc5 |
| SHA256 | 4c64d4ad8897d3198cc69c27e54c9ad24aafd70ee2818a4eb3a970f24b7cd535 |
| SHA512 | c2eee227704f0940bd46db419e42f15ce0dff3b006753c94005ac4c063fe2a2f0f24833a6674e9bbe570adcb425277a78bbbf398d600017e05357f33661d7c7d |
F:\LDPlayer\ldmutiplayer\pathconfig.ini
| MD5 | 905714a29053640a6eb21c916f710c99 |
| SHA1 | ba1fd5c53cc0c558c538d419e27e66b2ed61a3bc |
| SHA256 | 4458f1b52ec1d58b0bed1a3b2d64fd09377f47910dbb420a01cae4adbaa322a8 |
| SHA512 | 0be4255ca558e95866fa2d547d0f5c987ce097c6253c518f6550c34b52f16fbace37953ef80414bb53570a3cd157c870daf6626c22bde220d6f41e28e370fa7c |
F:\LDPlayer\LDPlayer9\vms\config\leidians.config
| MD5 | ccf1100b6c95d7e5c8d9e98d2dd70fcc |
| SHA1 | 16ac4f92f0ea9489793a7f53c3f00f37fb92c5f4 |
| SHA256 | 5d8c069547e9555e27272a5843b074ef07d4b846df02d532948f27833d0752a1 |
| SHA512 | 0077afa1cbb70fc020ae976e04bd2f7b607dba103c3fcf6fa6972869049f8933a90b042a3662e51c5dbb031b7225d3450f41fb96fbe8d4bd6211ea680e807738 |