Analysis Overview
SHA256
cf21bed229d61942534a4d963b1fd34714287a3a494536399f5064ac8edfa55b
Threat Level: Likely malicious
The file Superify Setup.exe was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Executes dropped EXE
Loads dropped DLL
Checks installed software on the system
Adds Run key to start application
Enumerates connected drives
Detected potential entity reuse from brand steam.
Subvert Trust Controls: Mark-of-the-Web Bypass
Drops file in Windows directory
Drops file in Program Files directory
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Unsigned PE
Browser Information Discovery
Suspicious use of SetWindowsHookEx
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious use of SendNotifyMessage
Checks processor information in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Enumerates system info in registry
Modifies data under HKEY_USERS
Modifies system certificate store
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
NTFS ADS
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-10 18:12
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-10 18:12
Reported
2024-08-10 18:27
Platform
win11-20240802-en
Max time kernel
880s
Max time network
882s
Command Line
Signatures
Downloads MZ/PE file
Executes dropped EXE
Loads dropped DLL
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4272559161-3282441186-401869126-1000\Software\Microsoft\Windows\CurrentVersion\Run\Steam = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -silent" | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\{0305aed7-88ea-4e4d-995e-c09c56c41bd1} = "\"C:\\ProgramData\\Package Cache\\{0305aed7-88ea-4e4d-995e-c09c56c41bd1}\\windowsdesktop-runtime-7.0.15-win-x86.exe\" /burn.runonce" | C:\Windows\Temp\{C695AE90-1548-4596-9418-7E247FB32843}\.be\windowsdesktop-runtime-7.0.15-win-x86.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4272559161-3282441186-401869126-1000\Software\Microsoft\Windows\CurrentVersion\Run\Steam = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -silent" | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
Checks installed software on the system
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\X: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\A: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\system32\msiexec.exe | N/A |
Detected potential entity reuse from brand steam.
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps_color_button_square_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_gyro_roll.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_040_act_0316.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sc_rt_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps4_trackpad_r_left_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps5_trackpad_right_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\switchpro_rstick_click_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\switchpro_button_minus.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps_rfn_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\xbox_lb_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sd_rtrackpad_swipe_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\vgui_vietnamese.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps5_trackpad_r_up_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sd_l2_half_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\overlay_portuguese.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\xbox_p2_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sc_dpad_down_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\sounds\confirmation_negative.wav_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\xbox_rb_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\localization\switch_controller_korean.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_touch_doubletap_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps_dpad_left_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_dpad_left_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\public\ssa\ssa_russian_bigpicture.html_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\css\awardicon.css_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_035_magic_0355.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\loop_3.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_045_move_0416.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps_rfn.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sd_rtrackpad_click_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sc_rt_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\localization\steampops_finnish-json.js_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\cmnd_keyboard.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps_rfn_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.15\Microsoft.WindowsDesktop.App.deps.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sd_rtrackpad_click_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\appcache\librarycache\219_icon.jpg | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\icon_right_hover.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_035_magic_0341.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\xbox360_button_start_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\layout\gamespage_details_workshop_details.layout_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.15\zh-Hans\WindowsBase.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_gyro_yaw.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps5_r2_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\icon_vr_happy_down.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sd_ltrackpad_right_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\public\ssa\eula_sc_schinese_bigpicture.html_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\icon_right_default.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\switchpro_dpad_left_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps5_r1_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps4_button_share.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps4_trackpad_r_left_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps5_r2_soft_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_mouse_4_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\icon_play_hover.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_020_ammo_0054.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\facebookLogo140.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sc_touchpad_click_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps_button_circle_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\shared_buttons_s.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\dotnet\shared\Microsoft.NETCore.App\7.0.15\msquic.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps4_trackpad_l_right.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\SystemTemp\~DFB68F7BDBDD28BFD8.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e581c33.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\e581c33.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF1275700D352616C7.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI275B.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e581c37.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF5364EF7064826B08.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\e581c2e.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI2CFD.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF791BB1A0C757F9C7.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\e581c38.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF591B509FBAC2DA69.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{961F4E18-EF6F-44DA-A61E-8AFCAA87CB87} | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e581c38.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e581c3c.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e581c3d.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI38B6.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\inprogressinstallinfo.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI25B4.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI27CA.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF06A84108989767B7.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DFD0723676E66F41C1.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Windows\Installer\ | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF0B9631FA58829651.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF1EE69FDFE916E9B3.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI2903.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF9FBDDE0FF334FEEC.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DFF652482E7279031D.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{565B8608-2758-4BB1-90B8-13C8D5D9A7A3} | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\e581c3d.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF2BDA9C4A58505B2B.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{A8653AB8-2037-4D69-903D-F1D5FA5CACD2} | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF5ABC49BBE29EBF4C.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF38BCA87CCE87F5BA.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF39173EBA7C08A510.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF88C42B0B26FA5BC5.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI1EBE.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e581c32.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI29B0.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{D96F6B53-FC66-4BEE-91BD-1A4E944FC061} | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e581c41.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e581c2e.msi | C:\Windows\system32\msiexec.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\SteamSetup.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\Temp\{4E150EAE-8D07-451A-A078-4E323A4AF764}\.cr\net70.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Superify Setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\Temp\{C695AE90-1548-4596-9418-7E247FB32843}\.be\windowsdesktop-runtime-7.0.15-win-x86.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\gldriverquery.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\net70.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Superify\Update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Superify\Superify App\Superify.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\28 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\28 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\29 | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\29 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2a | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\26\52C64B7E | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27 | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\27 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133677874076990409" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Dotnet_CLI_HostFxr_56.60.5674_x86\Version = "56.60.5674" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\35B6F69D66CFEEB419DBA1E449F40C16\Provider | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\windowsdesktop_runtime_56.60.5778_x86\Dependents\{0305aed7-88ea-4e4d-995e-c09c56c41bd1} | C:\Windows\Temp\{C695AE90-1548-4596-9418-7E247FB32843}\.be\windowsdesktop-runtime-7.0.15-win-x86.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\81E4F169F6FEAD446AE1A8CFAA78BC78\Clients = 3a0000000000 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Installer\Dependencies\Dotnet_CLI_SharedHost_7.0_x86 | C:\Windows\Temp\{C695AE90-1548-4596-9418-7E247FB32843}\.be\windowsdesktop-runtime-7.0.15-win-x86.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\windowsdesktop_runtime_56.60.5778_x86\ = "{D96F6B53-FC66-4BEE-91BD-1A4E944FC061}" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4272559161-3282441186-401869126-1000_Classes\steam\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8BA3568A730296D409D31F5DAFC5CA2D\Clients = 3a0000000000 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4272559161-3282441186-401869126-1000_Classes\steamlink | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steam | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\URL Protocol | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\dotnet_runtime_56.60.5674_x86\Version = "56.60.5674" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8068B56585721BB4098B318C5D9D7A3A\Assignment = "1" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8068B56585721BB4098B318C5D9D7A3A\InstanceType = "0" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\81E4F169F6FEAD446AE1A8CFAA78BC78\Version = "943461930" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\35B6F69D66CFEEB419DBA1E449F40C16 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\8068B56585721BB4098B318C5D9D7A3A\Provider | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\35B6F69D66CFEEB419DBA1E449F40C16\MainFeature | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\URL Protocol | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\35B6F69D66CFEEB419DBA1E449F40C16\DeploymentFlags = "3" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steam\DefaultIcon | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\{0305aed7-88ea-4e4d-995e-c09c56c41bd1}\DisplayName = "Microsoft Windows Desktop Runtime - 7.0.15 (x86)" | C:\Windows\Temp\{C695AE90-1548-4596-9418-7E247FB32843}\.be\windowsdesktop-runtime-7.0.15-win-x86.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\81E4F169F6FEAD446AE1A8CFAA78BC78\SourceList\Net\1 = "C:\\ProgramData\\Package Cache\\{961F4E18-EF6F-44DA-A61E-8AFCAA87CB87}v56.60.5674\\" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8BA3568A730296D409D31F5DAFC5CA2D\AuthorizedLUAApp = "0" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\35B6F69D66CFEEB419DBA1E449F40C16\SourceList\Media\1 = ";" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4272559161-3282441186-401869126-1000_Classes\steam\ = "URL:steam protocol" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\ = "URL:steamlink protocol" | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\3774C265BB25E195676300FC0E846513\35B6F69D66CFEEB419DBA1E449F40C16 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\35B6F69D66CFEEB419DBA1E449F40C16 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4272559161-3282441186-401869126-1000_Classes\steam | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4272559161-3282441186-401869126-1000_Classes\steam\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\81E4F169F6FEAD446AE1A8CFAA78BC78 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Installer\Dependencies\Dotnet_CLI_SharedHost_7.0_x86 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steamlink\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4272559161-3282441186-401869126-1000_Classes\steamlink\URL Protocol | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\81E4F169F6FEAD446AE1A8CFAA78BC78\PackageCode = "4607BD783359EE74C90B337EA71931CB" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\35B6F69D66CFEEB419DBA1E449F40C16\SourceList\PackageName = "windowsdesktop-runtime-7.0.15-win-x86.msi" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\ = "URL:steamlink protocol" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4272559161-3282441186-401869126-1000_Classes\steam\URL Protocol | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\{0305aed7-88ea-4e4d-995e-c09c56c41bd1}\Dependents\{0305aed7-88ea-4e4d-995e-c09c56c41bd1} | C:\Windows\Temp\{C695AE90-1548-4596-9418-7E247FB32843}\.be\windowsdesktop-runtime-7.0.15-win-x86.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\35B6F69D66CFEEB419DBA1E449F40C16\SourceList | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\ = "URL:steam protocol" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\81E4F169F6FEAD446AE1A8CFAA78BC78\Language = "1033" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\81E4F169F6FEAD446AE1A8CFAA78BC78\SourceList\Media\1 = ";" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8BA3568A730296D409D31F5DAFC5CA2D\Language = "1033" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\{0305aed7-88ea-4e4d-995e-c09c56c41bd1}\Version = "7.0.15.33129" | C:\Windows\Temp\{C695AE90-1548-4596-9418-7E247FB32843}\.be\windowsdesktop-runtime-7.0.15-win-x86.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\35B6F69D66CFEEB419DBA1E449F40C16\SourceList\Media | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4272559161-3282441186-401869126-1000_Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\{0305aed7-88ea-4e4d-995e-c09c56c41bd1}\ = "{0305aed7-88ea-4e4d-995e-c09c56c41bd1}" | C:\Windows\Temp\{C695AE90-1548-4596-9418-7E247FB32843}\.be\windowsdesktop-runtime-7.0.15-win-x86.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Installer\Dependencies\windowsdesktop_runtime_56.60.5778_x86 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steam\DefaultIcon | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\81E4F169F6FEAD446AE1A8CFAA78BC78\MainFeature | C:\Windows\system32\msiexec.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 040000000100000010000000d474de575c39b2d39c8583c5c065498a0f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc30b00000001000000120000004400690067006900430065007200740000001d00000001000000100000008f76b981d528ad4770088245e2031b630300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25190000000100000010000000ba4f3972e7aed9dccdc210db59da13c92000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 5c000000010000000400000000080000190000000100000010000000ba4f3972e7aed9dccdc210db59da13c90300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc251d00000001000000100000008f76b981d528ad4770088245e2031b630b0000000100000012000000440069006700690043006500720074000000140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc36200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8040000000100000010000000d474de575c39b2d39c8583c5c065498a2000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a | C:\Program Files (x86)\Steam\steam.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\SteamSetup.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Steam\steam.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\steam.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\Superify Setup.exe
"C:\Users\Admin\AppData\Local\Temp\Superify Setup.exe"
C:\net70.exe
"C:\net70.exe" /q /norestart
C:\Windows\Temp\{4E150EAE-8D07-451A-A078-4E323A4AF764}\.cr\net70.exe
"C:\Windows\Temp\{4E150EAE-8D07-451A-A078-4E323A4AF764}\.cr\net70.exe" -burn.clean.room="C:\net70.exe" -burn.filehandle.attached=564 -burn.filehandle.self=684 /q /norestart
C:\Windows\Temp\{C695AE90-1548-4596-9418-7E247FB32843}\.be\windowsdesktop-runtime-7.0.15-win-x86.exe
"C:\Windows\Temp\{C695AE90-1548-4596-9418-7E247FB32843}\.be\windowsdesktop-runtime-7.0.15-win-x86.exe" -q -burn.elevated BurnPipe.{380B7CA9-56C9-4BE2-898F-461299CFA8C9} {4405BDAE-5868-4357-8105-5F8D4EC49725} 2480
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 18652CAEBC1E3168F1678025D886A06F
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 1543EFC4478C7019E3B57AC3835C4B8F
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 7649E865ED38FB5D6FF4C948E5C99607
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding BBF06DC052BED90DDA8E26975CC2D810
C:\Superify\Update.exe
"C:\Superify\Update.exe"
C:\Superify\Superify App\Superify.exe
"C:\Superify/Superify App/Superify.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa949ecc40,0x7ffa949ecc4c,0x7ffa949ecc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1844,i,3003992622632192166,9850093185189005046,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1840 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2096,i,3003992622632192166,9850093185189005046,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2116 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2224,i,3003992622632192166,9850093185189005046,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2196 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3096,i,3003992622632192166,9850093185189005046,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3264 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3104,i,3003992622632192166,9850093185189005046,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3312 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4464,i,3003992622632192166,9850093185189005046,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4492 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4800,i,3003992622632192166,9850093185189005046,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4812 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5020,i,3003992622632192166,9850093185189005046,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5032 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=3576,i,3003992622632192166,9850093185189005046,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4344 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3320,i,3003992622632192166,9850093185189005046,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3504 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=3400,i,3003992622632192166,9850093185189005046,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3500 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=3388,i,3003992622632192166,9850093185189005046,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5228 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4336,i,3003992622632192166,9850093185189005046,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4672 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\SteamSetup.exe
"C:\Users\Admin\Downloads\SteamSetup.exe"
C:\Program Files (x86)\Steam\bin\steamservice.exe
"C:\Program Files (x86)\Steam\bin\steamservice.exe" /Install
C:\Program Files (x86)\Steam\steam.exe
"C:\Program Files (x86)\Steam\steam.exe"
C:\Users\Admin\Downloads\SteamSetup.exe
"C:\Users\Admin\Downloads\SteamSetup.exe"
C:\Program Files (x86)\Steam\bin\steamservice.exe
"C:\Program Files (x86)\Steam\bin\steamservice.exe" /Install
C:\Program Files (x86)\Steam\steam.exe
"C:\Program Files (x86)\Steam\steam.exe"
C:\Program Files (x86)\Steam\steam.exe
"C:\Program Files (x86)\Steam\steam.exe"
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Admin\AppData\Local\Steam\htmlcache" "-steampid=13236" "-buildid=1721173382" "-steamid=0" "-logdir=C:\Program Files (x86)\Steam\logs" "-uimode=7" "-startcount=0" "-userdatadir=C:\Users\Admin\AppData\Local\Steam\cefdata" "-steamuniverse=Public" "-realm=Global" "-clientui=C:\Program Files (x86)\Steam\clientui" "-steampath=C:\Program Files (x86)\Steam\steam.exe" "-launcher=0" --valve-enable-site-isolation --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-quick-menu "--disable-features=SpareRendererForSitePerProcess,DcheckIsFatal"
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\Admin\AppData\Local\CEF\User Data" --url=https://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1721173382 --initial-client-data=0x344,0x320,0x34c,0x348,0x350,0x7ffa862cee38,0x7ffa862cee48,0x7ffa862cee58
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=0 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=1580 --field-trial-handle=1712,i,16084916602553680965,12419309298155466813,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:2
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=2152 --field-trial-handle=1712,i,16084916602553680965,12419309298155466813,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004CC 0x00000000000004D0
C:\Program Files (x86)\Steam\bin\gldriverquery64.exe
.\bin\gldriverquery64.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=2468 --field-trial-handle=1712,i,16084916602553680965,12419309298155466813,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:8
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=0 --first-renderer-process --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2896 --field-trial-handle=1712,i,16084916602553680965,12419309298155466813,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:1
C:\Program Files (x86)\Steam\bin\gldriverquery.exe
.\bin\gldriverquery.exe
C:\Program Files (x86)\Steam\bin\vulkandriverquery64.exe
.\bin\vulkandriverquery64.exe
C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe
.\bin\vulkandriverquery.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3500 --field-trial-handle=1712,i,16084916602553680965,12419309298155466813,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4200 --field-trial-handle=1712,i,16084916602553680965,12419309298155466813,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=0 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=4080 --field-trial-handle=1712,i,16084916602553680965,12419309298155466813,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:2
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=0 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=4492 --field-trial-handle=1712,i,16084916602553680965,12419309298155466813,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:2
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=0 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=1868 --field-trial-handle=1712,i,16084916602553680965,12419309298155466813,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:2
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Admin\AppData\Local\Steam\htmlcache" "-steampid=13236" "-buildid=1721173382" "-steamid=76561199557676496" "-logdir=C:\Program Files (x86)\Steam\logs" "-uimode=7" "-startcount=1" "-userdatadir=C:\Users\Admin\AppData\Local\Steam\cefdata" "-steamuniverse=Public" "-realm=Global" "-clientui=C:\Program Files (x86)\Steam\clientui" "-steampath=C:\Program Files (x86)\Steam\steam.exe" "-launcher=0" --valve-enable-site-isolation --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-quick-menu "--disable-features=SpareRendererForSitePerProcess,DcheckIsFatal"
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\Admin\AppData\Local\CEF\User Data" --url=https://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1721173382 --initial-client-data=0x344,0x348,0x34c,0x320,0x350,0x7ffa862cee38,0x7ffa862cee48,0x7ffa862cee58
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=76561199557676496 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=1644 --field-trial-handle=1712,i,4888414023952470670,4235536777750065148,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:2
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=76561199557676496 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=2152 --field-trial-handle=1712,i,4888414023952470670,4235536777750065148,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:8
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=76561199557676496 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=2432 --field-trial-handle=1712,i,4888414023952470670,4235536777750065148,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:8
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=76561199557676496 --first-renderer-process --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2936 --field-trial-handle=1712,i,4888414023952470670,4235536777750065148,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=76561199557676496 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3472 --field-trial-handle=1712,i,4888414023952470670,4235536777750065148,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=76561199557676496 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4196 --field-trial-handle=1712,i,4888414023952470670,4235536777750065148,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=76561199557676496 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=1744 --field-trial-handle=1712,i,4888414023952470670,4235536777750065148,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:2
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=76561199557676496 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=3956 --field-trial-handle=1712,i,4888414023952470670,4235536777750065148,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:2
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=76561199557676496 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=4008 --field-trial-handle=1712,i,4888414023952470670,4235536777750065148,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:2
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=76561199557676496 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3124 --field-trial-handle=1712,i,4888414023952470670,4235536777750065148,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=76561199557676496 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=disabled --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=1772 --field-trial-handle=1712,i,4888414023952470670,4235536777750065148,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:2
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=76561199557676496 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=1820 --field-trial-handle=1712,i,4888414023952470670,4235536777750065148,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=76561199557676496 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4508 --field-trial-handle=1712,i,4888414023952470670,4235536777750065148,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=76561199557676496 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4044 --field-trial-handle=1712,i,4888414023952470670,4235536777750065148,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1721173382 --steamid=76561199557676496 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=1756 --field-trial-handle=1712,i,4888414023952470670,4235536777750065148,131072 --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:8
C:\Superify Library\Viscera Cleanup Detail\Viscera Cleanup Detail\Binaries\Win64\UDK.exe
"C:\Superify Library\Viscera Cleanup Detail//Viscera Cleanup Detail/Binaries/Win64/UDK.exe"
C:\Superify Library\Viscera Cleanup Detail\Viscera Cleanup Detail\Binaries\Win64\UDK.exe
"C:\Superify Library\Viscera Cleanup Detail//Viscera Cleanup Detail/Binaries/Win64/UDK.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | superify.eu | udp |
| RO | 193.201.82.113:80 | superify.eu | tcp |
| US | 8.8.8.8:53 | 113.82.201.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| US | 8.8.8.8:53 | steamcdn-a.akamaihd.net | udp |
| FR | 162.19.88.68:443 | i.postimg.cc | tcp |
| GB | 2.16.170.40:443 | steamcdn-a.akamaihd.net | tcp |
| GB | 2.16.170.40:443 | steamcdn-a.akamaihd.net | tcp |
| GB | 2.16.170.40:443 | steamcdn-a.akamaihd.net | tcp |
| GB | 2.16.170.40:443 | steamcdn-a.akamaihd.net | tcp |
| GB | 2.16.170.40:443 | steamcdn-a.akamaihd.net | tcp |
| GB | 2.16.170.40:443 | steamcdn-a.akamaihd.net | tcp |
| GB | 2.16.170.40:443 | steamcdn-a.akamaihd.net | tcp |
| GB | 2.16.170.40:443 | steamcdn-a.akamaihd.net | tcp |
| GB | 2.16.170.40:443 | steamcdn-a.akamaihd.net | tcp |
| GB | 2.16.170.40:443 | steamcdn-a.akamaihd.net | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| GB | 92.123.140.8:443 | cdn.akamai.steamstatic.com | tcp |
| GB | 92.123.140.8:443 | cdn.akamai.steamstatic.com | tcp |
| GB | 92.123.140.8:443 | cdn.akamai.steamstatic.com | tcp |
| GB | 92.123.140.8:443 | cdn.akamai.steamstatic.com | tcp |
| GB | 92.123.140.8:443 | cdn.akamai.steamstatic.com | tcp |
| GB | 92.123.140.8:443 | cdn.akamai.steamstatic.com | tcp |
| GB | 92.123.140.8:443 | cdn.akamai.steamstatic.com | tcp |
| GB | 92.123.142.203:443 | shared.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 203.142.123.92.in-addr.arpa | udp |
| FR | 162.19.88.68:443 | i.postimg.cc | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| GB | 2.16.170.40:443 | steamcdn-a.akamaihd.net | tcp |
| GB | 2.16.170.40:443 | steamcdn-a.akamaihd.net | tcp |
| GB | 2.16.170.40:443 | steamcdn-a.akamaihd.net | tcp |
| GB | 2.16.170.40:443 | steamcdn-a.akamaihd.net | tcp |
| GB | 2.16.170.40:443 | steamcdn-a.akamaihd.net | tcp |
| GB | 2.16.170.40:443 | steamcdn-a.akamaihd.net | tcp |
| GB | 2.16.170.40:443 | steamcdn-a.akamaihd.net | tcp |
| GB | 2.16.170.40:443 | steamcdn-a.akamaihd.net | tcp |
| GB | 2.16.170.40:443 | steamcdn-a.akamaihd.net | tcp |
| FR | 162.19.88.68:443 | i.postimg.cc | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| US | 104.18.9.10:443 | cdn.cloudflare.steamstatic.com | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| GB | 92.123.142.203:443 | shared.akamai.steamstatic.com | tcp |
| GB | 92.123.142.203:443 | shared.akamai.steamstatic.com | tcp |
| GB | 92.123.142.203:443 | shared.akamai.steamstatic.com | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| US | 104.19.170.40:443 | cdnb.artstation.com | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| GB | 92.123.142.203:443 | shared.akamai.steamstatic.com | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| GB | 162.125.64.18:443 | www.dropbox.com | tcp |
| GB | 162.125.64.15:443 | uc50cd08cffaceb79e150870edda.dl.dropboxusercontent.com | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| GB | 162.125.64.18:443 | www.dropbox.com | tcp |
| GB | 162.125.64.15:443 | uc50cd08cffaceb79e150870edda.dl.dropboxusercontent.com | tcp |
| GB | 162.125.64.15:443 | uc50cd08cffaceb79e150870edda.dl.dropboxusercontent.com | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| NL | 172.217.23.206:443 | clients2.google.com | udp |
| NL | 172.217.23.206:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 23.206.75.79:443 | steampowered.com | tcp |
| GB | 23.206.75.79:443 | steampowered.com | tcp |
| GB | 184.25.193.136:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | 79.75.206.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.akamai.steamstatic.com | udp |
| GB | 92.123.142.192:443 | store.akamai.steamstatic.com | tcp |
| GB | 92.123.142.192:443 | store.akamai.steamstatic.com | tcp |
| GB | 92.123.142.192:443 | store.akamai.steamstatic.com | tcp |
| GB | 92.123.142.192:443 | store.akamai.steamstatic.com | tcp |
| GB | 92.123.142.192:443 | store.akamai.steamstatic.com | tcp |
| GB | 92.123.142.192:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 136.193.25.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.akamai.steamstatic.com | udp |
| US | 8.8.8.8:53 | shared.akamai.steamstatic.com | udp |
| GB | 92.123.142.192:443 | store.akamai.steamstatic.com | tcp |
| GB | 92.123.142.192:443 | store.akamai.steamstatic.com | tcp |
| GB | 92.123.143.249:443 | cdn.akamai.steamstatic.com | tcp |
| GB | 92.123.142.203:443 | shared.akamai.steamstatic.com | tcp |
| GB | 92.123.142.203:443 | shared.akamai.steamstatic.com | tcp |
| GB | 92.123.142.203:443 | shared.akamai.steamstatic.com | tcp |
| GB | 92.123.142.203:443 | shared.akamai.steamstatic.com | tcp |
| GB | 92.123.142.203:443 | shared.akamai.steamstatic.com | tcp |
| GB | 92.123.142.203:443 | shared.akamai.steamstatic.com | tcp |
| GB | 92.123.143.249:443 | cdn.akamai.steamstatic.com | tcp |
| GB | 92.123.142.192:443 | store.akamai.steamstatic.com | tcp |
| GB | 92.123.142.192:443 | store.akamai.steamstatic.com | tcp |
| GB | 92.123.142.192:443 | store.akamai.steamstatic.com | tcp |
| GB | 184.25.193.136:443 | store.steampowered.com | tcp |
| GB | 184.25.193.136:443 | store.steampowered.com | tcp |
| GB | 184.25.193.136:443 | store.steampowered.com | tcp |
| GB | 92.123.143.249:443 | cdn.akamai.steamstatic.com | tcp |
| GB | 92.123.142.192:443 | store.akamai.steamstatic.com | tcp |
| GB | 92.123.143.249:443 | cdn.akamai.steamstatic.com | tcp |
| GB | 92.123.143.249:443 | cdn.akamai.steamstatic.com | tcp |
| GB | 92.123.143.249:443 | cdn.akamai.steamstatic.com | tcp |
| GB | 92.123.143.249:443 | cdn.akamai.steamstatic.com | tcp |
| GB | 92.123.143.249:443 | cdn.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | help.steampowered.com | udp |
| GB | 2.22.99.85:443 | help.steampowered.com | tcp |
| GB | 2.22.99.85:443 | help.steampowered.com | tcp |
| US | 8.8.8.8:53 | cdn.steamstatic.com | udp |
| GB | 2.16.170.57:443 | cdn.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 57.170.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r11.o.lencr.org | udp |
| GB | 95.101.129.26:80 | r11.o.lencr.org | tcp |
| GB | 2.16.170.57:443 | cdn.steamstatic.com | tcp |
| GB | 2.16.170.57:443 | cdn.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 26.129.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.steamstatic.com | udp |
| GB | 2.16.170.57:443 | cdn.steamstatic.com | tcp |
| US | 8.8.8.8:53 | test.steampowered.com | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 2.16.170.114:80 | test.steampowered.com | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 2.22.99.85:443 | api.steampowered.com | tcp |
| N/A | 127.0.0.1:63584 | tcp | |
| N/A | 127.0.0.1:63583 | tcp | |
| US | 8.8.8.8:53 | 114.170.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:53 | ext3-fra1.steamserver.net | udp |
| DE | 155.133.226.76:27028 | ext4-fra2.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext2-fra1.steamserver.net | udp |
| DE | 155.133.226.76:27029 | ext4-fra2.steamserver.net | tcp |
| DE | 162.254.197.38:27034 | ext3-fra1.steamserver.net | tcp |
| DE | 162.254.197.54:27038 | ext2-fra1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 76.226.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.197.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| NL | 142.250.179.174:443 | tcp | |
| DE | 74.125.162.73:443 | udp | |
| US | 8.8.8.8:53 | ext3-fra2.steamserver.net | udp |
| US | 8.8.8.8:53 | ext3-sto1.steamserver.net | udp |
| US | 8.8.8.8:53 | ext2-sto2.steamserver.net | udp |
| DE | 155.133.226.74:443 | ext3-fra2.steamserver.net | tcp |
| DE | 162.254.197.38:443 | ext3-fra1.steamserver.net | tcp |
| SE | 162.254.198.46:27030 | ext3-sto1.steamserver.net | tcp |
| SE | 155.133.252.54:27021 | ext2-sto2.steamserver.net | tcp |
| SE | 162.254.198.46:443 | ext3-sto1.steamserver.net | tcp |
| SE | 155.133.252.54:27037 | ext2-sto2.steamserver.net | tcp |
| N/A | 10.127.255.255:27036 | udp | |
| GB | 2.16.170.122:80 | clientconfig.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 122.170.16.2.in-addr.arpa | udp |
| GB | 2.16.170.122:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.16.170.122:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.16.170.122:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.16.170.122:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.16.170.122:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.16.170.122:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.16.170.122:80 | clientconfig.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | steamstore-a.akamaihd.net | udp |
| GB | 2.16.170.57:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.16.170.42:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.16.170.57:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.16.170.57:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.16.170.42:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.16.170.42:443 | steamstore-a.akamaihd.net | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 8.8.8.8:53 | 42.170.16.2.in-addr.arpa | udp |
| NL | 142.251.36.3:443 | tcp | |
| US | 8.8.8.8:53 | 123.35.104.34.in-addr.arpa | udp |
| GB | 2.22.99.85:443 | steamcommunity.com | tcp |
| GB | 2.22.99.85:443 | steamcommunity.com | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 95.100.245.51:443 | tcp | |
| GB | 95.100.245.51:443 | tcp | |
| US | 8.8.8.8:53 | avatars.steamstatic.com | udp |
| GB | 95.100.245.51:443 | tcp | |
| GB | 95.100.245.51:443 | tcp | |
| GB | 2.16.170.123:80 | avatars.steamstatic.com | tcp |
| GB | 2.16.170.123:80 | avatars.steamstatic.com | tcp |
| GB | 2.16.170.123:80 | avatars.steamstatic.com | tcp |
| GB | 2.22.99.85:443 | steamcommunity.com | tcp |
| GB | 2.16.170.115:443 | tcp | |
| US | 8.8.8.8:53 | clientconfig.akamai.steamstatic.com | udp |
| GB | 2.16.170.48:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.16.170.48:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.16.170.48:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.16.170.48:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.16.170.48:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.16.170.42:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.16.170.42:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.16.170.42:443 | steamstore-a.akamaihd.net | tcp |
| US | 8.8.8.8:53 | 115.170.16.2.in-addr.arpa | udp |
| GB | 2.16.170.42:443 | steamstore-a.akamaihd.net | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | 48.170.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | crash.steampowered.com | udp |
| US | 208.64.203.173:443 | crash.steampowered.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 2.22.99.85:443 | steamcommunity.com | tcp |
| GB | 2.16.170.49:443 | avatars.steamstatic.com | tcp |
| GB | 2.16.170.49:443 | avatars.steamstatic.com | tcp |
| GB | 2.16.170.49:443 | avatars.steamstatic.com | tcp |
| GB | 2.22.99.85:443 | steamcommunity.com | tcp |
| US | 208.64.203.173:443 | crash.steampowered.com | tcp |
| N/A | 127.0.0.1:27060 | tcp | |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| GB | 95.100.245.51:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:53 | steamstore-a.akamaihd.net | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| GB | 2.16.170.49:443 | avatars.steamstatic.com | tcp |
| GB | 2.22.99.85:443 | steamcommunity.com | tcp |
| GB | 95.100.245.51:443 | store.steampowered.com | tcp |
| GB | 95.100.245.51:443 | store.steampowered.com | tcp |
| GB | 2.22.99.85:443 | steamcommunity.com | tcp |
| GB | 2.22.99.85:443 | steamcommunity.com | tcp |
| GB | 2.16.170.57:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.16.170.57:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.16.170.57:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.16.170.57:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.16.170.57:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.16.170.57:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.16.170.57:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.16.170.122:443 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.16.170.122:443 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.16.170.51:443 | tcp | |
| GB | 2.16.170.113:443 | tcp | |
| GB | 2.16.170.113:443 | tcp | |
| GB | 2.16.170.113:443 | tcp | |
| GB | 2.16.170.113:443 | tcp | |
| GB | 2.16.170.113:443 | tcp | |
| GB | 2.16.170.113:443 | tcp | |
| GB | 2.16.170.122:443 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.16.170.51:443 | tcp | |
| GB | 2.16.170.57:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.16.170.57:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.16.170.57:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.16.170.57:443 | steamstore-a.akamaihd.net | tcp |
| US | 8.8.8.8:53 | 113.170.16.2.in-addr.arpa | udp |
| GB | 95.100.245.51:443 | store.steampowered.com | tcp |
| GB | 95.100.245.51:443 | store.steampowered.com | tcp |
| GB | 2.16.170.122:443 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.22.99.85:443 | steamcommunity.com | tcp |
| N/A | 127.0.0.1:63584 | tcp | |
| N/A | 127.0.0.1:63583 | tcp | |
| N/A | 127.0.0.1:63584 | tcp | |
| N/A | 127.0.0.1:63583 | tcp | |
| N/A | 127.0.0.1:27060 | tcp | |
| US | 8.8.8.8:53 | cdn.steamstatic.com | udp |
| GB | 2.16.170.57:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.16.170.57:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.16.170.57:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.16.170.57:443 | steamstore-a.akamaihd.net | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| NL | 142.251.36.3:443 | tcp | |
| NL | 142.251.36.3:80 | tcp | |
| NL | 142.251.36.3:80 | update.googleapis.com | tcp |
| NL | 142.251.36.3:443 | tcp | |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| US | 104.18.8.10:443 | cdn.cloudflare.steamstatic.com | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| US | 104.19.169.40:443 | cdnb.artstation.com | tcp |
| US | 8.8.8.8:53 | 40.169.19.104.in-addr.arpa | udp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| GB | 184.28.176.16:443 | tcp | |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| US | 104.19.169.40:443 | cdnb.artstation.com | tcp |
| GB | 95.101.129.233:443 | r.bing.com | tcp |
| GB | 95.101.129.233:443 | r.bing.com | tcp |
| GB | 95.101.129.233:443 | r.bing.com | tcp |
| GB | 95.101.129.233:443 | r.bing.com | tcp |
| GB | 95.101.129.233:443 | r.bing.com | tcp |
| GB | 95.101.129.233:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | browser.pipe.aria.microsoft.com | udp |
| US | 20.189.173.4:443 | browser.pipe.aria.microsoft.com | tcp |
| US | 8.8.8.8:53 | 233.129.101.95.in-addr.arpa | udp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| GB | 2.16.170.113:443 | shared.akamai.steamstatic.com | tcp |
| GB | 2.16.170.113:443 | shared.akamai.steamstatic.com | tcp |
| GB | 2.16.170.113:443 | shared.akamai.steamstatic.com | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| US | 104.19.169.40:443 | cdnb.artstation.com | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| GB | 2.16.170.113:443 | shared.akamai.steamstatic.com | tcp |
| GB | 2.16.170.113:443 | shared.akamai.steamstatic.com | tcp |
| GB | 2.16.170.113:443 | shared.akamai.steamstatic.com | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| US | 104.19.169.40:443 | cdnb.artstation.com | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| GB | 2.16.170.122:443 | cdn.akamai.steamstatic.com | tcp |
| GB | 2.16.170.122:443 | cdn.akamai.steamstatic.com | tcp |
| GB | 2.16.170.122:443 | cdn.akamai.steamstatic.com | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| US | 104.19.169.40:443 | cdnb.artstation.com | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| US | 104.19.169.40:443 | cdnb.artstation.com | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| US | 104.19.169.40:443 | cdnb.artstation.com | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| RO | 193.201.82.113:443 | superify.eu | tcp |
| US | 104.19.169.40:443 | cdnb.artstation.com | tcp |
Files
memory/4996-0-0x000000007478E000-0x000000007478F000-memory.dmp
memory/4996-1-0x0000000000140000-0x00000000037D6000-memory.dmp
memory/4996-2-0x0000000074780000-0x0000000074F31000-memory.dmp
memory/4996-3-0x0000000074780000-0x0000000074F31000-memory.dmp
memory/4996-4-0x000000000AF60000-0x000000000AF68000-memory.dmp
memory/4996-5-0x000000000BAD0000-0x000000000BB08000-memory.dmp
memory/4996-6-0x000000000BAA0000-0x000000000BAAE000-memory.dmp
memory/4996-7-0x000000007478E000-0x000000007478F000-memory.dmp
memory/4996-8-0x0000000074780000-0x0000000074F31000-memory.dmp
memory/4996-9-0x000000000BB10000-0x000000000BBC2000-memory.dmp
memory/4996-10-0x000000000BEC0000-0x000000000BEE2000-memory.dmp
memory/4996-11-0x000000000BEF0000-0x000000000C247000-memory.dmp
C:\Windows\Temp\{4E150EAE-8D07-451A-A078-4E323A4AF764}\.cr\net70.exe
| MD5 | fb39099fa5e536604ec91e44e7fffc1f |
| SHA1 | 64a54139f47405fe7b8ebd3a9ce148caac147d43 |
| SHA256 | 6c7187ac2d63598d846792e1ce77f1db3ce438f39d8cd4589d61ffdfea6a83c3 |
| SHA512 | 0c76fd68ebc7a923f1e8c48b1391a5158ced2dc4bd6423d491ad9389060dbca6f9e67f26c9f55519e96111791f6e75b0cfcb3b88bb58ad2f7f32ba9f1bed1707 |
C:\Windows\Temp\{C695AE90-1548-4596-9418-7E247FB32843}\.ba\wixstdba.dll
| MD5 | 4356ee50f0b1a878e270614780ddf095 |
| SHA1 | b5c0915f023b2e4ed3e122322abc40c4437909af |
| SHA256 | 41a8787fdc9467f563438daba4131191aa1eb588a81beb9a89fe8bd886c16104 |
| SHA512 | b9e482efe9189683dabfc9feff8b386d7eba4ecf070f42a1eebee6052cfb181a19497f831f1ea6429cfcce1d4865a5d279b24bd738d702902e9887bb9f0c4691 |
C:\Windows\Temp\{C695AE90-1548-4596-9418-7E247FB32843}\.ba\bg.png
| MD5 | 9eb0320dfbf2bd541e6a55c01ddc9f20 |
| SHA1 | eb282a66d29594346531b1ff886d455e1dcd6d99 |
| SHA256 | 9095bf7b6baa0107b40a4a6d727215be077133a190f4ca9bd89a176842141e79 |
| SHA512 | 9ada3a1757a493fbb004bd767fab8f77430af69d71479f340b8b8ede904cc94cd733700db593a4a2d2e1184c0081fd0648318d867128e1cb461021314990931d |
C:\Windows\Temp\{C695AE90-1548-4596-9418-7E247FB32843}\dotnet_runtime_7.0.15_win_x86.msi
| MD5 | b6b9d8c4ff319052ca611a58d78ae1e3 |
| SHA1 | 653586e12e23bc7b7d7209116682a0a0377dde5d |
| SHA256 | 7cffcc6d90fe68b86feef763310a409fb17cbba979a685a7ab53924f60d99738 |
| SHA512 | e7cc75766e1426cb73f304e529077209e9411864c2326840ed7015ae2b4329c111e5c65fe149329d8c85cdf8e40a51124e3bb0ef455e4d1dcafcbc4c4663b47c |
C:\Windows\Temp\{C695AE90-1548-4596-9418-7E247FB32843}\dotnet_hostfxr_7.0.15_win_x86.msi
| MD5 | 59d86bb5383eeac8bba8283a20be0055 |
| SHA1 | 012b9cfe421ca5556c00b74e642bb9e142fea64e |
| SHA256 | 65d6faaaec8a0bde1ca8c8549800196845015b877e3856429d89af43e438d282 |
| SHA512 | b64a18689ae80dbb686b66a73e09ca2917b90302ce150b965581a8eec68c59a1732b10759f8ee9e87e67ee2c861b3214314516638f1e08bb26752dbefa070dac |
C:\Windows\Temp\{C695AE90-1548-4596-9418-7E247FB32843}\windowsdesktop_runtime_7.0.15_win_x86.msi
| MD5 | 11a0af2caba2216b54e09382d00d0126 |
| SHA1 | 591d86acf4940f741cf3237c05c24d784dcaa963 |
| SHA256 | 6965fa26a4ab6057c92516fade20e623b1b1643ced9314328b762135c2d4266c |
| SHA512 | 282d8ae7f66993f4d4725b1470cd2bfc3dc9a1770aa44c09c70240fbd6599d3da2b1e6515b2a269e17bc6e9ec4c0ff17a264205c0b9f5c1226585fb688b9884d |
C:\Windows\Temp\{C695AE90-1548-4596-9418-7E247FB32843}\dotnet_host_7.0.15_win_x86.msi
| MD5 | 5f79da720542e611e6bc967e03a16b40 |
| SHA1 | 733541d95c650dad28c5f605c6ec890614b93094 |
| SHA256 | 38df9ef14f81576400ad966c7ab1fa39323eda2c1a56992b8eb95dda1eff17f0 |
| SHA512 | 8673811886fa26e0ec05788f9404b9b961269c614cd149aa93370f7066c9da5ce2ab8b68a3792c0924e175ddff0d83033de3ed6928279bb8cd4fe1bbc480a847 |
C:\Users\Admin\AppData\Local\Temp\Microsoft_Windows_Desktop_Runtime_-_7.0.15_(x86)_20240810181316_000_dotnet_runtime_7.0.15_win_x86.msi.log
| MD5 | 68134d141477ee0e584ee5a4b8aeee7b |
| SHA1 | 0cba30ca1b39e563d776125d9829f86f276cf4e7 |
| SHA256 | 7e095f75efdb5eaed7cc72452191e89ac1be02e93b4f1070e835ed9872125a58 |
| SHA512 | 5ee06727a82bacc4bd07ec704cabdece7593e95f6b24552a768033d29e2a66d40c8e186db542c1d682e7f54bbd4113d8f32a053196aff50b3fbcffd2f9eada5f |
C:\Config.Msi\e581c31.rbs
| MD5 | a1c491d918c8d1013003d75c614bb0f4 |
| SHA1 | d2c1d0b8c777b769a797b6fba4cd2880b3a0db16 |
| SHA256 | 06378eac24728a2eb24fd070da090f310ab2cd212718863e4c4ab7fdb1fee7d8 |
| SHA512 | 81ad065f9438ac2e6e8c6ed2b17b5e44fcafc9755e3481c7324176c7eb33495ab4444dc4db49683070a2016707392c17cbbfed0ac6b25e92a80378727003458d |
C:\Windows\Installer\MSI25B4.tmp
| MD5 | d711da8a6487aea301e05003f327879f |
| SHA1 | 548d3779ed3ab7309328f174bfb18d7768d27747 |
| SHA256 | 3d855b58ce7da9f24f1bef8d0673ba4a97105a7fd88433de7fb4e156b4306283 |
| SHA512 | c6d1c938e8a0acf080dcab1276d78237e342a98772e23ac887b87a346878c376fb0af8364e52a36c5b949005aa3218308bc6193f8b580f622ef39d9955c7c681 |
C:\Users\Admin\AppData\Local\Temp\Microsoft_Windows_Desktop_Runtime_-_7.0.15_(x86)_20240810181316_001_dotnet_hostfxr_7.0.15_win_x86.msi.log
| MD5 | 94c9b102848cdd7ffd64d0ff1d85448c |
| SHA1 | b9661ec78aae0bcad499b053bde167a833c2c2c0 |
| SHA256 | 7d4a8e3ce8d74273f26967e04ac90508869cee1b8997153ceccca0bbf1c6316f |
| SHA512 | c65c285e6a42972dd358e142a3c8c0e243d8252289475efe8cd31c2dc6a0af419a7f207fc61169e3fa5aa1e0a30ba09fe3740a8a4814752d9e79af0e7bef0cf6 |
C:\Config.Msi\e581c36.rbs
| MD5 | 840fd9a9e43963cf46d272ac5b4ecd67 |
| SHA1 | 799e856bb56871fbda1be283876fd7ceda9030f7 |
| SHA256 | b15f400e5b0fdf8436f80171dd5285f19efa5c7738ba06320e65e867cd7c389e |
| SHA512 | e4587779e2522374cb0753d060ce20a00f0a92e6a8a595548dfaca7d89abb100cd269fb268041e793dee11809538fcf8e3ccfbf9c6d904756959318543ca45ea |
C:\Users\Admin\AppData\Local\Temp\Microsoft_Windows_Desktop_Runtime_-_7.0.15_(x86)_20240810181316_002_dotnet_host_7.0.15_win_x86.msi.log
| MD5 | 787c46fdd751d9546aebcf2f217a5e3b |
| SHA1 | 30c00d456517c7f8e10b6dea93e38c4e2e559d4b |
| SHA256 | 3583a1a9fc5c3bcb3c27021c56af5e79232efc4d84f5e8418fe08e01545398c6 |
| SHA512 | d25e82126e933825f08fd416582b002103b07033e76ca803c8bff33160a18cfa36ab570cc5f1ebe139bc419f1e22999208000a181a6f9e341186587ae38123fe |
C:\Program Files (x86)\dotnet\ThirdPartyNotices.txt
| MD5 | 5c13a5ea8c8cc3474240981d0ffa88ff |
| SHA1 | 1d8d3ce27d9dc3d9fb4fa4b06c20137d25879d80 |
| SHA256 | 4f9bb3901879bafae3a17c6c4009ee5c15384a06fc234bed78937969079c77da |
| SHA512 | 32ea79ff5194d8a18e75f277aed5610b4955db15b0abbcc2664cf07f372bebfc57eb665ad078dc3da3ce5ee0d8856140c2a1bc7032b578dd103d43998d682d88 |
C:\Program Files (x86)\dotnet\LICENSE.txt
| MD5 | 31c5a77b3c57c8c2e82b9541b00bcd5a |
| SHA1 | 153d4bc14e3a2c1485006f1752e797ca8684d06d |
| SHA256 | 7f6839a61ce892b79c6549e2dc5a81fdbd240a0b260f8881216b45b7fda8b45d |
| SHA512 | ad33e3c0c3b060ad44c5b1b712c991b2d7042f6a60dc691c014d977c922a7e3a783ba9bade1a34de853c271fde1fb75bc2c47869acd863a40be3a6c6d754c0a6 |
C:\Config.Msi\e581c3b.rbs
| MD5 | cb9ee21f5495df0fc688702e49b8a00c |
| SHA1 | 0b1e6e7f136c58cba94e66b87202d7ab1b3b0eea |
| SHA256 | 547585ec508f76794623dc907d8ccc07f6e426d1799fc1c9481d57b860251d17 |
| SHA512 | f0fa61c790a911b1cfe735827949c0174910f3d61f533db5bc5aa27ec44c4f20e0d319b1f5fde917d93f22de98a1689bd575b29c30d9edb1bf7002274343b860 |
C:\Users\Admin\AppData\Local\Temp\Microsoft_Windows_Desktop_Runtime_-_7.0.15_(x86)_20240810181316_003_windowsdesktop_runtime_7.0.15_win_x86.msi.log
| MD5 | 47303d16724f0136dd4875979365722e |
| SHA1 | 278e2b7898885f7d0637ee478110abf8f96765f4 |
| SHA256 | 95b21a18827c8704364a11305258046818241cc5ed2e24bf3838bc389a38274b |
| SHA512 | 9167561ae1f90939f60da66cf7adcbf42475a2734620de87d8406b3fe5ef0731fcff226fa6884e32ab503d55ffbc655345bef882b6a43c66e4b91fc5e16ff53a |
C:\Config.Msi\e581c40.rbs
| MD5 | cb0cee0de302d32618528dbb6b841653 |
| SHA1 | b2346b4b798181065cac8b6e3fdfba41417b9680 |
| SHA256 | 2f93134b1681b2d7066622f6f5eafec92b6e7862b99647313832aeaf1128135b |
| SHA512 | c04d7c55413f5d8d3f2405cd38970daca9d5fe4aab4705e37286ea2664d18651e6908fa54cee78ab4df0029d1d17da541434f6a2cfd4733c0143c3236530c507 |
memory/4996-711-0x000000000C850000-0x000000000C85A000-memory.dmp
memory/4996-712-0x000000000C880000-0x000000000C892000-memory.dmp
C:\Superify\Update.exe
| MD5 | c82dcd615f83066aca3864a2674a9aed |
| SHA1 | 7b0786812e617646b6c6e7cd4d4e675f84d79793 |
| SHA256 | 35af48beb9b51f8c7d2e6287be37dbea5763bfa617e3b054db101b18b2e78829 |
| SHA512 | ece107f3d059746625d8edcc359a1bd08004f859faab8076f9fc8a27277408c3639c2095f49d632ea9ee85bfd4ff0c8e6a24ff3a7b3f6090d325b7707f2d4c65 |
memory/4996-736-0x000000000CA20000-0x000000000CA96000-memory.dmp
memory/4996-738-0x000000000C9C0000-0x000000000C9DE000-memory.dmp
C:\Program Files (x86)\dotnet\host\fxr\7.0.15\hostfxr.dll
| MD5 | 3e851ffcbd59508ab31f4da09e088f4d |
| SHA1 | d3627f33379a02e714b059c860881285362ac086 |
| SHA256 | 1a3ebb8db0e9a867fee33e57081cf50168271f62f7c3b7f8b439c432650a8ffd |
| SHA512 | 49ba945817143907e2d38f4c2401784a102b23e7f71303fe335147b0dd214c99572027302231e7b478b7694cecb37205f3724576e6732f9c18ba39f7ee749460 |
C:\Program Files (x86)\dotnet\shared\Microsoft.NETCore.App\7.0.15\Microsoft.NETCore.App.runtimeconfig.json
| MD5 | 01da0d56ab33c0ed0e7ac85e5244190f |
| SHA1 | 9e1e4b59e590038f769e5fa01fb326109a7f38e5 |
| SHA256 | 7133274dc5efab688a6efe2f43ca33e78a2498ef39efcad231b0e07ad2c26d17 |
| SHA512 | e11967ba33c719da1681a7f98056d40f450788d9b7c8b2f580d8bc7998fc35a78c53fc970301b097c527fab79fd477adad4eafcd75b4bb376d33c3fece9e8926 |
C:\Program Files (x86)\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.15\Microsoft.WindowsDesktop.App.deps.json
| MD5 | a38804300d6b8c002654c0d7c02ef58c |
| SHA1 | 880ce92d7eec771999b124ee1dc6325b6cbb292c |
| SHA256 | db1486a5122409f1cbc013ffa74be60e1917f26029c50e0a86161918fe71a152 |
| SHA512 | 89ed8e28fb6cdd1a59363921fe581ba389f0a1fb677eb5d21cab6cd7ba02ab379f1dea2b1f9d6be5e8050d1c6f6ee3bb1a5007e847e66edb1dacb3e4a754a44e |
C:\Program Files (x86)\dotnet\shared\Microsoft.NETCore.App\7.0.15\Microsoft.NETCore.App.deps.json
| MD5 | 0f3f1da3bdd196de8ec1cc2800049d3b |
| SHA1 | bf1910b1a17a12d81d39d66b615a0141d3e2e2ba |
| SHA256 | 917f6ef18e3d8f5bec3d2ec3214024ba63d99488cbce6267320d3136e1d9aa4d |
| SHA512 | c168097900ecabc1ed080bce58fac2d0882e9d7e6e14bc2e7bcb55c316913027d928cd2ea53c2a8cc5afbf8a1053548ed630d640e91cf9f4095914dea865f73b |
C:\Program Files (x86)\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.15\Microsoft.WindowsDesktop.App.runtimeconfig.json
| MD5 | 763285ee489811f3def989d2c3583c9a |
| SHA1 | d45a44af18abc8ee24b9e51c895de5aca997b23d |
| SHA256 | 3bf0907d4374e967f7da3451c60dc0756ab0bbfa438582523028ca1aa4902dc4 |
| SHA512 | 472da531529692e7c725051bcf19450a97198f29c3df43632593de644b7a369329ed90ed3cfb456be9ccba4c1f8353c6e59e07f8a448bdb01c688feb301aefdc |
C:\Program Files (x86)\dotnet\shared\Microsoft.NETCore.App\7.0.15\hostpolicy.dll
| MD5 | 1e6170c62ccd63b9db264f490924a1fd |
| SHA1 | c9a91299380a8fee93ebeab0b36902114832b2c2 |
| SHA256 | 6c1c30ad225da3f1d422c2e171395ceae8eef94857292ff892aa143b95c34ac4 |
| SHA512 | e309e42577ace6ecabc8c9db0fc1d9c8ae9b8204897aca25d5d65b87fe6c6216dbd38b4908b8baaeeb87bf999a02239ca1c6f0ea10247758feabfa3854851920 |
C:\Program Files (x86)\dotnet\shared\Microsoft.NETCore.App\7.0.15\coreclr.dll
| MD5 | e9575a34fcd412b7ba3f2a7b21a2e78d |
| SHA1 | cb4f186ddfafc513ddf0c5333be681afa127c92e |
| SHA256 | cf0cc58d02ee8e16f226f93634bdc5b7182a6b5202fd69f50e9290a6e2db2baf |
| SHA512 | f3cc5c7c93031523efdef3b0d2c2204731c18bb4657042a3d2890977aa38ee7fede8f44293a048dc8d24c808cb05c7f88b9ec5f70647691dca48add098749ba9 |
C:\Program Files (x86)\dotnet\shared\Microsoft.NETCore.App\7.0.15\System.Private.CoreLib.dll
| MD5 | 44478ad765801c27b7dbcc72093517f0 |
| SHA1 | 91629ead297456a1238458cbe0a2753d67da17f2 |
| SHA256 | 39ae57f90af4eb87a6ddb0bdd5f1f4756923cd47e06f7191ae9457b3bdcd1548 |
| SHA512 | 077a003e0330dae8047f95116d6093eb8224a9b4988d5f89c2436d231a696bc2197d957251113b193ccda030c02a1864ba08f1f91b36983353b8ec7c5bc9740d |
C:\Program Files (x86)\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.15\PresentationFramework.dll
| MD5 | 33a51e894c2fb8131a2d3c982b9f994b |
| SHA1 | e4c4d092d7241627ac0a0fb80eab750875777c69 |
| SHA256 | 2506616dfe0e3ecfa628032c1a3865133be3dc6a93ac13c69f74d4e919d90e07 |
| SHA512 | 7f26088122688ec52fa07b8a398bf024f26c78f1cb7400c4ec7b8948a79a266707e5a2660816996e17a3908b96b48da66d3bf3953532109961dafcbbc9e08fa1 |
C:\Program Files (x86)\dotnet\shared\Microsoft.NETCore.App\7.0.15\clrjit.dll
| MD5 | a47ff88ae97b0e63cd5b2d508d617d72 |
| SHA1 | aaeb4dfc8b9f468b0259f666b080b7ebd3e2f657 |
| SHA256 | 5eb32f8a9c05b5a36f0ee9d8018d80b1f54f6ab693d8e2f3a53f17db3e368410 |
| SHA512 | ccc85dbc3e45ae87e460ec78ada0a4a92f6ea46aa0fa533488eff8eab4c62feedadb3ea8170555e244c9b87692c176fdd025d384480abc6e1b4b1ac9c7ccd705 |
C:\Program Files (x86)\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.15\System.Xaml.dll
| MD5 | a5e60b072955c32caffb247a6c41a363 |
| SHA1 | 695b04cbe0f91c19dc9d123de4346b8ac7816958 |
| SHA256 | 78996ceb78775f1c60a25d06c23b3965f17aca4411d7e6b8bd8ada0b409142d2 |
| SHA512 | 7626c9987b384cf7dff793e76e020bf231966294cf61f5e984d40509e770f698ed68b88815dc7bfbe412d5d86f06f71cbbc07ef41b99a0ba55a639f6523c3e1f |
C:\Program Files (x86)\dotnet\shared\Microsoft.NETCore.App\7.0.15\System.Private.Uri.dll
| MD5 | dec8c4ab60a7a682217735446dfc3ce6 |
| SHA1 | 9a9aa6cf242a3aa860217cbfba1284d12bea0917 |
| SHA256 | f7112403faaca314b42efc5933134bf0dd93a691db3f99a630540214b895dfd9 |
| SHA512 | 4c3e200230ca8523022dc3a9db270e99ed72f4d2aedc5307daa36b3e075b9854190f13f66366991e6648510f6ca1f1027ebfe47f70f67a1b7af740f237d5889e |
C:\Program Files (x86)\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.15\PresentationCore.dll
| MD5 | 4314a7ea40ff18c2045d6684e6d6a38b |
| SHA1 | 86f72dad39118c7e1db27172507a481b5f3cf79e |
| SHA256 | 65f5dde24a4209768ced840418bafd6b54d3d1fa41289b98a1f9425831a37e89 |
| SHA512 | c1f11cd0db06ea7b92684def991c4099f43fe40c293964902ab7fd0077acee53436ed4149b11c2a590571b5790b06d8e2588baafa0a70996835ea8cf0b34d71b |
C:\Program Files (x86)\dotnet\shared\Microsoft.NETCore.App\7.0.15\System.Diagnostics.Debug.dll
| MD5 | 89be67fe21afae582ccab5f931efe3d6 |
| SHA1 | ae9fbba823b5e8f2cbf1baf25bbb10bf93e23d22 |
| SHA256 | f9d17352e8c8a03499dc67c53ae75882179c8b40122e3050a1d59f5909a7bc9c |
| SHA512 | e1192c1d32ab302c81e090becc6861d680fd260cc93304928f8759b970f2262d6c13b202391a2e11b6840a6e9c197925e8dd7d9e9079c1def35187bc6f6d6994 |
C:\Program Files (x86)\dotnet\shared\Microsoft.NETCore.App\7.0.15\System.Runtime.InteropServices.dll
| MD5 | 7367b388695c01377a20e3382bb3e7b2 |
| SHA1 | 417ad1c0b8502ff77f30716a2d4bd301b5635f0c |
| SHA256 | b105c49ee6a6d871a645a6e0188d73efd7c75cf8163f44ac38eeea199971afec |
| SHA512 | a08eff165132484e76db0fd81a7c306e8ee97e17fd250047647f09a42f75f3d9412879f54c7f5575232bf3ff4a44a23e3fb7c609f641b3399e7e99ec58c157bc |
C:\Program Files (x86)\dotnet\shared\Microsoft.NETCore.App\7.0.15\System.Runtime.Extensions.dll
| MD5 | e1d33d70d801fc5cced5eb48f9ca850f |
| SHA1 | 5270d9ec9f3cbf3e26fef1aa2ff6cc1bd7cd4935 |
| SHA256 | b8ddce00cb7e1adf0fa3a24dbebe1b02b19152440c51ab1b46c87c3acd7ade36 |
| SHA512 | 26f7ef5e9b42c93f7561f00f931c49c865d6cd8e72ad06381ad8c9a5f1a551460f33dd709e1aa8eedd9d6e10ef11d7ad0d6c4a85e1c7592f236fafcff2b6349a |
C:\Program Files (x86)\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.15\DirectWriteForwarder.dll
| MD5 | 54f34b1a78513fde5d329b9896659607 |
| SHA1 | 7b4798ebb9bae9de806699920a818070b2d98b8b |
| SHA256 | 26a5e6f938e82fed1abb0f339cd942ae360df6833d81c1c2141e1e5fca11a6ec |
| SHA512 | b2cb5491bdb06f0248709b976e7575d9639e1dfdfc237524efe1f49d6c394bdf8cc006d16bda68801cfffae892d2a34bbd60cdf83293d59bc70ff3c4a373748e |
C:\Program Files (x86)\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.15\System.IO.Packaging.dll
| MD5 | c7ce85d75ec90dbe6b8733e1118bb09b |
| SHA1 | a6ac1e16ad5772f389886dd561ab0c27e7f02a10 |
| SHA256 | a253c7457b0b8b7296f314cb6abf1666382b8e54daefa6518b12e0fbd9814a5e |
| SHA512 | 30c72689c277d77f5d2af6da85d72387b4b18f0134e6982671a4df91c6fe23e76811ce517c923a23f3a84f3bea3c08fcd999f842bc284f3d5867441cddcd4015 |
C:\Program Files (x86)\dotnet\shared\Microsoft.NETCore.App\7.0.15\System.Runtime.dll
| MD5 | 6185164c10012f495240cad07bbb5c81 |
| SHA1 | 028e773bfa65315a800d34ce4b1221ec3d76a083 |
| SHA256 | 6fef03a2e51c508cd82d8613f854346f29c33d767a73298bff6c7b54f34a8bc5 |
| SHA512 | 12507817f3a7e0ff7a7e0fd50532ec200b15ec244d346180c09256ddbb303b35993f4e0da9d5d96ef565ebac2977cf33c9fb90d7cc89a6e8ecc5d148f3f46eb3 |
C:\Program Files (x86)\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.15\WindowsBase.dll
| MD5 | 528a1e5b757e653bb6ad897015cfad73 |
| SHA1 | 61503035937645456e2d146aca878c8fbe7534b9 |
| SHA256 | 2615767bfc54fb22da22225744723900432b3ec707c0f526581981ca1d8235b9 |
| SHA512 | d868460b104b50d3837bcdfbcb5781af889de722bd3e57f4ba6b1aa3272263a8a5fc44123fec5a50c366f7ee1eb286170ace9c80d32de4f55a987b9fd341d7fe |
memory/4996-781-0x0000000074780000-0x0000000074F31000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | dcd8a3a322c5147e91ec69dba4f02817 |
| SHA1 | fd8d28dbc012c0c40bf75e51f28c78f91526ec2c |
| SHA256 | 3f611132689b0b0230af3f2d0ad9eacc01f333c93de01dcd2b70e26b4aa584dd |
| SHA512 | eb9a11007b571a264e31d5e0068dab34afa469e0ffb4eaf53e30a29185f786dfa05a9bae94f43616d8ae102359542cc7cd879134fa12d285a53a0d148dabd707 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 5e2dfa8f944df63fb5ac537ca8e55f81 |
| SHA1 | 446b633a0469594d31c69038b8d54842ad138537 |
| SHA256 | 1105511e4cb691c9c2dd5eef6d068d8ec5991ad58a2ac447b84a4b357ccb087e |
| SHA512 | ae8420519ae96e86db8d787fdceb002c80ef23dfe94cd07076dd4a5fc67eac35229467b2f7ee0481d62a871ec168ee2645040aafe3979d16ba068e1a5acb28fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | da41e402834a744f817568a84713a3a9 |
| SHA1 | 9b5d231a2915caeefc623d27081a495c7c847bb1 |
| SHA256 | e84b3f4aa75dfe0416743c1472496e1f62dc283030d25977bcccc14aa9b4028a |
| SHA512 | 399be789166dfe6d0b5bbb9f5c3ca94457d16e53693e74d631cb3a9012e31d66098667aef56b8381b1ec7937137b2d780f9ffcd572b25ebe8a06294940e540ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7e555c4500f2d4e56e0f90d718ea71bb |
| SHA1 | fa8fe49d0235f771a057252b0d34894704f9e847 |
| SHA256 | 0d318315d8ebbe7aa86b5871513dcb46038646768e1b5a7ac2426405c9ce14af |
| SHA512 | c431b4b2b7add7407842d10bc8bbab9b0059b65e33f26f05a26c166d3d0666907583b585dcbad2b221aabac32eb8ad01410c5711cb1059b2241ee2ab5e844f58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | ff8a199e5e6f6e0ad86fdc6b321f9c29 |
| SHA1 | 062a9ec55c4fa87f8f73e2f5c08b804c6547e62f |
| SHA256 | 2913896a211b27886d738e2cb8b7d2eb2a8b5024aea6f08574294381b12e5f9c |
| SHA512 | 5509c69162996aa4c5ba335574c4620838dc92aa21df1c1010d9380b9669059d0b81260a4caef31272baa0e519665724e92e75f03369a442a28b0d51145019c2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 71b4eb31aa220a2dc3c834d3617f42c7 |
| SHA1 | 53c6790b08c2c879ec7103bc59798e9736c1f7f4 |
| SHA256 | cb80c0392522a67cc9acf9ab85d7e273d8ad33a62a955f83f316bc45ebf9cbf2 |
| SHA512 | c289532dfdbfc962e6e73fcf958f3fd13a9b031bdbda0e12fcd3a310e1576820815e63d92defdf79f5624a39e4115121059f1f050b2877bf011efd2a712a069a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1ccb4f32bb02b1cb45aa649bd6064fdc |
| SHA1 | cef9399cfca2de30014cf22d428bfa9bacec95e5 |
| SHA256 | c4cc52e80c5f8ce751fb21d6a8bb8a17e7833402dc137c22528709cc66a65227 |
| SHA512 | fae588616b0fd75bd39b4f9a9e687a165b8e256aefb5552abcf124a3f604821bb176d8587cd755ffac4091312d180d7941330125e3bc698f4a42e588e4337932 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 79bae8b9fbe4984012ba32a3248e9fd0 |
| SHA1 | bb9151618f9e17dd236dc0afbc7292cddc80bfec |
| SHA256 | 0bc3bc3a803d6c4b9cf6b626e510c908553aaa410aec37a2a132372d591c3bcb |
| SHA512 | baa90d09769e3d09b838ff8db0991fce116bd9b4012119bbafa820800977366ae34be5245faab194d0021f108b4fa75e423b05f85ef4bb4c07d394aa16929a41 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 266179edc7a276a822bf602ef95a1650 |
| SHA1 | 5460a1e6bd676f51e7428cbf5a6552af92a03e33 |
| SHA256 | d215fe0eeefad8191414339a3f0ac0575b67150d5562f39090418170ee4cf90d |
| SHA512 | e1d2c76fc4384ec9e0cff3ce2dd1666732611797f9754dc5dbc9e07779bc78c0dd941c372dbdc52c033bea2aef2900c841d73e847718f4d13e2a556a73311277 |
C:\Users\Admin\Downloads\SteamSetup.exe
| MD5 | 1b54b70beef8eb240db31718e8f7eb5d |
| SHA1 | da5995070737ec655824c92622333c489eb6bce4 |
| SHA256 | 7d3654531c32d941b8cae81c4137fc542172bfa9635f169cb392f245a0a12bcb |
| SHA512 | fda935694d0652dab3f1017faaf95781a300b420739e0f9d46b53ce07d592a4cfa536524989e2fc9f83602d315259817638a89c4e27da709aada5d1360b717eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6ee0b21f55230535dc7a7c8ac0285d75 |
| SHA1 | 9aa9e33028245f76dfa8ccc23dc6ac555b644e81 |
| SHA256 | 753c29ff8e47419686fc8613251780600d2ce4658dceada49a3a9cd7828dd66a |
| SHA512 | 7a34443b1bf3ceb9dd511d8e36d13ff2f9d8cedd9e10a88bf13e2ae7a6adb86da7a5023ff9497d5d497dbce849648edb2e27ce59212a4019a3dbb049ec53a6a6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2ed29b3f58a32bcfd7a039165d7d178c |
| SHA1 | 0e8cdde71480d4c7cee499a9cc1055ea8295904a |
| SHA256 | 9198484fa15bbcb803459a3523dc06fbff30969a474e358f2c027bebb2d2381b |
| SHA512 | d267e0bebc618d5ac7818a9838fda1f4663ebe6b2fd7518739698fa56b938239439eb87ca41240f95d46da5302842087796fbf4fb4dab0ad6fad288ded17843e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2de0eb27f43a7e6fd82c7b121e74e97e |
| SHA1 | 5b4fb0a732faa6fd67e795d607c614f53c0e2e3d |
| SHA256 | 924cc08c8cda221f76f97f6be481e7ea5507e0a6e9e012bf2db55e3164dde54d |
| SHA512 | 12361b7f0038e7c62a6f45c50848e647e2bc1d5a480ae62f1c9b03aa67d1cdf3ada343086b529afe26deef65977c97655720f821b6641ba9b5f50a33cd9a1c11 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 3ba07e3dfaeae9960f6d6fd743fd3919 |
| SHA1 | a964a65be56c639cebad90d2dde30d11b85e8506 |
| SHA256 | 5f7af042356c5d3ea1674daae2297111e489658eeab65f412ec30127fa40c688 |
| SHA512 | f251912e302af6c0cb44be7b4f52323417544d2414bdb55f3c1bf56a7ac72832894147d05f3954161555d13a9502cc321fe7090e0f10a7da7c4898b296b99fda |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d6d491c33b029b1603c26c35b6676437 |
| SHA1 | 48699cf775200584d6c6855c45ca46bb8e214d3a |
| SHA256 | bee9fcc81fb5727b6e917a07a8c950a0ae10b86c0e2afe1766dc4fd7f5573838 |
| SHA512 | a0de2512130df3391ea296d7243f76e2e415b76921c14a2f819836773a68ab4686f33646cae6fda5aacc003b07697374bbaacaae2b482edff19f907201c8ea24 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | 06bea33805f6899ba1348bb71211407a |
| SHA1 | dd2d87b9e1dac8b58ae3c5812915bab58b1d0a78 |
| SHA256 | 69677c84d22938773cdd28d0cd4f8ef3ca07e0262fb08585f97f1c4846482a47 |
| SHA512 | 813a2fff2b63540219bc7b9bfba185f9071a06f4d682afa6dbf5df98493b4a7c08a5dd28b076cbf9d03d75610900c16287c4e25f3f242dcb48809a3f1f375b4d |
C:\Users\Admin\AppData\Local\Temp\nsq3E6A.tmp\nsDialogs.dll
| MD5 | 4e5bc4458afa770636f2806ee0a1e999 |
| SHA1 | 76dcc64af867526f776ab9225e7f4fe076487765 |
| SHA256 | 91a484dc79be64dd11bf5acb62c893e57505fcd8809483aa92b04f10d81f9de0 |
| SHA512 | b6f529073a943bddbcb30a57d62216c78fcc9a09424b51ac0824ebfb9cac6cae4211bda26522d6923bd228f244ed8c41656c38284c71867f65d425727dd70162 |
C:\Users\Admin\AppData\Local\Temp\nsq3E6A.tmp\nsProcess.dll
| MD5 | 08072dc900ca0626e8c079b2c5bcfcf3 |
| SHA1 | 35f2bfa0b1b2a65b9475fb91af31f7b02aee4e37 |
| SHA256 | bb6ce83ddaad4f530a66a1048fac868dfc3b86f5e7b8e240d84d1633e385aee8 |
| SHA512 | 8981da7f225eb78c414e9fb3c63af0c4daae4a78b4f3033df11cce43c3a22fdbf3853425fe3024f68c73d57ffb128cba4d0db63eda1402212d1c7e0ac022353c |
C:\Users\Admin\AppData\Local\Temp\nsq3E6A.tmp\nsExec.dll
| MD5 | 2095af18c696968208315d4328a2b7fe |
| SHA1 | b1b0e70c03724b2941e92c5098cc1fc0f2b51568 |
| SHA256 | 3e2399ae5ce16dd69f7e2c71d928cf54a1024afced8155f1fd663a3e123d9226 |
| SHA512 | 60105dfb1cd60b4048bd7b367969f36ed6bd29f92488ba8cfa862e31942fd529cbc58e8b0c738d91d8bef07c5902ce334e36c66eae1bfe104b44a159b5615ae5 |
C:\Program Files (x86)\Steam\Steam.exe
| MD5 | 33bcb1c8975a4063a134a72803e0ca16 |
| SHA1 | ed7a4e6e66511bb8b3e32cbfb5557ebcb4082b65 |
| SHA256 | 12222b0908eb69581985f7e04aa6240e928fb08aa5a3ec36acae3440633c9eb1 |
| SHA512 | 13f3a7d6215bb4837ea0a1a9c5ba06a985e0c80979c25cfb526a390d71a15d1737c0290a899f4705c2749982c9f6c9007c1751fef1a97b12db529b2f33c97b49 |
C:\Users\Admin\AppData\Local\Temp\nsq3E6A.tmp\modern-wizard.bmp
| MD5 | 3614a4be6b610f1daf6c801574f161fe |
| SHA1 | 6edee98c0084a94caa1fe0124b4c19f42b4e7de6 |
| SHA256 | 16e0edc9f47e6e95a9bcad15adbdc46be774fbcd045dd526fc16fc38fdc8d49b |
| SHA512 | 06e0eff28dfd9a428b31147b242f989ce3e92474a3f391ba62ac8d0d05f1a48f4cf82fd27171658acbd667eaffb94cb4e1baf17040dc3b6e8b27f39b843ca281 |
C:\Users\Admin\AppData\Local\Temp\nsq3E6A.tmp\System.dll
| MD5 | a36fbe922ffac9cd85a845d7a813f391 |
| SHA1 | f656a613a723cc1b449034d73551b4fcdf0dcf1a |
| SHA256 | fa367ae36bfbe7c989c24c7abbb13482fc20bc35e7812dc377aa1c281ee14cc0 |
| SHA512 | 1d1b95a285536ddc2a89a9b3be4bb5151b1d4c018ea8e521de838498f62e8f29bb7b3b0250df73e327e8e65e2c80b4a2d9a781276bf2a51d10e7099bacb2e50b |
C:\Users\Admin\AppData\Local\Temp\nsq3E6A.tmp\StdUtils.dll
| MD5 | db11ab4828b429a987e7682e495c1810 |
| SHA1 | 29c2c2069c4975c90789dc6d3677b4b650196561 |
| SHA256 | c602c44a4d4088dbf5a659f36ba1c3a9d81f8367577de0cb940c0b8afee5c376 |
| SHA512 | 460d1ccfc0d7180eae4e6f1a326d175fec78a7d6014447a9a79b6df501fa05cd4bd90f8f7a85b7b6a4610e2fa7059e30ae6e17bc828d370e5750de9b40b9ae88 |
C:\Users\Admin\AppData\Local\Temp\nsoCC78.tmp\modern-header.bmp
| MD5 | da3486d12bb4c8aec16bd9e0d363d23f |
| SHA1 | 863244a4845c9d5dea8dd36e1083f5639e1224e1 |
| SHA256 | d93b76d51bd2214fa6e999c1bf70b4aff5165a6542f9b9b2a92b5672601f4624 |
| SHA512 | 8e40adb65a4ad46f3bc5920d7fd8294397268e754b1eb00d4f7b0883be6468448033d9a46cf3a00fccddb4a7c81e7f984cf5a25731532c1aeface69573dfe59f |
C:\Program Files (x86)\Steam\bin\SteamService.exe
| MD5 | ba0ea9249da4ab8f62432617489ae5a6 |
| SHA1 | d8873c5dcb6e128c39cf0c423b502821343659a7 |
| SHA256 | ce177dc8cf42513ff819c7b8597c7be290f9e98632a34ecd868dc76003421f0d |
| SHA512 | 52958d55b03e1ddc69afc2f1a02f7813199e4b3bf114514c438ab4d10d5ca83b865ba6090550951c0a43b666c6728304009572212444a27a3f5184663f4b0b8b |
C:\Program Files (x86)\Steam\package\steam_client_win32
| MD5 | 628c58048e8d0dfd0d5a985b359b353f |
| SHA1 | fa1c6b8addaeca7da658894e64b62252f8aacacb |
| SHA256 | 290816f20a98ea9b9ab3185c2c59eeb3c4c7b9a861c72d453622e7d1e07653d4 |
| SHA512 | be287f2c42927f939997b61052e23fb4c13b7709655fc20c34956c5d131d8820cf90aa67139191f801c1ca118ee71a33b74970e263ed87916203fc0f3e6fdb8e |
C:\Program Files (x86)\Steam\package\tmp\public\steambootstrapper_korean.txt_
| MD5 | 202b825d0ef72096b82db255c4e747fa |
| SHA1 | 3a3265e5bbaa1d1b774195a3858f29cea75c9e75 |
| SHA256 | 3d1399f5323a3ece1b1a8b3b31f8fd7f50c3bd319ab3f1c38c6e347452c95314 |
| SHA512 | e8fc7cc09f431301d22a07b238179ee053505090e3c4db30ead061513fe7159f1fe8b80efc93f4597fe00f01087bbe0bb2231e13693d72c8def138657cb91566 |
C:\Program Files (x86)\Steam\package\tmp\graphics\icon_button_news_mousedown.tga_
| MD5 | 00bf35778a90f9dfa68ce0d1a032d9b5 |
| SHA1 | de6a3d102de9a186e1585be14b49390dcb9605d6 |
| SHA256 | cab3a68b64d8bf22c44080f12d7eab5b281102a8761f804224074ab1f6130fe2 |
| SHA512 | 342c9732ef4185dee691c9c8657a56f577f9c90fc43a4330bdc173536750cee1c40af4adac4f47ac5aca6b80ab347ebe2d31d38ea540245b38ab72ee8718a041 |
C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_
| MD5 | 577b7286c7b05cecde9bea0a0d39740e |
| SHA1 | 144d97afe83738177a2dbe43994f14ec11e44b53 |
| SHA256 | 983aa3928f15f5154266be7063a75e1fce87238bbe81a910219dea01d5376824 |
| SHA512 | 8cd55264a6e973bb6683c6f376672b74a263b48b087240df8296735fd7ae6274ee688fdb16d7febad14288a866ea47e78b114c357a9b03471b1e72df053ebcb0 |
C:\Program Files (x86)\Steam\package\tmp\resource\filter_clean_bulgarian.txt.gz_
| MD5 | 836dd6b25a8902af48cd52738b675e4b |
| SHA1 | 449347c06a872bedf311046bca8d316bfba3830b |
| SHA256 | 6feb83ca306745d634903cf09274b7baf0ac38e43c6b3fab1a608be344c3ef64 |
| SHA512 | 6ab1e4a7fa9da6d33cee104344ba2ccb3e85cd2d013ba3e4c6790fd7fd482c85f5f76e9ae38c5190cdbbe246a48dae775501f7414bec4f6682a05685994e6b80 |
memory/2124-13658-0x0000000000BB0000-0x0000000001062000-memory.dmp
memory/13856-13680-0x00007FFAA5420000-0x00007FFAA5421000-memory.dmp
memory/13856-13679-0x00007FFAA6A10000-0x00007FFAA6A11000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\Local Storage\leveldb\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Local Storage\leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
memory/13236-13728-0x0000000068AC0000-0x0000000069E39000-memory.dmp
memory/13856-13738-0x0000020F2D840000-0x0000020F2D8DE000-memory.dmp
memory/13960-13740-0x00000243784D0000-0x000002437856E000-memory.dmp
memory/13960-13741-0x0000024378570000-0x0000024378646000-memory.dmp
memory/13856-13739-0x0000020F2DAB0000-0x0000020F2DB86000-memory.dmp
memory/13236-13744-0x0000000068AC0000-0x0000000069E39000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index
| MD5 | 73b6ff380764d10963c77d7f81fd8b11 |
| SHA1 | 1548acb3f8d820f1514c8c6a8aa31c0a79b6d611 |
| SHA256 | 7d9e324c6481972d64f3ba471a6fc969731c5d2d97cae93eba58659987ce4036 |
| SHA512 | 564444e302aa50c8a3e129bfcbd17f8d71584f3fec518c9e2f95a3ecd1a15d6f25e2378116151db3eb08168e97f406ade273c0bdb01316e1ac15d2e5cbc859b4 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index~RFe5f9786.TMP
| MD5 | c57323588d315ac398b5d33badc16ca8 |
| SHA1 | 0e87ee6fb651b363ab62e0f84d5910fd260c4e8a |
| SHA256 | 62c369b3508e10eeb8d47718f019c490d18150c78ae426ad7889444e37e531c0 |
| SHA512 | d0fd8866f20e5aa89242c5d154dce6fda91873b47a15d0c0828c84873306d3c640072156d3a60c08ddaf4ac27bd830f406e6e3b1b7a4cddb64c4e751880e97d5 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\UserPrefs.json
| MD5 | 7ef099cec79ffbae21398e576e1ebb97 |
| SHA1 | d46fe30d531ff5ec6a31923b38cfcb55b50a6684 |
| SHA256 | c4900503b76fe6c1d541a46d114987d045034d1780ecbc16fd4c4a6a75572c8a |
| SHA512 | cd7edfde649bc2cb2108f5608a19b235c4e15dba04fd567a2767faeeeba21ef55eb62a15664bacc7ca9a8388f58aafc5c9cea24624d1c83ce3a838d253b43f59 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\UserPrefs.json~RFe5fac95.TMP
| MD5 | 69eea6b60e529879609ec2f783a327a3 |
| SHA1 | 8c0827727373a0af454455adfcc3083ab1712a50 |
| SHA256 | 63773b4a5cb81a0c7646863e85169a6d5690295a1a3ed62197fcf483d78d62d4 |
| SHA512 | 6fe242727ecbf2b73e7095bbbdcac316428bc069553083e511e95ca52611eea36a65fb0a354a712d274e76836d64e1934164b7f8f275a7e5389a1321d48cebeb |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | 5e50cb9d57a75fa1d20e55709ef1cb25 |
| SHA1 | b017007b636d1e040c5c5dc3eded5f1fc370a3af |
| SHA256 | f3cd21b456b5300daa1eac0b95c829b0db62cc1326f0c8c42af0cd4643f6b61a |
| SHA512 | b3f36a684e0cfef22ae6f1094e3e1042582ab937ebaeb3692e554b07cf46d6c298a5c728ae4ea62d5e7573f1183e5cd9c199fc9d84aa841c71610499ae9318b0 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity~RFe5face3.TMP
| MD5 | 75879047dabf13a1a861ccee935db7e1 |
| SHA1 | d364919b2b25d7d0973177b274c08fc2db16495d |
| SHA256 | 170f0a16376b7bc1055793533122f4b144909b8b7e7667190fe469643d2d38ba |
| SHA512 | 96fcd666157f645d3372498dd5bbcdccfb35b368e4122e2a7023c1f09880eee438eb0ffce1eb8199c0caf9bfbe32160c91cd4056628896bcf07b2d8254ecd173 |
memory/13236-13787-0x0000000068AC0000-0x0000000069E39000-memory.dmp
memory/13236-13794-0x0000000068AC0000-0x0000000069E39000-memory.dmp
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 9eb415c93f64a744ef33be52b0de4eeb |
| SHA1 | 6c95cea83e9ea7098f3350046dbe2b8a2780c1f8 |
| SHA256 | adc1ffa72fcf082b23b70c2fe182052a243224218049406d2371648008228aa8 |
| SHA512 | b5e105004fe44fbb7ed5be7a9a95bc83b6a9d6edb083f72eea3848a64b911d8f19a32e8f70e33ceec7a0bc0ba4e00fb41d04cf636cd94c82779f677485de7dbf |
memory/13236-13832-0x0000000068AC0000-0x0000000069E39000-memory.dmp
C:\Program Files (x86)\Steam\userdata\1597410768\7\remote\sharedconfig.vdf
| MD5 | 12d10a606e060dde77119172a8e8d8eb |
| SHA1 | 00c2f996fdc76adcd7bbbf317d5bd7c12fcd97d8 |
| SHA256 | 7855071ead7a7dc07bc5f97e6301e7199988ddfb057802c016782fc7cd763185 |
| SHA512 | 7b741ce722d929b7baeb93e849689b716af4687780b58c2ddeefa0b33dfc4be17695fa5dfd55f152a3193ebc5a7653ecbd8814f8f8e8c510a9eb3d895fb2fe1f |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | 83aed61575bed3506683726116ee7b01 |
| SHA1 | cd92ecbc36a00946901154f68cbf56d6f0c68349 |
| SHA256 | cbcfaa56652f89b25333fa66a82842e83746e2e23a33bc69774e4144fb3407a5 |
| SHA512 | f5dc8e03a842b625c60f1606171605cf5271fffe7cf5f5b37874d5e40b29fd39f0adf38eb7438e434ad8b2066193e573a5afe4b83207291f6f7f422de3349ce4 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | dae233ea1427c339f4e6953c3c24c30c |
| SHA1 | 3522c8e5b5e9aaf02fc86c8746a86b763836b3ed |
| SHA256 | a19302f04f6face45adbe115bd2e6022ff5fd3ae0c395cc6af4a7c8b0c6487b8 |
| SHA512 | 46d6e1f0c1d54c2e53f03608e564b5c9652e833efcc6ff9d57706a1b49c08bc134bea4a2d7482c0c67dcb06ccf2457dd432374411c9ae39c904a807c85682667 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | 511a7fefd7dee5b0a19505df4e3e9cfd |
| SHA1 | efeea1164f7a0f72f847d82daf3b9a9fe213a1ff |
| SHA256 | b9fd6e80c177f54817f51582505668600155b23345cb901b1b2eff3c78abc600 |
| SHA512 | 24653faf1033036c174d3aa699b06c3d7a4463f8043b07006a7b92b59739136c58b6dce7383823b5befb477d0dfc23de8813691cc0a8f0ad0b25f497d6c57660 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | 8944d84a9d00e7231e315356c0949d9f |
| SHA1 | dbd3b3d79c0d714ff02dd649f971d307dabc634a |
| SHA256 | e1460cda524330a6fb304a7822fdb5f49156b42b2505158117f02a7abd832e04 |
| SHA512 | a38a4a2cbaa7e995d9700104872895a2e01346f0d0a0e62d7138c0fa3de31ad6bad7b697a0a220144ca411209aefdd009934bd9a898d2e3a9146439091112d5e |
memory/13236-13890-0x0000000068AC0000-0x0000000069E39000-memory.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | 2e57108cc5baae132629c2eba013d56b |
| SHA1 | 63102ae6c9657ff9537525c4aba2c3ac2014256d |
| SHA256 | 827d994e700cfcfd6abf21eaa2fea1e7f03777d86575a6e14889d358bbc3737d |
| SHA512 | 0eaf2e1065cab2b05d2bb99bdc0b9ebc74a1e69e49055fa07f1ead65f542903bcec13d4abece0ea9dba0369f885a86a7c588dbf08666c4710f0985d8fb22a2e6 |
C:\Program Files (x86)\Steam\resource\filter_profanity_english_cached.txt
| MD5 | 0b8f38d6f219adb6af9a46e34c8b55c5 |
| SHA1 | abfb7eea3e2073ef536ef4c020b79dce54028174 |
| SHA256 | c6cced2a542c64817209699a48ba5c17f32ad47a5bb799d395d707f665378de8 |
| SHA512 | 4a4dcd5efb3433f23848b7bcc18a430f05107985e48f280874f0058eac863b3ddac9f849ab55271f619c026a6282387f553f1ec25e16eba7cb68c850f314beea |
C:\Program Files (x86)\Steam\resource\filter_profanity_english_cached_timestamp.txt
| MD5 | 38654b347fdf4acc6886b4ce73bf189f |
| SHA1 | 508590279764429312ceb10f250410bda63bbbfd |
| SHA256 | e34a6cc9262f209c2b4b27795a2f2ce8eb4e84a51a2a632bc438e9bec74d72ab |
| SHA512 | 3a0dfe4b1409823ee1cc5431e40e029c590c57a233294896e67afeb4676edeeb38960ec040af8aee6294481da46a26dccdf56fc4b314cb07f07d047ad50be334 |
C:\Program Files (x86)\Steam\resource\filter_banned_english_cached.txt
| MD5 | 009ca439b8e68dbdb83850d51b07c736 |
| SHA1 | b8dd1986d15aef3dcba09c954577c780b549c582 |
| SHA256 | 4bfbbfd0114ee78d7795835c64aae6dc6b525547748c5dd1150d7d1ff8757c43 |
| SHA512 | 25e90b8b737b30879ec9073457cc7b30bdc46ed71b8885ce14f9c1946476d65c6bbdd0ddc19bb09c406cd9439837aec5c8ad007dbb5a4378842e1634429b093e |
C:\Program Files (x86)\Steam\resource\filter_banned_english_cached_timestamp.txt
| MD5 | fdd66cf1aa30770e6fdd364bb78d1c61 |
| SHA1 | 7aee7771984d3e8441e88511d89299dcf29225e8 |
| SHA256 | 10e626634cf39f22172077e8cd5b6c7aae84ad85acf20c7cf68ddbcebfc587cd |
| SHA512 | 20bef3e14e3f493932b35f1156e930c308f1dae11fa969abd0b80126a70cbaf51bc89bd73ceee3f001bb7836401b9b3a99015bceae13c4bb346fe8419b5a169d |
C:\Users\Admin\AppData\Local\Steam\htmlcache\GPUCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\GPUCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5JNXYEJIN50AL9HN06SU.temp
| MD5 | 42e989d13d61febf63100ea4c15812a6 |
| SHA1 | 2febbe555b8b072c5ba95e91250be5c5e66b9bb8 |
| SHA256 | 64f35a753e5791b099e975cde565e950291753f34fa53318f60e85043e070ca4 |
| SHA512 | 802ee361f9e600cfeb48f16892aad4dedf63046d8359378ffcff731175b6391c8100228738c50bcfaca74fbd4eaf6c77475b605d9e17c44b8c71b5bbbc4d594c |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000002
| MD5 | 56b913703255a5987243bf1b083b3c39 |
| SHA1 | e25f12d9db1649ce7cfc55eed5aa8b7cb2a5539a |
| SHA256 | 3d71468bce1f70a7b97618b2d56204dde76749656661408247ba261598ff67e1 |
| SHA512 | e5ffea041e8a67eac45c887593efe185a5047558400079bf0ea440089e41b367b579b1623dded7fb3c36b423f74ebd12e4d256750addc64b161b95edf44a3a80 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\GPUCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000004
| MD5 | af1509b250f7e95f2f9cc855c8852002 |
| SHA1 | e91a35cb4dc4311a844936f255e68ce4bee50b82 |
| SHA256 | 2a9fc98490e0f4b9f7c1ce35d8692c6bf1e9bb8c7930dbf4c986032e65460aae |
| SHA512 | 89ea04437c9c3b2e171c64335a5da6d5bd70368e7809b82e71ff185ec14b7f277dde9626a12ab71e79a8d395e5c5e5c05f56ecfe20deb462708bade1ea405ac8 |
memory/13236-14015-0x0000000068AC0000-0x0000000069E39000-memory.dmp
C:\Program Files (x86)\Steam\appcache\librarycache\2180100_icon.jpg
| MD5 | 7ecdaf8a54ec52b20640a88527512903 |
| SHA1 | 3133a4d748ad3be61fe9db759339cd5de73339b5 |
| SHA256 | 7bd8b75aec0a4d4a377f3ca3a023fd8b7c5fc7dc6a2a66d17f8cdfe5b731ab0c |
| SHA512 | 60ae2031eed0c38264f0d8db22a9b6efeb3f80c791e916e15a1730853162d56e0da014dbd93a5479bae4f3bdd5705ca89be70c90574a524abd1c276ed5c55a2d |
C:\Program Files (x86)\Steam\userdata\1597410768\config\localconfig.vdf.async13236.tmp
| MD5 | 177258c7e6708704541f20a46729e94f |
| SHA1 | e0f48ef943c880e7514867d377e24ef95e7a5bbd |
| SHA256 | 28894ca9b942f8c4d6cd95ba574e299fcb34a65b894c0faa9c0f374f215ee4c1 |
| SHA512 | 5a463895e50d746192d7265784c8ae2f579d2245914f6030dd92afd40756105adc0d9aac361431835c8ba9dfc558c2a4e9dd480389c1b2f41da64416d5aa63fd |
C:\Program Files (x86)\Steam\dumps\reports\f8a5754e-a3c2-49d8-b9ef-c44c1465741b.dmp
| MD5 | 68d0fdb35b7dd5905e7c7e300c2d9975 |
| SHA1 | ae21544a57a7be9fe62cfe2af8e18016f6509828 |
| SHA256 | d2b9453eae097ca05d385b117c7daa1f6fa244c76d21e2384ff02b0491b54bd2 |
| SHA512 | fa2ad3f962e05bf43686e0fe4ca1337b96c5b2039150f7fd4b119f5bc258533a7d962d758c7a9d8a915786dac1fd0cc37b6ae0552004a5e1542ff810e314ad36 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json
| MD5 | c3435d27bab1f4d10a7595c6a94f875b |
| SHA1 | 667c369df33dbc84cbbc06be0fdad3bba076544c |
| SHA256 | dcca5b447824097819b37954507c32fbe4c0b8835531bfa48b7111978f546b2c |
| SHA512 | 7c06ed899d868b7311d18ebfd6296b80cc402870d30641b612be2ade357e7e91ee5723455a3120bece7a726b4ecc24347888b5acf04ad53c57d38ca5b6d9f080 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json~RFe605383.TMP
| MD5 | 6045e0fdbadd905ccaf32908281c591e |
| SHA1 | 434fe7062db748405a51e6b26bc7ac413f359b10 |
| SHA256 | 704f4df650a9ceeba2ef86567a27b0a10ad6043edaeeced62fd6e1a6e5c2c967 |
| SHA512 | e3b8a6c3600c1c36c6d2b9df0fe4bc9cb57b5f766d41c8ef600cef1347390c542a0e33f30972d7d486102f65b75e998cc831abbbdb01c0e0ae2f83d59a9bdb9b |
memory/4840-14085-0x000001C073970000-0x000001C073A0E000-memory.dmp
memory/4840-14086-0x000001C073A10000-0x000001C073AE6000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\cefdata\Dictionaries\en-US-10-1.bdic
| MD5 | 4604e676a0a7d18770853919e24ec465 |
| SHA1 | 415ef3b2ca0851e00ebaf0d6c9f6213c561ac98f |
| SHA256 | a075b01d9b015c616511a9e87da77da3d9881621db32f584e4606ddabf1c1100 |
| SHA512 | 3d89c21f20772a8bebdb70b29c42fca2f6bffcda49dff9d5644f3f3910b7c710a5c20154a7af5134c9c7a8624a1251b5e56ced9351d87463f31bed8188eb0774 |
memory/15616-14142-0x000001B657190000-0x000001B657266000-memory.dmp
memory/15616-14141-0x000001B6570F0000-0x000001B65718E000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State
| MD5 | 4bee8210cce86fd5376d06ca6ca6b108 |
| SHA1 | a90b14ffedc6733a578afa1df8006a6c1f9b0474 |
| SHA256 | f0398e7ae90032e0b06f8a8b23ffebe1b5da7afb52b530c93f0727c4deb618a6 |
| SHA512 | 92303ff663b4041b373881e136f5d49c701009d37aa1d6f5d0732655f9ad16d2886b78d79b4a6c193a346262594696ef9e7e17e2882dd299b82fe88b3057df4a |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State~RFe6057f8.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | db7be84e743688d1d313f79e2a76a774 |
| SHA1 | 19a0c771c9e594ae5bd223d5a853863a4c3f53bd |
| SHA256 | 9e5c0e39b217c515a2419a1be6c83269dc7dffab1596d24597bda24589ec771d |
| SHA512 | f315779e2f28676a7a67034c8644b5521c477256eb12b17cb976f9b3aa820e00655a14bd3a951e4c777c4b9175e0a3e30a46109693cc0ee3d7f32ce960eadb20 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index
| MD5 | d24c827cf91da9e249b38260b78b36c2 |
| SHA1 | 4ee7b27e6dd31c0f804b335aaa5ec548f86d3b27 |
| SHA256 | 0d1ae1e4718292c0eecacd883c7bde03367b7f9947973326b620d713e5134890 |
| SHA512 | 4a79fdb5e445033a0927c3b99ce7d1e3236f1198d75c0f623d5332b2dbcb46b7f85aad6f1d020c1eb1ee5b776548e00be980f9c25ce186ce5e0794a8a8340b03 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | d0620390f6c2e34359c66b4ab24fbae0 |
| SHA1 | b0f7faca724fa5e36c3ec539abc99db9591ee0f9 |
| SHA256 | b9d65fbf4b144019efac5119464be07b5fd61912a6ad587bb40afdb9523a4c0a |
| SHA512 | 032ffe8296bf2710d4aef52a5b1d073eb50de1e659143fc6bdcecd09600c7e62427476b375a2c98aaa2e31937e2a688afc987014e01a2599b0fe7c318d161adf |
memory/13236-14222-0x0000000068AC0000-0x0000000069E39000-memory.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | b0765a4092355ba79b6925406c7cb09a |
| SHA1 | b739eda55d02d894d58dcb1bb6b78f2f3603bda5 |
| SHA256 | cb9921ffc0c757bc5212c8e521dd6c10dd7557e1f92a8aa2e444dbaf2a4227b9 |
| SHA512 | 2744aad52f35a1cff27352148d9a5da126a87a67c24343ea96feb41bff41ba6a9d5ec34b5ed20734988f17b86412db62e8e6c20befb32feede3a49e0a3b11750 |
memory/5328-14321-0x0000022BE35F0000-0x0000022BE368E000-memory.dmp
memory/5328-14322-0x0000022BE3690000-0x0000022BE3766000-memory.dmp
memory/5164-14336-0x000001D56D0F0000-0x000001D56D18E000-memory.dmp
memory/5772-14338-0x00000239996B0000-0x000002399974E000-memory.dmp
memory/5164-14337-0x000001D56D190000-0x000001D56D266000-memory.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | abb3e0dee8f012debf61e6dac7151a71 |
| SHA1 | 713ff96a008498b2ac750f32af01612f1d9f3b73 |
| SHA256 | f813db22ed08d173038339f9eca8fb499568cc325ee2e78d367ba1a072910d26 |
| SHA512 | be84713d26f5a009dcf2092ba0fcfdba5115fa843138a17e9e20d3c036a7474757f761f3fda78a11f87eff50e400850d8dde265f0a040a3b8fced0b571b41a5c |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000007
| MD5 | 02c4cc6d759709eba3f82adc2fac19dd |
| SHA1 | 769074f793e9913f2921582368b86f0b32269d89 |
| SHA256 | 1109318670f3f0ed4881ef4d85ec2fbb9fec253df4e67259064af2dec0b97e1e |
| SHA512 | cc73116fcf0f6671458a0cf46577f6c6acfdb53ab01db09fccc04df6196d78551e4b03593cfd034ad0950d0abc587173e74bb734ae62f9dac726eaf959b8e919 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_00000a
| MD5 | 6dd7b4f9078fdbee117bfb190531988b |
| SHA1 | 7a3d0053826d139662daa0268bf2a76e76bd0966 |
| SHA256 | 81ca7b2ade361aeaf2a53278fd82b145ae30a11653342bcfc943de6aea8a703d |
| SHA512 | 9dddf6729c0502580ee77410ff4d69691316f281fbc9cc140362604407950289a7bcd7c16ccadc5a6d51efd1a941142cad1934357fd3d181651b53f1bd59fd8a |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000009
| MD5 | 029f7cc33ae75fc214f920e50ec8e1ed |
| SHA1 | a9944bb45acaa6ff7481e33d1dae8720e660a0dc |
| SHA256 | 7afcb7387ce3e780abf62bbe0fb5746a01f4778d2f05ead46cf1b0380ce7d445 |
| SHA512 | e98ca79dc7fe5f16542f5e7d191b87e1081941dc94b39336eb36b5451d8573fb7dd243412af1eb3722c2a7b9147129b9ba2c1487449c27b78f3ce4895eb5c622 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000008
| MD5 | 6f882cfc18469731fd8ebeca69365f7f |
| SHA1 | 78ad386807dbc130b1fbe5e1a97389e1e0e2981a |
| SHA256 | b81ddb468e5604f1b5ddce3c1e15e0298432841752cd6be0c497b05fae7cc346 |
| SHA512 | 75855a2b09abfab3476fc16b18d996e4a705980a1dc2c4f84688c9b8c7b4c1a6ed0a4dd7f6c57eb28838ba1999012a96253a1288f9445056bb2f7386b2315128 |
C:\Program Files (x86)\Steam\dumps\reports\661d4f08-d0ff-4ee8-b140-29d6d122326a.dmp
| MD5 | 55b460138a84070346c75a1b24130ad0 |
| SHA1 | a5a002aba30384b221d70e3741e2b2c3600aa33d |
| SHA256 | 2035ad287e1347a0772159bfee15822263c10dad9072282d9e662361e48a850a |
| SHA512 | 047d6618c9ee8074bfb3952df6e67ad5fbcf463b87ea5209a3f3360ede461665189754ce6f8e05dd60d6025e42be499be76bd3060f6c4bdfa858451932cf6611 |
C:\Program Files (x86)\Steam\dumps\settings.dat
| MD5 | 0e712af6e15eaa38a8aae43394004299 |
| SHA1 | 6d3e8c334bea5b61799db8bbaf9c054ee9d91427 |
| SHA256 | fc78c87c5d0e7a344d57cae074da1e443bdd58b838e0b7595a4d7c3c82fb06e0 |
| SHA512 | e40b0a4061a925fdb427e34cf0813e45815f0ad8a19790c3269f6e224b67f3798746690a9ce9d64718841ebcc4e32f9a9d5e7390b246b6e8732eee7b3f8c2317 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | e77eed79ad62c5aca7e4f640fd8e2d83 |
| SHA1 | a39c7efafe530b90df816351460ab71eaf6f5912 |
| SHA256 | 6d5c0bf3f1ca8619b7bd29cf7fc0e162408dc5491150a48fd0f3f082b59d44c7 |
| SHA512 | c43f458d2317616d1bc369218b44abb9142ebe49cc205d4f209adda15d80316bd38221f31bbfd94d6db6deae88c2bf14c6cc14225f9561b7caca00d2cc17fa97 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | 4370ade8220e7ded0e03ade14fda9a35 |
| SHA1 | 09211eaeb59b0862520a5cc8c92058a3b73c16b5 |
| SHA256 | a0106d1551b5ac267a5cba6eab4dfd4a346793589125d31c5b3c34c9ba6dd5be |
| SHA512 | 84456407e2ce9bbb0d396969524f5a03bb14e46c31eb8699450f6eee6dcbcf6e4c59ba84396cf62a188a07a81fc4df8caf48c0a02dff23a0a54e20c1c764b81e |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000013
| MD5 | 18c76886e533c920a94353734f354d18 |
| SHA1 | 610291e584653973627974d10d57ea3301514c66 |
| SHA256 | 5dbd4c9ec5486487f89e7dda9d0fa9b35b4c73e7327c393cdc453b3f9d0785c8 |
| SHA512 | 35ff640836de0ba31f4646e02a26e473fa9773357055ecd56b5a23d389aaee2babbe43c75e9c033ae48940ae0ef38ae355f28ad39c90bdc6d6682d9f9f4756aa |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000014
| MD5 | 23dccd50c1598cf87c321dd0e788e2e4 |
| SHA1 | 4697f41531098e96b97de4ca6626fd86621efb1e |
| SHA256 | 167b5e3d2fc6a069ef986144f71f70ca1ed8c4332846757c8aa4792703420635 |
| SHA512 | 00174629a41be7b3d69e0ef03041aab41adae416c39209934b8a9c3923350010ddf01ce8d37cedd6bd57769796b41ee3c18c1b393726988039b556416c20f676 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000012
| MD5 | 24fd993f0cf6cdd2f310db84596d1bbc |
| SHA1 | b9ca724fcb3342c58ae026d266a009a73b1f5e31 |
| SHA256 | 53db01b6f27963566a58cc3bea3ff2f88abda9c16302b9ebfd3c858d77f2d9c2 |
| SHA512 | 892280df9bb1daa6e443ed684a48f4221a313e54bf300bea00c896d3a2967eadc6f98717b4545c1c956811b8d5403f132bb2b94a5e9aca91088e0f0203630ae4 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_00005a
| MD5 | 57613e143ff3dae10f282e84a066de28 |
| SHA1 | 88756cc8c6db645b5f20aa17b14feefb4411c25f |
| SHA256 | 19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14 |
| SHA512 | 94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | 8e6705da4d9fc6f5e69233a0c8ae25df |
| SHA1 | f8865b91c6c518cd5106d80962a51519fd6d9008 |
| SHA256 | 662e5d28d250d1ce6f5365c1aca0948ab37fe7e96021c4c3adaabab864503e1b |
| SHA512 | 3e0e65cf33070d202ff10bd88ee22a4ccf6bee2d8b5bc687921058ee30a6a41adc2d86bea7813b597180728477a0f39af17ca6c58b25f2a327c3c15b4bb872fa |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index
| MD5 | a38ba612357bd61fac3e51af3f554589 |
| SHA1 | 7b9ec28003d2cf504b43e4ceafb49b7b5e07bad2 |
| SHA256 | 61bc9df74aca19810709db06eebd4b2143014fb7dc290326333288aa101d2260 |
| SHA512 | 115d81161d31165e95a26049d5dab8f943cd70e34c5d5160448ae64d29ca20b600c06b47597543331ff1173e7166616d8661dcd26575fe1e1fb2a38ff0f4d4ff |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State
| MD5 | 82c526cd7f7fad6493e9b3a3c7f985a6 |
| SHA1 | ba77c6e769df43d4bfc1eb0164135d8e4a1fc366 |
| SHA256 | 2ea26b2c50cab862719cfa57ef2781b1c4320dea2703d688cf54283b41b0b530 |
| SHA512 | bc5e84b7d28df88f66e85ec9e695ab4f7afe3b92cdc156ae426d39ea4e866e70e40657a18729155bb765409086d34de657441f7d3fb86a4141fb5f7ea7f89e8f |
C:\Program Files (x86)\Steam\dumps\settings.dat
| MD5 | 50efb8bac938bc1409f96cbe80fcd6a7 |
| SHA1 | 5926270ba9fa7261facedcb41888b2fd2667baaf |
| SHA256 | 526f2d27ad248b2dd294f9ccc27a9f677f269d7cbf6127bad156eaa2c8bb342e |
| SHA512 | b67b0b8dc6b70f5506c453e88eb8b595ef9c3940b6d2caa4d84e6a94948eee4c97f57840fb0a3f9e6e334982df6ee7ceedd9f86ae4263063618c22d4a91d7e54 |
C:\Program Files (x86)\Steam\dumps\reports\09ff0777-764e-4692-9f8c-8e157c4ab469.dmp
| MD5 | 952c79f9c1bd23fb2027c451a7a945c1 |
| SHA1 | c16969a12c6329e20192b2e39c8e2e40c668699c |
| SHA256 | 7671e876725f3d538e0f8b7ae7154220e962f361e4688049fb3b098e2835469f |
| SHA512 | 6653926f04fbbe36b1958ec55a5ce922683a9b402d0f96269879ada7bacf58c2004519421eef02791a10a4fbe9edbdaa6126b6eddbbe1ef573fb2e5c1d0fd9f0 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json
| MD5 | cdb79db95bb2fcc95fcb5648e7e88dac |
| SHA1 | 6a683856f145b9d1c68f6b972d6ccf7e494f6d63 |
| SHA256 | 685379c89bb24a409a9fe34bedc970dcbd6137ef9d5a241a934177414101a72c |
| SHA512 | ef33d472892040e3369a249d04526f82d3358edbe2f15e5f038f78f9312c38b61d9abcbee24261aa764666de0acfdd405c780f9490a4d35b4c63525518601db8 |
C:\Program Files\chrome_ComponentUnpacker_BeginUnzipping1504_281795161\LICENSE
| MD5 | f6719687bed7403612eaed0b191eb4a9 |
| SHA1 | dd03919750e45507743bd089a659e8efcefa7af1 |
| SHA256 | afb514e4269594234b32c873ba2cd3cc8892e836861137b531a40a1232820c59 |
| SHA512 | dd14a7eae05d90f35a055a5098d09cd2233d784f6ac228b5927925241689bff828e573b7a90a5196bfdd7aaeecf00f5c94486ad9e3910cfb07475fcfbb7f0d56 |
C:\Program Files\chrome_ComponentUnpacker_BeginUnzipping1504_281795161\manifest.json
| MD5 | 2648d437c53db54b3ebd00e64852687e |
| SHA1 | 66cfe157f4c8e17bfda15325abfef40ec6d49608 |
| SHA256 | 68a3d7cb10f3001f40bc583b7fff0183895a61d3bd1b7a1c34e602df6f0f8806 |
| SHA512 | 86d5c3129bec156b17b8ebd5dec5a6258e10cb426b84dd3e4af85c9c2cd7ebf4faea01fd10dd906a18ea1042394c3f41a835eae2d83dc8146dfe4b6d71147828 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json
| MD5 | 54dee399add566369970004f02eb65f4 |
| SHA1 | 611ba69beeb3120d5e41c7e1b0e31fac38d8a08b |
| SHA256 | 802d1742d411c74fc633928297c08de0920caac07e5e443d5870b771f9722eaf |
| SHA512 | 1e137bcfa2cef07dc9fc25a843060b376c9bdc33f5485c9e3f76a328baf58d8d4cd0db2a4f41df8f2b86a27c1f1998845c5cfa6332c185785c226d940cec0a39 |
C:\Superify Library\Viscera Cleanup Detail\Viscera Cleanup Detail\Binaries\StatsComparison.exe.config
| MD5 | 3981f15e50599b53c104ee8b0a8dbf90 |
| SHA1 | 0791de9f2be6c612c5f2a6d7c7917caff99d54cb |
| SHA256 | 713ca3d9ea93f51fe9f6e55236ad6db09701c7188f58f10d6c4dacff2c4849aa |
| SHA512 | 0b0cff1c00d2630def4a4eb81d269044491bd660ae6249c42253968f59d81f82a5efe49a09016cfe459a6ae56aebd309708d78c5d26f0cfaf8936767a8bc4a7a |
C:\Superify Library\Viscera Cleanup Detail\Viscera Cleanup Detail\Engine\EditorResources\wxRes\UI_ShowMultiSelectOutline.bmp
| MD5 | e0123cb7af6089ba2340229bebedf484 |
| SHA1 | ed20754f85bf5521bbd11cb46b5f67b37098c557 |
| SHA256 | 063cf38a54855d609838db28ec37b451f52a40f7c128978eef62fea95f4508f5 |
| SHA512 | ea60866b82f90f4baebe2ed4f8eb29976fcc779ad0ba4f14098b97c005a73e7fa2c2e5b3a728f3d932a324801f3a19a17ebf9ab5e035e1779c1df4b437b74036 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPF89A0.tmp
| MD5 | 5d535055443f7f032cd61a7ff432d5db |
| SHA1 | 4c6ca436652a26c855cf2b254eeba14ca7973372 |
| SHA256 | c2ae9a03e4db3addd8356852a4d54e59e9d5ab2b800047d07d1274a545c7be0a |
| SHA512 | 12ab543a957dc34425257c6305b182276a6cebc7cca8fb5c9d429b2e5ac8339cf0b0589eeef080c96d2f79d31889e389a866dfd69338a3c0d73e6bf1482f82ba |
C:\Users\Admin\AppData\Roaming\Superify\Superify Games\Viscera Cleanup Detail\installpath.json
| MD5 | 1782e7ab272d7f3f5149a6a6b2e55343 |
| SHA1 | b493395eccaa096c3a3c7f160fe8f359f4798d7c |
| SHA256 | 078dbfcb07ae703a2c85050c0cef0978785b6cb7b7adf8fe81b07a815e5e0869 |
| SHA512 | 5d49ea465011bb91559edd16eeae46d10323fb48c102e7d3138dd287c312febcf9d9029caf12a7fceb08108ba752302ee15b24e818617d354f709d3c992bc6a7 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPF4E9B.tmp
| MD5 | e136da28867481cffebbc8947c0eb660 |
| SHA1 | c95b23f7991f3741e75271a0697a1936e25f2025 |
| SHA256 | 048fbb1ff6e48b897e8861f66c8d7c73282892856812a25610247817d2bb6e19 |
| SHA512 | 35acfcb38a5c53ef2076dcf47f7912d1fb74d616fce62b80c52c99426743ca68d630c2d57cf487a3f63c53214ebf6dbfb7906527a00413cd4e1bfe1af83b2344 |