Malware Analysis Report

2025-03-15 04:00

Sample ID 240824-qhtlwstdjr
Target 6GQlb7
SHA256 b777eb414b01ae4a42212d0e2b9d964300aea4b20852a25f7cbe6bcfc5983c46
Tags
discovery motw phishing pyinstaller upx
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

b777eb414b01ae4a42212d0e2b9d964300aea4b20852a25f7cbe6bcfc5983c46

Threat Level: Likely malicious

The file 6GQlb7 was found to be: Likely malicious.

Malicious Activity Summary

discovery motw phishing pyinstaller upx

Downloads MZ/PE file

UPX packed file

Drops startup file

Loads dropped DLL

Executes dropped EXE

Mark of the Web detected: This indicates that the page was originally saved or cloned.

Checks installed software on the system

AutoIT Executable

Drops file in Program Files directory

Drops file in Windows directory

Enumerates physical storage devices

System Location Discovery: System Language Discovery

Detects Pyinstaller

Browser Information Discovery

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Uses Volume Shadow Copy service COM API

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Uses Task Scheduler COM API

Suspicious use of SendNotifyMessage

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: GetForegroundWindowSpam

Modifies data under HKEY_USERS

Modifies registry class

Uses Volume Shadow Copy WMI provider

Enumerates system info in registry

Checks SCSI registry key(s)

Modifies system certificate store

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-24 13:16

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-24 13:16

Reported

2024-08-24 13:36

Platform

win10-20240404-en

Max time kernel

1199s

Max time network

1200s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\6GQlb7.html

Signatures

Downloads MZ/PE file

Drops startup file

Description Indicator Process Target
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\startup.bat C:\Users\Admin\Downloads\iCMD-001.exe N/A
File created C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\startup.bat C:\Users\Admin\Downloads\iCMD-001.exe N/A
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\startup.bat C:\Users\Admin\Downloads\iCMD-001.exe N/A

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Checks installed software on the system

discovery

Mark of the Web detected: This indicates that the page was originally saved or cloned.

phishing motw
Description Indicator Process Target
N/A https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html N/A N/A

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A

Drops file in Program Files directory

Description Indicator Process Target
File opened for modification C:\Program Files\AutoHotkey\v2\RCXD34D.tmp C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\UX\inc\config.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File opened for modification C:\Program Files\AutoHotkey\.staging\v1.1.37.02\Installer.ahk C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
File created C:\Program Files\AutoHotkey\v1.1.37.02\ANSI 32-bit.bin C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
File created C:\Program Files\AutoHotkey\.staging\AutoHotkey_2.0.18_setup.exe\UX\reset-assoc.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\UX\WindowSpy.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\WindowSpy.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\v1.1.37.02\AutoHotkeyA32.exe C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
File created C:\Program Files\AutoHotkey\.staging\AutoHotkey_2.0.18_setup.exe\UX\reload-v1.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\UX\ui-editor.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\UX\inc\CommandLineToArgs.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\UX\inc\identify_regex.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\.staging\AutoHotkey_2.0.18_setup.exe\UX\inc\CommandLineToArgs.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\.staging\AutoHotkey_2.0.18_setup.exe\UX\inc\identify_regex.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\UX\inc\identify.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\.staging\AutoHotkey_2.0.18_setup.exe\UX\inc\CreateAppShortcut.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\.staging\v1.1.37.02\AutoHotkey.chm C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
File opened for modification C:\Program Files\AutoHotkey\.staging\v1.1.37.02\Compiler C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
File created C:\Program Files\AutoHotkey\UX\launcher.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\UX\ui-newscript.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\UX\inc\spy.ico C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\.staging\AutoHotkey_2.0.18_setup.exe\AutoHotkey.chm C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\.staging\AutoHotkey_2.0.18_setup.exe\UX\WindowSpy.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\.staging\AutoHotkey_2.0.18_setup.exe\UX\inc\bounce-v1.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\.staging\AutoHotkey_2.0.18_setup.exe\UX\install.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\UX\inc\EnableUIAccess.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\.staging\v1.1.37.02\Compiler\Unicode 64-bit.bin C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
File created C:\Program Files\AutoHotkey\v1.1.37.02\AutoHotkeyU64.exe C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
File opened for modification C:\Program Files\AutoHotkey\.staging\v1.1.37.02\AutoHotkeyU32.exe C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
File created C:\Program Files\AutoHotkey\.staging\v1.1.37.02\AutoHotkeyU64.exe C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
File created C:\Program Files\AutoHotkey\v1.1.37.02\Unicode 32-bit.bin C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
File created C:\Program Files\AutoHotkey\.staging\AutoHotkey_2.0.18_setup.exe\UX\install-version.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\UX\inc\CreateAppShortcut.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\.staging\AutoHotkey_1.1.37.02.zip C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
File created C:\Program Files\AutoHotkey\UX\inc\ui-base.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File opened for modification C:\Program Files\AutoHotkey\v2\RCXFA60.tmp C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File opened for modification C:\Program Files\AutoHotkey\.staging\v1.1.37.02\Template.ahk C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
File created C:\Program Files\AutoHotkey\.staging\AutoHotkey_2.0.18_setup.exe\UX\inc\ui-base.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File opened for modification C:\Program Files\AutoHotkey\v1.1.37.02\RCX6869.tmp C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
File created C:\Program Files\AutoHotkey\v2\AutoHotkey.exe C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\.staging\AutoHotkey_2.0.18_setup.exe\UX\inc\EnableUIAccess.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\UX\install.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\UX\inc\common.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\.staging\AutoHotkey_2.0.18_setup.exe\WindowSpy.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\.staging\AutoHotkey_2.0.18_setup.exe\license.txt C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\.staging\AutoHotkey_2.0.18_setup.exe\UX\inc\identify.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\v1.1.37.02\AutoHotkeyA32_UIA.exe C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
File opened for modification C:\Program Files\AutoHotkey\v2\AutoHotkey32_UIA.exe C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\v2\AutoHotkey64_UIA.exe C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\.staging\v1.1.37.02\Compiler\Unicode 32-bit.bin C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
File created C:\Program Files\AutoHotkey\.staging\v1.1.37.02\WindowSpy.ahk C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
File created C:\Program Files\AutoHotkey\v1.1.37.02\AutoHotkeyU32.exe C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
File opened for modification C:\Program Files\AutoHotkey\v1.1.37.02\RCX73B4.tmp C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
File created C:\Program Files\AutoHotkey\UX\ui-dash.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\UX\inc\README.txt C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\.staging\v1.1.37.02\AutoHotkeyA32.exe C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
File created C:\Program Files\AutoHotkey\.staging\AutoHotkey_2.0.18_setup.exe\UX\ui-launcherconfig.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\UX\install-version.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File opened for modification C:\Program Files\AutoHotkey\.staging\v1.1.37.02\WindowSpy.ahk C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
File created C:\Program Files\AutoHotkey\UX\inc\ShellRun.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\.staging\v1.1.37.02\license.txt C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
File created C:\Program Files\AutoHotkey\.staging\AutoHotkey_2.0.18_setup.exe\UX\ui-setup.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
File created C:\Program Files\AutoHotkey\UX\ui-launcherconfig.ahk C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\rescache\_merged\1601268389\715946058.pri C:\Windows\system32\taskmgr.exe N/A
File created C:\Windows\rescache\_merged\4183903823\2290032291.pri C:\Windows\system32\taskmgr.exe N/A

Browser Information Discovery

discovery

Detects Pyinstaller

pyinstaller
Description Indicator Process Target
N/A N/A N/A N/A

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\click.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\GSAutoClicker.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\click.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\click.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\click.exe N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133689789896612974" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\AutoHotkeyScript\Shell\UIAccess\Command C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\Launch C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\Compile-Gui C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\AutoHotkeyScript\Shell\Launch\Command C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\Open\FriendlyAppName = "AutoHotkey Launcher" C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\AutoHotkeyScript\Shell\UIAccess C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\AutoHotkeyScript\Shell\Edit C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\Compile-Gui\Command C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\.ahk\PersistentHandler C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\AutoHotkeyScript C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\ = "Open runas UIAccess Edit" C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\UIAccess\ = "Run with UI access" C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\AutoHotkeyScript\Shell\Launch C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\Compile C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\Compile\Command C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\AutoHotkeyScript\Shell\Compile-Gui\Command C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\AutoHotkeyScript\DefaultIcon C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\AutoHotkeyScript\Shell\Open\Command C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\AutoHotkeyScript\Shell\RunAs\Command C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\AutoHotkeyScript\Shell\Open C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.ahk\ShellNew\Command = "\"C:\\Program Files\\AutoHotkey\\UX\\AutoHotkeyUX.exe\" \"C:\\Program Files\\AutoHotkey\\UX\\ui-newscript.ahk\" \"%1\"" C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\Edit\Command\ = "\"C:\\Program Files\\AutoHotkey\\UX\\AutoHotkeyUX.exe\" \"C:\\Program Files\\AutoHotkey\\UX\\ui-editor.ahk\" \"%1\"" C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\AutoHotkeyScript\Shell\Compile\Command C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\.ahk\ShellNew C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\Launch\ = "Launch" C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\Launch\AppUserModelID = "AutoHotkey.AutoHotkey" C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\Edit\Command C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\AutoHotkeyScript\Shell\Compile-Gui C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\DefaultIcon\ = "C:\\Program Files\\AutoHotkey\\UX\\AutoHotkeyUX.exe,1" C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\UIAccess C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\AutoHotkeyScript\Shell\Edit\Command C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\AutoHotkeyScript\Shell\RunAs C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\Launch\ProgrammaticAccessOnly C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\Compile-Gui\ = "Compile script (GUI)..." C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.ahk\PersistentHandler\ = "{5e941d80-bf96-11cd-b579-08002b30bfeb}" C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\RunAs\Command\ = "\"C:\\Program Files\\AutoHotkey\\UX\\AutoHotkeyUX.exe\" \"C:\\Program Files\\AutoHotkey\\UX\\launcher.ahk\" \"%1\" %*" C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\Compile-Gui\Command\ = "\"C:\\Program Files\\AutoHotkey\\Compiler\\Ahk2Exe.exe\" /gui /in \"%l\" %*" C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\RunAs\HasLUAShield C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\UIAccess\Command\ = "\"C:\\Program Files\\AutoHotkey\\UX\\AutoHotkeyUX.exe\" \"C:\\Program Files\\AutoHotkey\\UX\\launcher.ahk\" /runwith UIA \"%1\" %*" C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\Edit C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\Launch\Command C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\Compile\Command\ = "\"C:\\Program Files\\AutoHotkey\\Compiler\\Ahk2Exe.exe\" /in \"%l\" %*" C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\Compile\ = "Compile script" C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe N/A
Key created \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\AutoHotkeyScript\Shell C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\Open\ = "Run script" C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\RunAs\Command C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\UIAccess\AppUserModelID = "AutoHotkey.AutoHotkey" C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\Open\AppUserModelID = "AutoHotkey.AutoHotkey" C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\RunAs C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\RunAs\AppUserModelID = "AutoHotkey.AutoHotkey" C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\UIAccess\Command C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\Launch\Command\ = "\"C:\\Program Files\\AutoHotkey\\UX\\AutoHotkeyUX.exe\" \"C:\\Program Files\\AutoHotkey\\UX\\launcher.ahk\" /Launch \"%1\" %*" C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\ = "AutoHotkey Script" C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\AppUserModelID = "AutoHotkey.AutoHotkey" C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AutoHotkeyScript\Shell\Open\Command\ = "\"C:\\Program Files\\AutoHotkey\\UX\\AutoHotkeyUX.exe\" \"C:\\Program Files\\AutoHotkey\\UX\\launcher.ahk\" \"%1\" %*" C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A

Modifies system certificate store

evasion spyware trojan
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\7EBEAFE2EC71E5C94BFBC56DCD3ED5B880FF53AF C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\7EBEAFE2EC71E5C94BFBC56DCD3ED5B880FF53AF\Blob = 0300000001000000140000007ebeafe2ec71e5c94bfbc56dcd3ed5b880ff53af0200000001000000840000001c0000003400000001000000000000000000000000000000020000004100750074006f0048006f0074006b0065007900000000004d006900630072006f0073006f006600740020005300740072006f006e0067002000430072007900700074006f0067007200610070006800690063002000500072006f007600690064006500720000002000000001000000e1010000308201dd30820146a00302010202104e6742e30f8a6eb446df7e5bd9b45db4300d06092a864886f70d01010505003015311330110603550403130a4175746f486f746b65793020170d3234303832343133323735305a180f39393939303130313132303030305a3015311330110603550403130a4175746f486f746b657930819f300d06092a864886f70d010101050003818d0030818902818100bc02be64e4f17471e7c9236b8e7dcf9b5501e46614d518e7db6ec836bb463bdb3f1d31d8d279f1f55d44d02da044b6c3d090c6dbb42347a6496237a8462840cda2e8531ad45493d2d18d2adf8273c2a4db2e10b09e90469bfaedad79771401cb6570fe409287a592ddd223f718a7b6610be7ad7eb15f5bdc1fd1d48681cde3e90203010001a32c302a30100603551d040101ff040630040302049030160603551d250101ff040c300a06082b06010505070303300d06092a864886f70d010105050003818100889753a910b68d629105a6ee772cf423e89ef6d645a8422fc9699a4f456d09c248786b7a4e82a0d2806fa90483e00470d80c9d3eab068974d3b16a86334c7180a9db1b6e0f5ce3869a1eea5a84659e52e8572b53fc54cc3e88b268e2f9793e42322ed08e71a2a7a9ca2dff673a8859de15c33a5b9ee2c6249f644a94dec984f5 C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\7EBEAFE2EC71E5C94BFBC56DCD3ED5B880FF53AF\Blob = 0f0000000100000014000000fbc5b97a904b4c9c0f27ce0bd9cbecb1608734330200000001000000840000001c0000003400000001000000000000000000000000000000020000004100750074006f0048006f0074006b0065007900000000004d006900630072006f0073006f006600740020005300740072006f006e0067002000430072007900700074006f0067007200610070006800690063002000500072006f007600690064006500720000000300000001000000140000007ebeafe2ec71e5c94bfbc56dcd3ed5b880ff53af2000000001000000e1010000308201dd30820146a00302010202104e6742e30f8a6eb446df7e5bd9b45db4300d06092a864886f70d01010505003015311330110603550403130a4175746f486f746b65793020170d3234303832343133323735305a180f39393939303130313132303030305a3015311330110603550403130a4175746f486f746b657930819f300d06092a864886f70d010101050003818d0030818902818100bc02be64e4f17471e7c9236b8e7dcf9b5501e46614d518e7db6ec836bb463bdb3f1d31d8d279f1f55d44d02da044b6c3d090c6dbb42347a6496237a8462840cda2e8531ad45493d2d18d2adf8273c2a4db2e10b09e90469bfaedad79771401cb6570fe409287a592ddd223f718a7b6610be7ad7eb15f5bdc1fd1d48681cde3e90203010001a32c302a30100603551d040101ff040630040302049030160603551d250101ff040c300a06082b06010505070303300d06092a864886f70d010105050003818100889753a910b68d629105a6ee772cf423e89ef6d645a8422fc9699a4f456d09c248786b7a4e82a0d2806fa90483e00470d80c9d3eab068974d3b16a86334c7180a9db1b6e0f5ce3869a1eea5a84659e52e8572b53fc54cc3e88b268e2f9793e42322ed08e71a2a7a9ca2dff673a8859de15c33a5b9ee2c6249f644a94dec984f5 C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4880 wrote to memory of 4588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 712 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 712 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 4860 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Uses Task Scheduler COM API

persistence

Uses Volume Shadow Copy WMI provider

ransomware

Uses Volume Shadow Copy service COM API

ransomware

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\6GQlb7.html

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffa74989758,0x7ffa74989768,0x7ffa74989778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1516 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2024 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1632 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2840 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2848 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4156 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4276 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4520 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5052 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3592 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4632 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4288 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5380 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5740 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5780 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3872 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5892 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6064 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Users\Admin\Downloads\iCMD-001.exe

"C:\Users\Admin\Downloads\iCMD-001.exe"

C:\Users\Admin\Downloads\iCMD-001.exe

"C:\Users\Admin\Downloads\iCMD-001.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5144 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4028 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=2412 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5860 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5708 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3404 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4424 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6064 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Users\Admin\Downloads\click.exe

"C:\Users\Admin\Downloads\click.exe"

C:\Windows\System32\cmd.exe

"C:\Windows\sysnative\cmd" /c "C:\Users\Admin\AppData\Local\Temp\FBBB.tmp\FBBC.tmp\FBBD.bat C:\Users\Admin\Downloads\click.exe"

C:\Windows\system32\mshta.exe

mshta "javascript:alert('Hacking in progress...');close();"

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Downloads\click.exe

"C:\Users\Admin\Downloads\click.exe"

C:\Windows\System32\cmd.exe

"C:\Windows\sysnative\cmd" /c "C:\Users\Admin\AppData\Local\Temp\DD51.tmp\DD62.tmp\DD63.bat C:\Users\Admin\Downloads\click.exe"

C:\Windows\system32\mshta.exe

mshta "javascript:alert('Hacking in progress...');close();"

C:\Users\Admin\Downloads\iCMD-001.exe

"C:\Users\Admin\Downloads\iCMD-001.exe"

C:\Users\Admin\Downloads\iCMD-001.exe

"C:\Users\Admin\Downloads\iCMD-001.exe"

C:\Users\Admin\Downloads\click.exe

"C:\Users\Admin\Downloads\click.exe"

C:\Windows\System32\cmd.exe

"C:\Windows\sysnative\cmd" /c "C:\Users\Admin\AppData\Local\Temp\2497.tmp\2498.tmp\2499.bat C:\Users\Admin\Downloads\click.exe"

C:\Windows\system32\mshta.exe

mshta "javascript:alert('Hacking in progress...');close();"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=3964 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=5160 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=3956 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=2020 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=4604 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=5408 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=960 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\AHK System talk script\AHK System talk script.ahk

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=3656 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=4568 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=4560 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=3720 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=2860 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=5140 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4544 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4384 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=4088 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=5876 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=6220 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=6456 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=6524 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=6336 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6808 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=6876 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=6972 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=7132 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=7140 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=7300 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=7308 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=7324 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=7840 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=7980 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=8312 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=8432 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=8716 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=8724 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=8936 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=9064 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=9104 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=9128 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9528 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9580 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=9964 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=8960 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=10136 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=10024 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=9608 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=8668 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10456 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=10504 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10452 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10540 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=10444 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=9928 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --mojo-platform-channel-handle=10152 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --mojo-platform-channel-handle=10904 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --mojo-platform-channel-handle=11188 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --mojo-platform-channel-handle=9692 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --mojo-platform-channel-handle=11132 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --mojo-platform-channel-handle=10852 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --mojo-platform-channel-handle=11240 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --mojo-platform-channel-handle=11256 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --mojo-platform-channel-handle=11276 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --mojo-platform-channel-handle=11292 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --mojo-platform-channel-handle=11300 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --mojo-platform-channel-handle=11328 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --mojo-platform-channel-handle=11340 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --mojo-platform-channel-handle=11356 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --mojo-platform-channel-handle=11380 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --mojo-platform-channel-handle=10856 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --mojo-platform-channel-handle=11176 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --mojo-platform-channel-handle=11148 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --mojo-platform-channel-handle=11012 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --mojo-platform-channel-handle=11408 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --mojo-platform-channel-handle=9660 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --mojo-platform-channel-handle=11420 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --mojo-platform-channel-handle=11472 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --mojo-platform-channel-handle=11480 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --mojo-platform-channel-handle=10404 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --mojo-platform-channel-handle=10896 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --mojo-platform-channel-handle=10872 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --mojo-platform-channel-handle=10152 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --mojo-platform-channel-handle=9940 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --mojo-platform-channel-handle=9700 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --mojo-platform-channel-handle=10276 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --mojo-platform-channel-handle=12192 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --mojo-platform-channel-handle=12924 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --mojo-platform-channel-handle=12956 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --mojo-platform-channel-handle=12844 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --mojo-platform-channel-handle=11460 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --mojo-platform-channel-handle=12208 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --mojo-platform-channel-handle=8368 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --mojo-platform-channel-handle=7440 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --mojo-platform-channel-handle=8724 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --mojo-platform-channel-handle=8392 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --mojo-platform-channel-handle=6704 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --mojo-platform-channel-handle=6320 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --mojo-platform-channel-handle=7084 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --mojo-platform-channel-handle=6944 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --mojo-platform-channel-handle=6924 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --mojo-platform-channel-handle=6908 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --mojo-platform-channel-handle=6500 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --mojo-platform-channel-handle=7508 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --mojo-platform-channel-handle=7400 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --mojo-platform-channel-handle=10068 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --mojo-platform-channel-handle=7388 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --mojo-platform-channel-handle=9584 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --mojo-platform-channel-handle=6444 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --mojo-platform-channel-handle=7076 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --mojo-platform-channel-handle=8392 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --mojo-platform-channel-handle=9284 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --mojo-platform-channel-handle=11832 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --mojo-platform-channel-handle=6472 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --mojo-platform-channel-handle=11376 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --mojo-platform-channel-handle=7980 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --mojo-platform-channel-handle=9320 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --mojo-platform-channel-handle=8492 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --mojo-platform-channel-handle=8568 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --mojo-platform-channel-handle=7080 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --mojo-platform-channel-handle=7560 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --mojo-platform-channel-handle=7412 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --mojo-platform-channel-handle=6628 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7384 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7228 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=151 --mojo-platform-channel-handle=12724 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=152 --mojo-platform-channel-handle=8948 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --mojo-platform-channel-handle=9228 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=154 --mojo-platform-channel-handle=11480 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=155 --mojo-platform-channel-handle=10236 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=156 --mojo-platform-channel-handle=7780 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=157 --mojo-platform-channel-handle=9028 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6628 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Users\Admin\Downloads\GSAutoClicker.exe

"C:\Users\Admin\Downloads\GSAutoClicker.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4260 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8204 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Users\Admin\Downloads\click.exe

"C:\Users\Admin\Downloads\click.exe"

C:\Windows\System32\cmd.exe

"C:\Windows\sysnative\cmd" /c "C:\Users\Admin\AppData\Local\Temp\3F6A.tmp\3F6B.tmp\3F6C.bat C:\Users\Admin\Downloads\click.exe"

C:\Windows\system32\mshta.exe

mshta "javascript:alert('Hacking in progress...');close();"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=161 --mojo-platform-channel-handle=10520 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=162 --mojo-platform-channel-handle=10844 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=163 --mojo-platform-channel-handle=7048 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=164 --mojo-platform-channel-handle=8076 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=165 --mojo-platform-channel-handle=9376 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=166 --mojo-platform-channel-handle=9140 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=167 --mojo-platform-channel-handle=10876 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=168 --mojo-platform-channel-handle=10612 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=169 --mojo-platform-channel-handle=10692 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=170 --mojo-platform-channel-handle=10264 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9652 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11020 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8844 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3208 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11852 --field-trial-handle=1768,i,13269825593266311400,3571197300947442975,131072 /prefetch:8

C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe

"C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe"

C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe

"C:\Users\Admin\Downloads\AutoHotkey_2.0.18_setup.exe" /to "C:\Program Files\AutoHotkey"

C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe

"C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe" "C:\Program Files\AutoHotkey\UX\reset-assoc.ahk" /check

C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe

"C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe" UX\ui-dash.ahk

C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe

"C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe" "C:\Program Files\AutoHotkey\UX\ui-editor.ahk" "C:\Users\Admin\Documents\AutoHotkey\Untitled.ahk"

C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe

"C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe" "C:\Program Files\AutoHotkey\UX\launcher.ahk" "C:\Users\Admin\Desktop\AHK System talk script\AHK System talk script.ahk"

C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe

"C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe" /script "C:\Program Files\AutoHotkey\UX\install-version.ahk" "1.1.37.02"

C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe

"C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe" "C:\Program Files\AutoHotkey\UX\launcher.ahk" "C:\Users\Admin\Desktop\AHK System talk script\AHK System talk script.ahk"

C:\Program Files\AutoHotkey\v1.1.37.02\AutoHotkeyU64.exe

"C:\Program Files\AutoHotkey\v1.1.37.02\AutoHotkeyU64.exe" "C:\Users\Admin\Desktop\AHK System talk script\AHK System talk script.ahk"

C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe

"C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe" "C:\Program Files\AutoHotkey\UX\launcher.ahk" "C:\Users\Admin\Desktop\AHK System talk script\SubScripts\Rixi_Pronouns.ahk"

C:\Program Files\AutoHotkey\v1.1.37.02\AutoHotkeyU64.exe

"C:\Program Files\AutoHotkey\v1.1.37.02\AutoHotkeyU64.exe" "C:\Users\Admin\Desktop\AHK System talk script\SubScripts\Rixi_Pronouns.ahk"

C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe

"C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe" "C:\Program Files\AutoHotkey\UX\launcher.ahk" "C:\Users\Admin\Desktop\AHK System talk script\SubScripts\Rixi_Popup.ahk"

C:\Program Files\AutoHotkey\v1.1.37.02\AutoHotkeyU64.exe

"C:\Program Files\AutoHotkey\v1.1.37.02\AutoHotkeyU64.exe" "C:\Users\Admin\Desktop\AHK System talk script\SubScripts\Rixi_Popup.ahk"

C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe

"C:\Program Files\AutoHotkey\UX\AutoHotkeyUX.exe" "C:\Program Files\AutoHotkey\UX\launcher.ahk" "C:\Users\Admin\Desktop\AHK System talk script\SubScripts\BS_Words.ahk"

C:\Program Files\AutoHotkey\v1.1.37.02\AutoHotkeyU64.exe

"C:\Program Files\AutoHotkey\v1.1.37.02\AutoHotkeyU64.exe" "C:\Users\Admin\Desktop\AHK System talk script\SubScripts\BS_Words.ahk"

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 gofile.io udp
FR 51.38.43.18:443 gofile.io tcp
FR 51.38.43.18:443 gofile.io tcp
FR 51.38.43.18:443 gofile.io udp
US 8.8.8.8:53 18.43.38.51.in-addr.arpa udp
US 8.8.8.8:53 api.gofile.io udp
FR 45.112.123.126:443 api.gofile.io tcp
FR 45.112.123.126:443 api.gofile.io udp
US 8.8.8.8:53 126.123.112.45.in-addr.arpa udp
US 8.8.8.8:53 s.gofile.io udp
FR 51.75.242.210:443 s.gofile.io tcp
FR 51.75.242.210:443 s.gofile.io tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 210.242.75.51.in-addr.arpa udp
FR 142.250.179.106:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 ad.a-ads.com udp
DE 148.251.233.147:443 ad.a-ads.com tcp
US 8.8.8.8:53 106.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 147.233.251.148.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 static.a-ads.com udp
DE 148.251.194.214:443 static.a-ads.com tcp
US 8.8.8.8:53 234.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 131.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 214.194.251.148.in-addr.arpa udp
US 8.8.8.8:53 cold4.gofile.io udp
FR 31.14.70.247:443 cold4.gofile.io tcp
FR 31.14.70.247:443 cold4.gofile.io tcp
US 8.8.8.8:53 247.70.14.31.in-addr.arpa udp
FR 31.14.70.247:443 cold4.gofile.io udp
US 8.8.8.8:53 225.162.46.104.in-addr.arpa udp
US 8.8.8.8:53 81.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 streitmackled.com udp
NL 23.109.170.170:443 streitmackled.com tcp
US 8.8.8.8:53 170.170.109.23.in-addr.arpa udp
US 8.8.8.8:53 store4.gofile.io udp
FR 31.14.70.245:443 store4.gofile.io tcp
FR 31.14.70.245:443 store4.gofile.io tcp
FR 31.14.70.245:443 store4.gofile.io udp
US 8.8.8.8:53 245.70.14.31.in-addr.arpa udp
NL 52.142.223.178:80 tcp
US 8.8.8.8:53 57.110.18.2.in-addr.arpa udp
FR 51.38.43.18:443 api.gofile.io udp
US 8.8.8.8:53 s.gofile.io udp
FR 51.75.242.210:443 s.gofile.io tcp
FR 45.112.123.126:443 api.gofile.io udp
US 8.8.8.8:53 brittlesturdyunlovable.com udp
NL 94.242.247.20:443 brittlesturdyunlovable.com tcp
US 8.8.8.8:53 20.247.242.94.in-addr.arpa udp
US 8.8.8.8:53 clobberprocurertightwad.com udp
US 8.8.8.8:53 thelifeandmore.com udp
US 8.8.8.8:53 coosync.com udp
US 8.8.8.8:53 cdn.bncloudfl.com udp
NL 94.242.247.29:443 clobberprocurertightwad.com tcp
NL 88.211.205.212:443 thelifeandmore.com tcp
NL 212.117.190.217:443 coosync.com tcp
US 104.21.35.62:443 cdn.bncloudfl.com tcp
US 8.8.8.8:53 29.247.242.94.in-addr.arpa udp
US 8.8.8.8:53 212.205.211.88.in-addr.arpa udp
US 8.8.8.8:53 62.35.21.104.in-addr.arpa udp
US 8.8.8.8:53 217.190.117.212.in-addr.arpa udp
US 8.8.8.8:53 store10.gofile.io udp
FR 31.14.70.252:443 store10.gofile.io tcp
FR 31.14.70.252:443 store10.gofile.io tcp
FR 31.14.70.252:443 store10.gofile.io udp
US 8.8.8.8:53 252.70.14.31.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
FR 142.250.179.68:443 www.google.com tcp
FR 142.250.179.68:443 www.google.com udp
US 8.8.8.8:53 68.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
FR 216.58.214.170:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 170.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 163.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 duckduckgo.com udp
IE 52.142.124.215:443 duckduckgo.com tcp
IE 52.142.124.215:443 duckduckgo.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com tcp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 215.124.142.52.in-addr.arpa udp
US 8.8.8.8:53 35.215.58.216.in-addr.arpa udp
US 8.8.8.8:53 improving.duckduckgo.com udp
FR 216.58.214.170:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 links.duckduckgo.com udp
IE 20.223.54.233:443 links.duckduckgo.com tcp
IE 20.223.54.233:443 links.duckduckgo.com tcp
US 8.8.8.8:53 233.54.223.20.in-addr.arpa udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
US 8.8.8.8:53 222.125.142.52.in-addr.arpa udp
GB 92.123.142.97:443 www.bing.com tcp
US 8.8.8.8:53 gs-auto-clicker.en.softonic.com udp
US 151.101.65.91:443 gs-auto-clicker.en.softonic.com tcp
US 8.8.8.8:53 images.sftcdn.net udp
US 8.8.8.8:53 sc.sftcdn.net udp
US 8.8.8.8:53 sdk.privacy-center.org udp
US 8.8.8.8:53 softonic.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 www.clarity.ms udp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
GB 13.224.222.64:443 sdk.privacy-center.org tcp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 199.232.209.91:443 softonic.com tcp
US 199.232.209.91:443 softonic.com tcp
US 150.171.27.10:443 bat.bing.com tcp
FR 216.58.215.34:443 securepubads.g.doubleclick.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 13.107.246.64:443 www.clarity.ms tcp
US 151.101.65.91:443 sc.sftcdn.net udp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 91.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 97.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 91.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 64.222.224.13.in-addr.arpa udp
US 8.8.8.8:53 91.209.232.199.in-addr.arpa udp
US 8.8.8.8:53 200.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 10.27.171.150.in-addr.arpa udp
US 8.8.8.8:53 34.215.58.216.in-addr.arpa udp
US 8.8.8.8:53 syndicatedsearch.goog udp
FR 216.58.214.174:443 syndicatedsearch.goog tcp
FR 216.58.215.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 www.datadoghq-browser-agent.com udp
GB 18.172.148.233:443 www.datadoghq-browser-agent.com tcp
US 8.8.8.8:53 btloader.com udp
US 104.22.75.216:443 btloader.com tcp
GB 13.224.222.64:443 sdk.privacy-center.org udp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
GB 108.156.39.35:443 config.aps.amazon-adsystem.com tcp
FR 172.217.18.206:443 clients2.google.com tcp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 storage.googleapis.com udp
US 8.8.8.8:53 di-images.sftcdn.net udp
US 104.22.53.86:443 cdn.id5-sync.com tcp
US 8.8.8.8:53 43.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 9.223.224.13.in-addr.arpa udp
US 8.8.8.8:53 174.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 233.148.172.18.in-addr.arpa udp
US 8.8.8.8:53 216.75.22.104.in-addr.arpa udp
US 8.8.8.8:53 35.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 206.18.217.172.in-addr.arpa udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
FR 142.250.75.251:443 storage.googleapis.com tcp
US 8.8.8.8:53 h.clarity.ms udp
US 51.8.64.151:443 h.clarity.ms tcp
US 8.8.8.8:53 ad-delivery.net udp
US 172.67.69.19:443 ad-delivery.net tcp
US 172.67.69.19:443 ad-delivery.net tcp
US 172.67.69.19:443 ad-delivery.net tcp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 cdn.btmessage.com udp
US 130.211.23.194:443 api.btloader.com tcp
US 130.211.23.194:443 api.btloader.com tcp
US 104.26.7.141:443 cdn.btmessage.com tcp
US 172.67.69.19:443 ad-delivery.net tcp
US 8.8.8.8:53 api.btmessage.com udp
US 8.8.8.8:53 c.clarity.ms udp
US 8.8.8.8:53 notix.io udp
US 151.101.1.91:443 di-images.sftcdn.net udp
US 8.8.8.8:53 86.53.22.104.in-addr.arpa udp
US 8.8.8.8:53 251.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 151.64.8.51.in-addr.arpa udp
US 8.8.8.8:53 130.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 166.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 19.69.67.172.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 141.7.26.104.in-addr.arpa udp
IE 13.74.129.1:443 c.clarity.ms tcp
NL 139.45.197.227:443 notix.io tcp
US 8.8.8.8:53 c.bing.com udp
US 13.107.21.237:443 c.bing.com tcp
US 8.8.8.8:53 227.197.45.139.in-addr.arpa udp
US 8.8.8.8:53 1.129.74.13.in-addr.arpa udp
US 8.8.8.8:53 237.21.107.13.in-addr.arpa udp
US 8.8.8.8:53 api.privacy-center.org udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 id.crwdcntrl.net udp
GB 108.138.233.27:443 api.privacy-center.org tcp
US 8.8.8.8:53 shb.richaudience.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 8.8.8.8:53 ad.360yield.com udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 brightcombid.marphezis.com udp
US 8.8.8.8:53 partner.googleadservices.com udp
DE 162.19.138.118:443 id5-sync.com tcp
IE 54.154.69.222:443 id.crwdcntrl.net tcp
GB 18.172.154.232:443 aax.amazon-adsystem.com tcp
US 34.120.63.153:443 prebid.media.net tcp
US 104.18.36.155:443 htlb.casalemedia.com tcp
DE 178.63.241.79:443 shb.richaudience.com tcp
DE 178.63.241.79:443 shb.richaudience.com tcp
DE 178.63.241.79:443 shb.richaudience.com tcp
IE 52.212.196.153:443 ap.lijit.com tcp
DE 37.252.173.215:443 ib.adnxs.com tcp
DE 162.19.138.118:443 id5-sync.com tcp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
IE 3.251.24.2:443 ad.360yield.com tcp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 cdn-ima.33across.com udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
NL 188.166.203.175:443 brightcombid.marphezis.com tcp
NL 185.64.189.112:443 hbopenbid.pubmatic.com tcp
FR 185.255.84.150:443 hb-api.omnitagjs.com tcp
FR 142.250.201.162:443 partner.googleadservices.com tcp
US 8.8.8.8:53 fdc7021ba4e5c022989440adc59b0635.safeframe.googlesyndication.com udp
FR 216.58.214.174:443 syndicatedsearch.goog udp
US 151.101.129.229:443 cdn.jsdelivr.net tcp
GB 18.245.143.83:443 tags.crwdcntrl.net tcp
US 104.18.35.167:443 cdn-ima.33across.com tcp
FR 142.250.179.65:443 fdc7021ba4e5c022989440adc59b0635.safeframe.googlesyndication.com tcp
FR 172.217.20.194:443 ep1.adtrafficquality.google tcp
NL 178.250.1.3:443 static.criteo.net tcp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 108.138.233.27:443 api.privacy-center.org udp
US 8.8.8.8:53 apps.identrust.com udp
GB 92.123.143.201:80 apps.identrust.com tcp
US 8.8.8.8:53 27.233.138.108.in-addr.arpa udp
US 8.8.8.8:53 222.69.154.54.in-addr.arpa udp
US 8.8.8.8:53 118.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 232.154.172.18.in-addr.arpa udp
US 8.8.8.8:53 153.63.120.34.in-addr.arpa udp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 8.8.8.8:53 2.24.251.3.in-addr.arpa udp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
US 8.8.8.8:53 153.196.212.52.in-addr.arpa udp
US 8.8.8.8:53 175.203.166.188.in-addr.arpa udp
US 8.8.8.8:53 215.173.252.37.in-addr.arpa udp
US 8.8.8.8:53 112.189.64.185.in-addr.arpa udp
US 8.8.8.8:53 150.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 162.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 79.241.63.178.in-addr.arpa udp
US 8.8.8.8:53 229.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 83.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 167.35.18.104.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 194.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 116.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 174.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 65.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 226.20.18.104.in-addr.arpa udp
US 8.8.8.8:53 201.143.123.92.in-addr.arpa udp
FR 142.250.179.97:443 ep2.adtrafficquality.google tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
BE 74.125.71.155:443 stats.g.doubleclick.net tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 lexicon.33across.com udp
US 8.8.8.8:53 ampcid.google.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
FR 142.250.201.163:443 www.google.co.uk tcp
FR 216.58.213.78:443 ampcid.google.com tcp
US 35.244.193.51:443 lexicon.33across.com tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
FR 142.250.201.163:443 www.google.co.uk tcp
FR 142.250.178.129:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 dis.eu.criteo.com udp
NL 178.250.1.9:443 dis.eu.criteo.com tcp
US 8.8.8.8:53 rtb.gumgum.com udp
IE 176.34.91.67:443 rtb.gumgum.com tcp
FR 142.250.201.163:443 www.google.co.uk udp
US 8.8.8.8:53 ice.360yield.com udp
IE 52.210.45.118:443 ice.360yield.com tcp
US 8.8.8.8:53 97.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 155.71.125.74.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 51.193.244.35.in-addr.arpa udp
US 8.8.8.8:53 163.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 78.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 129.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 67.91.34.176.in-addr.arpa udp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 cdn.ampproject.org udp
US 8.8.8.8:53 8proof.com udp
FR 142.250.75.251:443 storage.googleapis.com udp
US 52.116.53.150:443 8proof.com tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
US 8.8.8.8:53 match.adsrvr.org udp
US 52.223.40.198:443 match.adsrvr.org tcp
US 8.8.8.8:53 en.softonic.com udp
US 52.116.53.150:443 8proof.com tcp
FR 216.58.215.34:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 118.45.210.52.in-addr.arpa udp
US 8.8.8.8:53 161.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 150.53.116.52.in-addr.arpa udp
US 8.8.8.8:53 198.40.223.52.in-addr.arpa udp
US 8.8.8.8:53 ce.lijit.com udp
IE 54.75.158.40:443 ce.lijit.com tcp
US 8.8.8.8:53 inmobi-match.dotomi.com udp
NL 63.215.202.137:443 inmobi-match.dotomi.com tcp
US 8.8.8.8:53 137.202.215.63.in-addr.arpa udp
US 8.8.8.8:53 40.158.75.54.in-addr.arpa udp
US 8.8.8.8:53 c1.adform.net udp
DK 37.157.6.231:443 c1.adform.net tcp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 8.8.8.8:53 sync.richaudience.com udp
US 8.8.8.8:53 visitor.omnitagjs.com udp
GB 2.18.108.192:443 ads.pubmatic.com tcp
GB 95.100.244.20:443 contextual.media.net tcp
US 172.64.149.180:443 js-sec.indexww.com tcp
DE 162.55.233.28:443 sync.richaudience.com tcp
DE 162.55.233.28:443 sync.richaudience.com tcp
US 8.8.8.8:53 pixel-us-east.rubiconproject.com udp
US 8.8.8.8:53 aorta.clickagy.com udp
US 8.8.8.8:53 t.adx.opera.com udp
US 8.8.8.8:53 cs.krushmedia.com udp
US 8.8.8.8:53 sync.serverbid.com udp
US 8.8.8.8:53 data.adsrvr.org udp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 231.6.157.37.in-addr.arpa udp
US 8.8.8.8:53 192.108.18.2.in-addr.arpa udp
US 8.8.8.8:53 20.244.100.95.in-addr.arpa udp
US 8.8.8.8:53 180.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 cms.quantserve.com udp
US 8.8.8.8:53 image6.pubmatic.com udp
US 8.8.8.8:53 us-u.openx.net udp
US 69.173.151.100:443 pixel-us-east.rubiconproject.com tcp
US 52.22.36.73:443 aorta.clickagy.com tcp
GB 143.204.176.129:443 sync.serverbid.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 8.2.110.134:443 cs.krushmedia.com tcp
US 34.98.64.218:443 us-u.openx.net tcp
US 8.8.8.8:53 cm.g.doubleclick.net udp
DE 91.228.74.159:443 cms.quantserve.com tcp
GB 185.64.190.78:443 image6.pubmatic.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
FR 216.58.213.66:443 cm.g.doubleclick.net tcp
FR 216.58.213.66:443 cm.g.doubleclick.net tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 8.8.8.8:53 hbx.media.net udp
GB 143.204.176.129:443 sync.serverbid.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 c21lg-d.media.net udp
US 8.8.8.8:53 medianet-match.dotomi.com udp
US 8.8.8.8:53 dis.criteo.com udp
NL 35.214.149.91:443 x.bidswitch.net tcp
GB 2.22.101.110:443 secure-assets.rubiconproject.com tcp
US 172.64.151.101:443 ssum-sec.casalemedia.com udp
IE 52.208.228.214:443 match.prod.bidr.io tcp
DE 51.89.9.253:443 onetag-sys.com tcp
IE 52.95.118.179:443 aax-eu.amazon-adsystem.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.8.8.8:53 s0.2mdn.net udp
NL 178.250.1.9:443 dis.criteo.com tcp
NL 64.158.223.140:443 medianet-match.dotomi.com tcp
US 8.8.8.8:53 cs.media.net udp
NL 178.250.1.9:443 dis.criteo.com tcp
US 8.8.8.8:53 um.simpli.fi udp
FR 142.250.178.134:443 s0.2mdn.net tcp
IE 52.95.118.179:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 8.8.8.8:53 ad.turn.com udp
NL 34.91.62.186:443 um.simpli.fi tcp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 8.8.8.8:53 eus.rubiconproject.com udp
FR 216.58.213.66:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 sync.crwdcntrl.net udp
US 8.8.8.8:53 cr.frontend.weborama.fr udp
US 8.8.8.8:53 mwzeom.zeotap.com udp
NL 46.228.164.11:443 ad.turn.com tcp
NL 34.91.62.186:443 um.simpli.fi tcp
US 8.8.8.8:53 pr-bh.ybp.yahoo.com udp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
US 8.8.8.8:53 ads.betweendigital.com udp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
US 34.98.64.218:443 us-u.openx.net udp
US 8.8.8.8:53 ums.acuityplatform.com udp
NL 89.149.193.84:443 ssbsync.smartadserver.com tcp
IE 52.95.118.179:443 aax-eu.amazon-adsystem.com tcp
IE 54.72.13.36:443 pr-bh.ybp.yahoo.com tcp
DE 3.71.149.231:443 ups.analytics.yahoo.com tcp
GB 95.100.245.251:443 eus.rubiconproject.com tcp
NL 188.42.191.196:443 ads.betweendigital.com tcp
US 8.8.8.8:53 simage2.pubmatic.com udp
NL 154.59.122.79:443 ums.acuityplatform.com tcp
US 8.8.8.8:53 bh.contextweb.com udp
US 216.239.32.36:443 region1.analytics.google.com udp
US 34.111.129.221:443 cr.frontend.weborama.fr tcp
US 172.67.40.173:443 mwzeom.zeotap.com tcp
GB 95.100.244.20:443 cs.media.net udp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
US 8.8.8.8:53 dsum-sec.casalemedia.com udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 8.8.8.8:53 csync.loopme.me udp
US 8.8.8.8:53 secure.adnxs.com udp
NL 89.149.193.84:443 ssbsync.smartadserver.com tcp
US 8.8.8.8:53 p.rfihub.com udp
US 8.8.8.8:53 cdn.indexww.com udp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 8.8.8.8:53 s.ad.smaato.net udp
NL 46.228.164.11:443 ad.turn.com tcp
US 52.46.130.91:443 s.amazon-adsystem.com tcp
NL 35.214.237.73:443 csync.loopme.me tcp
NL 193.0.160.130:443 p.rfihub.com tcp
GB 108.156.39.126:443 s.ad.smaato.net tcp
US 8.8.8.8:53 creativecdn.com udp
NL 185.184.8.90:443 creativecdn.com tcp
FR 185.255.84.152:443 visitor.omnitagjs.com tcp
US 151.101.1.108:443 acdn.adnxs.com tcp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
US 8.8.8.8:53 image2.pubmatic.com udp
US 8.8.8.8:53 pixel.tapad.com udp
GB 185.64.191.210:443 image2.pubmatic.com tcp
GB 185.64.191.210:443 image2.pubmatic.com tcp
US 8.8.8.8:53 eu-u.openx.net udp
FR 185.255.84.152:443 visitor.omnitagjs.com tcp
US 8.8.8.8:53 cdn-download.avgbrowser.com udp
US 34.111.113.62:443 pixel.tapad.com tcp
US 8.8.8.8:53 8.213.145.82.in-addr.arpa udp
US 8.8.8.8:53 218.64.98.34.in-addr.arpa udp
US 8.8.8.8:53 159.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 78.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 149.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 100.151.173.69.in-addr.arpa udp
US 8.8.8.8:53 73.36.22.52.in-addr.arpa udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 134.110.2.8.in-addr.arpa udp
US 8.8.8.8:53 66.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 129.176.204.143.in-addr.arpa udp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
US 8.8.8.8:53 110.101.22.2.in-addr.arpa udp
US 8.8.8.8:53 214.228.208.52.in-addr.arpa udp
US 8.8.8.8:53 179.118.95.52.in-addr.arpa udp
US 8.8.8.8:53 101.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 253.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 140.223.158.64.in-addr.arpa udp
US 8.8.8.8:53 134.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 186.62.91.34.in-addr.arpa udp
US 8.8.8.8:53 88.199.214.35.in-addr.arpa udp
US 8.8.8.8:53 84.193.149.89.in-addr.arpa udp
US 8.8.8.8:53 251.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 36.13.72.54.in-addr.arpa udp
US 8.8.8.8:53 231.149.71.3.in-addr.arpa udp
US 8.8.8.8:53 196.191.42.188.in-addr.arpa udp
US 8.8.8.8:53 79.122.59.154.in-addr.arpa udp
US 8.8.8.8:53 221.129.111.34.in-addr.arpa udp
US 8.8.8.8:53 173.40.67.172.in-addr.arpa udp
US 8.8.8.8:53 210.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
US 8.8.8.8:53 11.164.228.46.in-addr.arpa udp
US 8.8.8.8:53 73.237.214.35.in-addr.arpa udp
US 8.8.8.8:53 126.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 130.160.0.193.in-addr.arpa udp
US 8.8.8.8:53 91.130.46.52.in-addr.arpa udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
US 8.8.8.8:53 108.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 152.84.255.185.in-addr.arpa udp
GB 92.123.142.147:443 cdn-download.avgbrowser.com tcp
GB 92.123.142.147:443 cdn-download.avgbrowser.com tcp
US 8.8.8.8:53 api-2-0.spot.im udp
US 8.8.8.8:53 image8.pubmatic.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 tracker.open-adsyield.com udp
US 8.8.8.8:53 jadserve.postrelease.com udp
US 8.8.8.8:53 id.rlcdn.com udp
US 8.8.8.8:53 player.aniview.com udp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 8.8.8.8:53 ssc-cms.33across.com udp
DE 51.89.9.253:443 onetag-sys.com udp
NL 198.47.127.18:443 image8.pubmatic.com tcp
US 52.45.172.157:443 api-2-0.spot.im tcp
US 54.211.52.44:443 sync.srv.stackadapt.com tcp
US 172.111.38.111:443 tracker.open-adsyield.com tcp
GB 92.123.140.19:443 player.aniview.com tcp
US 18.205.0.76:443 cs-server-s2s.yellowblue.io tcp
IE 52.49.168.145:443 jadserve.postrelease.com tcp
US 35.244.174.68:443 id.rlcdn.com tcp
US 67.202.105.23:443 ssc-cms.33across.com tcp
IE 52.49.168.145:443 jadserve.postrelease.com tcp
US 35.244.174.68:443 id.rlcdn.com tcp
US 8.8.8.8:53 sync.targeting.unrulymedia.com udp
GB 92.123.140.19:443 player.aniview.com tcp
US 18.205.0.76:443 cs-server-s2s.yellowblue.io tcp
US 67.202.105.23:443 ssc-cms.33across.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 8.8.8.8:53 bttrack.com udp
US 192.132.33.68:443 bttrack.com tcp
US 8.8.8.8:53 sync.aniview.com udp
US 172.240.45.78:443 sync.aniview.com tcp
US 192.132.33.68:443 bttrack.com tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com udp
US 8.8.8.8:53 sync.mathtag.com udp
US 8.8.8.8:53 ads.stickyadstv.com udp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 ssbsync-global.smartadserver.com udp
US 8.8.8.8:53 spl.zeotap.com udp
US 8.8.8.8:53 equativ-match.dotomi.com udp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
US 8.8.8.8:53 sync-tm.everesttech.net udp
US 74.121.140.211:443 sync.mathtag.com tcp
US 80.77.87.166:443 cs.admanmedia.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
NL 154.57.158.115:443 ads.stickyadstv.com tcp
US 151.101.2.49:443 sync-tm.everesttech.net tcp
US 172.240.45.78:443 sync.aniview.com tcp
FR 149.202.238.105:443 rtb-csync.smartadserver.com tcp
FR 149.202.238.105:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 62.113.111.34.in-addr.arpa udp
US 8.8.8.8:53 147.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 18.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 111.38.111.172.in-addr.arpa udp
US 8.8.8.8:53 157.172.45.52.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 19.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 145.168.49.52.in-addr.arpa udp
US 8.8.8.8:53 76.0.205.18.in-addr.arpa udp
US 8.8.8.8:53 23.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 233.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 68.33.132.192.in-addr.arpa udp
US 151.101.2.49:443 sync-tm.everesttech.net tcp
US 52.46.130.91:443 s.amazon-adsystem.com tcp
US 172.240.45.78:443 sync.aniview.com udp
NL 35.214.237.73:443 csync.loopme.me tcp
NL 154.57.158.115:443 ads.stickyadstv.com tcp
US 8.8.8.8:53 match.sharethrough.com udp
US 8.8.8.8:53 simage4.pubmatic.com udp
DE 18.195.234.25:443 match.sharethrough.com tcp
US 8.8.8.8:53 token.rubiconproject.com udp
US 8.8.8.8:53 pubmatic-match.dotomi.com udp
NL 198.47.127.20:443 simage4.pubmatic.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
NL 63.215.202.172:443 pubmatic-match.dotomi.com tcp
NL 35.214.237.73:443 csync.loopme.me tcp
IE 54.154.175.66:443 cs.yellowblue.io tcp
IE 54.154.175.66:443 cs.yellowblue.io tcp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 115.158.57.154.in-addr.arpa udp
US 8.8.8.8:53 105.238.202.149.in-addr.arpa udp
US 8.8.8.8:53 166.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 211.140.121.74.in-addr.arpa udp
US 8.8.8.8:53 78.45.240.172.in-addr.arpa udp
US 8.8.8.8:53 25.234.195.18.in-addr.arpa udp
US 8.8.8.8:53 20.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 172.202.215.63.in-addr.arpa udp
US 8.8.8.8:53 49.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 dsp-cookie.adfarm1.adition.com udp
US 8.8.8.8:53 ads.avct.cloud udp
DE 80.82.210.217:443 dsp-cookie.adfarm1.adition.com tcp
US 8.8.8.8:53 dsp-ap.eskimi.com udp
NL 188.42.63.48:443 dsp-ap.eskimi.com tcp
US 8.8.8.8:53 ad.mrtnsvr.com udp
US 8.8.8.8:53 ipac.ctnsnet.com udp
US 8.8.8.8:53 d5p.de17a.com udp
NL 35.214.237.73:443 csync.loopme.me tcp
US 8.8.8.8:53 core.iprom.net udp
US 8.8.8.8:53 cm.adgrx.com udp
US 8.8.8.8:53 cm-supply-web.gammaplatform.com udp
US 8.8.8.8:53 66.175.154.54.in-addr.arpa udp
US 8.8.8.8:53 green.erne.co udp
US 8.8.8.8:53 217.210.82.80.in-addr.arpa udp
US 8.8.8.8:53 48.63.42.188.in-addr.arpa udp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
US 35.186.193.173:443 ipac.ctnsnet.com tcp
SE 13.50.192.155:443 d5p.de17a.com tcp
IE 52.215.155.11:443 cm.adgrx.com tcp
SI 195.5.165.20:443 core.iprom.net tcp
US 8.8.8.8:53 a.tribalfusion.com udp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
US 8.8.8.8:53 matching.truffle.bid udp
FR 141.94.242.204:443 green.erne.co tcp
US 8.8.8.8:53 uipglob.semasio.net udp
US 8.8.8.8:53 pixel.onaudience.com udp
DE 23.88.86.2:443 matching.truffle.bid tcp
US 8.8.8.8:53 match.adsby.bidtheatre.com udp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
US 172.64.150.63:443 a.tribalfusion.com tcp
FR 54.38.113.4:443 pixel.onaudience.com tcp
NL 188.166.17.21:443 match.adsby.bidtheatre.com tcp
DK 77.243.51.122:443 uipglob.semasio.net tcp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
US 8.8.8.8:53 pixel-eu.onaudience.com udp
DE 23.88.86.2:443 matching.truffle.bid tcp
FR 54.38.113.5:443 pixel-eu.onaudience.com tcp
NL 193.0.160.130:443 p.rfihub.com tcp
IE 52.208.228.214:443 match.prod.bidr.io tcp
US 8.8.8.8:53 s.tribalfusion.com udp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
US 35.186.193.173:443 ipac.ctnsnet.com udp
NL 35.214.237.73:443 csync.loopme.me tcp
SI 195.5.165.20:443 core.iprom.net tcp
US 172.64.150.63:443 s.tribalfusion.com udp
US 8.8.8.8:53 173.193.186.35.in-addr.arpa udp
US 8.8.8.8:53 6.163.102.34.in-addr.arpa udp
US 8.8.8.8:53 11.155.215.52.in-addr.arpa udp
US 8.8.8.8:53 155.192.50.13.in-addr.arpa udp
US 8.8.8.8:53 204.242.94.141.in-addr.arpa udp
US 8.8.8.8:53 20.165.5.195.in-addr.arpa udp
US 8.8.8.8:53 4.113.38.54.in-addr.arpa udp
US 8.8.8.8:53 21.17.166.188.in-addr.arpa udp
US 8.8.8.8:53 63.150.64.172.in-addr.arpa udp
US 8.8.8.8:53 122.51.243.77.in-addr.arpa udp
US 8.8.8.8:53 5.113.38.54.in-addr.arpa udp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
US 34.120.63.153:443 prebid.media.net udp
US 51.8.64.151:443 h.clarity.ms tcp
US 8.8.8.8:53 eb2.3lift.com udp
US 8.8.8.8:53 sync.ipredictive.com udp
US 8.8.8.8:53 match.deepintent.com udp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 76.223.111.18:443 eb2.3lift.com tcp
US 54.161.228.108:443 sync.ipredictive.com tcp
US 169.197.150.7:443 match.deepintent.com tcp
US 64.202.112.159:443 b1sync.zemanta.com tcp
US 8.8.8.8:53 usersync.gumgum.com udp
IE 52.210.15.1:443 usersync.gumgum.com tcp
IE 52.210.15.1:443 usersync.gumgum.com tcp
GB 92.123.142.97:443 www.bing.com udp
US 199.232.209.91:443 softonic.com udp
US 104.26.7.141:443 api.btmessage.com tcp
US 8.8.8.8:53 tg.socdm.com udp
JP 124.146.153.151:443 tg.socdm.com tcp
JP 124.146.153.151:443 tg.socdm.com tcp
US 8.8.8.8:53 18.111.223.76.in-addr.arpa udp
US 8.8.8.8:53 7.150.197.169.in-addr.arpa udp
US 8.8.8.8:53 159.112.202.64.in-addr.arpa udp
US 8.8.8.8:53 108.228.161.54.in-addr.arpa udp
US 8.8.8.8:53 1.15.210.52.in-addr.arpa udp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
DE 23.88.86.2:443 matching.truffle.bid tcp
US 8.8.8.8:53 connect.facebook.net udp
US 151.101.65.91:443 en.softonic.com udp
ES 157.240.5.10:443 connect.facebook.net tcp
US 8.8.8.8:53 151.153.146.124.in-addr.arpa udp
US 8.8.8.8:53 10.5.240.157.in-addr.arpa udp
US 8.8.8.8:53 213c36cb668ca82b1bea563cd201cb89.safeframe.googlesyndication.com udp
ES 157.240.5.10:443 connect.facebook.net udp
US 130.211.23.194:443 api.btloader.com udp
US 8.8.8.8:53 www.facebook.com udp
ES 157.240.5.35:443 www.facebook.com tcp
ES 157.240.5.35:443 www.facebook.com tcp
US 54.211.52.44:443 sync.srv.stackadapt.com tcp
US 8.8.8.8:53 a.sportradarserving.com udp
NL 35.214.174.141:443 a.sportradarserving.com tcp
US 8.8.8.8:53 35.5.240.157.in-addr.arpa udp
US 8.8.8.8:53 141.174.214.35.in-addr.arpa udp
NL 35.214.174.141:443 a.sportradarserving.com udp
FR 172.217.20.194:443 ep1.adtrafficquality.google udp
NL 139.45.197.227:443 notix.io tcp
DE 162.55.233.28:443 sync.richaudience.com tcp
FR 216.58.215.34:443 googleads.g.doubleclick.net udp
NL 178.250.1.9:443 dis.criteo.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 35.244.174.68:443 id.rlcdn.com udp
NL 154.59.122.79:443 ums.acuityplatform.com tcp
US 8.8.8.8:53 u.ipw.metadsp.co.uk udp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 8.8.8.8:53 casale-match.dotomi.com udp
US 8.8.8.8:53 pm.w55c.net udp
NL 35.214.132.90:443 u.ipw.metadsp.co.uk tcp
US 8.8.8.8:53 gw-iad-bid.ymmobi.com udp
NL 89.207.16.204:443 casale-match.dotomi.com tcp
DE 18.195.234.25:443 match.sharethrough.com tcp
NL 35.214.237.73:443 csync.loopme.me tcp
IE 52.48.192.135:443 pm.w55c.net tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
FR 149.202.238.105:443 rtb-csync.smartadserver.com tcp
US 47.253.61.56:443 gw-iad-bid.ymmobi.com tcp
FR 149.202.238.105:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 dsum.casalemedia.com udp
US 8.8.8.8:53 90.132.214.35.in-addr.arpa udp
US 8.8.8.8:53 204.16.207.89.in-addr.arpa udp
US 8.8.8.8:53 135.192.48.52.in-addr.arpa udp
US 8.8.8.8:53 56.61.253.47.in-addr.arpa udp
ES 157.240.5.35:443 www.facebook.com udp
DE 162.19.138.118:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 js.adscale.de udp
GB 18.245.143.101:443 js.adscale.de tcp
US 8.8.8.8:53 84d9a1d76cb2a8da239c16666c68a63f.safeframe.googlesyndication.com udp
US 8.8.8.8:53 101.143.245.18.in-addr.arpa udp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 ih.adscale.de udp
DE 18.159.128.147:443 ih.adscale.de tcp
US 8.8.8.8:53 articles-img.sftcdn.net udp
DE 162.19.138.118:443 lb.eu-1-id5-sync.com tcp
US 35.244.193.51:443 lexicon.33across.com udp
US 8.8.8.8:53 push-sdk.com udp
DE 157.90.33.68:443 push-sdk.com tcp
US 8.8.8.8:53 uidsync.net udp
DE 157.90.33.72:443 uidsync.net tcp
US 8.8.8.8:53 147.128.159.18.in-addr.arpa udp
US 8.8.8.8:53 98.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 68.33.90.157.in-addr.arpa udp
US 8.8.8.8:53 72.33.90.157.in-addr.arpa udp
DE 157.90.33.72:443 uidsync.net tcp
US 8.8.8.8:53 rtd-tm.everesttech.net udp
FR 216.58.215.34:443 googleads.g.doubleclick.net udp
NL 35.214.237.73:443 csync.loopme.me tcp
US 8.8.8.8:53 ads.yieldmo.com udp
IE 18.200.89.214:443 ads.yieldmo.com tcp
US 8.8.8.8:53 214.89.200.18.in-addr.arpa udp
NL 139.45.197.227:443 notix.io tcp
US 8.8.8.8:53 gsf-fl.softonic.com udp
US 199.232.194.133:443 gsf-fl.softonic.com tcp
DE 162.55.233.28:443 sync.richaudience.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
IE 52.208.228.214:443 match.prod.bidr.io tcp
US 54.211.52.44:443 sync.srv.stackadapt.com tcp
US 67.202.105.23:443 ssc-cms.33across.com tcp
US 8.8.8.8:53 133.194.232.199.in-addr.arpa udp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 8.8.8.8:53 inv-nets.admixer.net udp
FR 149.202.238.105:443 rtb-csync.smartadserver.com tcp
DE 116.202.167.155:443 inv-nets.admixer.net tcp
DE 18.195.234.25:443 match.sharethrough.com tcp
DE 162.55.120.196:443 matching.truffle.bid tcp
US 8.8.8.8:53 sonata-notifications.taptapnetworks.com udp
DE 162.55.120.196:443 matching.truffle.bid tcp
DE 54.93.104.240:443 sonata-notifications.taptapnetworks.com tcp
FR 149.202.238.105:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 155.167.202.116.in-addr.arpa udp
US 8.8.8.8:53 240.104.93.54.in-addr.arpa udp
DE 162.55.120.196:443 matching.truffle.bid tcp
US 51.8.64.151:443 h.clarity.ms tcp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons4.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 8.8.8.8:53 116.32.239.216.in-addr.arpa udp
DE 37.252.173.215:443 secure.adnxs.com tcp
US 8.8.8.8:53 ad.360yield.com udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 104.18.36.155:443 dsum.casalemedia.com udp
NL 188.166.203.175:443 brightcombid.marphezis.com tcp
US 8.8.8.8:53 prebid.media.net udp
IE 99.81.230.240:443 ad.360yield.com tcp
US 34.120.63.153:443 prebid.media.net udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
FR 185.255.84.150:443 hb-api.omnitagjs.com tcp
US 8.8.8.8:53 240.230.81.99.in-addr.arpa udp
FR 216.58.215.34:443 googleads.g.doubleclick.net udp
FR 142.250.201.163:443 www.google.co.uk udp
FR 142.250.201.163:443 www.google.co.uk tcp
FR 216.58.215.34:443 googleads.g.doubleclick.net udp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 gs-auto-clicker.en.softonic.com udp
US 104.26.7.141:443 api.btmessage.com tcp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 sc.sftcdn.net udp
US 199.232.209.91:443 softonic.com udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 151.101.193.91:443 sc.sftcdn.net udp
US 151.101.129.91:443 sc.sftcdn.net udp
US 8.8.8.8:53 h.clarity.ms udp
US 216.239.32.36:443 region1.analytics.google.com udp
FR 142.250.201.163:443 www.google.co.uk udp
US 51.8.64.151:443 h.clarity.ms tcp
US 8.8.8.8:53 images.sftcdn.net udp
US 151.101.129.91:443 images.sftcdn.net udp
US 8.8.8.8:53 sdk.privacy-center.org udp
US 151.101.1.91:443 images.sftcdn.net udp
GB 13.224.222.64:443 sdk.privacy-center.org udp
US 8.8.8.8:53 csm.nl3.eu.criteo.net udp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
US 8.8.8.8:53 91.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 91.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 25.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 360de93ac2e23e5d68452d464781b801.safeframe.googlesyndication.com udp
US 8.8.8.8:53 www.facebook.com udp
FR 142.250.179.68:443 www.google.com udp
ES 157.240.5.35:443 www.facebook.com udp
BE 74.125.71.155:443 stats.g.doubleclick.net udp
US 130.211.23.194:443 api.btloader.com udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
IE 67.220.228.203:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 203.228.220.67.in-addr.arpa udp
DE 51.89.9.253:443 onetag-sys.com tcp
US 8.8.8.8:53 en.softonic.com udp
FR 216.58.214.174:443 syndicatedsearch.goog udp
US 8.8.8.8:53 2e137e29162cbd6934f02b3e7b5f2bc8.safeframe.googlesyndication.com udp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
US 8.8.8.8:53 bid.g.doubleclick.net udp
BE 142.251.168.154:443 bid.g.doubleclick.net tcp
FR 216.58.213.66:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 154.168.251.142.in-addr.arpa udp
FR 142.250.178.134:443 s0.2mdn.net udp
US 8.8.8.8:53 improving.duckduckgo.com udp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
US 8.8.8.8:53 www.autohotkey.com udp
US 104.21.89.135:443 www.autohotkey.com tcp
US 104.21.89.135:443 www.autohotkey.com tcp
US 104.21.89.135:443 www.autohotkey.com tcp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 135.89.21.104.in-addr.arpa udp
US 8.8.8.8:53 73.80.16.104.in-addr.arpa udp
US 104.17.52.49:443 badge.hardenize.com tcp
US 8.8.8.8:53 49.52.17.104.in-addr.arpa udp
US 8.8.8.8:53 beacons.gvt2.com udp
FR 142.250.179.99:443 beacons.gvt2.com tcp
FR 142.250.179.99:443 beacons.gvt2.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 99.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.autohotkey.com udp
US 172.67.159.204:443 www.autohotkey.com tcp
US 172.67.159.204:443 www.autohotkey.com tcp
US 8.8.8.8:53 204.159.67.172.in-addr.arpa udp
US 172.67.159.204:443 www.autohotkey.com tcp
US 172.67.159.204:443 www.autohotkey.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
FR 142.250.201.163:443 www.google.co.uk udp
FR 172.217.18.206:443 clients2.google.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp

Files

\??\pipe\crashpad_4880_TUIBDWNTEUMHIPNW

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 fe286dedd4691c392d4a7cf1ba164b63
SHA1 184e60d12f97c72d0df7efdb3244f17030ce5caa
SHA256 6b029e288cebbcf916f2abcc4ed8ca0bb1acad257b41d249f7b27c86f3540879
SHA512 6fccce8a985035ad845c07fb207c2a2266c76a00687d55ccafe00eb80935364eddf5fbc57673623cb7284c5a73dc4c9e8173b47ff590885ac20ffdd2639b248f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 94ace4867dfd339e3afd2fcd77f4d5bf
SHA1 a8d4dcf459fd05e38c625426df7554352de3055f
SHA256 3a3a94317eaeb5ad2bef43181f95d5125273ac81bf845578928787ced6c3f864
SHA512 af516a02d376e81781412884191db86a3f671c720ac4faa0ccbe30c45b4e24bb3f67e4cb6619c5dd10bffd48db59fea8f9b26b2957d87121c9f539087939f786

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3429a091f8f6f4b8cecbe981a10f8632
SHA1 eb3aea5e6d92ded2ae722fbb4ee4bb8c3a1cfd2a
SHA256 e504384aafc99403cb576c6ffa0688c9433399d2bb68e18a0e2cbb1e349d3d50
SHA512 c8b17479e1eb1b651e3d39f527c890392a9e42090c7a9a138aa9162b3ccab5f1bcfc90e016954360bddac5a7f5108c7b9c6f128c8e71caf9948298c4ec65e20a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ab4242fe6118503d9ba9882971383346
SHA1 f9bf7d88b5f32280d7ef3f04cf2394e165329eed
SHA256 b57cc352c8b7a4eebdad7495c28441d44c674e9a00defeb016d4ada71261d364
SHA512 abfe8192af6958fceee94c30ee9604889c0bded700cd2bf608d285587c9cd9bc03ace55e5a0eb0e33bbe5dd94b95bec12adc8263b7804e7ae3520e2d235821aa

C:\Users\Admin\Downloads\Unconfirmed 206716.crdownload

MD5 e37503c578dc7e537eb40f2efc569ea5
SHA1 487668398787b836baf1e50e5f9db0e010c72897
SHA256 0a6805f57a3f223147e4065b19672cbb682276b306d89e3c4dfbe0b93208160f
SHA512 f75432e75f1909324782c6843318bfa3dc7f90e2dffebe4432fcdb583cf9e960423e1d4e29c98dc764f15e4e2586251c4b687373935eb8c8d87245f50b21ac18

C:\Users\Admin\AppData\Local\Temp\_MEI45802\python312.dll

MD5 3c388ce47c0d9117d2a50b3fa5ac981d
SHA1 038484ff7460d03d1d36c23f0de4874cbaea2c48
SHA256 c98ba3354a7d1f69bdca42560feec933ccba93afcc707391049a065e1079cddb
SHA512 e529c5c1c028be01e44a156cd0e7cad0a24b5f91e5d34697fafc395b63e37780dc0fac8f4c5d075ad8fe4bd15d62a250b818ff3d4ead1e281530a4c7e3ce6d35

C:\Users\Admin\AppData\Local\Temp\_MEI45802\VCRUNTIME140.dll

MD5 be8dbe2dc77ebe7f88f910c61aec691a
SHA1 a19f08bb2b1c1de5bb61daf9f2304531321e0e40
SHA256 4d292623516f65c80482081e62d5dadb759dc16e851de5db24c3cbb57b87db83
SHA512 0da644472b374f1da449a06623983d0477405b5229e386accadb154b43b8b083ee89f07c3f04d2c0c7501ead99ad95aecaa5873ff34c5eeb833285b598d5a655

C:\Users\Admin\AppData\Local\Temp\_MEI45802\base_library.zip

MD5 8dad91add129dca41dd17a332a64d593
SHA1 70a4ec5a17ed63caf2407bd76dc116aca7765c0d
SHA256 8de4f013bfecb9431aabaa97bb084fb7de127b365b9478d6f7610959bf0d2783
SHA512 2163414bc01fc30d47d1de763a8332afe96ea7b296665b1a0840d5197b7e56f4963938e69de35cd2bf89158e5e2240a1650d00d86634ac2a5e2ad825455a2d50

C:\Users\Admin\AppData\Local\Temp\_MEI45802\_ctypes.pyd

MD5 bbd5533fc875a4a075097a7c6aba865e
SHA1 ab91e62c6d02d211a1c0683cb6c5b0bdd17cbf00
SHA256 be9828a877e412b48d75addc4553d2d2a60ae762a3551f9731b50cae7d65b570
SHA512 23ef351941f459dee7ed2cebbae21969e97b61c0d877cfe15e401c36369d2a2491ca886be789b1a0c5066d6a8835fd06db28b5b28fb6e9df84c2d0b0d8e9850e

\Users\Admin\AppData\Local\Temp\_MEI45802\libffi-8.dll

MD5 0f8e4992ca92baaf54cc0b43aaccce21
SHA1 c7300975df267b1d6adcbac0ac93fd7b1ab49bd2
SHA256 eff52743773eb550fcc6ce3efc37c85724502233b6b002a35496d828bd7b280a
SHA512 6e1b223462dc124279bfca74fd2c66fe18b368ffbca540c84e82e0f5bcbea0e10cc243975574fa95ace437b9d8b03a446ed5ee0c9b1b094147cefaf704dfe978

C:\Users\Admin\AppData\Local\Temp\_MEI45802\_bz2.pyd

MD5 223fd6748cae86e8c2d5618085c768ac
SHA1 dcb589f2265728fe97156814cbe6ff3303cd05d3
SHA256 f81dc49eac5ecc528e628175add2ff6bda695a93ea76671d7187155aa6326abb
SHA512 9c22c178417b82e68f71e5b7fe7c0c0a77184ee12bd0dc049373eace7fa66c89458164d124a9167ae760ff9d384b78ca91001e5c151a51ad80c824066b8ecce6

C:\Users\Admin\AppData\Local\Temp\_MEI45802\_socket.pyd

MD5 dc06f8d5508be059eae9e29d5ba7e9ec
SHA1 d666c88979075d3b0c6fd3be7c595e83e0cb4e82
SHA256 7daff6aa3851a913ed97995702a5dfb8a27cb7cf00fb496597be777228d7564a
SHA512 57eb36bc1e9be20c85c34b0a535b2349cb13405d60e752016e23603c4648939f1150e4dbebc01ec7b43eb1a6947c182ccb8a806e7e72167ad2e9d98d1fd94ab3

\Users\Admin\AppData\Local\Temp\_MEI45802\_lzma.pyd

MD5 05e8b2c429aff98b3ae6adc842fb56a3
SHA1 834ddbced68db4fe17c283ab63b2faa2e4163824
SHA256 a6e2a5bb7a33ad9054f178786a031a46ea560faeef1fb96259331500aae9154c
SHA512 badeb99795b89bc7c1f0c36becc7a0b2ce99ecfd6f6bb493bda24b8e57e6712e23f4c509c96a28bc05200910beddc9f1536416bbc922331cae698e813cbb50b3

C:\Users\Admin\AppData\Local\Temp\_MEI45802\_hashlib.pyd

MD5 eedb6d834d96a3dffffb1f65b5f7e5be
SHA1 ed6735cfdd0d1ec21c7568a9923eb377e54b308d
SHA256 79c4cde23397b9a35b54a3c2298b3c7a844454f4387cb0693f15e4facd227dd2
SHA512 527bd7bb2f4031416762595f4ce24cbc6254a50eaf2cc160b930950c4f2b3f5e245a486972148c535f8cd80c78ec6fa8c9a062085d60db8f23d4b21e8ae4c0ad

C:\Users\Admin\AppData\Local\Temp\_MEI45802\_decimal.pyd

MD5 3055edf761508190b576e9bf904003aa
SHA1 f0dc8d882b5cd7955cc6dfc8f9834f70a83c7890
SHA256 e4104e47399d3f635a14d649f61250e9fd37f7e65c81ffe11f099923f8532577
SHA512 87538fe20bd2c1150a8fefd0478ffd32e2a9c59d22290464bf5dfb917f6ac7ec874f8b1c70d643a4dc3dd32cbe17e7ea40c0be3ea9dd07039d94ab316f752248

C:\Users\Admin\AppData\Local\Temp\_MEI45802\unicodedata.pyd

MD5 16be9a6f941f1a2cb6b5fca766309b2c
SHA1 17b23ae0e6a11d5b8159c748073e36a936f3316a
SHA256 10ffd5207eeff5a836b330b237d766365d746c30e01abf0fd01f78548d1f1b04
SHA512 64b7ecc58ae7cf128f03a0d5d5428aaa0d4ad4ae7e7d19be0ea819bbbf99503836bfe4946df8ee3ab8a92331fdd002ab9a9de5146af3e86fef789ce46810796b

C:\Users\Admin\AppData\Local\Temp\_MEI45802\startup.bat

MD5 092cca9938fa867de3eb08131f027dea
SHA1 40efcf1d972e796bbf938f730ff3cd91b2bcaa82
SHA256 3f0514e4a5e9c1e7669402439bfee72712591712571e5d4923614f5afe1054ac
SHA512 0092235596e0a460529fa7cd75c494f7be8eac29a7e72202fe24584dc83ba0402a2b394828c5958a694d3a93ec5dc929288bb4c6fe5e0fb4b063932c0b8ef4df

C:\Users\Admin\AppData\Local\Temp\_MEI45802\select.pyd

MD5 92b440ca45447ec33e884752e4c65b07
SHA1 5477e21bb511cc33c988140521a4f8c11a427bcc
SHA256 680df34fb908c49410ac5f68a8c05d92858acd111e62d1194d15bdce520bd6c3
SHA512 40e60e1d1445592c5e8eb352a4052db28b1739a29e16b884b0ba15917b058e66196988214ce473ba158704837b101a13195d5e48cb1dc2f07262dfecfe8d8191

C:\Users\Admin\AppData\Local\Temp\_MEI45802\libcrypto-3.dll

MD5 e547cf6d296a88f5b1c352c116df7c0c
SHA1 cafa14e0367f7c13ad140fd556f10f320a039783
SHA256 05fe080eab7fc535c51e10c1bd76a2f3e6217f9c91a25034774588881c3f99de
SHA512 9f42edf04c7af350a00fa4fdf92b8e2e6f47ab9d2d41491985b20cd0adde4f694253399f6a88f4bdd765c4f49792f25fb01e84ec03fd5d0be8bb61773d77d74d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 675664952415164b432177dc4da23f8b
SHA1 2526897ae23d676fad801a567b1dd1bafffd8337
SHA256 c58ce2c6d8c472d78a3804f240b30824eeb6ac7df76984a67cea56a477415645
SHA512 ca070547210d88d6a86c5dccbab4810543c89e5b37615e0bf52ee99593f597e175571ce9d24b7ac47882699e7fbcd6f34881d282194cdb0c7d81122e24980f8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 536b944c23cd3ac502665af00dd9941a
SHA1 6d4b689b1115de6f5e8f90d91f0ccbb0d3ead678
SHA256 ed5f8dc398d1ca3a05b8174d2721544320249df497d39806b10c14203e1c0255
SHA512 c08f814a996a440a708ec9bc660bc1e09752e1698a53611080f54a76289badce5d42451ef5303ee263ac5edaaec3bd99b76111f491caf0d56202ad3a54d24555

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 5638efb435f571fc39cbcac290bc3c9b
SHA1 842e5900974631fe658d7573617a0229901d404b
SHA256 8a5e1bade09d7a2feee72af3c0d8569832c8512cafa530bbccf919d4330d5cac
SHA512 a905bfa08072c5b3c0608c198a5a07b32b11e55af19fa62b1b05c51350ecb2225814b10f7394ab8b39f948a793799d2cb925fa1880c398f5654ccdac7fe99b52

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe580df5.TMP

MD5 3b484f0f7a5d66c2d274f92c437979f4
SHA1 7028bdb0f2db3ace11aea9081673df4b44d42172
SHA256 50188b3875582663aef1876f5e5dd0f3076f0ecb7864e9f52d3b62786bb4bd2b
SHA512 ed871a26ffe02b7b5b136f4c79c89db298689b0a50934b34ea60705b56472ff08dcbb31da92f46793ea1735d7615a8a0c9192e4fcbbc7f4c7762496d1f54cfcc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d473b75c62f3011d0ee1cdf69bdd1029
SHA1 9f0eacf75391859b461f73ce668853ea619efdeb
SHA256 afe80555dabdfa14426980ba05f025c2a53f5b4c27704102cf9e7057ada30d68
SHA512 ceab590fa64bddf5341c521b5e462c8fee9046b1b60bfa6e440d0f2e184e6b134697fd7474b03f0be250c5a214bf507d2f2d757dc18cbbe880e99d1e2ed44ef3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 adf882fe35d123478a56662703bc8c95
SHA1 1a2f01d321502cdc0a7572a30167a23d953513ef
SHA256 863b3eafde8afaed93931a5de09328c180d0ca6e1d0c0f477e908270e038c4b3
SHA512 c5f8d344e728df1eb3fccb3a98697d455733d2c62ccc53f5914c5cd0dc80e6bd2c0d4dd8a95248e930441c272a15f1a98f7993c44ffe74ed28660ff54fadae30

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6ba70569ad95f22ca5f4863832e358dd
SHA1 9ac72973b580fd6a33c11c5b256555d59000f2b5
SHA256 aaf11d61caa7813af66513bf4fd6c21aff2cedf92d3e7f5090edd876374a1cde
SHA512 c36dd7dd8709a4ce057d4cd2b93179bb62eb723d7a1160b7bfa57677290c08591eb7036706dc9322c4ac6aac46a52f6534656ffe869de79faafddaf8a2495c2f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3490c3fc7c1162a575f3bbe5acea32b6
SHA1 716df4c0e20ec91a682f97925db52fb732e11eac
SHA256 ecfd58d6bbcc845108dc1b065131f09382756310ac2001eaa50cd7de49a8b386
SHA512 2e70a97ae6e71b60598c6565af5b48fba3734a7fdf321855fb81e85114a5e937478489418f39ba84317e3af4cc59ba3872d044c7854a8accd95f5f5a60eae528

C:\Users\Admin\Downloads\click.exe

MD5 64b1eaea3544224287a33d80ba871f57
SHA1 63e51c01c03d339b280cb18b44b25d793e927a8e
SHA256 5e407c3e8ccfa2b03ec5611b193ebfd5d272e9d075b2a6bba91cccd788918ad5
SHA512 7efcfef5d07fe199bb918970e0aaf975973f1984f286d16528a9e389fac0bd88bffecce04bbceb0ccf7d39b64b692089509e943af0c7a2e99386af59cb58ea04

C:\Users\Admin\AppData\Local\Temp\FBBB.tmp\FBBC.tmp\FBBD.bat

MD5 f07e3049ec72c99664fbfb28b748062f
SHA1 430d6cb6d5dedd2ebfdb2bdc771f5d45ed98499e
SHA256 2e8c2cf209e923867c0feb531ec87cf8c63b836b68a61030329fdba13f79d4d5
SHA512 e98a85ae22ee97d40bbc3040b49380d6a2b60269b0af064dae58470e47f8df37ef08f36a995fca02218ecc28076d006d566970f33c5569ab485d741cc2af005f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9de9a97c38512d7252692b1e7defcb1b
SHA1 dc23a673eadb9f90bfa19faf844c81d35c213c9a
SHA256 1b80329772befa18e01d983747dba62be82bba8896044e4fc50224f7f99fbefa
SHA512 e372e377435c916103d57cb4cc4c501a1666069a9c602b58f0fe49a99b0552b9b78272bfff93e70d8a4b0c1f04086ddc448dd0fdfeafcd1ee96ba4663f94ce87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 797bb1408c0deec63e2454df59a71bef
SHA1 1ccd82d0cb257e33b8e4e09916e3ef59f4fe7f73
SHA256 08fd8807e8f84dfbbd668cc45be94c2b915601082734c119562d6b6bee0b84c1
SHA512 0b9405ee519e49b19c02723e6879690173f96a5a5e445b4d85e4db3e372b3350e01550fa842c0b3faeba92d7974f12b2faf3315c97f083f6e03f3f6e0d4d1477

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 73f30a58b87d4c5ecceb721714ecd4e7
SHA1 326ac481c385f2ec40223c6562682dc64b0fae2d
SHA256 5fa235d95ee70756cd53a4b739fbff672d2705ccf3158946857137fcdd6c6bf6
SHA512 2c1d479002ce574a581d5e6a0b96ef6b78b9d02acbf2d3cfad2cdbb785399fa1ac4ef7b10127edfbb19c66422b078d485b41c132af465904d7cd732ec1439670

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 ae705b8d33c00d587dbf97d603bdedb8
SHA1 9899926b6b676185830e0535ebdb83bd16f772f8
SHA256 cb1849d9b5d13c70f11da68037ec8c225c22b54f3df2340c948bbab392fba105
SHA512 b88de20d4a0a51ef698f0b7bb0bfe08c2eeca080324343620e23cdf7a2abab7fd57efcb1202baa30ff42e63b0d196ff4caf1fcb24bb937765fd4a84d8bf4e4bd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 06cb502613f99040e534fec65fa725c7
SHA1 03006f32792e033497e9ca68373b6c3386305933
SHA256 e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f
SHA512 734faf4aff6d9c64b87f3c1320114f71d099d10c0ff9a4de3ef65e009918a5b8faecabd0e7e56b2630e1de58a5e3c2c82c9c6120241feba750f2dfc12723a8fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 9731b1f46b79fad14e00122fccc93b6c
SHA1 2b81b057dbb5f835b326461f709b2885504848c7
SHA256 b8e4de04f2783dff4fafc02c7e36ed009f6c677ac904440beaaa1996fff25275
SHA512 c52d99a84472a5b3bb89476c9d8c2d6e3d191ddfae7561e548db75fe4f4559ea953ccaf87c00d82edf977e84c81389aa0ff60be36a791e6ae45fc14bdeef70b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 7f477633ddd12f84284654f2a2e89b8a
SHA1 17dad0776899ad1beadabd061c34e2a22b2cde74
SHA256 966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599
SHA512 b46baa2a3ea38512f8b539774c751004cc866d085a9739f4c25f2ade9d97c10d6f4b20cf87dcbb6a003e0df0ca2df200f9036a4c76a013f24c57d365981f6e00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 0956511163142649b6cf52a819ca8641
SHA1 177174c1e7b5650cf3cf0c184077420f6b67abc7
SHA256 8706c07750059d4f474353cc469150fd09a539df6f8830ccf418c47709f25b36
SHA512 1828b09b30346cd195b29d68b734c9e0b5904f68e318910d2c6c8b95eae5cdc90d237d26a22d84413d007d123b7cb618603291fbb867ba1df9af7cb5b89cee83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 49ae56a37a5b8dca563256fb605f6260
SHA1 24a8c5bf85c8d1bc7a9586d998308c462e28cb71
SHA256 6729042fecd6e011c0ba45f807dc93fa750169d7ac57c14daa01069f14430f73
SHA512 508eaa76781046d439eb85c706c9c7307827efc23a5b7ebe085c173b9a38a32ed343d8916d14df105203922dee0fbe123d74ec185e4ca12fe7cec6d679a2a9b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 9afc1e0eba9521f29775ad2f6ace3f1f
SHA1 77bcf0c882fa4be8fbead35052c39a944f9035e3
SHA256 a85b2fe307777c8eb47f06a1eec399fcbddfe83d252fd202d3e1358051fcf27d
SHA512 d532b8863098e7e13d1f7af9fb4e5b1066ca1b22b9d3a59a0cf7cf7b5b3f8a1c118ebe8eb4be37cc92f338543eff372238d11dfaca7b2f0adf3829f2ba43d2b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003

MD5 a50d303b83ec6ced6c105da710623629
SHA1 04f3659d853b57d6e608909960d4f1f4c0f01c04
SHA256 d10fcd57fbc3eb87320fe1469bcb522ded6c480f48ed51c511ef6da20f165760
SHA512 84f825fdf56aa5b9b3dbd5af65d74609c3c34bcad4778193d837d1188437fbbac660540df01629dc1977f4e831f7731160854dfae617e088310cfe39a3d79c4d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

MD5 b33682b5a531b8617d4ee248926fba84
SHA1 be527be38f28d55217b02f818ca67987f433cada
SHA256 85bd0e28180f06b7f944d35dd07ef1ce75d6d9b63c2d70cb8e65f8b566c43db4
SHA512 5eda51cdcceea9ec42c8f3a6e462decc5847e74aac8dce4c0c190c0434c2abead936b7c836c5f1c8c76aaa25050169381a01effba7cf7d7f8f8be304b439adc8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

MD5 16b20908101acc6624cb9446fcac64a1
SHA1 b7cd57a4fd6a1fae6126150f427ef217397293e4
SHA256 2933c96348a4eae7cbbf8f280ca0981586a9b5c097ef952b996cad7d28f2fad0
SHA512 b22c1efe85cc8528c60b02e7fac72b68f396ac9c4795480c04c65774f7b64e7937234c771120a82f3ed66793531fa499af2c0c63e3c1d5c8f2a89e63025b823a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

MD5 e039a23ea465d2de0388937695a7e724
SHA1 68e95d5b4060761fc2b0b58a593ebe7d661c52f9
SHA256 bc3b9c09bf69ce51b930e86a23c6f249f9cc6dc98a84fd278d4131c9ddd78f43
SHA512 5fedf2fbff555599108ae7bdaa86cb9d22537e46ecda50cbd7a25199338fba4bef35bfa813eba76b1b367fb8b93e2c1ee9952a55deff9f49daa189f22b5e0336

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

MD5 84952f98cccb079b3f36f29c0f2f7d8d
SHA1 92a207064b6cb9cb6104bd8b3dd1e1e3e789b26c
SHA256 d9a98b67c7edffef7138d578788a1c25310cd3561b94d8bce6999f40b0073186
SHA512 a052abb5bfeb8ece88ce62b46ecc920db7db71467f1433d96fdc13072ec4dc4a67f13853f4d14e8f5794d9fbc58cbe1bf94e9f3a2afb7dfbdcecc2af2046bc37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 ef2fa694e64f0f30991f6ef31df083f8
SHA1 ccb1d5e39a8a896d0e26820325eb58b7bec13e7b
SHA256 b61f934b22e57d2adcff5fb7f44fc731bb3baf6d61a9c6007ad59d3b167ecf00
SHA512 2079f97097948e5a5232b3e8e6be43efcdf81469cd0f300153d0e130829071920608b615bd08c58ce99297f97171ff322e9e4f14a0f1afcaabd2e164e2b835fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\504fddd4-ae76-4d24-b224-68b6cf79bca5.tmp

MD5 c4459f49ade5140fcfec7de6e0addf90
SHA1 3b5e16220e7848ca1d8cd09214223968636faa54
SHA256 d74b57ee556cf450c190d083caa277b8b323db09575d641054b5e48a8c74a40c
SHA512 2ec7ee609637c0663da9abd17cc7c23903e5f0cb9237810b0d78dc4f529d86ce134f40aa3d7b8e0aa5d00dcf7501ffc567af4b3b691c80018f74d27a98c43f50

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7a6275745b41f3cf236865b08595d55b
SHA1 fed5ead0d4d4b377376099e2dc95d8e495db70e3
SHA256 ce38df2502ca5c554b73a70cab6c280817d8b25d2e6f3c4e000596580432f91a
SHA512 530fd6019b838a939fd747afd713b2e8c8f811937f5e3f0df889125bada3c8753c79ed2f8d382af630e5c5f8f11956e0100b93581b5408d13f2240ed5d8b215c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4bbb92e35e1d800d74838af203177a42
SHA1 4f8312d4c7382439c681ac532a0bb26de11c4f4b
SHA256 02405ecd91b949988b922c7fce765df7b36c30ebb9106efa3b3a69c6cd7566d9
SHA512 00198891427bb214df3271f333da989804259a0f6ddfe33e3092f8f885f5318a5324dc907d16716c6ccc36cd45ac88b5217ffefa11d184df7a173afc346f5f76

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1aa9c85f2fdff7770abe8f8ced386542
SHA1 d20d07446b9a0d3763f5bd26bb9759c28922f3d4
SHA256 ed209b5505329a4c3507d3bf5693e90746e943de7d04d8c19e1c85901ea3e8af
SHA512 2c2ceabc5cd545de624f5ede629116f01fad79f71575c658cb3957e2ac8ef8844cf9fb5a40c32c8bf6f7f936355645791703a36406d957f2bf60e75711ec37b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3a5b11cca17314df4e128381f5b5b1c2
SHA1 f7755c9f698266714daafff2e08f140373b7028b
SHA256 3736e583ee06e876d6246d85161a0302c741168952de8a12e97d03c27b30921a
SHA512 befb4fdf06b07c3ff2dae0fd3649ca8188e46be17ed5e9d311aa226d3d10558d2fd220caa5ff51b0cb381ea09a62541cbc7c375f9d55819dc6681c77755102e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ae44ee4204fdf0af96f4bb8f4f62ddc9
SHA1 de0fde143899bb7a711a5307d2c8802427333c66
SHA256 ab17d2922dfb76cf01dd316465a1ce163cdf2467113e8b1e6f7689c652cf4484
SHA512 f9146550a5c3b96bcc6695f45216c725ea0962aaf898b5e83ff7f562034b14dd176f7f597ce762e5b50a11ed19679ddf5e0275308ec3768fdba9ae0aedad328f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 ff2a9eff36d5c57567f3dd9221760dc5
SHA1 3740cb76afffec9abd40a4307678e83115238c51
SHA256 614eb910586518da445425fd267513c93ca80f8c689db4018135a2e0c03fefcd
SHA512 3d40160f144c7d8209443e4efbb6c8e8f0c81bae81a9fadc04b3fb3f1b538e98429441ec05ff7e6b6ef4956e08c353acd9bb88e95a44c8eb93afdfbcbd7edd3b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 2257803a7e34c3abd90ec6d41fd76a5a
SHA1 f7a32e6635d8513f74bd225f55d867ea56ae4803
SHA256 af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174
SHA512 e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 18bb4d0fe2c0a67a11dba19b6d1abd57
SHA1 fcdf3b1609333516750432e0a7613ece6bb2637b
SHA256 2841117a04612a03578cb969d194d573a47fd6775d5e3c7676a6767f68c31756
SHA512 1f9750b8004462a47e2a601290e5398ba7303e7597779adcc693f0891cf90d6a42ec89588b96587f82aca6061702eb7ad9d5373c9ce9d0349a24e91926c6eaaf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 09cdaccf5502444c32197c30e2406099
SHA1 10898ddefb3881a79642c297be8750b75e5b5764
SHA256 ad16b0a8f5cf45c6e42f5f0cfca3d8da5c05d6b1c5ed7ea67cc4fec31f647dab
SHA512 312d4c54b9eaece996ba17feffa974c0c444371e89ba78aa279b6b8b37f25f212bc75cdfc0c3924c36bd72fd53a5f8df9b7adabc07f9c2e664733dc79f0029c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b8947fd0c5d5f7351cfd5fa65d5f4586
SHA1 6e884aaeecc775350d953b5c4f6bbe6aca1e0960
SHA256 459e7df332ff3badf47937254048e6a0003e135dc91a3a845c63e6905bca2874
SHA512 2fc2ab4d4fa572015e3a9ae52ec9bcbbe171bfe2a871461fcdc53accfb82d7a541bf7adbab608b4a8648d662925b488aba168a82616743d0a628795bd692201b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 956a8f56c111e8f80c5dd979ef2b6145
SHA1 2583891b65b195b813bef04963cf688735d8afd0
SHA256 b2264ab6945cd9d893f2a2d9bdf7e30a651bb330542d88a2171cd5c2355ed865
SHA512 47e0b92543f24ee7896f6ed601c4a9fe3a32b568d994496080e5b25250332a8be155cc9268f1b1bb841a1a12e997e826a3208aee4aded974106f45bfa2472481

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

MD5 c594a826934b9505d591d0f7a7df80b7
SHA1 c04b8637e686f71f3fc46a29a86346ba9b04ae18
SHA256 e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610
SHA512 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1224a3513b186381_0

MD5 077515fc63b5752dc62f0f26112016ff
SHA1 9990d1c982ee033f19708963fb6a7b9eed63c1b7
SHA256 70f628d4eab20329a868b01e7872261b9fbd8945a545045996a4d3eab62074d3
SHA512 53d716ba3bc238475a1997fa4a65f52f5f42837e9bdec6e14d9ff735cd8f2e59954d56155af72bfcea8f875f8be84d0a8e5b75459fe0ed56100e32310e0f289f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\16e173e4fedf2469_0

MD5 5465393a3226ed0b3bddb6004350a156
SHA1 80bb2481701159060e818cfc03e84333460fa588
SHA256 6c97a63d31656508a039c4d8de1faff5e90254fa9116b0cc5e82af7fda92692f
SHA512 783e379c5c99bb6d306c75022dfca27c262ddd11456d9a112500d9a842e9de09f99d3d451e1182f11d612b79e535fd95a27001be04068c3535334e155c0afd44

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\884f1228546fe7a8_0

MD5 34a1667864860bdcf50c658266a90fec
SHA1 6992e6bc1922a39cef2e1cf65b031ac1c22cdcd4
SHA256 119ce67db0c43137d0f5866c162ecb06a818eb63abb6be744344732d80f8991c
SHA512 a5e6b6f62b09c0e0484d17ec96ce534b210a860c36bba8c2f9f5ff8bc41f779ec19126af550a37699ea57af14240f277ddef9a8ae38eb3442788b946eb53ef16

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\da195f1bac52d261_0

MD5 ded3ae74c15aa219be8f8278502842d2
SHA1 3591002b47d7a53c68e9556317078a18fb7edd3c
SHA256 ed1b77493398c0466b60aa2ca98353941e9cded3bb321ddddbd4072c53858b12
SHA512 4d29b993dbb0f7a41941e87d2b2feecd82b49adc06fea78ab8ce3f58c16a59ac25024f1d3c153c74ab7c66c084dcbf802326d1c6f7a3253ad0a808f476100850

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7ada1812f7b9b3b11c48b0985b70e95a
SHA1 22fd728a3ad3f130ec6fce63ad77b8a694df7aba
SHA256 dadad422ea64df83fe4aa4390baca6e9bfae26d9302b8adc9a56b7238925f42c
SHA512 3820ff9d891d5ba68c595bffdf0e0ac330cdac6deba6de2578efe862958410352ecdb654d7ebb744b0a25458429b0557aaad1e14620ad48e981decbd6c6e036f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 be6198d589e248568ffe848bbbf9c575
SHA1 3da4e1e778face3f68cd6f98c02e02812a415efc
SHA256 dc70635f9cf7e68542daf551b0716f68796482dc8be4dd97377bed56cd514bea
SHA512 37838f3e5bd60d7ff60c9b48b52d24944cf62f63189e5171827206d8dfd412472a86dc6f1a3c0a907ebe7ff4f5ac6b0f469be923e259b62479debc604c49a5b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8bbacc2fdc9b5a009328baafc6a9250c
SHA1 e30a5408b9416e992ab10c6673ef6d077ea65be7
SHA256 d66a47bee90de6b79c54c0de6a529fb71df43e58b7067c536aadb07c6e940431
SHA512 47505540faa9f3e906410c007746b03dc8e7d265e62d6958794e7dea685cf5f8a71f4d0033233bce7c067e049790909650d63111816c9fd1b869d3073641fa17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 22e309297e1e80d080ca2ef44a102eb5
SHA1 567ddadd203403e4952a8879fab6b93081d1cf94
SHA256 27863f183aa11841d588b993f66064df5610d3d9a939131f663e916ee8470da2
SHA512 08e6c64fcea1eb5b9e565dc629e459810714261b21135e6c4e326efe57c22e7df21094923b6dd8218155172c3957878b6058babb072700b3e1819c47164426f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 af1667a7168af285aca207cca6cb90d2
SHA1 2f8cb08a0b94fdff02f25ca27e555eb730a709ec
SHA256 93e88c621d40615448e9b62169ffec0bdb74405eac3616f8faac4945db2af699
SHA512 63f548f94a4ed9a702d41dad90a5309789554e439956cb8fb31ea7bfbc5ec6a154447c96afb33fbcb86bcc452fa7419cf4932cfc37158169611da02abd0d1dea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 54d920ad84038b5648f1207713e1d1fc
SHA1 8032f798467e395713f3e19fdc86d5ce14f914d5
SHA256 77bc93cdfb959b20737dc26f30e5a0aed02021f7e132cbf8a6b81d86e860bab7
SHA512 0616fa8a9ed2aaad216de00740d5c5f461006c2b8ac915d3db97871f5d27ad274369ff99c8e0da6087e3aad963c08c97e79e1d84582d9d481c2c7c71e72c78a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d11136635aac5e86f19fea8ee8c24f2b
SHA1 b5e6a3f97b1899d4c46b226753ea0c021948a4a2
SHA256 9819265ce6fe7f13535391d3d36f240debd46e9cfcc3f1c79efbe52a96f4e5ae
SHA512 0859bfb16f8c413818228c460b55c83b3e01a61d3787e8d1f30363863bb7fdad8fe3084aa7055d3037dfcf4f70950f5e700beec91a6c5da89d8d0fabe3151c8e

C:\Users\Admin\Downloads\Unconfirmed 718935.crdownload

MD5 0dc93e1f58cbb736598ce7fa7ecefa33
SHA1 6e539aab5faf7d4ce044c2905a9c27d4393bae30
SHA256 4ec941f22985fee21d2f9d2ae590d5dafebed9a4cf55272b688afe472d454d36
SHA512 73617da787e51609ee779a12fb75fb9eac6ed6e99fd1f4c5c02ff18109747de91a791b1a389434edfe8b96e5b40340f986b8f7b88eac3a330b683dec565a7eff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 bab9f1af2d6a8b888f3e6a79b07e9949
SHA1 b13d0213c949335221ab451dc9bc9aa2f0fca288
SHA256 16eb696500b5bfd88835ee74a7d2cb10ed2e5f7178097e87fbcd5055e989fbde
SHA512 4c3f4ce90891e4accf8025c0caba87401240e3eabe2b8d17659477c9783612fd1b8d4194a781f2e50e76f1f6e3f77399c611b90ec319e122fe34808c7e6de07e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000068

MD5 e4cc1ece2f2425b10ae2ccc212c1dafc
SHA1 92609e6d0093693110baa23758382889bcb30da6
SHA256 92e9415d8bc8529e2a3f335258ef7ff159cce2965ce3b2b7c15f73720efee809
SHA512 2848dee3a6da891b7044518bc97aeafd340705cebe846350b9a7f314b52450f1eb977b8b492638965ce4674ebaa341e4f832438199c3cad2fb0a0793ef83a619

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006c

MD5 13d4f13cd34f37afc507ac239d82ddbd
SHA1 6d500935a441d438ed052e90de0443bccc8c6d17
SHA256 76464e77d22532976bbe5d1829e97854d5c37ed5a46ff300ad9680876ec81d01
SHA512 152e6449d09a7b544cf6f986c9695ae07c330f4b13068cca028ab56ffdad6ff2467f371ea4385ad71da023f3beb83fe0ba1d6d413f1ddde14372efe82ae36b6d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006b

MD5 01ad880ee50b786f74a5e4fae9ba3d71
SHA1 111387dbe885b7f3af44cdbbeea17eeb04bbf803
SHA256 9368f2d586a1d2727921605892048bf5201ef8caa044f2e939ef431aa881d83e
SHA512 d8dc47e5d55e6598988281539205936c56b716eb02b4e643fc917a68ba4407ece36a9d4115d5d0e32ac630d44eadb94ad2607330de082629fea82a9bd35fb83c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 46fcacf1c65c3d36f05d5460825a864f
SHA1 f101d939b914a05d5525c69d14eb5d0cc7989d68
SHA256 876f7db08ddf71bd224abe34803c17a1678719e1bee114cfa6d45a7fe2649e45
SHA512 3a2de19a5613ec97843b5dd1814e5f2c621a824566c941d2af3e0870ed0ca47371eb8a63d1c4228dcd74eb564569f6c2966ea78a417c3ee7b4fe6ea52ea1bc8e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000083

MD5 8eff0b8045fd1959e117f85654ae7770
SHA1 227fee13ceb7c410b5c0bb8000258b6643cb6255
SHA256 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
SHA512 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000065

MD5 8266eb9d769b0040c61f9107b9233d0d
SHA1 7d84098b0f5a6b1fb73333838e071558086938da
SHA256 389603813af8808ae7ec8ca4f2bc326b15e4c2ad5d86eeabfb271ac4d170b923
SHA512 82854e09e38363bf682d1426cd72d2efe770a58531f8b006c80c32718229cd9699c6db6ae4afe0a5ba64504a08b16568e53ec8fdf2702b5abc41ef7711f011b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d89c68fd1f00fd9a_0

MD5 36bbc61a88b5bd0aa8b7b14ab6c72d4d
SHA1 f89676f3905a75642bdf7f14b7709319a8ace1e7
SHA256 66124d8f58a75cbcb403731466ec80e01945636a6607ecd825fa56c05d50753b
SHA512 fdfeb0a0e545aa847ff1903c15c857bb69ea3b73ae96a7998d697eb37bb8e63c2d70bc35cef3e112d82c72c430fc4f7a6e5391874a9746d661bf0af0e483adbd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cd395aa419a5eeaf_0

MD5 a8c6699930fa3364e8b7f4e8c5207d96
SHA1 33510f0e77bb727691ce9484fe4c704fa6ac2411
SHA256 d99ad6837ea286e57c49d60dceba59388dc24e3c2a77732d141a2cef7a919270
SHA512 9f41010e7457bd43c9a9a04d132cf2b7bbacf899a056ce5990bd82786973bff035e3b9c7e8c9ef55fe4f5d68124be110f6f98d2884a67b3c102f078f80997e9e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7ba9fc818bde587a3b612261d1198a59
SHA1 3f023dc59016e0c83b12ddc2ee0d3395aca7a369
SHA256 f2d4944f9827a5a90ad9d54d88982538578d2d7be8be2a88ef242e65268a128a
SHA512 97ba8b13702dae59cc0605c23e8b345ef03d4ff7b21810b6862602b0fd33f6314c2cd9dcf3e01490f8f2187cd6404e643e524f3abe3f3aa574c299de5bf660fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000054

MD5 4ba86a857f7f8f6cdbba7ec4142795e0
SHA1 d0aa9ec6fab3987d917bf506c2680880f8d195f0
SHA256 f51b70163eda0b588c9c21ab3339cc81ad8d07917b69dfd0e3b5769d4c726026
SHA512 6c6daa54055f147f735aa100ca99df97d63087fe87e53eaca17ff37b404307b5810626914c37a8e643a4f9574d50d8fcfd308b4dea96162d0badc8803ef03d66

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000050

MD5 24bcd5d26104e7e7ee53b038a8584990
SHA1 e31c3c406d9ce4f98e34fc0551626edf35e3b28e
SHA256 557b4dffa89de7040e29eb1ebd8f8d5c02013290e16ada2a8c15b46340b3fec4
SHA512 42ea3d5c8934d6993e3322e1a917720dfcb7f593d4c9cc6a1a42c5a7009556c4b97429e2e10b9eec44f2353430ea7647572c76f6b7797a89f19a548c66f7db71

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000053

MD5 3f4c3f3ad0d6acf984dd8a52227d9635
SHA1 288e690b57a0235535a0e0f6ec04947c7e4b2f48
SHA256 c5d93aa59e0758fe320c609bd76a65c42e410ae43790bafa13dfb1a9279b7a7e
SHA512 e144b4f7f91c78bfed5181c764088292c89ae3d3a2ed68a7599f17603f2f07eccb53d65a5c3b4fc320d84b82eb1cf075761b43266cad8144ea15bb4ebb173e4a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000052

MD5 7651b1187bb58ac4c7be625337b35e5b
SHA1 307d969ef4137a66fe2793737dc1c546587c7f43
SHA256 0632850d01a46bc2f8c223155a4bf6c398b33596bb711e098440623f118c3968
SHA512 a81d2f768af155bdc642941404e7ddf95a2cea33c9374acb5fe32f6f5266e337fbef32f904551f61fcc9f9ab5a1c6a5ad130ab85b38bc2258e2f82c0ca1e9c7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000055

MD5 67e30bbc30fa4e58ef6c33781b4e835c
SHA1 18125beb2b3f1a747f39ed999ff0edd5a52980ee
SHA256 1572e2beb45d2de9d63a7e7fe03c307d175b2b232bad2e763623dceb747729ba
SHA512 271d4a65d25b0a5d2ff2fe8f3925fc165d9b4345893abfd919061d78ffc5ffe8890ded35e41274ad8b860f06264b027cfea6030ec9411a4e03bc6d7cb4d4d228

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004f

MD5 b44ae10069bcc3f69241236bf77cf12a
SHA1 84460f394a5de239b92735cfa2295fa91317c071
SHA256 13a04a3904e9c14f5e191f247ebc229d2af511e3a036b79ce3ea5ba0bac3c84d
SHA512 61588590e2a1022bb8eb4830f8785ecdf9d2a3ae17007f2cf0460f1f46fc08ec579c682c08ff19c45d0caf0099ad520a110e2e1fd783fac4715b1af3b8ebffe0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004e

MD5 bd17d16b6e95e4eb8911300c70d546f7
SHA1 847036a00e4e390b67f5c22bf7b531179be344d7
SHA256 9f9613a0569536593e3e2f944d220ce9c0f3b5cab393b2785a12d2354227c352
SHA512 f9647d2d7452ce30cf100aeb753e32203a18a1aaef7b45a4bc558397b2a38f63bfcfe174e26300317b7df176155ae4ebaee6bdf0d4289061860eff68236fe1bb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004c

MD5 a0e08aacb4d22d3f0ab70f5946cf075f
SHA1 945c02594d5806a8667c80934decfeccd9e6888b
SHA256 4f5f58ff95c7a0193ca410c17284a5b5da109c8cdd26285db094e5eaa7084229
SHA512 b1bcd1bb3e30bf727f2c2f5774488dd01f53d26cbe846b151c8c4223da6cd0e4329c4310f68123ad6cab1e949739f3d7f1c4aab68074b408f662360b156d3351

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000051

MD5 78280e0728c2021056c93954af683365
SHA1 f422d6f6682d904f7905b1cd7308f9f59062db44
SHA256 d5424e6657f959e1c026b7c119249cffedeff2e272912dfd6d0e0f7e04bcbd81
SHA512 aa64da37e187cac342d5c5cdd33d76d2bdf1bfd8cc49257ce1a4c0877a527aedab28ecfa0eaefc5c7f803bf3f51d94544bf8662430be50d2101c32c5d11f4b93

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000059

MD5 95ad1adb06c5fcc5fce46600da56b395
SHA1 32b55ef62d514595690bbd774bfcf893db9d4086
SHA256 dc858a00d445bbaaa363527eae9bd3ffcc523bf16f7c6fc2bb1c5941efdeaa64
SHA512 c3e1b78d39ab6e75d6ae69a750b077b2cf3be3a85004465098d5cf749050326ce10bf76bb440739c9dc2ac7ce3164c9152c2d3867c55f8efba5946097f734e98

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000057

MD5 7dd17c7f6f9f3288cf44dba950e14015
SHA1 03f866cf3a59d57a9d0f98619ac38d52cc415c01
SHA256 fed74a9f2350b474d674e06422b402221d7d4c30b20ea28a55f2aeb644b15314
SHA512 b584cf0648ef2cd23e07d4d479860ba6bad31ee719a9eb4c47cd883848f554c7bf29ff7596646fe483d39b05147d2052536444a4c97131e4914ee2e3276bfa11

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000056

MD5 fd769f2c9ce0ad4193f169e07f7a7360
SHA1 899c4df18ea020f61015bb066dd892c69b740647
SHA256 f056d830f917b70cecfd2790cc134fe73d0faaa612ecdc3ed8bd67dd6f25b173
SHA512 eb1837e49c81672101b9c2663d967ac8f00577958b03e82f042160b1b8f9dde262cfdc31b619d9e92e8183da5fd2546633884fb6acd564b0c4354c7fb377cef2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005b

MD5 bc1b9d9bce3a4bfad41a09d663360093
SHA1 626da280becc856ae95b797caf63e338ba9e4c2b
SHA256 67a1aee4c357c20da002ba109c3d3a4c44ed17ce47a3797ab39975939ad9cf8d
SHA512 eb42f1c6637990fc5b1bc39e527c072e50a01a3c1812b27bf2418e4866746535501063d6cdcad1cd45a94d3cfb7731d0403fa2b8001e218fb75b7a4a90fa1076

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000058

MD5 65d3f83d879428f73e751d9a36db6db1
SHA1 a19668aecd92ffeaec17643ae7d6140ad763351c
SHA256 8e802d53da4fd798ca61b4aefc77e20767bd4696e15312b0ac7229679292560c
SHA512 e2550db4a106da242ccfa4dd8346364d0223a6034d38232dd3b867c79e18620da631fb4ad0c90c42ba3e69c17b9256df8ed05646feccbaae2fbcdb9129884ae8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005d

MD5 3859fdcc9dfc8ee238149b68a1cb2f98
SHA1 4c78ac8554c35cdd4ec8a0318bde9bba8b670b67
SHA256 9a2ec9b64eee6bfdf104fe6b873c26c8ae22b90c9ef77ce61217030f16d81d31
SHA512 dc15c3e84175327f6e99ac1130927b0cd1f194e4759553151bb54b6f7b3256f35a690f8650a3d0806a34f3b4855b6936c3373180b9f9c838dac8c7fbfe6e681f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005a

MD5 97a3bed6457d042c94c28ed74ec2d887
SHA1 02ce7a6171fb1261fde13a8c7cbb58992e9d5299
SHA256 ae56cf83207570afbb8a6ab7cbc4128b37f859cb6f55661e69e97a3314c02f67
SHA512 6c8cf955ec73ad9d97bbb36c7ce723bfa58c9aef849aa775ee64ce15afa70afb40e8cd45989dadec420d2e8edda9ec0f05cc76a0602df0b6c4e5d45de0f4ce7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000062

MD5 f99c5b9ecf94c1990d61a3dcce16e220
SHA1 119f0dece140d845f5e55bf2d99700ad2042e481
SHA256 62fa13f187cea1cea566a6f0b19b52f8157db205099827ed68b60c6d2e0d7cf8
SHA512 619fb00fa46b93a8bae31f059a43d66c80fae13b1ecfd08744b9fd0c2dd7e7b7f950a2dd16d4c798d1ad553cf876f286e526319c5b46321cd5a2895c007709ad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000064

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005f

MD5 1a926de57b10dd95ae4bc02cd27e413f
SHA1 89e1673b0bca03c1d450a64a9b50493b0dbf97d3
SHA256 e120372a7baadbfc71e3c219f66fa6822752232e066bc11c8014d2d343ac9572
SHA512 785b5a18e7f6efbf7d241d14e1891719cb3d13d3739f67efa9b27cdcf73d33e3eb2648ef2b61932cd482ac324fc3de01f1a5e37060d35e7547093b72e521b485

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000063

MD5 c56a4800ad1ab19e16aad0306b588737
SHA1 8fd5023ce3a766277781f650886460107f8bee10
SHA256 c6d8748976b43cd4e5bffe2043ac90879ea58ee4f303b580b431b95099e88782
SHA512 ac4e58aab8c194b141dc3e86b4e23a18a6f761aa44eac58a10a84a899dcc208894034245e2d38adcde3c625acdcd8d573a661351c91b0ad015bf136126fe5eca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005e

MD5 7222d69fbca9d2c3b5b35d34a9265297
SHA1 c3c833645b8945d6deb3da20b314fee12e959de6
SHA256 61c29b97732c7b66793b3e9e64dae71a59310629cc56d39a1c37c8d6723a6965
SHA512 3a40756ee68e77531217a3d01dd6004297a6bba366eac42b6fd51c2ce969e8afb72651b9819f2447d99db88f0367a2e0b4788971d8fd60b6281393c80ebfafdb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000060

MD5 79cf44db94eb465700d65a45a527b379
SHA1 a9ea6a3d2b3a3a61bf80caa643b077dc7fc10787
SHA256 78996e6ffff1656b85b4b50393b4a9f1133550694f87e66f9c2b937bc7dd2c4e
SHA512 7a2edf730c401e21b69b86528489adf587f4b830ceba0af2834bc7c69937e754c0a3e18ee9a174910391846a94394fc87bf927fb101fe899275bf072c804a519

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 56edaa446b3ddaf552755578cd38dd0c
SHA1 a534f93d277fe3efc85b639ccb6fffd621bf3d02
SHA256 55708c16d792bfbd85b92a466af84c25cfd9c7703e32fe69f96ddcc893be8547
SHA512 a8409375fd4839819561f7c6c5d8095bff95ca1cc179c97fc5008fdbeb17d323c929ca3b9033c1ae372e1bb055bcc58682d0944dae1440ab70771476013e2bde

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006e

MD5 9c6b5ce6b3452e98573e6409c34dd73c
SHA1 de607fadef62e36945a409a838eb8fc36d819b42
SHA256 cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
SHA512 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e79e182f7a4d242c255fc06d231b3f88
SHA1 a3a47e4bc5a4de497750153487e970163a6be92e
SHA256 b6b189038abf105bfc2fd44d67dba575167349968633f889d2571315cf7582e2
SHA512 7431d6446c90e0403f7212ad314c7ec1d2b24ab51c8092d99050f61a471be03cda53d548cb028ebac2d25c04cffcc2e90db70ee68cd36e1539080a5e01c96713

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 938ac908758dc23ba56711e6c85ccaec
SHA1 0a7e52867339eb636af6d91ee18673276e6c1930
SHA256 a6fc68795972bee986939df1bef3d6c8984e68ed2f94e48acdf25170a5179931
SHA512 b7bd441121ef949c20e19c8d076b4a72e4b0c981712d0d46eda03671171c0578d01dc2a40c1ffd255bcaa31eb1ee4e8dc2d4e1a1e9f399cea454f9acf7847e6a

C:\Users\Admin\Downloads\GSAutoClicker.exe

MD5 6862f65be14fd3ce88086ec79777db6e
SHA1 7f0eb7535b59a926446a400ff93f48165b58ac95
SHA256 7c90795c9b28fac978386626f5a54033dc9cba46ef6a3f742fc7d52b394590f2
SHA512 d04700ca41bd2076ecb7b9028ba16738de479b3113efea0c86613f354e977f9b4dff6dbd8c06fcc4536be0585cff7f0e2636a2a6789373efad7788a7559bab04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cff4ce943005d0824100e364c27b89ab
SHA1 c9eeb94232c1c995b19b9e1f65d3df09e568bda3
SHA256 376bff0b551a730de13f7aa469a8665d13508514cfd394b5de921b9cfbb46126
SHA512 db12ccffbfb7bf6fe85f8e4e5518ff7e56cab20cc2924e35b9b400d428895ed48421db5db90f7991937011bf78f92acdc49e329b419d71cec880accb66e4ed75

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3e6a3e6bb7f2a9f1b089752a1335baef
SHA1 ecf930d468136d4d82a513d6cbf37eb8dfb246f2
SHA256 d0b476d75dca003e112e086e030a54f4ac88b247fd61cb13c21519cc90885ed6
SHA512 e54d70dd9089cc1a38317affad7c040f4d8fdd93f36e914983520d897e936eb052face90cdce557d31a0956f19f26b6a6ce16f00656d46dd274caee9be875b94

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 b676197e31fd1b342b17f08ac8c0bcca
SHA1 99f832da34e0c18552e359ccb14abaf79ee2c467
SHA256 7f978052bfbf22f6475d720b5b555402bcca91c7b65556b2a7a619aa3f2fd8b3
SHA512 99e076e0be6ac8796e716376f6da51041897120814ccd3733625b4c4b48ae0fbb8be9c7b6dfb0073567e23cd314526e8e84b4f7d9438b9609c56f411d3d1e661

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c3c8b719326e9e6b8e3a30a0cf9c4d3e
SHA1 08c732fbed58995d98b4f5f093d099aac1d298d1
SHA256 c78b9d5c3d424ed337ab452370bf1876705d88090c6508b8beeb6cd0d86ca4d7
SHA512 ac255ad0b625e94f2a3f9ca348891d6ee388809ca11b8dd2d2ef7f5320b06b8309554e8cce1c9564c52604c18f1040e1250ad5d7b6877b4ab036edbd78271c42

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\122d8bb54e8831a3_0

MD5 3894462aa139d6f6ec2cdf7edcb5369e
SHA1 5c8f88cc9685b480d8414df6d917fcc6c8258880
SHA256 59a7ee9eab15d807d0dd60d606dd4d8ac7d39ca4d031286889c4807f5678950b
SHA512 214d57ed103b10bc45eefae3f79d7f903e655017b6016f8c6306f16fbab57984f69f08154d7d021915b5adff75f451ba2f9d2cf14aff365b4952274f99a6b56a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cf192564a35cc4e5_0

MD5 d9827bba298a8fc1cdb557e54a1a5285
SHA1 081b99f3e4c1ffafabbf36849afd6ae14789963c
SHA256 a2d5397367b909fc37532933746b9d2f6d8a00d8216953299c08265f98440151
SHA512 29300365e9751f2a9c2c08e572d884784486076f7e354810f070f767ff0757de0234cf0b02836e0716f41adb1509dad3da35f4b74d4b2178f00248f3cecbb6fb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007d

MD5 c7499ca185afb8a4b149196d729b7d1a
SHA1 515a63fde84030ddad31b84390f9ab655637705a
SHA256 517f12733d8c3f36f4acf51221bba37f77af472a283b7e65e9c6fa6ec8615ead
SHA512 4737416dae70e637999ec218c38d176ce2571cfe892b704bcb3a68cfe4c0a8a2deea50f9e1cfc2f70da05126d748df73747e19d72f983eb335ddd350068e23e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004d

MD5 23d5f558755a9d58eef69b2bfc9a5d99
SHA1 fa43092cb330dff8dc6c572cb8703b92286219f6
SHA256 6e5bec69b1c6424972a7f5481ac57049811f0f196535b707613126c11292c5cf
SHA512 9c56c94d059a27dab9f69c9dfd718382a8eb192b8c0ce91cd6db6ec0769b8756acf9c0956a35561474b87d6278b13fbe88a6e4df6260c278b1ae06e9be55dd6d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\13f601830d1bf6e6_0

MD5 a4bf5dd3b45e235e14808f024e29c7c3
SHA1 466dffaba27fcec7288a6294b91e98f263f6d1e3
SHA256 c3c3c67b93bbf3d8125d0fccdedee0f36980881ee73bb4e12be2ec9c9d694777
SHA512 00adf8720cc3f5ffc78287ae96603ad38ad9844a81e6f2fa7d3247fcf743c766976c756812b47ca2839478d33ff74ef9e0c7c54e641cd0ccd395cd05a48f6a64

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7cf1e49f8d9a0c25_0

MD5 3885a95ae91626220851908c98e274ae
SHA1 b93969ff456f34c513617b65103af44b9b615b2c
SHA256 04b09f648431d024d6d00dcb4a4cb44c9201c3de7b9c02297d27829b5b50ef6b
SHA512 afbe1e52a453df0db2686c6cdc2cee654cbd2cba7e641fa7163c94668c01634188c62c2142e31713b7cfc697dc92903c673db37847beb9063bfaf793dcbf1378

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1224a3513b186381_0

MD5 8444ffa8ed49e67afff433117197a018
SHA1 60192e4ce9682953fc0b72cdb44e376f14af50e2
SHA256 a16c332fc709a773a6e65e93ea4a3d31d38d21275bc7dd26b39bb8c958b34356
SHA512 3039e20c831fe5fcc81770116d4e1272660fdda432bf3606d7a989c5c551381c4d49bd9c5559b1962be9a5b7a8867cfa9514d4ba66598938acca73ad74aa2d31

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\44f6b3dcaf89cd15_0

MD5 c06b51c87711af5ae8e560d44913d670
SHA1 96d614ec5e079fa8269cba31f25cf85e58fd0ae7
SHA256 a9ae4a078cf1d29c109d905a4b9d085ca4688e137a1823857c8ef8916c7fbc3b
SHA512 b39bef0e8f53278587299b72eb16eff414d895ee28d5e1a812d42f1f2aab78c15da92cc0daaca2cb46ed3f1287b1dc7928b90d93725b1fd83a4f1592c379acd9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d782f305bb50c377_0

MD5 6986e79c43f66c29d2c184874761bf10
SHA1 8a64cce305bb4ef2e139f5654b8a10d08d9d68e7
SHA256 75095300df35884d4e7ba07346a91bc258758a33fd8679ae1f5f18bddebc508c
SHA512 ef527c12abdefad9b522345004954d36a06bef4378d4548ea3bdf517bc6ba3037fd58b932b44f56c273e77b801853a043e358779cd878c933d72c1c6cf4b2833

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b7935235c5ee5e42_0

MD5 05a4bfc8228b326750dbc2e7add16b14
SHA1 4cfe16da811ce26115827bca577c8acb6a81454b
SHA256 889c69ad814b860145d994522d1072bb69a188ddecd3fcdf7c196595e68ed4d3
SHA512 da2e055c0eefdc9afe55d9ae3be19dfc1a457bec0da7d57a80a5030b45a78504e69bcfa198d1b9ec564388848baa2d518aa9048d60fea945b9b03b417d9fc458

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\336a68eaaf209f48_0

MD5 1a49df28559d3298a6f8f34ace9f6383
SHA1 4e975ef436fc0e818ea9de3402635c9ed729c0e5
SHA256 791d13fe62c129688fadf3b2fb75139cbd7cf567dda63fb5d1db46ea3e7a9bfd
SHA512 ad5dc3814a6a02608eebf79090c0c799fb7343b5ad2f783d492796186bbbd11fee70e794ed4b6cf1f7eba9b5945f044b910d8a9f992c66a7cb257e246ef07ff1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6dec4f022c84cc90_0

MD5 81a7950bb80511f4cd177ed21487bd07
SHA1 70b620c325adc334222b3aabb6e70c415359c86c
SHA256 df76684ee0fa3450cd5407e340799ace1e9cd37f26a0d94ed769fe3a935e9564
SHA512 b19798cd050694b0a7fd3d3991067abaa83cea833aaa9499d75996a0058ab49908117df8fd924f5b0f360f2bce5473b07e1000737cfc3ffd311456ed1367b61d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4c307b02b4dcc58c_0

MD5 bba07618c2f3f8536a1855ba527e98c7
SHA1 5dd2fe61877d9bfffa6bc8b1604c7be5266d6f48
SHA256 eb55efacc058261042a395f2d90cd93ee97de5b77b1381c3863f7cc90db156cb
SHA512 9f365a6774c0c909c34657e706b8f171cbd500ab1dea2f03d0299703c8992bd6875e0af527b952ff75f72deaba4b07ff607d6c37145d468c008c96f516dbab0b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007b

MD5 f121073e8f0114ea5a97b12b1fccfef5
SHA1 a8ffd038760f8d2c3c152e03e1cd3950a7902d57
SHA256 92c445860c35803d3375034329a11275fe317f9995210ce5130f00cb9318b07a
SHA512 8d99ad122dda0c25d68309440f12516b4c94f348ed49c7a9b7ed74a95c19b57a75419f32371956bfe878d4d7254d52549aca2143061095e5981b77547eb6f5fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007e

MD5 c83e4437a53d7f849f9d32df3d6b68f3
SHA1 fabea5ad92ed3e2431659b02e7624df30d0c6bbc
SHA256 d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
SHA512 c2ca1630f7229dd2dec37e0722f769dd94fd115eefa8eeba40f9bb09e4fdab7cc7d15f3deea23f50911feae22bae96341a5baca20b59c7982caf7a91a51e152f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dfd4d38c8f9268b85bebece85b27c0b4
SHA1 5c25c6eea1679958c197c6fad9e2b70e23009376
SHA256 672bf5460815cfffe51bd083c0939ecb82f2410c89f8a43b580df8891877d479
SHA512 2706a603a572598417e900ef08064a3e76e6e233c94e188e5db5c336ea325b840c10ba5302c9ee71bf7ea1efaab1bcb62550e9b72a4fc914be28a88c150d81d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b2f2b987275063bd181367bc0cffbebf
SHA1 c1bcb0808d3f9fd87b9a838ef215eabd0612a7ac
SHA256 f11c82440e06bb368f397f92b643e32e22dc9edd1d519071ec556503c4918061
SHA512 e02565076c59a9ce3a41cd59fda0756d1c4be70be43ed66b76deaa696247b55670f58217e691e0121fa658315bc210732aab5b3760fb3d9e70bd028714b211ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 aa6c8e54101dee1cf7c3f5f9366c37f1
SHA1 c0e79ef6fd4101dbf59ee5d5b1a4d6c128321113
SHA256 620ce24be8776a7836147c81e51265c95d0235ae066588448e2fda153b64682c
SHA512 5b792228e4cd239132d935fae15197b6de1da1400fe50013f30c8ff95770e648be031e9e546f4981a2a932d97b8d85b720a3845a980b25879db56d681e351a7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1140e33aa4b00da6e849cca15dd51393
SHA1 a447ee6bee961643527136a0a4a7fb5beeeee5a8
SHA256 90bec000c1fecef540c37b536a966da1f4bddd81523dccf086a7ef74b78dc496
SHA512 a429229cd824d7477dab0228c46a01efe46647c7b50c765b15489b049c64b5603832eca1f3e8393deb30f1344f8f538cf01f46f3c54ddd19fc904917461b7a65

C:\Users\Admin\Downloads\Unconfirmed 106867.crdownload

MD5 71e486a03ab282b75886e3712ebb1efa
SHA1 33501837a85ea22f98723746aecf5199865353f9
SHA256 a30af310f45d4076cf1580bb08015db9a1337ddc1a99cf61829e645b196e8b2e
SHA512 855e76b756a5b3d2a465a900fe146eaa7113fe45a7b8c88e057b8d4f975b2b08b8b6b11ea1a697fc7df2fea3f6f0772e6c356e109240bb4e655efae7dc407f55

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 64b0ff4da3a4fb991346fe637c4424c1
SHA1 3804ca3349aa2bb0d6fa91beba480455aa72be67
SHA256 4e908cff7d71d1092ad2c9b70cf97e7273628942f7d3554362eed0c0b2c02837
SHA512 8c564a06ca855dfb7ba8dec88bd13c82840db1f2e2db6b46b2f8f5137e787fbde699187742506dd1afe59732e376e40b601e9d8a238aa9d348f091da691ccf8a

memory/1956-2530-0x0000000000400000-0x000000000094C000-memory.dmp

memory/1956-2532-0x0000000000400000-0x000000000094C000-memory.dmp

C:\Program Files\AutoHotkey\.staging\AutoHotkey_2.0.18_setup.exe\AutoHotkey32.exe

MD5 79df35982c6d7de66155a01505c00bf1
SHA1 e9e488f574ffb40dd62922328c4edec07b3d1a0c
SHA256 fe0b57163bcf3d4542d902570b48665523d9293090496f990bb76ed421173f3c
SHA512 643e8e0ef47afa87f81fb995a9e5c6d58a8a57c7a824fe91f3ddcb017a867578c0ac0ad9f05435418b9645805a07b97487f814e09e125d77ffb6bc7ed3b8f147

C:\Program Files\AutoHotkey\v2\AutoHotkey64.exe

MD5 d0cc6a21113957474e095fca77d75abd
SHA1 ea84155577bc74bf65d902425c15543509c80f4b
SHA256 70031669fef8c365a243322c52df9c3f854271489e67c5a9fc3139f56bc357e9
SHA512 2ad8fdbbf79934560b42ac6064d86276a7e24f6d8610d163b4d551e736b72b8dd6070e0e0b21599f781ef638be9c3d6aff8e8e3e9b7a2c00be948477b6558934

C:\Program Files\AutoHotkey\v2\AutoHotkey.chm

MD5 5836544d903111b9f15f3007ecf24e75
SHA1 562e99a9591b6adda5dc892b35923f6d99582fa3
SHA256 e18dbc5445fcd079fdbb189ba53c48ccff8fb8723fca39c353e9c99fdee38b85
SHA512 837aaf2d66c8a0964a6b979cbf0d90f64dd20996e59c771d7ea47b9bb949bc017b14585b07b137c0b60842f846004b53f5a5b1fcdf9c78dd8e38e8b60eed9283

C:\Program Files\AutoHotkey\UX\install-ahk2exe.ahk

MD5 c90bed0679b789b74e4865ae6f2709a3
SHA1 b0dbee6a237ba93daec76a0553cd3254821d60a1
SHA256 c242ebb51241acab13152d95cdb05be5382ffb97f3dca2da3a4e5a084c2e3ff4
SHA512 f8dfe5c558b427e05905b2a3d8a09632347edf945d47ed4fc82ec38a9045f5837a798ef669f0fdae6504d9eee6762c49c8e6c32adac0f6a3e6c2eed6d48e64b2

C:\Program Files\AutoHotkey\UX\install-version.ahk

MD5 30b87fbfadc592c38be9d82edf597fa3
SHA1 1ff5d720858a38bdd2e21a5a492938c07b2811a5
SHA256 1e59921bcddb3c41651eb01605cdefcdee3c6adec5db6b7cafb7ab801ead5e1e
SHA512 79a407cad251f45d13c0505cdf7e27a281455e3eefe1f7fc5aedd658297351ac7dbbce21065a29ed9d86c6b908a175cd83201e0d60e972865e6258c2f8c145a7

C:\Program Files\AutoHotkey\UX\install.ahk

MD5 a3caa9963c9133c2a14a4e36d62761e3
SHA1 7034faaf46b2fe7c36370eaf4677357bb0950a57
SHA256 f628edfece15db0061fdfe96724266a3cfaaec396524a94b574e22e6e3970c40
SHA512 90212e732a55b7d478ff4e5b629ac950656290cb81500ba47d8282091963899b15117d0ce4db36f9bfe4ab93235374f797aa09d4f20f70f156458e9911867301

C:\Program Files\AutoHotkey\UX\launcher.ahk

MD5 596b69069bbbcc9a22ac26bba6efe546
SHA1 694cec54200ff1ec70dc56320c577b652884b53d
SHA256 830db4be4c8320f23ff32316dac933d4e72d9056ea5a819cc12c38614da6e06f
SHA512 1c18acf4403915c6a2562f5e26c0ed7c4fc00e9d67d19622d1db8bb9338ff6d6e8bf9abe7317f1b529ef1c24901b45c3b13dc3b734d97582c91b206bee9aa8f8

C:\Program Files\AutoHotkey\UX\reload-v1.ahk

MD5 35f4753a58432446b99bf89a9e930bf5
SHA1 babc3341d9d95865a36ea9a20549a61146093006
SHA256 e4659306a755b583e9cef5fdba3b3eb102d8939fb028afd91aad4496e758fad5
SHA512 ac3483a17ead5173ce40a6af55c3c2361652fefd94c0bd82e004df8186ffc31eab194534a25fe995d677f2f71363095d177c01afb6ae50f2b63ba156855ef5e5

C:\Program Files\AutoHotkey\UX\reset-assoc.ahk

MD5 0299132478b49e3eb706c214bf32e62f
SHA1 9705c410b9f515269c512c64129ced8e0b1b23d2
SHA256 d26caef44190e0b612c3e4309ff6689dc2953c72cb3de1c94d002250b089f16b
SHA512 2a9ce8ee71ab207dbf4c4fcc2634d49233304da858c7880813a2127c2a063dc58703d4b2129498db630d081e1d72f899d348c01dbbcc359d92ab720b89ccdc44

C:\Program Files\AutoHotkey\UX\ui-dash.ahk

MD5 669bd791c5aafb60ee0885ef064d3622
SHA1 acefb3c3997e2eadd32413814e71aaaad5a8b6d4
SHA256 e8c0b4e149ad58c57e77aac12041f1fa8bc9f25c6d642d12837efc5fd97b8d21
SHA512 eb0345b3562523c58894752276938c7e5ee63b7c3a660317c9a4c1a93b6e530b12015dd380a8a230324b94a9f042380c1a1d24b49d21c3805a4711cb185a33db

C:\Program Files\AutoHotkey\UX\ui-editor.ahk

MD5 82eb574294ff4e2e7461b95f5bad0a87
SHA1 a981373ef3bd61ce5a2f0ad9bedaa1cf4acfd591
SHA256 7263286eb3a42eccf5edc39b43c74a8bf7c82f2671204d1ae654236c1de3f05d
SHA512 1c54e110b384d55ca0243ad343e69d1f0fa9b2a863af8da75a5c992d19f9e055182bba09be227882f82d0ebf4ec94094723e2db06cdf7ee2ed574348a8d72c74

C:\Program Files\AutoHotkey\UX\ui-launcherconfig.ahk

MD5 57dcc5f7853cfd0bdd49f35d1f86897b
SHA1 e7cc5a9f5f689054469c670cd4efee2889d26968
SHA256 179c96d787fae5dd26cdf832e5226142ab3e4f1ff53e3b1f24cecddcf3e79947
SHA512 742fcfffa94752fcdb37b28749c9fc7e43f1e467470fb3fe59aaab2a29fbecbe29ab113481fc5d009ada059975bba00d294442ec13437cef588179b7e88fb116

C:\Program Files\AutoHotkey\UX\ui-newscript.ahk

MD5 1b88198b4bd36eb25e23dc412321a555
SHA1 d3b5670d1bc7343ae40ad087bc22309dc17e118a
SHA256 31249ef15cce83d150a9a5de11168a5052ff2c55dbd574b8df1c054510b61843
SHA512 409fb90d7ea768c9d9a2574c09b8a69c93e8afd76234c24e3e0f71aa3f564a4f1aa46ff18ea328b1afccab54604bb239d37249d5811e3a84f0ab692b032a732b

C:\Program Files\AutoHotkey\UX\ui-setup.ahk

MD5 dd3f9c2f9115689f4350896752f15926
SHA1 fa19f1632b865b2bc098611a8be66e9f10dc692b
SHA256 68b114a2ea4af9df54709a78ec5991a1f271097b29cb93757403fdb158746bc7
SHA512 12f34d5ec7a7d5452eef97e4c87093240050756c564140874d316d0b9d194c961debe139badc943b024b680b68961ef6cbe71fc1a567c6622797f90ed51fa549

C:\Program Files\AutoHotkey\UX\ui-uninstall.ahk

MD5 0fe4932669e99a498a7bc76975919000
SHA1 e0d6a7b484d3a6c0d7427f611c575f93e4f87ba4
SHA256 1e09fc4af5dc3e673d4facfe4fa849c6bdd0b29c67b0efd7f96aaf387fcef698
SHA512 dd3b99739106953608ac2eb2ecc4e3d316b5122b1b305bd7cfab82fcc7ec0d92b5944f4724d37cbc01ca5c6b5381b57fad9256586b5dfd0026453f9c11a32394

C:\Program Files\AutoHotkey\UX\WindowSpy.ahk

MD5 e2067d978526b83a1da967f16a69c125
SHA1 08000fb66e6f1b1fcd450f32e1757a39b3a7ba16
SHA256 040404a4def02f17cdafda938f5b63fc2181940ba1290da5742db0862c07166e
SHA512 a453669b15c18f24a989a57441f961861578c09c145a4364c982410e5e05ab09b05ad4a77929ccf4ab9e00e5e3d73029a13660156bf4eef9011accfd59800ea0

C:\Program Files\AutoHotkey\UX\inc\common.ahk

MD5 dac79ad5a978f0497de70a005b6a6084
SHA1 db100ce15998772fe322679468f46b0f25239eb4
SHA256 dbc1420c9368e954176cd1bc38c0bf5498d721cb7dee50b5abef51611a33c658
SHA512 9f2a2c0e01724ef82860cfb97fbe6196d29b3b41080f04b3f51653f2f535849428b0a245bc954aa57569aa660d5a5a20d2d1e0dbb9081d718bf2deddb051f47c

C:\Program Files\AutoHotkey\UX\inc\CommandLineToArgs.ahk

MD5 e8d9a7e78d6a2a40bfb532b4812bde59
SHA1 5674b63092a69c419a42bab9e7462bde3bdb3cad
SHA256 a6c51e2188e31e3510577263d7b96db147b0df3dfa24c96df8fdd9d73da859ee
SHA512 dd7d78c7724dca4684c732b0f3f8e73af67610de8945255b48b9301672ac0b4f405c802a8cd4c343d53266f492d2d0dcd2727b5ebdb9e90cfc9173876b9ab905

C:\Program Files\AutoHotkey\UX\inc\bounce-v1.ahk

MD5 165b8fc572f943e3665994f87f1772b7
SHA1 265ca3d2a66a7e1807962eb7e8a444cefb61bc0c
SHA256 9b75c7f804d1d55807459e6f06db2bee8e1fb60ce9c9340d44a7b491ce53b982
SHA512 e675453eef9a10560cb9ea95e993d8068c8dfca3664a140b6ba33361d0736632b8ce3a37770411583f558476173294bcc12b83bf33190d89eb009bfb9bb5f0af

C:\Program Files\AutoHotkey\UX\inc\config.ahk

MD5 248b58535f55eb55d9baec04a384b5e6
SHA1 76d067318b67da9a3da71a232a887c8935c7068f
SHA256 4d1f241a0c973e30f1bf19e71cadb386b872a14bf0c29d32d4781a56cafd998a
SHA512 0186eb49da706c6cc6f48ecd94a4996c258ecea10bed26b9c79bddf0f7eca32df1449166309237859ca2508427bf79d447a2202eaeba211228da9822646cf23a

C:\Program Files\AutoHotkey\UX\inc\CreateAppShortcut.ahk

MD5 2ffbde65b63790c5aa12996e9ef9068c
SHA1 a793986e4e72d5b5a866e927855eacc3a0399a7a
SHA256 40a6f0cda5fd1dff324cab288bb453aa60b41b09dacbfbc64f2d871423f33935
SHA512 315b2803c8e803b238e87de63a5737350e41d248f67c54662341ca889c3bd5fc6fc2f516ca20f1ff4d74fca4af247b64ec7795d4c4e8990fffce49bbf037a906

C:\Program Files\AutoHotkey\UX\inc\EnableUIAccess.ahk

MD5 65d05ec61cca0547e218655e65e5ea7c
SHA1 1cf93558bb9f1ae5a055b3f9085bf4166b7f43dd
SHA256 a9a824a763195e5810bf904854af7ed41c025527b2b8faa7532c6f24189d69b9
SHA512 65172fa0f9148106e44fde99e0bcad173c4eef405a19b1f54961f2a248f6e6b0a05568d728e83d6582113d0d12a5e87ce763c53271c4d52b9362b19e22ea7d23

C:\Program Files\AutoHotkey\UX\inc\GetGitHubReleaseAssetURL.ahk

MD5 1a8ab9bb38fd0da51d03dc48e3a0b2ea
SHA1 5c74ddd45c91a39b921139881c76c48c97e35825
SHA256 48a3f822a720b8e9b41165a1d19d56411d1f58036338ebd07ab40f2a14cf0f1b
SHA512 1b88603fb9eb28e717cb77623ff0159f5f45e677c34316dc0c5d5c2ed46c59f10d3afb532b1f99920f91b8098e544873f944b1e0e575efd694dd24bdca22c14e

C:\Program Files\AutoHotkey\UX\inc\identify_regex.ahk

MD5 f27f09d324016bd49d2da38901e79a61
SHA1 f2af4ea1ca36dc4ed53ba3a5817b83d457c9029c
SHA256 c2563ab626df892398083404acecc5229300ba7dc6077b120844c65facfad854
SHA512 1dd5a6ddf87a3026f5b2d468197173af0c4e6c2eeab64113bcd2bbd56be46089e546f694fea2416aadc9c2669070b29ef26ec689dfbe73def8af6fd0de310d04

C:\Program Files\AutoHotkey\UX\inc\identify.ahk

MD5 3e5c97e6c3a76686329c81fba864b26b
SHA1 ec111d01a5299de2ca93c5441e92bb49d9d5e710
SHA256 f5b97911887c303b6859de44eff73780309e31e931dcba86a66aaafbe932af72
SHA512 c70ba459abb2c35edfd62dfbe6efb9c54d5341802a72ac7d6b3b63877f28a97a974b96b6de747e29909550d6ba2c5d14da40bef6d91841c5c8c5a903697307c7

C:\Program Files\AutoHotkey\UX\inc\HashFile.ahk

MD5 727ae6f2ec77a5b56774df9da14636d2
SHA1 8216a2122c825127ca59b05b0bae0d57e92f1110
SHA256 84032ecac8ed334cf8788a81bea721b0af5cd7ca7dca57b60cdec3556ae33914
SHA512 f1058216b5d1b8d590eb4cafd5139f71f8df5f96a3fcc314a7635cb1b99de8623d87c57c567868ebdafb09925b8d13fdadcee49fa89f1a239725a92b948272cc

C:\Program Files\AutoHotkey\UX\inc\README.txt

MD5 4b095aae00456aa248024a184671e4d5
SHA1 84ae516fbc62ce0aa10ffeacd7ba865a35a0a375
SHA256 d65c6e73417e6bba7a619f2e68933b74e6ae6141277b65542aed9b6acdfc83ff
SHA512 77aabe92719d8fc7a28c76f3b76fa2e42a188db14f004262d8e913620aa990cde29119b82d919511fc0d828ca0a108ea79858ba158b6a8ed6a260b72b4ee229d

C:\Program Files\AutoHotkey\UX\inc\launcher-common.ahk

MD5 65029d2c4fd46ea517b13d615a0584f5
SHA1 fb924c85e3e032b997aa86f85964516849baeb27
SHA256 220629b006d13b24afb3367abeea424c5b4103ac0c5a137fdc9d98047cdd908f
SHA512 c1346142f1b6dd5bd9a0d8cc9aac843e117f646f09a7ac40488ab513781d0162504249d7305e63080363bd273ffbb9d5f29c6dd860b9a80928aba944cfd51a0c

C:\Program Files\AutoHotkey\UX\inc\ShellRun.ahk

MD5 9e53fca8c7f6a9ee179f0fc0a7890ea3
SHA1 dc2a1bf437eea36b3f5ba9318f3b391b405d5cb2
SHA256 ea67340c555fdc1abf8e324ac550ac37d2ba5f96a8edef120e72fb340f8f95c0
SHA512 cad5c07f952fb93413b4a3990c522ba4b446ae41f11c8dd323bdcde1b30fbfd76515606d5dc4bcb8768bd382cdb82553801539a192b002696d253341f3c0dbc5

C:\Program Files\AutoHotkey\UX\inc\ui-base.ahk

MD5 f4251e653dbbbdd8cf4640bd9855c207
SHA1 d08b6e5796150aa1436fd3da39bfc5fdbaaee297
SHA256 deffd87d99ff125eccac2331a8ba4e3a0044e150e80316e9469dd57f322beda1
SHA512 86896ccb0acbd27eeefe6e02747958cafcca31541638435dfe9f08d89b763144f6b5fb521df11dce4c3f46b186de4905f56ebcc7c57d4c29ef2a0731a6492698

C:\Program Files\AutoHotkey\license.txt

MD5 e3f2ad7733f3166fe770e4dc00af6c45
SHA1 3d436ffdd69f7187b85e0cf8f075bd6154123623
SHA256 b27c1a7c92686e47f8740850ad24877a50be23fd3dbd44edee50ac1223135e38
SHA512 ed97318d7c5beb425cb70b3557a16729b316180492f6f2177b68f512ba029d5c762ad1085dd56fabe022b5008f33e9ba564d72f8381d05b2e7f0fa5ec1aecdf3

C:\Program Files\AutoHotkey\UX\Templates\Minimal for v2.ahk

MD5 cdc8756680c459bd511d2bd2895fe2b2
SHA1 a7ea57fd628cfe2f664f2647510c6a412c520dfb
SHA256 7f618d3ca343a0739a52a4a3c4f5b963ed98dc077b60c65fdc77d70fb0ec12d3
SHA512 101722eb5bba352d557e7d70704e24a54a129276857e8cc13f40da26dfa9267a67de79e52a0f552ff676d1825d0fb2eb467837b397d2e6905fa90d6891bccd45

C:\Program Files\AutoHotkey\UX\inc\spy.ico

MD5 eeecd8af162d3f318496e0e60d6d8c57
SHA1 31a99c80e4f1033914ce9344e95b84571f76ad2d
SHA256 968473df8eac7264d9e84e6ae91a4d706cda9f89f345d182617b161ef4fe1a7b
SHA512 6f55968adf7f2f02e128945016ed0c4d003c9640e4cbfc7b22b82374647e6ebdb07c02e99240da369789f4107d2c130e54d4acb1324455fd26668c4d1d009884

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 fda96c2b1da6f0efee8c6f5ff222b7fe
SHA1 dec72efb356f96dcdfa505ea4e354ace4c8ea535
SHA256 41b22b86a2c25a32153fd32e616d3240b95c6a9f794cd558ef140e7fa7dca166
SHA512 b56da7ed243485cc30383ecfc633209fdfd315d350510895c38615043f3c76c7590a64a0affaa9af55bb6dd7ec5504254b4256ac563688a4d69a2edad64cff1b

memory/4064-2758-0x0000000000400000-0x000000000094C000-memory.dmp

memory/4064-2759-0x0000000000400000-0x000000000094C000-memory.dmp

C:\Program Files\AutoHotkey\v2\RCXFA60.tmp

MD5 05e6a26ef0c5817b495217fc961ec048
SHA1 6bbbc127e3abfe9652dac77a7b48ce0ef9d57b95
SHA256 b25ed4b16abd8087da1c96e4d7a81676069c80dd7cdd373730e02db2b9bec3b3
SHA512 83d0ea3cf7bd56950f4e8c4f58e0ac49790403eb09a9263ec2e650af88a2d2cbc53d270ce29b09f3f6f5143a1335c2b2dbb0561eb1655ce6d4037550459920c4

C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-160447019-1232603106-4168707212-1000\f213bf5a8af890680781f9b7261613ea_f9d1bf68-a4a3-4e40-8567-86018b80b4b2

MD5 ebb8c8eb2829bbbcb0bbd9c2854202ed
SHA1 9b0693e8c8e61d3a7e28fbb538e9653216322c50
SHA256 96092c024697e7564c606503466cd9f4ccf32871e81c33c248cca4bfa8f83990
SHA512 731ab2653742729f45f4327febccfc8345c9a54c5b8cee5f8d451f79eceb692b3ea84c81613b4ddfa880b6801127da97cbf14fc5cbf1bb42f4e92f30c5dbf630

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey Dash.lnk

MD5 010101209b6afa6634484b73f9f835be
SHA1 b9a3796762496dd30832a7d4eae8b97f93567357
SHA256 5e74445f81ccf5cd2b74a674f5d49ff36323e524a40168bdab1ca22850237a00
SHA512 0cde4e4c8dfeaed6e82936479d93c0d2f17550160dbcb3b42704e2f3a36205c9a56b98efd5df9105aa0eca86827b9d87f66b1469a41a7e428054fc013d6b5f4f

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey Window Spy.lnk

MD5 06d0e2bdfe17238a08738ce587e4378e
SHA1 82d9775abf4d1be56dda6f2a95e110bd86a26760
SHA256 79e9e380dac8c3186eefd8f8fe0f00cea53cacce972d03f6614a0cecb4054ba7
SHA512 03f079b4c34ff2a0692b2f5701f814eb0866f231e7ef48ce5b90cee52276ae71c49b27c74e841d00169a9ed0f3bbc281de26c5b79dbffb2921f229ea89504bb2

C:\Program Files\AutoHotkey\WindowSpy.ahk

MD5 e5918a52b52ca3ce2e99788a26477984
SHA1 87c2b54b65663e1e29e866224faeed7e8bac759b
SHA256 c1908cfc4b224b3bc8d1a5c67cfe4acdb4e738d8acf98560905afc412981c18b
SHA512 4f320cbea5adfed4b07012e04281e8713689271932b26d3886e3519389b15e2adadb87217c5bf09b080d3db976c77accf555493b7eab5ceb45bc59131772f8e6

memory/4064-2929-0x0000000000400000-0x000000000094C000-memory.dmp

C:\Program Files\AutoHotkey\.staging\AutoHotkey_1.1.37.02.zip

MD5 20a979f8c1f21b304fda42139c5ef2b5
SHA1 fad2885d3e9a65c0ef89ecb62e277a9c1f4cf652
SHA256 6f3663f7cdd25063c8c8728f5d9b07813ced8780522fd1f124ba539e2854215f
SHA512 d04aef8e9688bbc724cc64e34c16b6a059f2a11570f867e50bf158fde6f4490ff80aa84d13454db5325848ff85b39d42d29c9d03fef94ad94a763cd7343b1f28

C:\Program Files\AutoHotkey\.staging\v1.1.37.02\AutoHotkeyA32.exe

MD5 fd94b77958305a1ac3eeac27ee765256
SHA1 bdf7f5633cd529186c7c9c87c120a58c35515d2e
SHA256 6a98b438b67da7316e9251eb1a92cd5384a8349d239a77903f7282fa076a77c3
SHA512 1e97ddbe9374513ec9a1f51313efb3621f81a309bf78982688b4c19aa389f0b422a604d8adcd84dc1ba28f44135d30edde06e32705fe02762e92cf2bbc725a91

C:\Program Files\AutoHotkey\.staging\v1.1.37.02\Compiler\Ahk2Exe.exe

MD5 78515b1091f74c0f828aed92d3c972b0
SHA1 0103e030518db102631310ce4e2eb7673d7a1994
SHA256 754a28ed76a7b4eba7909b146cfc4c4c2aa43aff54e10a5cd6dbc939c0732b6a
SHA512 8edcfe6a59d56d69f0fb7672410fcb24fa0722a5d651f076a3b76a424140e162a213fb038c995ae9c2024929c88aa1fbd979694a485163c2d3f8ca3be75502a2

C:\Program Files\AutoHotkey\v1.1.37.02\ANSI 32-bit.bin

MD5 31ed560d3edc5f1eea515c4358b90406
SHA1 36efc45f806ee021ef972dc80932f13f532d9ccd
SHA256 f5a5c05bf0fedcc451ade5676a5647e828a6f08cf6c21970e6c035f4311b5a3c
SHA512 cb410bad3297493b68e51677b920a808393a30096eefd1cb2c7cf07c8432c78658e803099841be8167eff3f42475b765992da7c11a31e39108ba49010b07ba6f

C:\Program Files\AutoHotkey\v1.1.37.02\Unicode 64-bit.bin

MD5 30da2df436169d6f09732e61d8849a05
SHA1 25694362dfa391caf55733772ca61a95978d507c
SHA256 6e7c9ae1daabdb958a4d9c8e7297ba956c9504b5f76ce61fc31281f5bb0b0b55
SHA512 134b616b01a18f9451cbfd947d6dfcba21a31615a5cb513a29c6e5f77d8bb2776e868a215f7f533b1bac6a82536cd8838db7b1f69025735cbacf94afce158066

C:\Program Files\AutoHotkey\v1.1.37.02\Unicode 32-bit.bin

MD5 db213c2dc5d0f542a1e925f09c021e05
SHA1 41bebccc1dd9c44c4407892daa3d3fe44c2216d7
SHA256 2d193510b56fbdb8530f8ded2f1c9fb982df971dca5fad1f24f558be16a4f804
SHA512 dd0977a599359f577c5a52d0f86092a12488f291613a0d4812fca64e0553c4d61501d5213e7afd1a62c62da8470e4453f8d1ea2bbea0be74ab223bd4b47e97cc

C:\Program Files\AutoHotkey\v1.1.37.02\AutoHotkey.chm

MD5 17d5e275dbc8278d888f7da1d681d7e3
SHA1 245cd35e6caa42fdd3936d2122c7464c877d6591
SHA256 de37a93068ca25701b3413eab0f01fa1646d2dab0346d78494192e95d94ad521
SHA512 041420c5fcba5d2fa5e2d549319948eb77b416cb32ce848218b2681f3bdb5a7ab50d795cfdabd068330f6a4f16812ae91564d654a958b0f0bb188d11890c4ad2

C:\Program Files\AutoHotkey\v1.1.37.02\AutoHotkeyU64.exe

MD5 2d0600fe2b1b3bdc45d833ca32a37fdb
SHA1 e9a7411bfef54050de3b485833556f84cabd6e41
SHA256 effdea83c6b7a1dc2ce9e9d40e91dfd59bed9fcbd580903423648b7ca97d9696
SHA512 9891cd6d2140c3a5c20d5c2d6600f3655df437b99b09ae0f9daf1983190dc73385cc87f02508997bb696ac921eee43fccdf1dc210cc602938807bdb062ce1703

C:\Program Files\AutoHotkey\v1.1.37.02\AutoHotkeyU32.exe

MD5 b6af97aa32c636c3c4e87bb768a3ceb7
SHA1 83054af67df43ae70c7f8ac6e8a499d9c9dd82ec
SHA256 ba35b8b4346b79b8bb4f97360025cb6befaf501b03149a3b5fef8f07bdf265c7
SHA512 54d2e806503f8a4145ee1519fc5e93cef6bf352cf20042569466f6c402b0a402bce99066decd7729c415cd57da7a9923a1b65926b242672731fe2f9709cf6920

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ahk2Exe.lnk

MD5 0609c51484f7268a0a5ef23a6dfaa7a9
SHA1 8c28bad8a40dc6478b5068f20cf35c4181932dae
SHA256 96e92150fd8ec1734eaca6b1e5dc0cedf3997f3cc2a8e6955fd737bfbcf11341
SHA512 0877602cc91f5c2541be5bf40238760920c345b2078a7dceee33a9cc3f8132a182857042ab8dbb7923e392b3a956dc53778e369d6539d1d8da2eb1e5a7a0636c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 b6a4abc7809fae3bfefadb47b4e91263
SHA1 1ad36b97554b58e008ccd71a1d99c893ff330120
SHA256 6b899914c18abdfdf7960bbf8cdea57ee2de97e4a4fa482ea29d8b89519293d4
SHA512 6ec2f3664e13705d854c2b5b69d93a5786b393e06d0204813033b003aaf186595b11ffa0e843f807649edf5ae8c61e323381f68c84d8ab214a78c84d52b2c627

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 bac541df7b2ae18c8e01c4b8f3fb311f
SHA1 56f6c0332f5932abf5f518eddda8dc8ce314d08e
SHA256 b2b77ca2ab98765ed6c0db35348b3ad84de652d55818ac46deb1364365fbe41b
SHA512 97027ac0d9fa80cb829f874186e6c6614b2043b1548623184636ad6d854afc1774f17f07d321c8c386ebfc8d5333c9d69e698be6d18d08811883fb20f44ecfcc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 b3a2e7fff08a3b1e931408c81adec5c5
SHA1 2ec6dbb492ca98c60f9b5d845811fdee84f0a1ae
SHA256 1fa97f2d837ef888d4f24cf84df90ff3f757bee670bc56a635214870422b8b3b
SHA512 980bddb355be19f754c448d69356c664c42731ba56b546a6ef832af1a035639aed8219ebfefb50d07335a60ea78b6dc20b6fa3a2bfb48897b884d6130a3ad118