Analysis Overview
Threat Level: Likely benign
The file https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w was found to be: Likely benign.
Malicious Activity Summary
Drops file in System32 directory
Reads CPU attributes
Drops file in Windows directory
Changes its process name
Checks CPU configuration
Reads runtime system information
Browser Information Discovery
Enumerates kernel/hardware configuration
Writes file to tmp directory
Suspicious use of SendNotifyMessage
Modifies data under HKEY_USERS
Checks CPU information
Checks memory information
Suspicious use of WriteProcessMemory
Suspicious use of FindShellTrayWindow
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
Enumerates system info in registry
Analysis: static1
Detonation Overview
Reported
2024-08-28 02:13
Signatures
Analysis: behavioral6
Detonation Overview
Submitted
2024-08-28 02:13
Reported
2024-08-28 02:43
Platform
android-x64-arm64-20240624-en
Max time kernel
1811s
Max time network
1834s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.179.238:443 | tcp | |
| GB | 142.250.179.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.180.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | open.spotify.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 74.125.133.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | open.spotify.com | udp |
| GB | 173.194.76.84:443 | accounts.google.com | tcp |
| US | 151.101.131.42:443 | open.spotify.com | tcp |
| US | 1.1.1.1:53 | spotify.app.link | udp |
| GB | 18.239.236.3:443 | spotify.app.link | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.40:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | encore.scdn.co | udp |
| US | 1.1.1.1:53 | open.spotifycdn.com | udp |
| US | 1.1.1.1:53 | www.googleoptimize.com | udp |
| GB | 2.18.66.8:443 | encore.scdn.co | tcp |
| GB | 2.18.66.8:443 | encore.scdn.co | tcp |
| GB | 2.18.66.8:443 | encore.scdn.co | tcp |
| GB | 2.18.66.8:443 | encore.scdn.co | tcp |
| GB | 2.18.66.8:443 | encore.scdn.co | tcp |
| US | 199.232.210.251:443 | open.spotifycdn.com | tcp |
| US | 199.232.210.251:443 | open.spotifycdn.com | tcp |
| US | 199.232.210.251:443 | open.spotifycdn.com | tcp |
| US | 199.232.210.251:443 | open.spotifycdn.com | tcp |
| US | 199.232.210.251:443 | open.spotifycdn.com | tcp |
| GB | 172.217.169.14:443 | www.googleoptimize.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 172.217.16.227:443 | update.googleapis.com | tcp |
| GB | 142.250.187.196:443 | tcp | |
| GB | 142.250.187.196:443 | tcp | |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.200.35:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | open.spotify.com | udp |
| US | 1.1.1.1:53 | open.spotify.com | udp |
| US | 1.1.1.1:53 | open.spotify.com | udp |
| US | 1.1.1.1:53 | open.spotify.com | udp |
| GB | 142.250.180.2:443 | tcp | |
| GB | 172.217.16.227:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.180.14:443 | android.apis.google.com | tcp |
| BE | 74.125.133.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.187.228:443 | www.google.com | tcp |
| GB | 142.250.179.238:443 | tcp |
Files
files/dom-0.html
| MD5 | 56ed1731c596e052cc76a7e3de6b58bf |
| SHA1 | 58cad8f92e3fa2ed65dcc3925eea82268a074d04 |
| SHA256 | dc37d8d8eb69e6e657696b5b076995a9cbe3719b5a0d6439d46e0c05e2e0360f |
| SHA512 | 0f0b8113532401bb1e1d691f7a9dea83a76c53cf7d06f900bc5c3406bdea4e9be4c1395bec99b176678a955553d98015b455ec8bd1fd298f6b1ab831f6d996a5 |
Analysis: behavioral10
Detonation Overview
Submitted
2024-08-28 02:13
Reported
2024-08-28 02:13
Platform
debian12-armhf-20240221-en
Max time network
5s
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral14
Detonation Overview
Submitted
2024-08-28 02:13
Reported
2024-08-28 02:13
Platform
debian9-mipsel-20240611-en
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral17
Detonation Overview
Submitted
2024-08-28 02:13
Reported
2024-08-29 07:22
Platform
ubuntu2204-amd64-20240729-en
Max time kernel
0s
Max time network
384s
Command Line
Signatures
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/module/apparmor/parameters/enabled | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/dbus/mask | /usr/bin/dbus-daemon | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/1576/attr/apparmor/current | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/1576/status | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/mounts | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/1571/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/sys/kernel/cap_last_cap | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/1592/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
Processes
/usr/bin/xdg-open
[xdg-open https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch f2de92a803c744e586bd87567a26b68a --binary-syntax --close-stderr]
/usr/bin/dbus-daemon
[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]
/usr/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/usr/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/xprop
[xprop -root]
/usr/bin/grep
[grep -q ^Enlightenment]
/usr/bin/uname
[uname]
/usr/bin/grep
[grep -q ^file://]
/usr/bin/egrep
[egrep -q ^[[:alpha:]+\.\-]+:]
/usr/local/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/local/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/bin/sed
[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]
/usr/bin/xdg-mime
[xdg-mime query default x-scheme-handler/https]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch f2de92a803c744e586bd87567a26b68a --binary-syntax --close-stderr]
/usr/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/usr/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/xprop
[xprop -root]
/usr/bin/grep
[grep -q ^Enlightenment]
/usr/bin/uname
[uname]
/usr/bin/sed
[sed s/:/ /g]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/usr/bin/grep
[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/usr/bin/grep
[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/usr/bin/grep
[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/usr/bin/grep
[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/usr/bin/grep
[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]
/usr/bin/sed
[sed s/:/ /g]
/usr/bin/sed
[sed -e s|-|/|]
/usr/bin/sed
[sed -e s|-|/|]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/which
[which firefox]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/firefox
[/usr/bin/firefox https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | _http._tcp.security.ubuntu.com | udp |
| US | 8.8.8.8:53 | _http._tcp.archive.ubuntu.com | udp |
| US | 8.8.8.8:53 | archive.ubuntu.com | udp |
| US | 8.8.8.8:53 | archive.ubuntu.com | udp |
| US | 8.8.8.8:53 | security.ubuntu.com | udp |
| US | 8.8.8.8:53 | security.ubuntu.com | udp |
| GB | 185.125.190.82:80 | security.ubuntu.com | tcp |
| US | 91.189.91.81:80 | security.ubuntu.com | tcp |
| GB | 185.125.190.82:80 | security.ubuntu.com | tcp |
| GB | 185.125.190.82:80 | security.ubuntu.com | tcp |
Files
/root/.dbus/session-bus/f2de92a803c744e586bd87567a26b68a-0
| MD5 | a54a3abb222f5cad2dd78bd4c08f931b |
| SHA1 | 4fe1f25b396bdd70e3f64f195215992e920ee4ec |
| SHA256 | 9ecc51abfdf9db0a21509856ee7cfc78d63486eebe21fb5deb21bc7f33ad9f50 |
| SHA512 | 05fa7bc8f0056b5494b470c9855d6860446376ceb85f10b2634c58ee808a54f819638781db3432e25a1f91ba6cb50cecdd6af07d4e106f3335a2c10406e17c1a |
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-28 02:13
Reported
2024-08-28 02:43
Platform
win10-20240404-en
Max time kernel
1799s
Max time network
1724s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133692848065614981" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffa74989758,0x7ffa74989768,0x7ffa74989778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1520 --field-trial-handle=1828,i,619059364274022446,3926154937467051933,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1776 --field-trial-handle=1828,i,619059364274022446,3926154937467051933,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2100 --field-trial-handle=1828,i,619059364274022446,3926154937467051933,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2832 --field-trial-handle=1828,i,619059364274022446,3926154937467051933,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2840 --field-trial-handle=1828,i,619059364274022446,3926154937467051933,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4580 --field-trial-handle=1828,i,619059364274022446,3926154937467051933,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4920 --field-trial-handle=1828,i,619059364274022446,3926154937467051933,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4924 --field-trial-handle=1828,i,619059364274022446,3926154937467051933,131072 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3d8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5580 --field-trial-handle=1828,i,619059364274022446,3926154937467051933,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5620 --field-trial-handle=1828,i,619059364274022446,3926154937467051933,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3232 --field-trial-handle=1828,i,619059364274022446,3926154937467051933,131072 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | open.spotify.com | udp |
| US | 151.101.3.42:443 | open.spotify.com | tcp |
| US | 151.101.3.42:443 | open.spotify.com | tcp |
| US | 8.8.8.8:53 | certificates.starfieldtech.com | udp |
| US | 192.124.249.36:80 | certificates.starfieldtech.com | tcp |
| US | 8.8.8.8:53 | open.spotifycdn.com | udp |
| US | 199.232.210.251:443 | open.spotifycdn.com | tcp |
| US | 8.8.8.8:53 | 42.3.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.249.124.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | encore.scdn.co | udp |
| US | 8.8.8.8:53 | apresolve.spotify.com | udp |
| US | 8.8.8.8:53 | clienttoken.spotify.com | udp |
| US | 8.8.8.8:53 | api-partner.spotify.com | udp |
| US | 199.232.210.251:443 | open.spotifycdn.com | udp |
| US | 199.232.210.251:443 | open.spotifycdn.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.googleoptimize.com | udp |
| US | 35.186.224.24:443 | api-partner.spotify.com | tcp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.24:443 | api-partner.spotify.com | tcp |
| US | 35.186.224.24:443 | api-partner.spotify.com | tcp |
| US | 8.8.8.8:53 | gew1-dealer.spotify.com | udp |
| US | 8.8.8.8:53 | pl.scdn.co | udp |
| GB | 2.18.190.74:443 | encore.scdn.co | tcp |
| GB | 2.18.190.74:443 | encore.scdn.co | tcp |
| GB | 2.18.190.74:443 | encore.scdn.co | tcp |
| GB | 2.18.190.74:443 | encore.scdn.co | tcp |
| GB | 2.18.190.74:443 | encore.scdn.co | tcp |
| GB | 172.217.169.14:443 | www.googleoptimize.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | tcp |
| US | 8.8.8.8:53 | pixel.spotify.com | udp |
| US | 35.186.224.41:443 | gew1-dealer.spotify.com | tcp |
| US | 8.8.8.8:53 | pixel-static.spotify.com | udp |
| US | 199.232.210.248:443 | pl.scdn.co | tcp |
| US | 8.8.8.8:53 | mosaic.scdn.co | udp |
| US | 35.186.224.24:443 | pixel-static.spotify.com | tcp |
| US | 8.8.8.8:53 | lineup-images.scdn.co | udp |
| US | 35.186.224.24:443 | pixel-static.spotify.com | tcp |
| US | 8.8.8.8:53 | i.scdn.co | udp |
| US | 199.232.210.248:443 | lineup-images.scdn.co | tcp |
| US | 8.8.8.8:53 | exp.wg.spotify.com | udp |
| GB | 2.18.190.74:443 | i.scdn.co | tcp |
| US | 8.8.8.8:53 | daily-mix.scdn.co | udp |
| US | 35.186.224.24:443 | exp.wg.spotify.com | tcp |
| US | 8.8.8.8:53 | api.spotify.com | udp |
| US | 199.232.210.248:443 | daily-mix.scdn.co | tcp |
| US | 8.8.8.8:53 | spclient.wg.spotify.com | udp |
| US | 35.186.224.24:443 | spclient.wg.spotify.com | tcp |
| US | 35.186.224.24:443 | spclient.wg.spotify.com | tcp |
| US | 8.8.8.8:53 | 24.224.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.224.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.224.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | o22381.ingest.sentry.io | udp |
| US | 34.120.195.249:443 | o22381.ingest.sentry.io | tcp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 35.186.224.24:443 | spclient.wg.spotify.com | udp |
| US | 8.8.8.8:53 | web-sdk-assets.spotifycdn.com | udp |
| US | 199.232.210.250:443 | web-sdk-assets.spotifycdn.com | tcp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 199.232.210.248:443 | daily-mix.scdn.co | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.187.202:443 | content-autofill.googleapis.com | tcp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 35.186.224.24:443 | spclient.wg.spotify.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | 249.195.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 250.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.86.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.169.217.172.in-addr.arpa | udp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| GB | 2.18.190.74:443 | i.scdn.co | tcp |
| GB | 2.18.190.74:443 | i.scdn.co | tcp |
| GB | 2.18.190.74:443 | i.scdn.co | tcp |
| GB | 2.18.190.74:443 | i.scdn.co | tcp |
| US | 8.8.8.8:53 | www.spotify.com | udp |
| US | 35.186.224.24:443 | www.spotify.com | tcp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| GB | 142.250.187.202:443 | content-autofill.googleapis.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 26.173.189.20.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 57.110.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | tcp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
Files
\??\pipe\crashpad_4880_IRJHKMXYLVUDJBEE
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013
| MD5 | 2257803a7e34c3abd90ec6d41fd76a5a |
| SHA1 | f7a32e6635d8513f74bd225f55d867ea56ae4803 |
| SHA256 | af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174 |
| SHA512 | e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3450ee9572fd8500049f8120fa013f4b |
| SHA1 | 2669174cfe8d608d8661049b09dda0910f6dbd87 |
| SHA256 | 15c4ceb2fa6307cff9f37515c1a48600f2ce0c1796447241dfbe682500203e4c |
| SHA512 | a8dc988d3375f51970b20f4e67c6ef57049b4aa41732bbee652857163d6e66d3d2c2cb5f45fb9f7a9e47906e18224b7d8eb62d096e144c92c4eaaefac7951624 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 75ed877ee2e883cc40308f9a5297b0a7 |
| SHA1 | d89bffc6c9e483e4345faa1b32e29aee68acf7dd |
| SHA256 | 0f206dd5e084b1bd4936d9300a9411e9ed89f4aaa9ae861e237ee8c7d548fe8e |
| SHA512 | 09abd796bf3b115c91c73e827618f157e91b2d0e1efd99df9e3b3346f0330f2169a30ae4fb63fedebe5a81e5ace0e23881763fbfc25127a849672ee6c7af77eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ce536c1b54406fd027db136c474c2dd1 |
| SHA1 | f9908031fe2fdab55d5a073845529f3f2df93dd4 |
| SHA256 | 22899ca094c846bd864136d7faca5e202a560dadebfbdecb42c9230fdced28bf |
| SHA512 | 727cab0f33e111ff845caf991cc7dfe4c5d2f946b435a7f6f4c3b934182e992c512039794be85ee5e4053ddb2d5b857af0afb6c45a60f6736ca35f783c2aded5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 99b81593e0a24d21a4ed8a743fc1657b |
| SHA1 | 5ea3e0b3e286f1614541a327f67db797e8161f5d |
| SHA256 | 9b6cdfdd6fee78df91db827a4d966e2d3e20377d2c85ab2db82efebf093b118d |
| SHA512 | 2a7c6aadb1daccaa445ef39b99182533ec4e0f17a436ba88c273dfb7a63225cdae0d9a4437f5f4666f0d1b88d3e87cbc82c0583d0c525440d2df0ce359361528 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1f02daf4009a912964c7f60bf73f35c6 |
| SHA1 | 62f407942f362b4100e1381704a4e72144035abd |
| SHA256 | e0065488886af59a5ecb17be5ebccdc95c313652a7f3f98c1b62e27fb86c7592 |
| SHA512 | 56c489b1aee9a9bd89f71a5dba253b0f8ada2d194feaea6700ae4005853caa5c0471e689f6d275733da82ade3695356a25e0fb343baf739234a3e940109fc57d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57c498.TMP
| MD5 | ae9e777a3ccbcaf59f238d2c2d3b141a |
| SHA1 | 0a39766705ae7da2903268bed98361944fd93198 |
| SHA256 | 07fec988c3e14192bdb2df1fc2b3ffbb1dc2478c136541396a6a3e5bf5bea108 |
| SHA512 | 77fb1530fd47a15a4ccef56f018477b5f7432f2395b4b2b395fe32b56f5bc1234913ebe390d144fb608bf6450c5dadab72313dee87d83a7a33dce97c2da4b8c7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 46566557036e537b439a1e9335b6c0f0 |
| SHA1 | fabe9aaea594b7db9aa916862244807d1dc02ef8 |
| SHA256 | ce92a0817dba4d8ba48aa116e48d9db8a90b1ea4bd2335fc209dd4b19bd8c142 |
| SHA512 | f7f0e3f9b6eba780bfda47c62a18d7481e686f047d16fd2ef59c8b4bf833cd32c18cb0805c25edabd6e07ed596583bb60dd4ed842d5dfb6d79ef44d00dece54b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f6ca645303f70f30871ee17c4740b081 |
| SHA1 | 34518600642cb8fa08751984f87833c10c01f64d |
| SHA256 | 263bbe9acbb079d840797eb20ada264bac5fc087209ed238bd3c3881c8d8a891 |
| SHA512 | ec7a87ea5bc73cccdb3872c91978d5640a24d03782ff4ab85c240a00bfb83d6d7476cb84ead5d992db44c4db1d3e0165c72c72986c5667f11e69238976b20ef9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\397e5d81bdb71a423054f3b5524da80fc3c2e3bb\9d889bdf-2ccf-434c-aa60-a4b7a9d0c0ca\index-dir\the-real-index~RFe57f25f.TMP
| MD5 | 8e87281f56319c9d44d43a04a0a21202 |
| SHA1 | 0bfa0428fcc6c4639687181f8f367e8757427125 |
| SHA256 | 566098d88c16640e2ea52204e8b3a940ce18bd0cd4317d4ed2c29a4b16bac7df |
| SHA512 | 5c8d8a148f9dc0fb3d5c7982af27e73683416063685cd6c852aa769709ba2f8be7b204b3cc2f8fefc7e3c085f348b36280792546497fa531571aed66cb5141f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\397e5d81bdb71a423054f3b5524da80fc3c2e3bb\9d889bdf-2ccf-434c-aa60-a4b7a9d0c0ca\index-dir\the-real-index
| MD5 | 0eb0b0114844d8d526834ce84426e5d7 |
| SHA1 | 1575aa7d9347ecadcaafd52676ee230c4d54eaad |
| SHA256 | cf3d85c9f59afb99c3bd653f27f29a4ba5a328980cd8f440b1d493fc6f2be59a |
| SHA512 | 9c522c1702f805414350a02ca6b451e5785088103a7873b06df8735cb5b1b5a75695b483c67d89a124ab6473ff6af2c6635aec6300a9eee26a53e0492fee5a54 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\397e5d81bdb71a423054f3b5524da80fc3c2e3bb\index.txt~RFe57f28e.TMP
| MD5 | 850b3776751a12458788ad6fbcf84411 |
| SHA1 | 30ce864d1684168d4f512be7a72703d54a8963c0 |
| SHA256 | 0d73da92f2c60eccf2af7665c261c6c301278c758c7f62d611ea58fecf7dc0b5 |
| SHA512 | 74fd99780c5f12ed69e77287f26c200d7a0375661f95a808ec0e61dd44f59c8cc1d8a7e9755050e4df9661d1d963afcc2451b3f223699388ef2315b5b31eedf8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\397e5d81bdb71a423054f3b5524da80fc3c2e3bb\index.txt
| MD5 | 32c57c2c3da8e10155cf35ede2cfcf8a |
| SHA1 | 41356ea117187833d19f83a597f4c45e82e703aa |
| SHA256 | feb31e29bd721d0ec9afd83f43c4bf8254749199d0d862a8fa1fd1da2513daa0 |
| SHA512 | 52a4229390669ec043e07901774daba8d693b04e27a9812393640127aaccc49025b046c5041b5ff14fb7b644893eabd15515e21186e47a9607bf045494318440 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2fb40791576db7e78d64a95fcde0cc73 |
| SHA1 | fefe9685e65027a603d81647410dc38a59ffb78e |
| SHA256 | 22d0cd90eadfea2ae1d356142134475fca2d89c97c7054945b65f42f71e9783e |
| SHA512 | e9439fb58de0683132cc4e245860e82b13ee582c244998064c7909eeff233f965111058ce47baddcdccbe45f448b27f1bfe1f930ec2edd6c7e0af42d457f2e6b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 464689e8a47b9bc132f78d7296fd456b |
| SHA1 | cfad5674f6107f6ceafeba0ec5e00dcfc1f91e57 |
| SHA256 | 545409750daf6e59eb505b0ce33e8b58993516c656bbd96462bb21345d2927f7 |
| SHA512 | 3fec09e612f4b47cace252e05643b52b96adfacc22bcacf33443d9e2137a1351d0745d4f8fa7f2a72d6e2ca8d0a2a8929ce835a15c16fb2603fa044f02af3022 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8bc60d9db55d79d6af6d93dffcaaf6c5 |
| SHA1 | 9274de8d71eb3170cf23170ce6bb52e5bdb27b94 |
| SHA256 | 075a3b492fd94c0300d6b4f72432fa3c21d5a7e469b98bacf5e508661bb7cb55 |
| SHA512 | 013ec94fc9b1205a04f4f9da99b341831a11a05f0762c674223bb7f1d5a8a0f9c9fd02867dd74dd5a6e53561a6f97c8be41d617d5124eb973f55556eb8dd24af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 7a4fe4ba78c1690d93a87267e82c1790 |
| SHA1 | 9f2f931b8f6ebf915459a9f74e09226c9f3f224c |
| SHA256 | 25ee6f091b0840ba1d7b53e780a552a1bca600194a50d0f14aab2464e2cd8c7e |
| SHA512 | 4fa20b5806e93bcf1addfeabf298919da55ceed51e1c0ab58465ef7c3d78375fd129e3ea68def8ef0581baefca75b8d1018449f18806b53481776b47235e2587 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 852229ec4e1b6238f9ff8169ecfc5efb |
| SHA1 | 1def093e94abbd4ab4e409f7f7adc76d97e7233a |
| SHA256 | c27926381f015392be06152d9a66d23b5547a9bd3d557a995faffef62dc36382 |
| SHA512 | 37beccc52a0873caff9eb14bc0f5f5f7e2642888b0ec8702a3951e7841a7aac6d65ec4d35f5b80b5ab3e09de1254dcf90b8301bfd33b29ba7f6536e4fedb164f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | b96d74c3d53546484b511c6a9d4124ca |
| SHA1 | 19b097c42a787938aa058bf14b2b985cb84db8dd |
| SHA256 | 4e949e44df54cb2bd63dee294e760aed0789f318067b0956475231e094094272 |
| SHA512 | abafec2823115eeaccc844af2c7fa1fa599a3b18ac4072f23cb551f7e06fcb8a044723c01ed63682fe3a1a72aa8381340065d9f3887705a007e8e06584fb07d1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 94b554cf134e75fb9ba658566ff3e70d |
| SHA1 | 3c7f905d0c3e539375d65d7962c3eae2268f56fd |
| SHA256 | a11eefc73cfb5aa7e4c478da837832d76fedbbba46bcae068e0f77bb0b4cedae |
| SHA512 | 6fb4375a69805b62d34689dd54d2b495fe89132157d3f251ae0641777d2d2ee916749ff11a1e5aa495f81dd49a3e3b2add6ba3fff00d1aff7e67351cf3c66fb7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | bc48e018d5e41060fc8a2026dbf1b651 |
| SHA1 | c1ecc3b2d1bb5a0c07832a1e0e479ab560ea4404 |
| SHA256 | d5613a221243e2eaf49a63f32433fdecd682b9668a956e45c3df9f16c33f10f2 |
| SHA512 | 98754eebf7c95bf3feb51ff184658e5c93f93d7b3842cf269fb94471ff686ad0c9c3f543346a2318044d8e828a5b7d74f22f43fc5fe25b4ee568149a6dcda73f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 81be04371794bcc318d8d06a3ba0276e |
| SHA1 | 2555e735a5862d23dd7edbde1e8f8897be5b9424 |
| SHA256 | fd445314e2aea45c745af6a47d9991aaaf0a4e1ac817b0ef78757ecb675aad63 |
| SHA512 | a5045bfad5dec118c931df336b28ebd1618736aeac3cd8f937e93e1a00cc4728839eef40155412017521077635c17596677854bc0998d396593429be8a8d8608 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 0ad42c58e21eb040e7da2a9404388928 |
| SHA1 | d9330faf540729cfcad37301c5929f1a4122c0c8 |
| SHA256 | 24da0874eb4e7abb48e158fa8dd981bb4625d984c203dc2b80ce330ea4398d88 |
| SHA512 | e693fc9b75b603c75a366c2de098f070ee7cfd89e71a95b97e7886f0135d27ca5c97f4fe98bfecbc145b2c5ef5a9983a30a539b00d4df8812104c06dac14d815 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d1655aab2556a5514a7539f0f7201aa5 |
| SHA1 | 7b1944a45c0f39ab76d16708e9d2073c010e259a |
| SHA256 | bb88ae0445a7746b0f0849b2eee68235e453108cf4cd99b1908fb630bbed879a |
| SHA512 | 0da293c1f15485fdc8c51ca7cff5ddc61f0dd01f6d47075db87f23cae8f820e471af92cc6b0aef7459901c74bab62037834976919c8b3a7dc4cba0196b27baeb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | a33650a647933533fa6a78f3fbe6c035 |
| SHA1 | 0a36412160a9a8cc0877e4b84da795a046f29146 |
| SHA256 | 6aa660f467fde00bdcb7603243455589b23d4e58ffd401bae33517faa3207e74 |
| SHA512 | a2a39f3d1b5d547bc40a5d16fb6513467a78b285fd85046464535f645d0cd08ec88d8d65372130d62bab441c7ee0d4daaf646b15a1fb15e8a75b5fa1c1756df5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7c4bfb4f40f25a7c466d23603076a251 |
| SHA1 | 46322589672103b38edbe4520094b3f9f22f14e8 |
| SHA256 | 6980f8a25d80ab4cd6449224f72b9b19ece990e9adb5318e2986d94eb70c56a9 |
| SHA512 | 77d89eb90b124d194547e60e961c610c5abd4b5c76a21273c20006f02a9e0381b077a0607e7fb3ea1b9784624b787595cf796119027ad8f6a88517c7067f4ad2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 0beba0f6bb915c6ce08581f031439dce |
| SHA1 | b9737370299870c6f6e34892ed41b147b2333265 |
| SHA256 | 5f787810d00d5edc9f551c282767778609c006a6687a17d1f96f7fd74f7754ec |
| SHA512 | 8c9f839387e76207220a6f85eaafc6a6e8ecce35e2230f580bf435f1828ec5bb014e67a243541e752220e3b8ead299eb05125365caa50a260dc80cf07ae6ec5c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e4f01aa4e2e1f56c5db920db76f9b157 |
| SHA1 | 814253898995eb0a2d51e6a6f55e82c26b34470e |
| SHA256 | 7e2a041cab1d99c417ed6073055b09faedfc56b10be188b928e7e36cbcbcb5fd |
| SHA512 | 2088d942bbac158e9bb773f42f4edac7275bb7b9929297c6e2cecfa8feef51bff6f2fb1dc0216753f33475f1bd79e1627c69debdd9eaa766ada1ae123e790756 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 45e2a80e707e6c9b9f93133da7f8775b |
| SHA1 | 042193b9576ea5fe0bac8c56ba7b62508e2cb5fb |
| SHA256 | 853edbaba0cb4757e2663571c8490ce70a81091ee666504d52e827b74a78ee40 |
| SHA512 | b85d5d72fad1e3207c54dea7260f1d73c91743af6c95aee3e9f5937d32f8a07a775df630a5169289792187cc40d05963d7cafa08ca5ca5825d8bafd76e7f3aac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9af9f5ee37ef05cefeab0bd9a67263c1 |
| SHA1 | 3dc5f5e120c3eb21118d9492d0e2095f7fa9dea7 |
| SHA256 | b179b7aaf33d6551eb1d600df4e5894e5568320e727ed89e6b8b98498d1bcc6d |
| SHA512 | 0367ddb2468945c3609ddfb96dd00b16b518282719285d800533d3f7ff6abc40bd979935e37784f3420017f33cd2351410af3f28ed2d1a8d4e3568d4514a5110 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 5b6870edd32dd123c981e0bccc83707f |
| SHA1 | d476e7ee5eaf5104243f5de0afbdd6af1cc0855b |
| SHA256 | af08460c2908d9d359b7819820da93081e18eb09f7882ee88e443636888672ca |
| SHA512 | 6f961d7c2079d80899b68967eb23a4e4478b241b25666265bda1f0603ce0834fd25937c5b052b1c70e89e4b51dfdcfbd7ccadff6405ddca26d7627bef203cdf2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 47d8d81a8f3e4e77d405852ca3a84f2d |
| SHA1 | 124839f8b989b9b5bbf6178646aa89c6ee0f8a6c |
| SHA256 | ea6df8c6751f727628995fda2583c3b5043590a5be2e84f0e9dee8352f464849 |
| SHA512 | a56116fc6218ab8641d04895cebcba582cc7985fc920050100917a091058489270598b54691d545f401f33ba8d31af684d34ea19a78e94fba44d076dde6e4faa |
Analysis: behavioral3
Detonation Overview
Submitted
2024-08-28 02:13
Reported
2024-08-28 02:43
Platform
win10v2004-20240802-en
Max time kernel
1799s
Max time network
1768s
Command Line
Signatures
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133692848060436905" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffd1399cc40,0x7ffd1399cc4c,0x7ffd1399cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=300,i,3319947169083242089,10529244190979139706,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1848 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2136,i,3319947169083242089,10529244190979139706,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1968 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2208,i,3319947169083242089,10529244190979139706,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2432 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,3319947169083242089,10529244190979139706,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3136 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,3319947169083242089,10529244190979139706,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3168 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4480,i,3319947169083242089,10529244190979139706,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4496 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3224,i,3319947169083242089,10529244190979139706,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3236 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=3232,i,3319947169083242089,10529244190979139706,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4692 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x304 0x2f4
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5080,i,3319947169083242089,10529244190979139706,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5100 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=724,i,3319947169083242089,10529244190979139706,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4372 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | open.spotify.com | udp |
| US | 151.101.131.42:443 | open.spotify.com | tcp |
| US | 151.101.131.42:443 | open.spotify.com | tcp |
| US | 8.8.8.8:53 | open.spotifycdn.com | udp |
| US | 199.232.214.251:443 | open.spotifycdn.com | tcp |
| US | 8.8.8.8:53 | apresolve.spotify.com | udp |
| US | 8.8.8.8:53 | api-partner.spotify.com | udp |
| US | 8.8.8.8:53 | clienttoken.spotify.com | udp |
| US | 8.8.8.8:53 | encore.scdn.co | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 199.232.214.251:443 | open.spotifycdn.com | udp |
| US | 8.8.8.8:53 | www.googleoptimize.com | udp |
| US | 199.232.214.251:443 | open.spotifycdn.com | udp |
| US | 35.186.224.24:443 | clienttoken.spotify.com | tcp |
| US | 35.186.224.24:443 | clienttoken.spotify.com | tcp |
| US | 35.186.224.24:443 | clienttoken.spotify.com | tcp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-dealer.spotify.com | udp |
| US | 8.8.8.8:53 | pl.scdn.co | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 172.217.169.14:443 | www.googleoptimize.com | tcp |
| GB | 2.18.190.74:443 | encore.scdn.co | tcp |
| GB | 2.18.190.74:443 | encore.scdn.co | tcp |
| GB | 2.18.190.74:443 | encore.scdn.co | tcp |
| GB | 2.18.190.74:443 | encore.scdn.co | tcp |
| GB | 2.18.190.74:443 | encore.scdn.co | tcp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | tcp |
| US | 8.8.8.8:53 | pixel.spotify.com | udp |
| US | 35.186.224.41:443 | gew1-dealer.spotify.com | tcp |
| US | 8.8.8.8:53 | pixel-static.spotify.com | udp |
| US | 199.232.214.248:443 | pl.scdn.co | tcp |
| US | 8.8.8.8:53 | mosaic.scdn.co | udp |
| US | 35.186.224.24:443 | pixel-static.spotify.com | tcp |
| US | 8.8.8.8:53 | lineup-images.scdn.co | udp |
| US | 35.186.224.24:443 | pixel-static.spotify.com | tcp |
| US | 199.232.214.248:443 | lineup-images.scdn.co | tcp |
| US | 8.8.8.8:53 | i.scdn.co | udp |
| US | 8.8.8.8:53 | exp.wg.spotify.com | udp |
| US | 199.232.214.248:443 | lineup-images.scdn.co | tcp |
| US | 8.8.8.8:53 | daily-mix.scdn.co | udp |
| GB | 2.18.190.74:443 | i.scdn.co | tcp |
| US | 8.8.8.8:53 | api.spotify.com | udp |
| US | 35.186.224.24:443 | api.spotify.com | tcp |
| US | 8.8.8.8:53 | spclient.wg.spotify.com | udp |
| US | 199.232.210.248:443 | daily-mix.scdn.co | tcp |
| US | 35.186.224.24:443 | spclient.wg.spotify.com | tcp |
| US | 8.8.8.8:53 | 42.131.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.224.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.224.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.224.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | o22381.ingest.sentry.io | udp |
| US | 34.120.195.249:443 | o22381.ingest.sentry.io | tcp |
| US | 35.186.224.24:443 | spclient.wg.spotify.com | udp |
| US | 8.8.8.8:53 | web-sdk-assets.spotifycdn.com | udp |
| US | 199.232.210.250:443 | web-sdk-assets.spotifycdn.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| GB | 142.250.179.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| US | 35.186.224.24:443 | spclient.wg.spotify.com | tcp |
| US | 8.8.8.8:53 | 248.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.195.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 250.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.87.18.104.in-addr.arpa | udp |
| GB | 142.250.179.234:443 | content-autofill.googleapis.com | udp |
| US | 35.186.224.24:443 | spclient.wg.spotify.com | udp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.169.217.172.in-addr.arpa | udp |
| GB | 2.18.190.74:443 | i.scdn.co | tcp |
| GB | 2.18.190.74:443 | i.scdn.co | tcp |
| GB | 2.18.190.74:443 | i.scdn.co | tcp |
| GB | 2.18.190.74:443 | i.scdn.co | tcp |
| GB | 2.18.190.74:443 | i.scdn.co | tcp |
| GB | 2.18.190.74:443 | i.scdn.co | tcp |
| US | 8.8.8.8:53 | www.spotify.com | udp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 35.186.224.24:443 | www.spotify.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | 122.10.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
Files
\??\pipe\crashpad_3100_IJQZPBDRWCHOIGAT
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f
| MD5 | 2257803a7e34c3abd90ec6d41fd76a5a |
| SHA1 | f7a32e6635d8513f74bd225f55d867ea56ae4803 |
| SHA256 | af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174 |
| SHA512 | e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | c5b9f2a0d21de5b72e53e805ab3c72c7 |
| SHA1 | 066774dc1ccd8c39db9e1b6e577c8a827af33b52 |
| SHA256 | 5bc2944117b86e5e7c685279c937366eb4006a4622ef274d634f0aa2dac59a33 |
| SHA512 | 52be6f1fd266de7af0c863c587b3f8b0c12c723e8abb5c0c4e4938c63b72c1a203db0daff937a557bf3de364fadaab48bfc4d60cfd10dafc7e0a7a81c77941f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b932240918f0bb692519b070803aac8c |
| SHA1 | 64c0fe4de37a0e65955299b13cecb392f2dceffe |
| SHA256 | 1cd45faf47eb2a86cf6f3f2c8cf2780f74f2ac2a5113d141b0000cdee4a293a1 |
| SHA512 | 19e92e84f795cafd95f5acdc4fbfcf2e91ca0aab4d868db6be2cc78de48f7372a57edb55cac82c4c7929498ff7c5741ddf3f39006d9d93522d3157ebb9460fcb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\50f2b651-040b-4e48-ac86-e9bd3e092b36.tmp
| MD5 | 836fcfdfd0d35d6f0f22dfdb0d58039b |
| SHA1 | 1394006917fc414ddc0ad603003d3cfccf9c0e98 |
| SHA256 | 6709b91956efb85e92cb356a41a8471702746d4f1300ff337c8c1f3d72c5e5d9 |
| SHA512 | bab9bafc198c53930c2eee26c404499916bbf4cefcb2149d9999f47634d4ebcffa318350c709bf8f39042a88423f48886826b297cda963e0a92f5e75f9e77221 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6a77a5caf16b3bca3479b31d4ff0ea5d |
| SHA1 | f02a0aa6fd7ed61295e45da3da8323f25216e9b4 |
| SHA256 | 53fe4792a6c77681aa078dc6b928f26e3e3490f88c7f678f72071f9ed98b7b7d |
| SHA512 | 3556ced64ced0d67b707617c0ec3138aecc9921506eb632c7177e85fcd28dc453ba35848ac85454df3430333037ed170ad7fe006f6b63f1c832f88f7734f6e12 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 21b56d66c35d90735c9d2774e013b571 |
| SHA1 | 6d7333070cb61cf5c12a29d6e4c7a92fb82bfad6 |
| SHA256 | d432ad2127d2ccf7b2d8386d8f3bdad364871d626700299bd7e75b822f7ae3bc |
| SHA512 | ec3765a5e6a76ce83832d008ddd463cb462b4b97fef040bf30f8e71c3d24b4944d54d7c8cb3054ab2fe63b7f8a1019bd59cee8624055d92009ca1ad71dad9621 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 42513fb450c2d52a8b0c567f1a403fcf |
| SHA1 | 49ae5393c89bd4cb6d5b4dfda45859747d0f5d03 |
| SHA256 | d417662729c7f440cdbddc0f5a189c95a82c5df80ada879dd926310a9c36968d |
| SHA512 | 345e789dce2f29cb276055ec9076ef574271ba28d0a6ab4928eb9a900fcce73996e312c1aac815c3d7354cd5804abda674ae95d98e9519fa955b6e14df5a0f5e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 6a4e56ae7fef0630d0a50b7ee1c832aa |
| SHA1 | 167c9e670851d47966ac690877282e2c4dfe8e56 |
| SHA256 | 8a036c354da7e3eacb6ad95c9307ceb480a92dedb4e32df796f122c89a766cc1 |
| SHA512 | b6856879a99b8983bde80d1c98bef00402eb95ecd967a84cb5b0e594451be732175587f7bef5cb68f30af8be837c42574b1bfcb5a1ecae47f11d6feff911a8e9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 42275715f77b66d07eac42689403370e |
| SHA1 | 53b44d1041b58db0caf43caa1f625c1c3b8a0c67 |
| SHA256 | cc89223464352f7c99bf446450aee628c96b4cc42140d5bfc0821e1e4fc7c399 |
| SHA512 | d64f004b965234b4ab2fdcb571503e5e3729d43a79aebbd85fb5c769da896bb9e0af7229f980a03a03a8229ef3f860cb73f5f88797aaa302567209cf3f70f6ac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\397e5d81bdb71a423054f3b5524da80fc3c2e3bb\be205758-a593-478a-8d72-3f81065e4749\index-dir\the-real-index~RFe582110.TMP
| MD5 | d8c9d8ef7fe437f3a97a6f82606f974f |
| SHA1 | a11b8e15848723200b7a81e4600dba8e51530da2 |
| SHA256 | 4314988228cf3690bb6731228668bec79bcddf8f635e236e40fa4a77a3d7bed1 |
| SHA512 | 2107295c9e2ef9e19985905c60d7d0a6088992b8d430e37e404b11f2d0ee1275397670431709da3e7f1cf07b9d9c3e72d04c14c7800fb3899d2f3179bcda571d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\397e5d81bdb71a423054f3b5524da80fc3c2e3bb\be205758-a593-478a-8d72-3f81065e4749\index-dir\the-real-index
| MD5 | 6c057e9099a30b81e56573398e5f1d47 |
| SHA1 | 90103d3704cedfcd19f26b55e54fb6dfe1946f77 |
| SHA256 | fa481ab0571677e3aa32e1c1fc1869ca9e7cef4bc49a52203b082f21ac684c5b |
| SHA512 | 0d0413e3c680744881b8b4a59bdcd36fd3b56e17e4057c518d9100ca91be5288ff1d5ecea70e77486d8bc7ea8ecf475678c8712c3ec0b166db5935e5b3cb2fa2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\397e5d81bdb71a423054f3b5524da80fc3c2e3bb\index.txt~RFe58213f.TMP
| MD5 | 0ae155b95c532aa0e2496beec21a10c9 |
| SHA1 | 5f322f50e01b85daf856e26d699ef5c1be74c98e |
| SHA256 | b50ec2d0166b1ab9eb2e5d72e950da7083dae0c611107ef82fb0c896695b27d5 |
| SHA512 | 52c3e284408ba593fc06611ce65f5631ecf6d7df18acf5f8d2026e2e529066d55509526332aa81c0affb6902b9ec404678eeebdf0c441e1fa138457d85f76c8b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\397e5d81bdb71a423054f3b5524da80fc3c2e3bb\index.txt
| MD5 | 186ded8c77f1d5e8a163d7da9b06c87f |
| SHA1 | e64852885d73a9670b65efc0435d8b5d72472a7f |
| SHA256 | ca6e107b6ddc0136f52a692f4fff1f39a519929756c535e352cea783ca819aa5 |
| SHA512 | e3ff2714839ff8a3fd68b4bae8b4f8edc26fdd144d8a6bcbbac396b441374339d4d14b05a93bfadc30cc074aae89de0fbb31604ef898457a7c324143c42925d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\2b26cadd-6034-4681-b54b-0c9b70b63d10.tmp
| MD5 | fe38787b20156fb2bc4c89da1e2582e5 |
| SHA1 | 46b47d2e963ba45d2b99fc7b9eafbd574cf1a647 |
| SHA256 | a6fcb57e1343bf15642c98476c4d5179829561e000af04080d4e5272db1279b6 |
| SHA512 | 3b25e898298583b530e41eca1a055616d38f5c59407cf1caa87966a7846bda365207464f13e6db81e2725638eadd2b3e2170312856e4683acb7f6d59d1e9baa6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 08ee7c9ac6f5cfd765cba38831cbbc37 |
| SHA1 | 6d98210ff03bdead7eefc22a8b20d397b8bc5433 |
| SHA256 | 64e2dad88a04d61944037abfc812865b9f15494bf78ecbf1de9c353ca868f360 |
| SHA512 | 2e8cc2bbb85d51f0bbf330ee4381564ab1606fd081a4851961329d7ae0e391b527296883f7bc7714628d9710970ae624cc142ea43617ab6f629520b98e658aa2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 3ed68292b1b4b9ad42f05e20ff8bafc1 |
| SHA1 | eb78e265864a1834d067dfb4fb65d5379355f896 |
| SHA256 | b70c0d970d7ee6ebf7a4b1bed2eefbdfe104e860f9ed95c4f9ea28588ab588fa |
| SHA512 | cd3fceeee1ff775b0a480e38fe8afca5ccff62d098fb38556d0b1f372b66588f418c4460371693d368608fef70d333a004b7e8f2dfc9db0ee657720d1f4509b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0d83d7c42abbe11b7ebdb667ea2938e3 |
| SHA1 | 6ceb7293a14c6dbe9a746f1fb9672de0d155e7fe |
| SHA256 | 0d36ecd87eb8eb7ad0d585d8adaecf03bfca9c2185a5cc98b494580c4a670481 |
| SHA512 | 905e8d9b534d1e325b6a4ace6846ac871a5425eb29420a2a9af0da4d6fc1169494f223ae334d8530e6fb93eedb5bd9525566f6e75eb0f387041f9fb66fd1b5cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d89994ba82cb5a9f83047086a13a8a10 |
| SHA1 | 0963086546d1c6bb1a35e45cc9313103faa2cc87 |
| SHA256 | c9d8b2447fc46f0a86f51465e0a66062c020076b0d7b52fb34138505e24739ee |
| SHA512 | d83ff917c62a61c3dfbb7bbadca52529174b26d8b73b2f74ac5a427198f3c2b89cee5e792232ef89bbc28dcea49591d60c94455fbda98cc0fffe8d0f273c037c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9f2896ca2e8aa49642360174dd66da4b |
| SHA1 | 750e3f182e29116c4c549593325585e1e70a48b9 |
| SHA256 | 53389ce6e28d3e8dfa852b13d652ef8977f55117d8cd8372aaadd21d350fa572 |
| SHA512 | eb96bf69ce44d35557e5d99557935b5a501d4c3d19a49b607f90b6abfdfa71e75ac41aa7c8bc3d9c8486d5832179263b00a9bff2b3b747a181759b157cb318d5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2c5dc38179b75f960a711f25a1d4e4d3 |
| SHA1 | d06ae7a64faa6e935083ad8a3a9d923ad30661d2 |
| SHA256 | 23b55f1083b655912d1243e127c9a65424b6220e0e2942cae9737a2f0418f100 |
| SHA512 | 59291a9e19f3e24dd2b4250956ad8212fb34689a7adefbc7f181e9fc588090be2e47dc9b4aceb43cc9922d7628280db84b464a22fadea7c86ee100b9086b79c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8c7770bed7f3f37372146cd081b18e35 |
| SHA1 | fc35d487c9da57f9d3d0c4107c3b035d77d9bde4 |
| SHA256 | 76debcbe0d085f5830542fdf37db1f2b247641570badd6aed333890e3eed8e37 |
| SHA512 | b52d8038efa6b22080dd45dd7755661a165cf7b10eab95b9d949e08184a229a524f2a9bcf7c9533ae3358a8c5355e8174fae08fb22bbbdbe44420aabb0568bf1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 610398fff7287c8113a99e09e1403255 |
| SHA1 | 9a253a91f95d80cbf0fe8a6016c50c8da523af36 |
| SHA256 | 5c9fc5489e5cdffc53aaedfeaf624b80fa8e53ccac54d70fa929d96e9fa68748 |
| SHA512 | 953ce098d8425bec79257c8578b9c66ac718cb979023d2d8407e5057eb56c1a835b24efd9d7d741215c6084a98157c08d719db1c4e378d09c86cd74e9e4d6b56 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d862cc5e736e51b7817c94a91a1476a5 |
| SHA1 | 8aaec47f75471495e4faac0c9e30af6bd968e201 |
| SHA256 | bcc25482997acec7f875ca9cf91d801658bea92398904d60b89bfde938753c38 |
| SHA512 | 294f65e320dea5e70b93f0a7a6a6572b50ce499693eaedc8f15458e58d34af1d14f486565710b344a1a303ddb5f3dd618c56b04a735873f0ba5100018363a900 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 97ccd5b1fedb0625460965d8a17b72bd |
| SHA1 | a517988887e2aba571d9ec610fe0f714d2bdddf2 |
| SHA256 | fe68f44249ac8905e767b64675edefb2f7316044b000742972b0213b6f111804 |
| SHA512 | a400fd5b2a5ab925724820172aa11e109194841f1e512f0c3741deb8d991a64b6d54553dff6d86d043a10f79a96120ff9686c983378c37c419232001e9f8784f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 137f978df84af2feed63d80a23b63915 |
| SHA1 | 80127480a1564c376ddaa0dc5c2d72f9c2c073f1 |
| SHA256 | 8dec76b1281113ea2ac1203a035279548850fb1cfb48ca30c96339a417f29c4e |
| SHA512 | 78285397362cd2626a9b1dc010c2ba1d7282b557ad1be9fd3f9ecce3ab268587f5fe59cb3a61a41cfb49a6ed755216f4cbfb5363f20f6f44539768bafc32d0ec |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c9c65296ee5dfb3b6a91c50ff986b789 |
| SHA1 | f2ffe339d76a437137edb4df99a8b82a373ea942 |
| SHA256 | 6313dd8948122beb597e89cadd2b066067e0a49f12d52ad20d6976427513a6b3 |
| SHA512 | 3c17f85cd10bb162fc153cabd99e1861e49e10f09cf5ee157fb8672eee1fa8ad16e78b59d757ef834546b798ac42fa1e53c91184bdbd91b11b76e730d41bba18 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 435002f5341fee1d50abe4fdc7a58251 |
| SHA1 | 0b9c0a7cd2ff3e41454fb40221bbce5034b67e58 |
| SHA256 | a8732f1a8228c03482b90d6000d5e00ec13863be30e572a70a5a488fb1d231eb |
| SHA512 | 6d7c2c34a83323dbf9dc50a8c5f6b37fb0af77e78894cd3f9a50bb924351d58e71bc2c738bd063bd5d37cdcde97e75426e346f5538439f0b0085e0863f460e14 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ae91a4b93d5835875141fcebeb676eff |
| SHA1 | 9bb006778f83ed1cd750cb4a1291ce2e49b4bc67 |
| SHA256 | fdf9f17f4d0b6f75aadd2779ccbbb8b55a3887c5c26ff9ca5f43f95cfadf2601 |
| SHA512 | 32199a0284e893b1498d7d446f5fb6218887a87b850844593f5991ff6c18bed68fffa3bc0bde2b8107190bf17129f0ee0ee5f90d62ad5bc04ad659312b2457b6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | df90690ff28985559cc6845d2bc6db81 |
| SHA1 | 34ff64ee7e7c4ee0a156ca85d4cd463233fae235 |
| SHA256 | 633b313fe9c8e7f37f085f6c260cd2f41de41395854d723327cbc490168e6f39 |
| SHA512 | fde19a7165f33e77eadeb22843e227c97d73b5118a213802b2402cfc465971f99317489fbf653e72c7ab1f801f151fb184f549e5fce949ce0154375dff4398df |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5cc1f19d706268cba1e4904e7adbe4f8 |
| SHA1 | 5c0e2b285cb06345403b226abc784080f318e048 |
| SHA256 | fb508f8cd85d4d6e858f3ea1fc72fed711c7c5f00961770d89349786093b68c6 |
| SHA512 | d616dbbe08d113c9c2b9ce50549f282062e7c29cbae44186547b291d04b8237b06ced6efd2c24bb0c36477b7530e8199b2965908d0f5f5f6028cd831a5868c8f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | accb8be635962106b937e0d1b0e4a7e7 |
| SHA1 | 3e4332c217c73a9b530b2439e4221ee7e3bbfe86 |
| SHA256 | 583357a1177cbfaf45bb44668318b7e451123bb077ba93030ccbd7ce259c91bc |
| SHA512 | 69a9f4a7ae65ee48746edd4e66f2daa402dab95926776c925ec1afc7c421142985f85c8ddbe5162d0967f606794a296010d15652c3c26b7ed8a1f3dac0c45660 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ea55ce6196b63ec1888746bf13adc691 |
| SHA1 | d4172808b72c1a01ec4851635b43b0fa97efa706 |
| SHA256 | 205aed9404704716fcce3855bd5edbc92717896f4f75ab58f0959f407b23539a |
| SHA512 | 6a46471ae71f103215d5f2c7ccf2b0ce2b9caa6e7019134d5eabb7bca71fc8d7e4b780d45a789f40ef53642140c8c92a0cc593e6545de4cc5858d27433046524 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3596fe925752f69f9932bf1ec8dcd5ba |
| SHA1 | d98b70cd469b8f5376c89eedcf97907410552dc1 |
| SHA256 | c70ff0e9461e78b312c1c63442a98902518c1e010101a88f8c93df5912f7d3d5 |
| SHA512 | 528cd59b4a8cbf5c6e716c2afebba105624487f6ef05e6ba894c34ee518cbc9ca82b8ef139080f6a5889a9cfc9494cee032da0bfd13fceacbd9de604919de765 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 07ed83709b4fa2476e60175928c978a2 |
| SHA1 | 9c8562a84601c0f82133a42aa70b51c383844598 |
| SHA256 | e621cdecb6523e72ecefe9bca5392146f60f4ef81d82e02ac772454ab67d1a30 |
| SHA512 | 5b4e10b6b5afe15ef1a59bef569baf1a42d88bc4b4f5ccb8bf3217d3eeb440d9bcd11676c596d8d90ca4f292c66c70628bb1042dbe8a3fdb1e948e35d3f42f83 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a36fa81dde143ed22110317668cfbe95 |
| SHA1 | 37e79d7917a0e808ed44f61ef49d327e5a85577f |
| SHA256 | e210ccbe3aaeef4c5ec8cff7ad3d9311e77b48cb664439b5d3fdf5beefa30031 |
| SHA512 | e65aca7a4574e3bed5bf7314ab9b92c5bd56bd53ed12f5e1e9d58818c6518ee7ce4779c5d0496cd4c72ff8c57833f231c5da18837784c0f50fde99d395943dec |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9cf27dde611f1dbb675d8a10bc32102a |
| SHA1 | d8385da4e5cec9bb05a3a1bef41bc10a4a23fd76 |
| SHA256 | 911e44b1f343ab6ae97bdb2113f7d86e0146cf2f94178253f4ad0ff9714884bd |
| SHA512 | ab6e57f8e65d4cbf8773d2ebdafc64a0259b8da826325a9d83b9e1be6d95e56f524b999072fc0c923e37c740e628600370f4ce35317e6945e52203d4af05d931 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 471722be55760655e9a6202258c1f54d |
| SHA1 | 380b3be03fda62f47edb878611b4ddd4d76a96c3 |
| SHA256 | e101437096a561785f2eb99af0012289aa13251cf5d0d5376e528d87dd70069d |
| SHA512 | 8cac8118ead6c2decae9375c698cba2af9b0aa5862e1dfedb84903a055feca05eaf0ec3d7c5b0c48f4a2694014c3ebf7aeae21b00723c28de06844af6ef96bf4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ea5a895b480387b3af7bb32f0b05dc36 |
| SHA1 | 4ad5217f13fdc9c928e5b889f40ed4d063dfb590 |
| SHA256 | 1f5cbefc5ff55c3d99ee7d56a09800c24e599d773de44bd4191c06a7f78e3a30 |
| SHA512 | f5152a7fae601f5be578469561915a16675fb68c5a307331e3c058c1d3864bbe780f10c3b2335663b18d3703bb74b084d64a3cee4cdc9125d01b1927475be9ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f00780ea164592bda96bf78cff765a03 |
| SHA1 | db3ea2f20bd2178982fa6dc4fede042b9ff2e17f |
| SHA256 | 7e3fd30aac2a43e6bfab09e87727959a937b0ec1af2d451c6be4498330b08d8d |
| SHA512 | b75340d145b3060b63ab0f94022cc9ab5e545af642906b972b457f3d1ce02f246695581622c7dbc862ca6653d92bdf1917fed1d543c609dc26d505fef1187c54 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9a98522e243e2ec00eb01d7be9288ee3 |
| SHA1 | 818b693f7c5265f82d84869a5cf0885a70843356 |
| SHA256 | 2b3c11774e3e767d09ff932aec7c5f6426b50549b57d71fb003069c06e46dcba |
| SHA512 | fbb28d73026c018e8806904c8e529eb7e3101b9bd6b4093bf006bbb430a18c90497d99317ed57a212eb5e788cd508462f9fa5e87b38b20fe813b01ae2a4e35e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b5af761fb9cd5bb5fe9462ee658694a0 |
| SHA1 | 0f81718988f942181f58c4d80292cb1b03f3556c |
| SHA256 | 312099d403b42303782ea6ab235c93815a915b6464544ceb739783026288518d |
| SHA512 | 6a20cf7ece0e7e29a01d67d1bcf1074ed4b609baab4b3e58c6c431a547434269d97654eeda5a725cc9ae1fec8d1180d8ccb058e7cd23e4d4e12b83dbf32c1590 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 22c3ae9927be56a49d209777189a147e |
| SHA1 | c89fefc95a95ef05b389c981b01fce133ae9a57a |
| SHA256 | 4aa6af15278d6871caad71cbba4976bb063f0d026aaf5cd7543136eeb02b9c70 |
| SHA512 | d6f5d5b531f8156a2d0e791e51ff34ed5a11cd9f03c00b8f327ae6a3c9ad490588a5f5f2ff39ed9c9de2a3980a19939e71a6a74e80a9a7bf45171e7dcb4beb40 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 57e4bb4bda258e3a2ca6b06782fd753f |
| SHA1 | 814f0f0dfe6b0a53efc7591825fae4d67e919dbe |
| SHA256 | 03acd9275eff2a0a0c76c230d47a19487992ecbbd9608017a4c12eb0040a17cc |
| SHA512 | 570b60a27a97c5048e25add9efa86716c89520eacaeea863a0863a42ed942cd70daa01964c8a46811f7b78cfb140be57f18c9459e76b59ef2b2004cf25aeb403 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4fdb9f6bbf0ede71a560bf9ef8dcbc51 |
| SHA1 | cbd277ec5edf0d1e202a1a393b3d3b5ed9aa03ae |
| SHA256 | 3fc5f938dcfa435dcb5cdf55a0615ef83b90a92420fc0ac523bda4bb98480c94 |
| SHA512 | 1c984a4a3a3635908d55480f026c88b6dbe87de4b4ceb43f4f7c4938ca4e052bbc0994b46e568914af0a2ad5339275b5ac29e9c57379781d8bca7e8dd49a83b5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 78cdb72fc8e60b632cda0d899e3e7596 |
| SHA1 | 1736d0bc77ad0a4e90afb5620cbd58e33b72c715 |
| SHA256 | 1b0171bb0f676539db6a25c5232c412bdc7adc4e08e0821e917e909c368f7af8 |
| SHA512 | 7fd215592c44e6c843d93e8691248eca5f9e9490b7d3f04858ce9cb0d966ec53454b50a2891ead867d0421dc7a8e3f70183a5e73fe50aa8507f1298255a73a4b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 055a66c072f7e12fc4660041a531ed02 |
| SHA1 | 9ad257087fb0e012d7b7185f24036616c5b78b28 |
| SHA256 | 82b0558bfbd7048ff5882ff8a0489c36355024de548e5c6fa5069935c6b19411 |
| SHA512 | 3095660440948354443411e5ea00a0cc25b4a4b90f4ac360fce4c3779b00f001c045dc5d60e43d52a3dd7c07ff82fa0b3692d5acb0513763f30e909b0e5645e1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4955ff22d56401579ac879d7739fadeb |
| SHA1 | d16d486de8472c62eb1299dbaadabfa93c21313a |
| SHA256 | 4b932b502a2326ae03fc40e26ff8ce5a8d1ad00dcf01b6060c9587d669a99a7a |
| SHA512 | d9debca06dd854f8f42f37748fc015f66be47e5677d0aad78a5658e3a1675a4b1fb50151d72431eaf987d8d9eb7865e0d40783c0f687dd2c923bc50a21eba638 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c52cb983b271d5cb3aa15f8613c480b1 |
| SHA1 | 0a6a20fda45169be768b9a6fee93340204933ab5 |
| SHA256 | 5afb81a9e1051c8a29ee08d69c45e30a5555fe32941857b4f389c948b7476d35 |
| SHA512 | 0f7e50c9f77322060fa067de47e037ea17e02aadf10ac580a695c120bb5bc4c0c7e9cddcd9f4f48bcafd37f7f81a035b6f61fe7426d6158726750af903f6e9b5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4166bbfa8120a8944939dfc873997248 |
| SHA1 | 51885bc09b9a882a005b8da81f6f99b4bcf0f3d3 |
| SHA256 | 195a30ec304b7890accb28c208c973dc70dbb4402eda2be8ddb323fada84b2d3 |
| SHA512 | a2810f20a6fe20fdfd3020e1fd5303593e28d8727c2bf84e88b13195cab1943325f97eb27494403d4584e41ec7243eb1bceaf73fbb8b5e677480c0fe9763a231 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 26779899656e7b87d5585864baf1d867 |
| SHA1 | 60951d8e81f0ab2e23265e2c5c3bcb14ad10ea42 |
| SHA256 | 49ee9e522f8c46d0782f4a904e5df65b39e61798c1c5d4a0f8eea08d51d4a3b4 |
| SHA512 | 7fa1ba7d57ac4012a5408985e94977821b4039b4fd746b3112f0aa7a4821bb5a0a0bf238488bc71b267a04af2e693e887ccdf737bc5a018753e426f77ddcb055 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2b4e91aba6d1092080d4c2bb227808b1 |
| SHA1 | 756f031c469712bf2e0d2835911e0514ee59c46d |
| SHA256 | e87ba44c8ebc452688a25c61cf9e8132a033364ae576bd7ffe8c775b54e2e8ca |
| SHA512 | 374ebecb12e3cc2f54ab13ebc65bb3bf20874cd4ab5a68fbdc89623a668415b4878adfea0b00cbefeb500f082d2e3beb13718e3fc5aab82d21c5a05b2b8a5baf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e7e9c0cb2b42f643048c2588924cea79 |
| SHA1 | 0606dda97222e5310f9f1fca23db84c27d0e8d38 |
| SHA256 | d6b5164314106e257d61f7498aac341ec1317fd538b47be72530cd91990ec54c |
| SHA512 | cdf2d31c8742ea12af014b09acbd454ba648e21d1c6590ead6077913f3f7391203b7bc00648f615bef713f32dc6815c9cf1538572f4a67a807df4913da195720 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c0a1270c1a3671a7c32e3e919f38add4 |
| SHA1 | 21137af57e88998ead26593ddc2f1af2cf8bfcf5 |
| SHA256 | 30f70614426e9478d302c82aab671319d003d03b24e9c8651af291203751414f |
| SHA512 | 02e455442ff380ad33b33e7c5cc62c0d85beb04c1ece486d2fa39dffb6fb888f5087225e433ea485dd13313a79f4521e2d885ecbcdabb64efda52b11f4c66706 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 47e4a4786bc552ac2f827e52f0f3c6f8 |
| SHA1 | f53630874107fe7d70a8f31088778f8f59d716f1 |
| SHA256 | 5173eb8ebf5071ec7ec2b9939d54946abc085cfb9243a5bc8abcf023f41e9523 |
| SHA512 | 46bc1ac6d4aabc3becbeae21a85d80706231340825c711cdfe9a7ef33687a45a35c92c7b006714a3e3043e175a7a36380f6eb1fa2f09d293176d5155922225e3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8472af0b215feb60f61e36c499c5f8ad |
| SHA1 | 4e3603d51a2030d596c1ca854e3320d9fc4fb20f |
| SHA256 | 9c56830dd20bccd3006bcc5a09e148a1b50feb32061cccbc29341e2e39b3e075 |
| SHA512 | 0bd9fe189ba1fbb5ee052875ff6df7d7a2c0de60fc6a514652547e32719929c7a7064a5867993b877d9aef9c55b788eb01d69b5e280e5fac89cb6adc84539beb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1272f36c159be92702fba396ee1be29a |
| SHA1 | 7b81b4d0e93006b7edb466c86efea8be0df4b3e1 |
| SHA256 | 4fe5361a809c216e65968f080dac4e35e2e83af73c640655083ea28cb645297b |
| SHA512 | f13b93bafbee8a9e357c18133d6fa6526108cebf3c837e96e5834855043f0e62971975e34712b6421e509c8b7fcf81e7ecf44e70ed047b53b2e3426760e5e3af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f6ca68024ac245c37f1cf0538812a5b8 |
| SHA1 | b9902ae056831fbdd13abdb541c9e78726d0a89c |
| SHA256 | 781ecd1a9b4b6eea4042420a8d6676c1efb18de7460afb1dd3c7c651ce90d799 |
| SHA512 | 5c6e92fa893fd49b34997c011bca92e521932e03288ad4debe2a837ecf609598bd1c8994d318345ae46553d022d5f9a1eeed0c2d2daaf214c79233eeafd9ac43 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 40d3ec549acfaa135c6f01acdc818433 |
| SHA1 | a5d7486e91c68944f484791de365e3d9e8ee38a0 |
| SHA256 | 9c21e33f0293460ed2d5f844fdb2bde6c096b7c0b19e1ba022c7473d8da20207 |
| SHA512 | 8a0b046353167b22145f1207e60a42b0102a8b14e649b60fbff25852b5958a88d19739e0c8a78463bb9f972d60f113ed5f156cf10ba4b684fd214c9f0205a3a0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5944507be679a2b1997b46430de77d93 |
| SHA1 | fb8e837980ff21389c31f36327e455d81c6fb116 |
| SHA256 | 4b9497dcb80c97cea37a40a4cdf5a2c4c3bf56a77489c44c2fafc637da62be4f |
| SHA512 | cd5ad84cd6ce3267a610ca7d6ad50e5b3ed32ad70fc7965fb2eeb586a8ae649b6204a8c58860a5df95a28ae144712a87f985e93ae4c8fbb03076890d45893649 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 97140732746299b795fc0c28baaa62d4 |
| SHA1 | e1fc06510314e554f483ce3737d099fe1b9048c2 |
| SHA256 | f0c7e8f850c8cbcdee369e8b157657da7fb07d0ecea55a63f37e337b385facad |
| SHA512 | b2422d769e530a55274fbaa3b281f12d254701320d2950861fd07881995bd742bf1138ee2814592b76350a11a6e2807bf440567b7c620bb07db498ce7e4f8a56 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ef2317f59c905e735a859807d644dc39 |
| SHA1 | 59f098dca254f3fdb3fde82e9e158b60e2bc950f |
| SHA256 | 1810695041ee33b87d2cbeaa8da33adc3af7cc03af3a012308dd5b4704d3f883 |
| SHA512 | 296682facbe77b9b5e0d299b3443d15decba639933926eed1a492d5f65fa0fffc759992aa77fbbdd136aa8dd5af994ce7ca7dc17d97489a933bd9fe834da66b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 37286813883e4459d51d48331370736e |
| SHA1 | b0accc67364cc035aeaf6b9e8dbe7db43c85600a |
| SHA256 | 7e2b8c25c6be800592cb7de2f534964a01f8a0a170483ecce0b16d625102e199 |
| SHA512 | b5c38c763a8a406d682f10834839353a5673dc6a1156a48860d5b2be88232face71570d59174530b67ed2c7fc92b913ac22cd4514e6cd56e82c9e271d1e407c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6a41909a4a92dd96d9293dd0c75415a0 |
| SHA1 | 935481af860f38325ebfe1121a88c1f4360f3c88 |
| SHA256 | 86a3b3ac71b91318db6cd16b8b464b22db3e0a9c054df67f25ae97af25256ec6 |
| SHA512 | 48934988fb7274e5d8a5c7972097e9986eb75f45b886827971f663eec917e238b07f6a47d398d3a6b171318457bd7c3db3ee23e6c57f206aea32614e2a84e9fe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a3ecdaa3c4b4c5ff75c045a38e370f52 |
| SHA1 | 75b7dbd6ab0994f1b5d22755e0f29416c26917a9 |
| SHA256 | 23baad16b5bd0c7882e7d157c250558f37fbccf4286e68a8dcf430bb0470ba6a |
| SHA512 | 156572b96f077a0a18ceefedffffd5110007b18b0572af46e2f8e2b5186743ac21435ffd413934f453f7c9e0c9064242b0c327358cc1158384bb88a0aecca329 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5a87e59e74910fd02132f5fec7eef9ae |
| SHA1 | 6f7efa45f0c9e0208b05381e63d3ef1da55bff65 |
| SHA256 | df46b0ac4da4e0bd2f375579b379a9ba94eb162d4a27eeaf4feeccd6652bf630 |
| SHA512 | 9ed5bbb1bdea092aaf368ea8ae76f28c90302e0aa60d3a4be3fd74c3348d26330f48d12cf77d4c45abd15a14d6ffa9e0322244e40b0e99e41e06086f235f0c1d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f42566fdc945229aa11a16f24d730015 |
| SHA1 | 467d72395e5620acff6e2536a65d29772593f134 |
| SHA256 | c4712e028463630131e37c8f28303f5e2ccb06e57b7521fa7f476fbb9b9d4b4f |
| SHA512 | 43ddc88f9de5bb29a7a92b2d47f32f5c857b89ce6e69bbf4db232ad3e19469785085fc4e3b314ba3af382368b6b67ad822a104e0acbbd53e6d07869eeedd1e7a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b12c5b0154a63ecba57b09e085780415 |
| SHA1 | fae4f4ef930b5048f5bc5591e4640591f1bde335 |
| SHA256 | 442742dcedc774fd87eb9022c8e913b79850b384fc50633b4f3f21bd83cef2ee |
| SHA512 | 0835ca78990fab38e0ffdf821d28620a1cb4ab91a8b29c28177206ccb948084e234c89f7539a58b5688e415b6cd5b0b71fb1fdb3fd7df3451dd00294be12f65d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a762512a855f4c572fb4e5dc6fe2b680 |
| SHA1 | ec8fffd952d398b9a93ecbb8e955c1ecea9cd3ad |
| SHA256 | f4775c94a229e0192afee0905d520b413ee57c82be9e26d4de4e6876d32dafc3 |
| SHA512 | ea8902add0308a8a42b49bed3444385b00f83ee03091f240166d2493e223f613a8a35c288a227100c47d2abfd40c5c12375bc97abc139e1f4b78d31ad85fb0ea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ecb2d3439a9dcd1ce5f91ec2ecff1ee5 |
| SHA1 | c9b37e659e5d5a99792b2352293f9e793091f3c4 |
| SHA256 | a4ce4a35d0a27bd8f5ead03b754d71045c50d265c6433344fb4d5f31d083cbc1 |
| SHA512 | 782a7db3493a77eb09d64825c75ddd3d5e197ca832043d7361a948ff3684a722504e3561ad1216b47025ebeb50d89fc4aae2d9d934356b6c426d321585dd6704 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 54dd473468ab0b02ea011c9457f5583d |
| SHA1 | 3e70baead22af4b7dfe2e5a1152693cef8c4794d |
| SHA256 | a3d80ed7c7d67d8de483f600b40eab36d35de7124b1314a21d294aa52ef6785f |
| SHA512 | af65305dd4348ba41c7acd9634abc98907d67ab9206ccc57cebd7a9cc8217b374177f7b071e181b17eaa5b219a17a5e656a641ed81d2e2810086e0f3df32f015 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 872455b5e289b1de99f161b73b2e5bd4 |
| SHA1 | 18c52d48c9b60e8f481f3bcbeb99560788bfe4b7 |
| SHA256 | 70cab60d5ca2cdfada156040113ef8ba809186277814b1bd37c677fe4742590d |
| SHA512 | 24ba5e41270ced4445d6147976c20b41b29abff456815e7d8fae8bdf0073631ae9b6b1b01e83bab16d0b5234d26722e096f9621f2b53eb8774dfae7e6e853719 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d91eb218b7df98a5f7e2d8b3dfe8d862 |
| SHA1 | 591cc922670de632fb3fbed5198582e105e311d8 |
| SHA256 | 5ada3af0abc16488c76a4a24f8df2b67fb9e9d9fbcdb73b0ce9a962979465c4d |
| SHA512 | d820ae7e2c2bdcbdbb61d45bf327b16adb7da9d71eb363e16d351e8295bcd489374958c41e7bdc6247bdd5ce8c3f31ad9373f5f281c5a61f39abaeee9457f6e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 97d33f38b7afb1850015b9eacd4230d7 |
| SHA1 | d08d3ede92e970738446397be6a5644d63770d2f |
| SHA256 | ee8e452292ed36a5ef114111afc04b67df2ff2d4763dbe7b8a015f38363e4328 |
| SHA512 | 7996bafe61f2301d55b6192277e871246a0127228b02a226d81cb416f9bbb6e03a7c4a175252a95ed6558c6240b3dca759aacd7d83c351fa154a6db8324b0297 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b9974ec22b6256e96783f3ac684b5edc |
| SHA1 | 7b2e3fc14f013c8495e165cee95ebd7fcf352460 |
| SHA256 | 135ff1f6a817561e4d4f03546e8e22e59d78cf48ec2776e93939b8ff45b3a41a |
| SHA512 | 15e999a0209337707ea8ab1f2c2705c1cb4bd7d4c14065051453b4bbd971f55e6829c5bc41099d2d3f88ba757f01deb12ee99e346eca7c5306e3c8dcfa3fad6d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 20e51caf7d5cde85311fd66291ce21e5 |
| SHA1 | 1563b0c83d705c94e96e374b5ab03250f01ebdbc |
| SHA256 | cc0e1caf188db339cf258adbb50f9c9e33ec402b469dcd42a6226d404a5f2b71 |
| SHA512 | 2a9e1aa0de924a71a82a97901750639507cd8196dd4b7463f55a9137097c87ce7548fc4116470f3c36df61703ef3162fad9fca5f78b6d868c9dbcc2883336df7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f21e63eb459df0b3d7a65eee4380ee57 |
| SHA1 | 11fc59975eb21ef82dfb311442849eb8789abd0f |
| SHA256 | 0db1a18b0be00840540ffa3889a3435d53fdcf9e6208c32430f5914fff485c6a |
| SHA512 | d24bb540820c6f3a394ed711bf9d4c46fd572f0b16251c18429d4e75565fafcf25386c4212ef34cdce17e69f74aa034c536a582b1ec2765aa92d682cfcda2e77 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 34971ffaa25beec5dfefa3d6930d1fe8 |
| SHA1 | 799c17a37793d0dcf5ae014d03712c3811b6b8b2 |
| SHA256 | 09d69b64692bcb287ce4364792336c7bef77636c414ea831a5b9dbdaa03c9d34 |
| SHA512 | fff67e9ef409616011349e32e4396dcbc8ecad316bc8a6800ca3442a8585737c18d03339748f100c12a5d312313411b3e8198db51cd70f99e89da7daa695628d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 76c8b74fdd00fe3e850a5440f4b8bcfe |
| SHA1 | 473225e07e37dc828a5c3755fedb17c816665f32 |
| SHA256 | 26c7a290238440410a5c37541fb2ad172852079a826d77b3d79cf4b99414c440 |
| SHA512 | d96173e6c5e64a9e1ed6e48110188b49fe72d1f50d47d0326b96674787c2e7ed027d6d504ec3e75b59c7122fe9b9f143a5b8e68bd3aca9707913abb8f8e996c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b8413e6e5d17899c82e756ece158cdcb |
| SHA1 | 0a2d0f4915aacd3355dc2ad50ffbfec74218d147 |
| SHA256 | b689993b9e9901b2f90abae449595c7af1ca940961157a57f5e3370224a24dbb |
| SHA512 | a359019b041373f8ec05a023b9e570b39270ef352810c3926919119022b449c321a78b5844c0ea93d7dfa1bbc0171a9b5c64eeaa6172259c90055e690d24c0a5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d6348c98d151231b0c1939507e625da2 |
| SHA1 | 8c950e820e6164e8ca550c5f4cb0a9affbd9b772 |
| SHA256 | 477bf8454badf33c85e784557b4b938fce8969c71107cbb56111832c3ee3f56e |
| SHA512 | 504d9b6182efeb2f3896a98b15cf5c6eb767194403bc0b768508beec0a023130289b65759860a6aeba37dda529c0f8fa2244243f4fc3c5b56a1277e3c7adaf61 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0450d0e9e3cd4fcd3d37f26a4c9e7ea0 |
| SHA1 | 80a0ea26ce677cb7c12e858b12dc69167f322408 |
| SHA256 | e9950240d6b8285c3e9b938f4c99047452302a5c77e2f4bf19f3290f225e66fb |
| SHA512 | c91c7e023ae88c1d8ac1373ff336da26ad399df912d885eeed64b5b5f21434f1da66ff3fb62fb597ce19b84cf56cdac07f5cb18b8ff8df4d07da2cf77c0b87b7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9fac02b27198115e0c3a4ef786d07376 |
| SHA1 | c107dba08345d3d0ae8fa2b6a4cf31cd82a2f4e6 |
| SHA256 | d71beb9a2151d4a4808629b20a8923e531e22492a3ffbd8c35cea2feac08b05d |
| SHA512 | 2c6d15115168ae40f8762551bbf45c0ba21cf1eeba427d2082f412c829b2eea3eec33ffb8ad2584a6afff781254608f63d550ad550f76c79c018b8f7d8669031 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d8fcbb88e84344124c68232170f18e0f |
| SHA1 | f47a194891d6a36e32247192df1b08f370bd91c6 |
| SHA256 | b851bba32ae1d96d40bb604bc8c156322404217039473fb6b52fce5ad82c1046 |
| SHA512 | 4ca7b3cdfa59363894fac7747199c77d0bcbe82100982c7282f472d5837db2f5801629714f2513361e64cba299b3b0fe33cb885ad45e44cd8cba105104115dd7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8ef4e3f0d329f14c9a21ef442e22100c |
| SHA1 | 1f998a69e8a5c643317aec1925b0e2fb09a5484c |
| SHA256 | 1f8898a85baff30cfc323724044c4d22709d552bf8ef1d01be5008baacd2e4a9 |
| SHA512 | be957dc5017bddc05ca766b15e06c8ae62ab9a5a87266d427a63bf3cc7919047c3d9bf6646356f7f504c677545474acbb6738599d1b079113cde2ba3e7b329bd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4d1e73dd05d0e2155c72798a5fa71137 |
| SHA1 | 422d4bf9f51e8af11f6cf8e66798954021e34120 |
| SHA256 | 59145a148648597ea4bdfee0bae7dfa344e720fc5e64b84d91cc4513d8bca52d |
| SHA512 | 31ce31be57f74fd33089e0f0a8c8cdcb602e5aa2fafea0554417e196c46eb5b07dfd0b1faf5f7ea20ddf88953c50d510fd4754f9d7654caceb8a43e342bfb012 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1de45769673d2ac09cc3434ffcfe531c |
| SHA1 | 8ff9bdad596d1426857c4001b2672fb30f703376 |
| SHA256 | 337a8d7addcee0d520b1df0dc3a0f9e03c8093cd3e1cc5d39d11624b13f5e5fb |
| SHA512 | c855a1819eb8caa899ed9a8c238358f09e56b1639d15e768865db5f4bffd36d95d437dbe08a20ff13d7df1159e58eb8ce8940a946c35d3e22755e63c528c4ae7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ae85140184c076dc140b4627421e51bd |
| SHA1 | 21d24de29cf081b992561346331671333cbbbb5b |
| SHA256 | 6bcaf54fb941bae398ef79dc302a9b2fa344ff862f82037cbc2ba2578ce0fe71 |
| SHA512 | 6d828dcdaf1b5c2cacd3512e38b7fca871bb8caca9e7e01ba25450c0c6179e9a7b1fdfe2477987578e4dc0f6120b968c76125422bdb98d109798692778f05f9b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a6d4e8a98fb22f581fa0a39f0f89e246 |
| SHA1 | b1b7071c384330d8562aaf044dac46aa4e602d99 |
| SHA256 | ad8c806e76db41dcc432aaadaa4782758b7cd65666b044a3cd9ca5500fa7dbab |
| SHA512 | 7e6943442ba69f1e4035ed1af6eec1f280fec05eff66298aee372b59647fc1f0c99bd8fccd702931827693c87681dbb1c05433a76b437fa84f4f085e863315c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 43ae033fe2a439ae689fcd386c74fa77 |
| SHA1 | 0715e56d5d1d780f6cf83fe61a367cbfd8c331f1 |
| SHA256 | 3b5f1d3fbe9b7e0c305700b6e6992b20c06291a839a1c9a28e8a1e902f1a861b |
| SHA512 | ed90e9bf1b6c91e1f77879402d739662bae330a6a2a30481cb4ef3a26bd115e45adaf995e6be7b56f7a487baecf88c3ed872b3a2d91c32bf21383ae5cb5512a8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0c17af23a1ff258c1fbe1019d259c27d |
| SHA1 | 37cea2fdf92e9b2426d2c630609e06e616b9f0db |
| SHA256 | 7e72606ba9c1233c334a51ad79ef02eb8c4065cb85416f42c22d815584326a93 |
| SHA512 | db69bcbeaadda419ef8f346534e70149cb59b0a870cba9b1fa6a8b8274aed79bbb028e4f60721e2f24d922abe508af6e0034d1f3ceff09a996138867c1e101d3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 76d20463498cdb479c56185975b4927c |
| SHA1 | 5b73687c41f8972850e9636de625d6112e2eee27 |
| SHA256 | 22f695db0dc0cb13d1502e1d098f0f4ba79ab350304b7a99f274c6e9252829d9 |
| SHA512 | 97aca6ce1787ec7347350a2b16e7c1781d21174ea0dd00c92d1f6c57eaeff212c023e892022d55d4d555cca2c67e062d71f38350db1f3e26f253eff8cd755da0 |
Analysis: behavioral5
Detonation Overview
Submitted
2024-08-28 02:13
Reported
2024-08-28 02:43
Platform
android-x64-20240624-en
Max time kernel
1800s
Max time network
1807s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 74.125.206.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | open.spotify.com | udp |
| US | 151.101.195.42:443 | open.spotify.com | tcp |
| US | 151.101.195.42:443 | open.spotify.com | tcp |
| US | 1.1.1.1:53 | spotify.app.link | udp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.169.72:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | spotify.app.link | udp |
| GB | 18.239.236.30:443 | spotify.app.link | tcp |
| US | 1.1.1.1:53 | encore.scdn.co | udp |
| GB | 2.18.66.8:443 | encore.scdn.co | tcp |
| GB | 2.18.66.8:443 | encore.scdn.co | tcp |
| GB | 2.18.66.8:443 | encore.scdn.co | tcp |
| GB | 2.18.66.8:443 | encore.scdn.co | tcp |
| GB | 2.18.66.8:443 | encore.scdn.co | tcp |
| US | 1.1.1.1:53 | open.spotifycdn.com | udp |
| US | 1.1.1.1:53 | www.googleoptimize.com | udp |
| GB | 142.250.180.14:443 | www.googleoptimize.com | tcp |
| US | 199.232.210.251:443 | open.spotifycdn.com | tcp |
| US | 199.232.210.251:443 | open.spotifycdn.com | tcp |
| US | 199.232.210.251:443 | open.spotifycdn.com | tcp |
| US | 199.232.210.251:443 | open.spotifycdn.com | tcp |
| US | 199.232.210.251:443 | open.spotifycdn.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.187.195:443 | update.googleapis.com | tcp |
| GB | 142.250.179.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.169.14:443 | android.apis.google.com | tcp |
| GB | 142.250.179.234:443 | tcp | |
| GB | 142.250.180.4:443 | tcp | |
| GB | 142.250.180.4:443 | tcp | |
| GB | 216.58.201.98:443 | tcp | |
| GB | 172.217.169.46:443 | tcp | |
| GB | 172.217.169.74:443 | tcp | |
| GB | 142.250.178.3:443 | tcp | |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.187.227:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.180.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.16.238:443 | android.apis.google.com | tcp |
| BE | 142.250.110.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
Files
files/dom-0.html
| MD5 | bde8554201ae78aa60852da6f8384f4a |
| SHA1 | 29751cf36bb7b078815d1f0540314d7832981005 |
| SHA256 | 2fda5ea044b19b73669bd2f838e5341eb0793691920e9573908f28a2c7f8017e |
| SHA512 | 889f4ccb91b024aedeeaab114313e9fbcd8f37e1b40cee36f7a73fd25f5de4633d4c46ac74364cf177abb670dc785fc9ac372acce089a5fe67362b14ac68b7e2 |
Analysis: behavioral15
Detonation Overview
Submitted
2024-08-28 02:13
Reported
2024-08-28 02:43
Platform
ubuntu1804-amd64-20240611-en
Max time kernel
0s
Max time network
1679s
Command Line
Signatures
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/class | /usr/lib/firefox/firefox | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/filesystems | /bin/sed | N/A |
| File opened for reading | /proc/filesystems | /bin/sed | N/A |
| File opened for reading | /proc/self/task/1628/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/filesystems | /bin/sed | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/filesystems | /bin/sed | N/A |
| File opened for reading | /proc/filesystems | /bin/sed | N/A |
| File opened for reading | /proc/self/task/1641/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1654/stat | /usr/lib/firefox/firefox | N/A |
Processes
/usr/bin/xdg-open
[xdg-open https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/xprop
[xprop -root]
/bin/grep
[grep -q ^Enlightenment]
/bin/uname
[uname]
/bin/grep
[grep -q ^file://]
/bin/egrep
[egrep -q ^[[:alpha:]+\.\-]+:]
/usr/local/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/local/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/bin/sed
[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]
/usr/bin/xdg-mime
[xdg-mime query default x-scheme-handler/https]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/xprop
[xprop -root]
/bin/grep
[grep -q ^Enlightenment]
/bin/uname
[uname]
/bin/sed
[sed s/:/ /g]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/bin/grep
[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/bin/grep
[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/bin/grep
[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/bin/grep
[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/bin/grep
[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]
/bin/sed
[sed s/:/ /g]
/bin/sed
[sed -e s|-|/|]
/bin/sed
[sed -e s|-|/|]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/which
[which firefox]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/firefox
[/usr/bin/firefox https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w]
/usr/bin/which
[which /usr/bin/firefox]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w]
/bin/grep
[grep -q %s]
/usr/bin/x-www-browser
[x-www-browser https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w]
/usr/bin/which
[which /usr/bin/x-www-browser]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w]
/bin/grep
[grep -q %s]
/usr/bin/firefox
[firefox https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w]
/usr/bin/which
[which /usr/bin/firefox]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 151.101.129.91:443 | tcp | |
| GB | 185.125.188.61:443 | tcp | |
| GB | 185.125.188.61:443 | tcp | |
| US | 151.101.129.91:443 | tcp | |
| GB | 195.181.164.19:443 | tcp | |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 91.189.91.49:80 | connectivity-check.ubuntu.com | tcp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| GB | 185.125.190.18:80 | connectivity-check.ubuntu.com | tcp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 91.189.91.49:80 | connectivity-check.ubuntu.com | tcp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| GB | 185.125.190.49:80 | connectivity-check.ubuntu.com | tcp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 91.189.91.48:80 | connectivity-check.ubuntu.com | tcp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| GB | 185.125.190.48:80 | connectivity-check.ubuntu.com | tcp |
Files
Analysis: behavioral16
Detonation Overview
Submitted
2024-08-28 02:13
Reported
2024-08-29 07:22
Platform
ubuntu2004-amd64-20240729-en
Max time kernel
510s
Max time network
478s
Command Line
Signatures
Changes its process name
| Description | Indicator | Process | Target |
| Changes the process name, possibly in an attempt to hide itself | gmain | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | gdbus | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | glean.dispatche | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | HTML5 Parser | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | HTML5 Parser | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPDL Background | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPDL Background | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Netlink Monitor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Netlink Monitor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | pool-firefox | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | pool-firefox | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | JS Watchdog | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | JS Watchdog | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BGReadURLs | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BGReadURLs | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | glxtest:disk$0 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cache2 I/O | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cookie | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cookie | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | TaskCon~ller #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | TaskCon~ller #0 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Worker Launcher | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Worker Launcher | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BgIOThr~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BgIOThr~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Softwar~cThread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Softwar~cThread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Softwar~cThread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | CanvasRenderer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | CanvasRenderer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Compositor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Compositor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | WRWorkerLP#0 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | WRWorkerLP#0 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | WRWorker#0 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | WRWorker#0 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Renderer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Renderer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | ImageIO | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | ImageIO | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Permission | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Permission | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC Launch | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC Launch | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | SandboxReporter | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | SandboxReporter | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Breakpad Server | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Sandbox Forked | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Chroot Helper | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | gmain | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | gdbus | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | pool-/usr/libex | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | gdbus | N/A | N/A |
Checks CPU configuration
| Description | Indicator | Process | Target |
| File opened for reading | /proc/cpuinfo | /usr/lib/firefox/firefox | N/A |
Reads CPU attributes
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/online | /usr/bin/nautilus | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/size | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/size | /usr/lib/firefox/firefox | N/A |
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/resource | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/vendor | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:05.0/usb1/uevent | /usr/libexec/gvfs-mtp-volume-monitor | N/A |
| File opened for reading | /sys/bus | /usr/libexec/gvfs-gphoto2-volume-monitor | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/class | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/class | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/device | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/virtio0/drm/card0 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/class | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/vendor | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/subsystem_vendor | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/class | /usr/libexec/gvfs-gphoto2-volume-monitor | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/vendor | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/vendor | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/device | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/class | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/resource | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/device | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/uevent | /usr/libexec/gvfs-mtp-volume-monitor | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/1-1:1.0/uevent | /usr/libexec/gvfs-mtp-volume-monitor | N/A |
| File opened for reading | /sys/bus/usb/devices | /usr/libexec/gvfs-gphoto2-volume-monitor | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/vendor | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/class | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/resource | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/class | /usr/libexec/gvfs-mtp-volume-monitor | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/dbus/mask | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/resource | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/vendor | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/class | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/device | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/irq | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/device | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/device | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/device | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/irq | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/device | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/usb/devices | /usr/libexec/gvfs-mtp-volume-monitor | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:05.0/usb1/1-0:1.0/uevent | /usr/libexec/gvfs-gphoto2-volume-monitor | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus | /usr/libexec/gvfs-mtp-volume-monitor | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/uevent | /usr/libexec/gvfs-gphoto2-volume-monitor | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/device | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/resource | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/resource | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/resource | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/resource | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/class | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/class | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/subsystem_device | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/irq | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/irq | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/device | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/irq | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/devices/system/cpu | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/virtio0/drm/renderD128 | /usr/lib/firefox/firefox | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/goa-daemon | N/A |
| File opened for reading | /proc/1885/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1600/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/task/1724/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1869/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/gvfs-goa-volume-monitor | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/dconf-service | N/A |
| File opened for reading | /proc/self/task/1697/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/162 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1863/cgroup | /usr/libexec/gvfs-udisks2-volume-monitor | N/A |
| File opened for reading | /proc/1/cgroup | /usr/libexec/gvfs-udisks2-volume-monitor | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/gvfs-mtp-volume-monitor | N/A |
| File opened for reading | /proc/1890/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/1608/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/fd/107 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/113 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1880/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1725/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/goa-identity-service | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/glxtest | N/A |
| File opened for reading | /proc/self/fd/12 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1830/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/gvfs-gphoto2-volume-monitor | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-desktop-portal-gtk | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/gvfsd-fuse | N/A |
| File opened for reading | /proc/sys/kernel/cap_last_cap | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/1390/attr/current | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/1406/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/1558/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/task/1573/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/35 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1635/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/80 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/112 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/115 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/1875/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/1863/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/self/mountinfo | /usr/libexec/gvfsd-trash | N/A |
| File opened for reading | /proc/self/fd/81 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1726/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/filesystems | /usr/libexec/xdg-permission-store | N/A |
| File opened for reading | /proc/self/fd/57 | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/mountinfo | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1799/stat | /usr/lib/firefox/firefox | N/A |
Writes file to tmp directory
| Description | Indicator | Process | Target |
| File opened for modification | /tmp/tmpaddon | /usr/lib/firefox/firefox | N/A |
| File opened for modification | /tmp/firefox/.parentlock | /usr/lib/firefox/firefox | N/A |
Processes
/usr/bin/xdg-open
[xdg-open https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]
/usr/bin/dbus-daemon
[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]
/usr/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/usr/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/xprop
[xprop -root]
/usr/bin/grep
[grep -q ^Enlightenment]
/usr/bin/uname
[uname]
/usr/bin/grep
[grep -q ^file://]
/usr/bin/egrep
[egrep -q ^[[:alpha:]+\.\-]+:]
/usr/local/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/local/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/bin/sed
[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]
/usr/bin/xdg-mime
[xdg-mime query default x-scheme-handler/https]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]
/usr/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/usr/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/xprop
[xprop -root]
/usr/bin/grep
[grep -q ^Enlightenment]
/usr/bin/uname
[uname]
/usr/bin/sed
[sed s/:/ /g]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/usr/bin/grep
[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/usr/bin/grep
[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/usr/bin/grep
[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/usr/bin/grep
[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/usr/bin/grep
[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]
/usr/bin/sed
[sed s/:/ /g]
/usr/bin/sed
[sed -e s|-|/|]
/usr/bin/sed
[sed -e s|-|/|]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/which
[which firefox]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/firefox
[/usr/bin/firefox https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w]
/usr/bin/which
[which /usr/bin/firefox]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w]
/usr/local/sbin/dbus-launch
[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]
/usr/local/bin/dbus-launch
[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]
/usr/sbin/dbus-launch
[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]
/usr/bin/dbus-launch
[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]
/usr/lib/firefox/glxtest
[/usr/lib/firefox/glxtest -f 13]
/usr/bin/lsb_release
[/usr/bin/lsb_release -idrc]
/usr/local/sbin/dbus-launch
[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]
/usr/local/bin/dbus-launch
[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]
/usr/sbin/dbus-launch
[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]
/usr/bin/dbus-launch
[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]
/usr/libexec/xdg-desktop-portal
[/usr/libexec/xdg-desktop-portal]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -prefsLen 20982 -prefMapSize 234904 -appDir /usr/lib/firefox/browser {66e75e4f-321e-40a0-9728-48aeef2a78d8} 1469 true socket]
/usr/libexec/xdg-document-portal
[/usr/libexec/xdg-document-portal]
/usr/libexec/xdg-permission-store
[/usr/libexec/xdg-permission-store]
/usr/libexec/xdg-desktop-portal-gtk
[/usr/libexec/xdg-desktop-portal-gtk]
/usr/libexec/gvfsd
[/usr/libexec/gvfsd]
/usr/libexec/gvfsd-fuse
[/usr/libexec/gvfsd-fuse /root/.cache/gvfs -f -o big_writes]
/usr/libexec/dconf-service
[/usr/libexec/dconf-service]
/usr/bin/nautilus
[/usr/bin/nautilus --gapplication-service]
/usr/libexec/gvfsd-trash
[/usr/libexec/gvfsd-trash --spawner :1.8 /org/gtk/gvfs/exec_spaw/0]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 20185 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {1c69d73c-8a3d-41ec-bfef-6add5aef9bf0} 1469 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 26849 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {a3644d34-49a5-471b-b945-cce8a02024ee} 1469 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -sandboxingKind 0 -prefsLen 27460 -prefMapSize 234904 -appDir /usr/lib/firefox/browser {4bf44b21-b750-4993-a561-d1cb4a5a4d72} 1469 true utility]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 25746 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {68626551-71f6-432f-a571-2d4aab644e3e} 1469 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 4 -isForBrowser -prefsLen 25746 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {41cbcb1e-b487-4d29-942c-78a5a8357cca} 1469 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 5 -isForBrowser -prefsLen 25746 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {26d9c793-5d61-4c62-9eb6-0c470767b514} 1469 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -prefsLen 27713 -prefMapSize 234904 -appDir /usr/lib/firefox/browser {ea0e93f1-9c9e-4523-b82a-ab958d6ec9dd} 1469 true rdd]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 6 -isForBrowser -prefsLen 25746 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {1df00256-e2fd-4e04-93b2-2b655efcf7f4} 1469 true tab]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox -contentproc -childID 7 -isForBrowser -prefsLen 25746 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {8ff71e05-9ae1-45cb-9323-7ea90125e0e4} 1469 true tab]
/usr/bin/gnome-keyring-daemon
[/usr/bin/gnome-keyring-daemon --start --foreground --components=secrets]
/usr/libexec/gvfs-udisks2-volume-monitor
[/usr/libexec/gvfs-udisks2-volume-monitor]
/usr/libexec/gvfs-afc-volume-monitor
[/usr/libexec/gvfs-afc-volume-monitor]
/usr/libexec/gvfs-mtp-volume-monitor
[/usr/libexec/gvfs-mtp-volume-monitor]
/usr/libexec/gvfs-gphoto2-volume-monitor
[/usr/libexec/gvfs-gphoto2-volume-monitor]
/usr/libexec/gvfs-goa-volume-monitor
[/usr/libexec/gvfs-goa-volume-monitor]
/usr/libexec/goa-daemon
[/usr/libexec/goa-daemon]
/usr/libexec/goa-identity-service
[/usr/libexec/goa-identity-service]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | open.spotify.com | udp |
| US | 1.1.1.1:53 | open.spotify.com | udp |
| US | 151.101.195.42:443 | open.spotify.com | tcp |
| US | 1.1.1.1:53 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 35.190.72.216:443 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | spocs.getpocket.com | udp |
| US | 1.1.1.1:53 | spocs.getpocket.com | udp |
| US | 1.1.1.1:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 1.1.1.1:53 | getpocket.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | getpocket.cdn.mozilla.net | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | open.spotifycdn.com | udp |
| US | 1.1.1.1:53 | open.spotifycdn.com | udp |
| US | 1.1.1.1:53 | shavar.prod.mozaws.net | udp |
| US | 1.1.1.1:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 199.232.214.251:443 | open.spotifycdn.com | tcp |
| US | 199.232.214.251:443 | open.spotifycdn.com | tcp |
| US | 199.232.214.251:443 | open.spotifycdn.com | udp |
| US | 199.232.214.251:443 | open.spotifycdn.com | tcp |
| US | 1.1.1.1:53 | apresolve.spotify.com | udp |
| US | 1.1.1.1:53 | apresolve.spotify.com | udp |
| US | 1.1.1.1:53 | clienttoken.spotify.com | udp |
| US | 1.1.1.1:53 | clienttoken.spotify.com | udp |
| US | 1.1.1.1:53 | api-partner.spotify.com | udp |
| US | 1.1.1.1:53 | api-partner.spotify.com | udp |
| US | 1.1.1.1:53 | spclient.wg.spotify.com | udp |
| US | 1.1.1.1:53 | spclient.wg.spotify.com | udp |
| US | 1.1.1.1:53 | api.spotify.com | udp |
| US | 1.1.1.1:53 | api.spotify.com | udp |
| US | 1.1.1.1:53 | daily-mix.scdn.co | udp |
| US | 1.1.1.1:53 | daily-mix.scdn.co | udp |
| US | 1.1.1.1:53 | encore.scdn.co | udp |
| US | 1.1.1.1:53 | encore.scdn.co | udp |
| US | 35.186.224.24:443 | api.spotify.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | www.googleoptimize.com | udp |
| US | 1.1.1.1:53 | www.googleoptimize.com | udp |
| US | 35.186.224.24:443 | api.spotify.com | tcp |
| US | 35.186.224.24:443 | api.spotify.com | tcp |
| US | 35.186.224.24:443 | api.spotify.com | tcp |
| US | 35.186.224.24:443 | api.spotify.com | tcp |
| US | 199.232.214.248:443 | daily-mix.scdn.co | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 172.217.169.14:443 | www.googleoptimize.com | tcp |
| GB | 2.18.66.8:443 | encore.scdn.co | tcp |
| GB | 2.18.66.8:443 | encore.scdn.co | tcp |
| GB | 2.18.66.8:443 | encore.scdn.co | tcp |
| GB | 2.18.66.8:443 | encore.scdn.co | tcp |
| GB | 2.18.66.8:443 | encore.scdn.co | tcp |
| GB | 172.217.169.14:443 | www.googleoptimize.com | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 34.120.195.249:443 | tcp | |
| US | 35.186.224.24:443 | api.spotify.com | udp |
| US | 1.1.1.1:53 | web-sdk-assets.spotifycdn.com | udp |
| US | 1.1.1.1:53 | web-sdk-assets.spotifycdn.com | udp |
| US | 199.232.210.250:443 | web-sdk-assets.spotifycdn.com | tcp |
| US | 34.120.195.249:443 | udp | |
| US | 35.186.224.24:443 | api.spotify.com | udp |
| US | 1.1.1.1:53 | cdn.cookielaw.org | udp |
| US | 1.1.1.1:53 | cdn.cookielaw.org | udp |
| US | 35.186.224.24:443 | api.spotify.com | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 35.186.224.24:443 | api.spotify.com | udp |
| US | 35.186.224.24:443 | api.spotify.com | udp |
| US | 1.1.1.1:53 | geolocation.onetrust.com | udp |
| US | 1.1.1.1:53 | geolocation.onetrust.com | udp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 1.1.1.1:53 | i.scdn.co | udp |
| US | 1.1.1.1:53 | i.scdn.co | udp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 35.186.224.24:443 | api.spotify.com | udp |
| US | 1.1.1.1:53 | support.mozilla.org | udp |
| US | 1.1.1.1:53 | support.mozilla.org | udp |
| US | 1.1.1.1:53 | www.spotify.com | udp |
| US | 1.1.1.1:53 | www.spotify.com | udp |
| US | 1.1.1.1:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 35.186.224.24:443 | www.spotify.com | tcp |
| US | 35.186.224.24:443 | www.spotify.com | udp |
| US | 1.1.1.1:53 | gew1-spclient.spotify.com | udp |
| US | 1.1.1.1:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | tcp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | tcp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 199.232.210.248:443 | i.scdn.co | tcp |
| US | 199.232.210.248:443 | i.scdn.co | tcp |
| US | 199.232.210.248:443 | i.scdn.co | tcp |
| US | 199.232.210.248:443 | i.scdn.co | tcp |
| US | 199.232.210.248:443 | i.scdn.co | tcp |
| US | 199.232.210.248:443 | i.scdn.co | tcp |
| US | 1.1.1.1:53 | atc.spotify.map.fastly.net | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 1.1.1.1:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 1.1.1.1:53 | ciscobinary.openh264.org | udp |
| US | 1.1.1.1:53 | ciscobinary.openh264.org | udp |
| GB | 88.221.134.209:80 | ciscobinary.openh264.org | tcp |
| US | 1.1.1.1:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| GB | 185.125.190.17:80 | connectivity-check.ubuntu.com | tcp |
| US | 1.1.1.1:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 1.1.1.1:53 | content-signature-chains.prod.autograph.services.mozaws.net | udp |
| US | 1.1.1.1:53 | content-signature-chains.prod.autograph.services.mozaws.net | udp |
| US | 1.1.1.1:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | edge-web-gew1.dual-gslb.spotify.com | udp |
| US | 1.1.1.1:53 | edge-web-gew1.dual-gslb.spotify.com | udp |
| US | 35.186.224.26:443 | edge-web-gew1.dual-gslb.spotify.com | udp |
| US | 35.186.224.26:443 | edge-web-gew1.dual-gslb.spotify.com | tcp |
| US | 35.186.224.26:443 | edge-web-gew1.dual-gslb.spotify.com | tcp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | gew1-spclient.spotify.com | udp |
| US | 1.1.1.1:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| GB | 185.125.190.98:80 | connectivity-check.ubuntu.com | tcp |
Files
/tmp/tmpaddon
| MD5 | 30082ae40dc48af6343db2fd22cfc645 |
| SHA1 | 3eb577555ee638e8beb01173e8f29e172747a728 |
| SHA256 | 85d4b95f9b2075daee9b0e64bce8d9d7343d0dda10e6072d7f9485a68472ee76 |
| SHA512 | 53a58bfb4c8124ad4f7655b99bfdea290033a085e0796b19245b33b91c0948fdac9f0c3e817130b352493a65d9a7a0fc8a7c1eedc618cdaa2b4580734a11cd9c |
Analysis: behavioral2
Detonation Overview
Submitted
2024-08-28 02:13
Reported
2024-08-28 02:43
Platform
win7-20240708-en
Max time kernel
1800s
Max time network
1684s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6dd9758,0x7fef6dd9768,0x7fef6dd9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1132 --field-trial-handle=1364,i,10979881628459243409,2791875251120860458,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1492 --field-trial-handle=1364,i,10979881628459243409,2791875251120860458,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1584 --field-trial-handle=1364,i,10979881628459243409,2791875251120860458,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2324 --field-trial-handle=1364,i,10979881628459243409,2791875251120860458,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2332 --field-trial-handle=1364,i,10979881628459243409,2791875251120860458,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1548 --field-trial-handle=1364,i,10979881628459243409,2791875251120860458,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3164 --field-trial-handle=1364,i,10979881628459243409,2791875251120860458,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3588 --field-trial-handle=1364,i,10979881628459243409,2791875251120860458,131072 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | open.spotify.com | udp |
| US | 151.101.67.42:443 | open.spotify.com | tcp |
| US | 151.101.67.42:443 | open.spotify.com | tcp |
| US | 8.8.8.8:53 | certificates.starfieldtech.com | udp |
| US | 192.124.249.41:80 | certificates.starfieldtech.com | tcp |
| GB | 142.250.178.3:80 | www.gstatic.com | tcp |
| N/A | 224.0.0.251:5353 | udp |
Files
\??\pipe\crashpad_2104_XVYGMMRKNHTPSSIX
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp
| MD5 | 18e723571b00fb1694a3bad6c78e4054 |
| SHA1 | afcc0ef32d46fe59e0483f9a3c891d3034d12f32 |
| SHA256 | 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa |
| SHA512 | 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Temp\Cab94C3.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar94E5.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8b16b10cda00a5717e237b07681e82b7 |
| SHA1 | f7475ff6996f5b9472bd7618fc6b861b162ba172 |
| SHA256 | 9b3a83463c5859c7da0070e3b13fd38bcffe275b53bedd547bd0f847da06810e |
| SHA512 | e88ff8788071d4ad52c8398a9d44cb3171f71fe66d7d9e305a7d17d17936744b1ff629f29f16e572976c3f2b835983c2b191f6820e14f24198e8421d4fa957d5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 210eda692f7133ac57bae3f4d51ef782 |
| SHA1 | 0cf3772f80b40a177f688539b658b40a7807de49 |
| SHA256 | cb4f16ca8808418fb3bfc0183b4818da3b5c984a3ee43c28ad88315342450d5d |
| SHA512 | a83f093844c2d774b2e0de765be878a3e9d2f04b6a862402879aaf3ee825395770857c42cf45388d1b87b8cb8f4ef0d045049d3169412ad6749ba6ffdafa13a3 |
Analysis: behavioral4
Detonation Overview
Submitted
2024-08-28 02:13
Reported
2024-08-28 02:43
Platform
win11-20240802-en
Max time kernel
1799s
Max time network
1771s
Command Line
Signatures
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133692848081788100" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffda48ecc40,0x7ffda48ecc4c,0x7ffda48ecc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1936,i,9012348402931090525,17470330246240102024,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1932 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1752,i,9012348402931090525,17470330246240102024,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2072 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1972,i,9012348402931090525,17470330246240102024,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2188 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3052,i,9012348402931090525,17470330246240102024,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3132 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3060,i,9012348402931090525,17470330246240102024,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3156 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4392,i,9012348402931090525,17470330246240102024,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4352 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3168,i,9012348402931090525,17470330246240102024,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4448 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4296,i,9012348402931090525,17470330246240102024,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4564 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004E0 0x00000000000004CC
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5100,i,9012348402931090525,17470330246240102024,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5108 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5336,i,9012348402931090525,17470330246240102024,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5324 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | open.spotify.com | udp |
| US | 151.101.131.42:443 | open.spotify.com | tcp |
| US | 199.232.214.251:443 | open.spotifycdn.com | tcp |
| US | 8.8.8.8:53 | clienttoken.spotify.com | udp |
| US | 8.8.8.8:53 | api-partner.spotify.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 199.232.214.251:443 | open.spotifycdn.com | udp |
| US | 8.8.8.8:53 | www.googleoptimize.com | udp |
| US | 199.232.214.251:443 | open.spotifycdn.com | udp |
| US | 8.8.8.8:53 | 42.131.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.214.232.199.in-addr.arpa | udp |
| US | 35.186.224.24:443 | exp.wg.spotify.com | tcp |
| US | 35.186.224.24:443 | exp.wg.spotify.com | tcp |
| US | 35.186.224.24:443 | exp.wg.spotify.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 172.217.169.14:443 | www.googleoptimize.com | tcp |
| GB | 2.18.190.80:443 | i.scdn.co | tcp |
| GB | 2.18.190.80:443 | i.scdn.co | tcp |
| GB | 2.18.190.80:443 | i.scdn.co | tcp |
| GB | 2.18.190.80:443 | i.scdn.co | tcp |
| GB | 2.18.190.80:443 | i.scdn.co | tcp |
| US | 35.186.224.41:443 | gew1-dealer.spotify.com | tcp |
| US | 199.232.214.248:443 | daily-mix.scdn.co | tcp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | tcp |
| US | 35.186.224.24:443 | exp.wg.spotify.com | tcp |
| US | 35.186.224.24:443 | exp.wg.spotify.com | tcp |
| US | 199.232.214.248:443 | daily-mix.scdn.co | tcp |
| US | 199.232.210.248:443 | daily-mix.scdn.co | tcp |
| GB | 2.18.190.80:443 | i.scdn.co | tcp |
| US | 35.186.224.24:443 | exp.wg.spotify.com | tcp |
| US | 35.186.224.24:443 | exp.wg.spotify.com | tcp |
| US | 35.186.224.24:443 | exp.wg.spotify.com | tcp |
| US | 34.120.195.249:443 | o22381.ingest.sentry.io | tcp |
| US | 35.186.224.24:443 | exp.wg.spotify.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 26.224.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.195.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 199.232.214.250:443 | web-sdk-assets.spotifycdn.com | tcp |
| GB | 142.250.187.234:443 | content-autofill.googleapis.com | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 199.232.214.248:443 | daily-mix.scdn.co | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 35.186.224.24:443 | exp.wg.spotify.com | udp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| GB | 142.250.187.234:443 | content-autofill.googleapis.com | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| GB | 2.18.190.80:443 | i.scdn.co | tcp |
| GB | 2.18.190.80:443 | i.scdn.co | tcp |
| GB | 2.18.190.80:443 | i.scdn.co | tcp |
| GB | 2.18.190.80:443 | i.scdn.co | tcp |
| GB | 2.18.190.80:443 | i.scdn.co | tcp |
| GB | 2.18.190.80:443 | i.scdn.co | tcp |
| US | 35.186.224.24:443 | exp.wg.spotify.com | tcp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.120.234.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
Files
\??\pipe\crashpad_2260_GBLPRKZXMHENFQPU
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014
| MD5 | 2257803a7e34c3abd90ec6d41fd76a5a |
| SHA1 | f7a32e6635d8513f74bd225f55d867ea56ae4803 |
| SHA256 | af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174 |
| SHA512 | e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 8476db2d4145bb28eb15949100c726ca |
| SHA1 | b91d192db1aa91af2d2b1db2f1be2a81a8cb4578 |
| SHA256 | 3fa1520e8d349873046a19e7b4565e86354310bc326221ab9f29a9da6f16c563 |
| SHA512 | 7912e2b6f5fc8a7e5146af6c41b224c550a18c5c5964df76a766f2e2aef967268ef50375d374165a7be19fff39666171840e46ac4042a90843b0368c276534b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 29ed62d027ebf452836c26b8a2b3b74f |
| SHA1 | 8d1ce18b1908dc427235da69ff4a18d9b579484e |
| SHA256 | 8173655cab1d42f97eea92611c6f13e0564635a51e2d709d25ef9f634ee0ab70 |
| SHA512 | c0216ab8b0b52c91e38c4dfacc17a6bef95e0b5102b548260e55bfb6cdcc36d6b590f5b950939af8cffe90b71dc05e4f5f01ff508a36ce3a4a42876388364c18 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 499ffca5385f7b4d2b27686816328232 |
| SHA1 | a3872635852161d2b3ab1ec908f80edac75456c3 |
| SHA256 | 6bf53b6264b4875c1c9629c6c3cec2df1f4324522f566858d746dc7c7daa81ab |
| SHA512 | b27cc36b4eb9240958159972b11532a82f65d0a28091fefe4e7ab1d9ba92cfffee92e62a9ab539da9d0a519bf3167508dcaba704237137f203e75e044f824b6e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 952305d9c9950271d727f08cedff3d1b |
| SHA1 | 3d2a170e9bbfd8b8555366004c2bb49363f06a33 |
| SHA256 | e4a4cf4e29229fd9b87fb645c94b2751a895954c5b073dded832d9ea82c6b5a0 |
| SHA512 | f93c8e98aea1174445061a7f288562159b736ebd630fb8bb1b018cddf66b1fcc460e3249f08985ecf7e6a2435689bb3ef88cc3c3cb82d133b0e4aac29d6e66c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 887d34f6606f3f06d7d4b77c138fcab2 |
| SHA1 | 10ce4d658392617315f994ab28ab9862edd9b421 |
| SHA256 | 61a9cb61ef53748d8f197fd821d7e624b04280116fc5f0a7277780e8405e2fd6 |
| SHA512 | 3b59216a3c8856b2d87fed14d21e7634337808105ba4483f2494e0c8d4c6574e7ee7149f5b0b97cfa0736870205d5ece6b52d78bed0442f36db8afa79a64eea5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9e3210a7f7d376eb78fb390d98741eda |
| SHA1 | 6a0e94d4fa4a4595e103a91dda5e13029d5433c1 |
| SHA256 | 21cf6123a3f1b8644284eaa22703957ecd8887f3c9d9171ee1f239b67ed73493 |
| SHA512 | b5bfff46067138728bde2d4344c928265b455da50d782574953b2c9a3868f7e6e3c3e31e902104175fd242c5970499237414b89e99684d745f7ea1ebe937e61b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 0b396707e0838f6c245d5a08b8586523 |
| SHA1 | 59e2444f9e1f48688aa9366056f6b58e88914eef |
| SHA256 | c0c0277215e6d13035d3342cd7065d9c1fd8bf6ba47df7669e49148ca2ec31e0 |
| SHA512 | d9f2fe7a3f27a1b4fb5db6ca8648c6fe75475cf10cd6f9bec8213730600069ec4faa3b9671d19b4c31aca8d7043e00de1af43bb669c8b540755e240a6c30067e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7ab552ec37c730749c39add02693d0ee |
| SHA1 | cce05cbf26ef5f9a368f8ee86af1f4d9ce47fc10 |
| SHA256 | bd83a0bc23f52bfdd7ccde14a87cf0374dd314c47a0f2bf1a9af62f3afa57b0d |
| SHA512 | e02f07f0756ed9c80f106a4a212a2ba57dec68c958dab4d80c0228e42f06a1ead79d20f3e16449cb9153128ddcf6f7ac66075090436bef8c63de591ed1da50e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\397e5d81bdb71a423054f3b5524da80fc3c2e3bb\3530f832-0752-4765-947c-1f3e59622610\index-dir\the-real-index~RFe5811be.TMP
| MD5 | 508b58c26e6968ee00facd14214db2b9 |
| SHA1 | 162cfefafc8b23c92519898eac9782b4f4dbe65f |
| SHA256 | 1badf8499df20eb55ac650dc36adecdda78325413f1c31a1a0f39c5194eb66c0 |
| SHA512 | 1a3951e5d0f7e50ba461e87bc8a6abc7e14a7709ecc5ccc4d9c84754276fb630e57a33c6e3e1e644b31989dddca2d1483526a482f5d288945f143d7ecd28d268 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\397e5d81bdb71a423054f3b5524da80fc3c2e3bb\3530f832-0752-4765-947c-1f3e59622610\index-dir\the-real-index
| MD5 | 6679088c172f12905249a4a9409ae473 |
| SHA1 | 73cadd86577cf68305ade1678cadc96e4e056f42 |
| SHA256 | 4a67e9f5ec7589bf94312dec1494dd07ed965209de066b77a8cafae57ef2dc0c |
| SHA512 | 0e4086668d404b74c57b67c4e6062c4c611a7f66c43b08f440ad091b2ddf9761de358110b1e27eb6c117fdce3c3525fdc3fb847240b6ae6384ba904985dc0eaa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\397e5d81bdb71a423054f3b5524da80fc3c2e3bb\index.txt~RFe5811ed.TMP
| MD5 | a631a6419747da0a9bca44af4c3ac2a5 |
| SHA1 | 4665a6feac2012978a0672c55ae413d484fb1aed |
| SHA256 | 3e285cda6ef50579ea5665df4a1f2812eb720f82d89023d0364b530369f65409 |
| SHA512 | 46a5490fd968dafa4cb781cfc4f35c71fcf96d2b9f986b4295f26d96c0ec549feea7cf5d07f8c64bb0d1b2b0f3030a37179c1daa4b282683d19101318922ccef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\397e5d81bdb71a423054f3b5524da80fc3c2e3bb\index.txt
| MD5 | d32bb110698a2abbad40ea097651cd43 |
| SHA1 | 85ced9c3cf3c9b11fe253d9b25397cf22e822e31 |
| SHA256 | c1b3d33d86ad9a61536ad59bddf3870b34c905b95f024e072ef6f022e8634fdc |
| SHA512 | 5d614a68283f77ea7662fdf450df490ede6ce7ab1fe6204887db23bd8f5cb9136d449144c23a1d968aadf12fdec35b56420deb0d174cef6dc97643bb8d873d2f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 02331a277d1f5bad682802e9ab82b09b |
| SHA1 | 788f308bd136a74cf497f0c1e0a6de4eb5b1b78f |
| SHA256 | 159e2d3501346ba90d04277fb046d67d031eda8384bbd4e552040fd972470ca7 |
| SHA512 | faa65c1dd56394144f60f62b317dbcc54c242fd886048a41427d0c3ae28cb2773b67953a90182476fef720f48fe0325c922197066c7a4fd1afa3dccd7244070b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 55d0f595a45bccb72f33453332606723 |
| SHA1 | 3ed8cd404761049b987f0482076bff41908d12f0 |
| SHA256 | 7252975bb6e59ab3a47e60209e4570e0701b6a591edd301247ae627bf6144094 |
| SHA512 | 3f548aa8b0ff65a262615816439141d3a385cd730927abfc4c714bc4b53f8e4cd36a3ddc92037e34aff94221b5142468f746d9651e0320d4a9c0a030930da574 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 160f744ee6284907ace59f23a26a6346 |
| SHA1 | 4ec0e69c125fdbd0910a9ed3ec2178b2363afcf4 |
| SHA256 | a12a3996e5b1e81cc82f777593949965a616ad8e78a36f58a1515b0244c6ae8b |
| SHA512 | dbce162c0f72ba304a7be0aee06756a6b34d2aa8258b3c5738b3e863fcd82c7e97a3491d41e472fc302d57ef15f3259b717060eac0ccedbeecdd38998a63e81d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 59aaeb90bb5abb6666b5191e6d7245ae |
| SHA1 | 2bfaaac95ba07118cdb85ea3578a22510894b7bf |
| SHA256 | 0688979f2464a961f5fde1937311687e100e378ca78a86a8cd9142efabc216b2 |
| SHA512 | 1c0d0f690589b6c6aac64aba759a179b149bd5798a9660471c9ad72e23f1d9c74c1cf11f6de849d87bd0ab94e473be447bd85ce4d3b3f85f96cd3aff48c4b36f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8c22d8e97a618322a64a3d3f529aa3c6 |
| SHA1 | 8b1c234816b50eb024ef5e76e47d2db0b2891fff |
| SHA256 | 61c9ce43851fecf74df874d89e4c317b9c800e036b934a69b7fae0c921610a75 |
| SHA512 | bc694029af446a5cf5e03e38840bfcad0c3e9bef086f590118c23ba1c3d51195cd1b54271ff3885a72e5d8013bd035c5e759d3ca52a61f42e93e97c7d39847c6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 02aa2ab725bfbf4a098738b7d2766aab |
| SHA1 | 9e5d8c2d59941d0d6bba25e88d6b96f680c07616 |
| SHA256 | 4162a1ed8fdef5699328cad2d4aa92b5e04cc37cee38dd375a09c77b4c988c64 |
| SHA512 | 5b52a9b1ea69eb6ab1161768e4138f9c2689cd9728848be78b04474670adefd628f31eb4b8ffe66807a3524db3486157e67097536b6ad0a294d8cf163e3971d6 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | b5ad5caaaee00cb8cf445427975ae66c |
| SHA1 | dcde6527290a326e048f9c3a85280d3fa71e1e22 |
| SHA256 | b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8 |
| SHA512 | 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | d222b77a61527f2c177b0869e7babc24 |
| SHA1 | 3f23acb984307a4aeba41ebbb70439c97ad1f268 |
| SHA256 | 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747 |
| SHA512 | d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5bc5867a3e41621a351b88b76f9f4265 |
| SHA1 | 97c567d5dfb6e0358249ac68aed357b502abe0f7 |
| SHA256 | 96ced36a86ed64ba07595bf522e4566c0efaa48aa5e02625bcdcd8004b892b7a |
| SHA512 | e3c4670c9d79cd3da52af5d2e959faa545955fda161458428a7c4719a4f7bc7ff9f8a543f8b023af7674ce6dc54997fd1b757c55fc165806ffa85b38252fbdc4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d2fae6d06cf96f82246c426b263ffcdd |
| SHA1 | 9f3b53f30b27de576aa21534fe04e6d9b7836e9f |
| SHA256 | f5abe01e7ae24e881e4911f643775f64aadd855ed94aa06caed1deeb8e616194 |
| SHA512 | 4fca67a0d7312272916fee7f939f09efcbef1680580e0bed40bcbdac5aa7b9d7133fae16959c6f1a62fd8ef844060cdaf3e084d538e03ad6229f34d82b4e6364 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 536bef1982f07a6e9147c2282a4e31dc |
| SHA1 | 6da642e109cf9452ebf28eba19acbe56674c70b7 |
| SHA256 | 955b37daed4a97205f0926b0d8c973ebdfcbb793a3990c006a233b54677e140f |
| SHA512 | 4647ef674d5561c3ec7c0402edb820a42e590e4f994c7f82ed9b9d5947a8b70ed6e64594b048a8886817bb26926bf68575a77af2fb95f809d2ec05d86a482b53 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 88304d27ecfb7dca5f1576887c788679 |
| SHA1 | e6ec9bfb378d1a432cd1feec5806cac83bc7a242 |
| SHA256 | 63dfa38c95b0415db71afed60b89d2365e04b83e2e649f2b258e07dda0cb04d9 |
| SHA512 | ad14c1af52b961095d35f1cd8effd1946ce5cfa19b5ead29da1be62204ce160e2601794285f84159954472e63ebff25fbc8d52d9f020ee0cb7c60ddcc95ef816 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 71f64ef96f778c970eae72bc59e8dbb6 |
| SHA1 | 258f53cfd0a1ecc8f3eeb1d8b92ff06b585a5039 |
| SHA256 | d652ae9a267b75b894fc3158be5a8ded6abf3a5baf57c98a1074cdc84963a23d |
| SHA512 | b38081aac0411a0330934d6d863f031099f5d0a28ab5cccdc8418c09e00d4eca2a0615ea0af19130ec5594c1e812d3c8c418e0472e3baf616fbc89508e2d1602 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d2bfe106a475c0905ecc405183a3550e |
| SHA1 | e2ab01dfb7d0abbe25fec075d7475fcc7f4fe71f |
| SHA256 | 9a93ef5a629f3cacf54fe1643e8251888575d545a90f214acff9174c33f380b7 |
| SHA512 | 2e858f344c7fcd80e0ee036a113342319f2de6a6043d0dc1d176c180bca355783065ac1bcac45fd5e0b6c19fb25842d0e48d2a38b926eff64f9848ab0f2e2f33 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d21a2bb5d186772ce0bf6a1abc1a4472 |
| SHA1 | d2d7c8a7be8fbd173a0894fac5e5053fe22257e5 |
| SHA256 | 2dff62d1cb190d384ac07d93f3d89b491142c9ab96751e41eb6948bf1839123c |
| SHA512 | 60602554072b4469bdaedf829ca5f917018c429aa50336f0a7e328a78eb13a9d0f807db936b506a1c95f8f7e2877b43c60f779143c9d4105dab21d209b73cd3f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 11bce6efdf0d2864e4ad430ce83c5704 |
| SHA1 | d81117887c728af9dd7bd0ac37bfaeb0da10a85a |
| SHA256 | 691e5d46aa62ea47895d382d32b66c981d2125d537d242a537c0425a1c7f4e14 |
| SHA512 | 863e03a060c0d53c6a1c87802555861f1e6b3c75ea18d5611b6dbbcbb7ed8d73f723d114ecbad766b8acddb177ccb826dcda27df7022ee0c0174db5018aa22f7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9c17234f1ff21eaace8829ae9e2d491a |
| SHA1 | 91149289a3917cfa6362cde2f0f2fd841a12f683 |
| SHA256 | b9e1be1cb67bc233012fc2fc3923e7a3946e67e0cdc01afca2aede90fd65489b |
| SHA512 | 6ad169b65dc62a907a5ef5fc44539f9058b55261f38f22136a7aa8a37dd0377cbd68cee5d43e4b3987e46e6434b4c48daba05560f5ff763b679794b9245d9cbc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 97361f36df944c0dfde009b3298fa4af |
| SHA1 | 3157d700a02007cacb147d0b41ee9a214f622b23 |
| SHA256 | 5bf80e3e299c66fdf29c4aefcdf2820cc2e4f46e2cbd4c3d1aaf8461a38db395 |
| SHA512 | 46e4d72395d8f21dbce5338ed6726ded4636bb77053e4e0664e0b1cf8a046bb8c7b78aea3493f144af4e979c22bafde7a6414cfe063be20c220a1bf5b5238b60 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9457b36a93e4d35340dbeb9041c365cd |
| SHA1 | 1fd3446da531bfe11b5f7913b260568d3824e768 |
| SHA256 | 3118cfe2d09bac7f60057702653779c903cd545d7fa573626bcd098f48fe9cf4 |
| SHA512 | 68d16377b6123632777390a91f1963a97ba88887ce840aefbeaf5f38e0a170d9d163b9bc8511a8847f4a0528e16fe66719f2e24ffba7caf05b293d45a304caec |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 50e6f38eeedebcb2ecc5984c3e63aa4c |
| SHA1 | 8e2b9ce9fc0e7b40eb08f813f8429a52f4d11d01 |
| SHA256 | 86cacc26c4000bb39492974a47eba0dd71d1209b01c29849d94875c5cb5503c1 |
| SHA512 | 8afbdb56116100f3f7713acc3f8b46e3763091c81a9aec0199e413968ee3e394d759195aa09f6c0ee3bad77d9d6138172c0d75643b1ab055a25fbff65107a6bc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 583ca687d1c9bdf0669b75c5a912c167 |
| SHA1 | 84eb7d0c0bc5b4ab078436c4377b4ecdfafaebe6 |
| SHA256 | 3c027a2fea21efdd4a763b0bf5204debfed8e239f7ea2c3d2cef8fa67abbff24 |
| SHA512 | 1ee9f1c44f069783f35801e1a522ab05b0955c4a2fb0954a35ad2d5738bd976b96964b87612ed9fb20c9401c86675b029fadf6a09f791cb5b9b2c6ba1a748bbb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1e3860ab1b8999c365728fb3101aa345 |
| SHA1 | 181af8e2042e1878cc91981d11d2bb84d9380eaa |
| SHA256 | 165e9680a9c85402eccc8ddded7628cc559384b728a30f1760ceb8bfee343d59 |
| SHA512 | ba68aa371d9533eab6c550977f3d9bea4027183041cab9c0ef95b8d02a4cd20f1884cbf174480ae3b4fecff6c5634f061969ef92b0e2f63ddb565ff62838def4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f4f8b6936ef9162a1c01fa8134426d79 |
| SHA1 | 3ade45b95ab132485ed89540859baab4df77f6e0 |
| SHA256 | ab38444ab2706dc958bc4aad7dc0df6843e0573e6daaeca489a9e4faa1c598dd |
| SHA512 | 8ede57a14b61ab98480cb662296ad9176ad87e10f935490751fc452cc6f0d098bd4e773c475ba09a340f5e798dbc438b1782a420831639258abdfce362a88bad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 00bcae94fb1f183f1c5763f54f8273f2 |
| SHA1 | 8cd1bad3be00681efc5b1036d9114122bed2733a |
| SHA256 | cddd7475395516090b03ec98860f3709655d58fa976ba7f003bf764f5042a370 |
| SHA512 | 4f39967438ba1d4d59c0fbed69792b56b643dbee69aea73dfc3386294172b5426ed7aaf7bfc528f0da2ff2ffd19ad2e1fcf687a629ce78106e958ff0588c9e6d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6180a03436c17bd78fb5d0f445e660c2 |
| SHA1 | 57a6d3bd96ee425a3f7e906a3a6a0ed2b3466391 |
| SHA256 | d5d75d261d2887efbf323b96adabaf6734baa22b7e1bf9bfc8cb676ada0e8cae |
| SHA512 | 3f42840e2d4b4955143ff03be9135000fd1440c059e79d14777716ec64dee52c5adadf8d64034111ebae802f9cd2c20eb3f589d9f4fb1e8a1d23c028201887f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cf7278574bcfb15934b0dfc42440ab88 |
| SHA1 | b4b6fdf7cce55624d02094eb0f71eec754363100 |
| SHA256 | 09f7baebf6701984772d987f3aa55636052e68b19270646865d60b5cbe3a1c01 |
| SHA512 | 8d235bd195fa366243184129519007cd8d358bfc1804e3bdf3aab571c1641f92adacb440eef03167991fe178dc101bf670449354ff9c893e6eb2178588fe3055 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | aa1584f023ee64af5509cc936da3ace1 |
| SHA1 | 3539c86fef1ed217263692ccb3d7632f8bee6f47 |
| SHA256 | 3c942a57cc70432405961fd5bc798ded1bbe32dea7fe4911c7b25f97743be468 |
| SHA512 | b7f905469c92021b3d13e18210db5773a7ff63cd489e2b50228c00d246b5353a6ea93be70e51d5bdb64ab3aa24ce4d761b3f8a6d873c288b722c8344f46c0e4a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0768d5d9b34b9f07fd2874bbe08015c2 |
| SHA1 | 968b1932ba3ad56de9da3039cc615b18597629b7 |
| SHA256 | e3e6ce56ce53cb2d269a8d6f12d185ae3d79ff5244edd6a746489a55c6cdfec5 |
| SHA512 | f92998a249512f94c7dec964e056ffdc3eb7f516930bfde2a771bda5523e9cc079b7f7dc701e86e6fe1861394c8a3f1a22b1354a203e43a34fbc629739f78ebe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a1a3cfa59b875943274be7f7afd0c07c |
| SHA1 | 63b180c502f1c9fd1f848813734246b6a54d4e04 |
| SHA256 | fc007f744c7e2c7db247c4177a3f90907c49e63a0f55ee8861c5b6bfa722d064 |
| SHA512 | 5e1790d8f834577d6faf72368638ea45df1b702af41a36b906458da6ed277afcae65a10cd4a8daad77fcb6a1999a3c30c725082c424c3afcf623868897a4eb07 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8a4057c381b6945cec36a89163abcbed |
| SHA1 | 233800d96d8ce1367f9d68362900b227c56b4f92 |
| SHA256 | 2e093d336cdc1196b2cf148afee34e706e373c571074f6cd655121f77f479715 |
| SHA512 | 790f2f7ff67d290edd67c3713b8e02d327bb21fd96c41225c962554e27a0d59b460cfa8bf511ee78c01d5cd73c573c179a99af5b238a2a5dbd1a8aac4db54e70 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f31f34f9a3ca16b2c433da6036b895ce |
| SHA1 | 27117e39a710cd21e0df99f1682d9e3244d92b7b |
| SHA256 | fd71ad56dd52d9b05350929192de8580516e4e7d101e56c5094714ff6f272e1f |
| SHA512 | 0cda60025bb7cd488669760b42becbc8b42100125006e7c77ae3663643b3b8a65d261a356d121dcfa2cafb66161dafdeba963831c38f80172d95df0dfcb8572d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3bdf453cdfbd6dbf857d691df3874c84 |
| SHA1 | 8886302fc08a31f7c28bbce1ef76f73c48632d81 |
| SHA256 | 566f65793d8e7fbffd200d06ec164f09725a8941a8dd62fcbccb2c6b215ab3a8 |
| SHA512 | 4456978ad198d727bbef8ce7c69592d3e44971e5f4b653141dfcd99907338bf9bdb409c33100403dbb789ebc06517c0056acd351022232578776e67e9031c316 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ea38a3b8eb19c6791086ff24da56f742 |
| SHA1 | 3106b7f00d5d8981933e02400b9b37d770fba52c |
| SHA256 | 2d6020f3e1c9cc5d060c39943df6703246f5dfb939dddfe71895ebe5fb472446 |
| SHA512 | a402ae68c61108396501526c01e0e7e9ad7997a48fec16ef0e56146d84785104033c1c8201ebbdfcc8e1c3eda15b5f338502e933399fbb29c912e3c28a903a7d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ad41a18b7cc22cb8531403ae1ae53fd0 |
| SHA1 | 9b861641a2b6b6ac98c7383072d178fdc02fce8d |
| SHA256 | 9e24339517e748ef23baa7bc674544f0f2b19cdabd652228fa972369d5353293 |
| SHA512 | 94e75004a5478055e21102a2154a8d67c32400fbe05894e61a700813959223d6a3e10b802ee465c24c461dc0decb5bada17127e69b710f393b9c7d583b44ff7f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4e2a7a02c58ced5b13c667290f051bec |
| SHA1 | fedb5f29837417cfcb558b216a3a8ee73ac78611 |
| SHA256 | 5341730a02508a05ab9f29ecd6e376fe3449bf32cb895f39eee3198cc3836d18 |
| SHA512 | 217751e0414360d6d930b7822bbb979ce5c53d54a9380a2d528a6a7f45bbc6fc44cd0dbf87b8d12d056d6cbc3abb90e9219566ae3657bfedb7ff37d0783d7365 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 039ace5f1a2fad330b1d59073fa66b6f |
| SHA1 | ade4f8de6ecd42918134f77adb55f30345ebdf28 |
| SHA256 | 4f9ccb8d596e6b4e420411acd750259960f919e2bf22d46241fb30b38c6fc5a2 |
| SHA512 | 293909a6297f7e35502d6c90f1c7502c26ff1700aa6d24ce68e40b4769746ccf9614f5da00953cd08a1cf976bd81e858c532c3c0f8f7008f417620a1f8abaacf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 10bb2c30a57c0376230dafad39e42c23 |
| SHA1 | dcfdca6b771147e1c0efca0b05e747c1a8a25675 |
| SHA256 | 3d63db9b50109f582d5b295666c9f70d572721223c3c9248083dc88ab4a1cdbb |
| SHA512 | 90a71cfa2d0823be3f099c74028bb4f953e7a22423e72ffe49d734339ba52f06afc01d7822341ba20f49f0a241c5d98687c1dac5429babb5f5e5710a953bcfde |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | acf00cd4c9deb8eb6957346870453655 |
| SHA1 | 5f446a125e859ae9608620af91f72adbfd23362b |
| SHA256 | 62f5e7e1c771babb969449fbff9de0f205719242650e74870be634eae8be72f7 |
| SHA512 | 023d9a877e66041b330797a0681a709c1b2d9c81ccc15ee8efd7bf8f04ec3eee91bd3f8ac693eb77bc50154f4e3336683c2d29ad18455108ca101b4412effe82 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3044582f10f682038254f66d15ee7be0 |
| SHA1 | d4cc01d3e3ff9f1b3991af8a78b4426317210eab |
| SHA256 | a576fb19ea3cad882b4224d8e3769c46c7cb4488bef76628ea5566d9203634e5 |
| SHA512 | d258e2c5af66fde41b6454501441a41515390ba60e35b18c37557de8dc0a8a4325b404469d6e8aa419cf91f6b479db6b63e890f64ebcf8ae0e30e0d7a6be79d2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 659106bbf236d9e1b7080acda568488d |
| SHA1 | f60030c2cf8ce233298ad9c2f4e708134221e636 |
| SHA256 | 834cc552b6abe6dfa1e683cd223acb010ea1059559a9226c0c1054501c3c1f99 |
| SHA512 | 9fe103518e37b1209852d29b1df5dd84cf847e949a6cd66b4b44d9f54385184aa88910155d486a0c4c2b06bae034f8316141c1a1edb6232993b39259cff4e416 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7d7dc460bbd98ffb1356112fd2ad6dfc |
| SHA1 | 451ac62dc6bb1a7b54a8aa82e9069cd6abccd2db |
| SHA256 | b0b5a91f612b7d5fdb902cc4ba16db16a08c13f6df362a8d5ec8b4ee580c8c0c |
| SHA512 | d86cabd53a7745c87ff777ca6c7e3505f37b8a26787f6a57e20b45ede758dacd4cb8da51b8655b511e00abcc8ee3f1499db84775cd0e91d5d5de6c81f5bdf980 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6e7d73232eb5aeda4ff344c06316b5ff |
| SHA1 | fae3eb622636279b3966e731c0d4bb58cada26e3 |
| SHA256 | 73cd606305adb090142ea91e9c6f8a66264c6543542caaa37e7556a98680b156 |
| SHA512 | a6bdaedf8a42ea8412dbf21249bff4156b04593dad03887c08a4219bf6a3f285f154b8f834baec03a8f1ffb0274315a86bb7d5b02fa13acf9c9eebd144ed7e00 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a78814943b8623b338c7e374edb9b9bd |
| SHA1 | 62664e45bdc387188bad922574956aca652597f0 |
| SHA256 | f4bcfd80a66a4693c18383271aaf6d345d812b18e9a100c7f715ed89a8627cbe |
| SHA512 | 692041309d75a8456eb0fafe0c0ed3fbddcb8e34a1d4248ef48d35d10d71fe0eb1bf1a3def082cf0d4f3183696ceb79afe7b62ab03be1012bd3711706470eed6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7d4e4a0c3edea142f044386bb95f4650 |
| SHA1 | 2f163a94285718a4904d0eaea3c1b870842cf4e7 |
| SHA256 | 6fdebfc2e3186c2c9e8f2a2f28486ba62db72389dc6ee240c33d5f15319b7304 |
| SHA512 | e0af6666f56d04e69bc45dffe82fa0588ba5bc186df9551a22714e35a69149f68c52a02925953b0e0448d5ced60ac0e290dfd4146c56723ddb96f01ee9c5d268 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 653ad2a2df99faaeb78bb22ffae9ccf1 |
| SHA1 | a06af5c68a8f7663f1aa66043d0131811733a6c0 |
| SHA256 | 03b5446e7a6cf54b67c6c8217dfa6216f28a06b421a0a382a1f8f791d3ee5bc6 |
| SHA512 | 4b518f3fd5bfb673d5f74188399ce1658b12d646069da7aa385be50a8c91a8492bc16ce3036409dd4f0954eef057eb4c544feeb4fd7e6a02392b0bb33b15d681 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d00a57b12e62c13098a76679cbeed297 |
| SHA1 | afb12477a9af6596ef6d3c6388f9769af059f76c |
| SHA256 | 85a46332ccce121525b7b59823fde3583660a522f7cd03482d62b2a16d494454 |
| SHA512 | db75851b73813738413313842e4238aa106f6f9e7b181f5f9f8ecbd449e2e1a3b0c1b4c95e658b23a5e60d14fe712de9f600df46e60fd5edc30cbe932d34b842 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ad1c03c6a73ea8db0639da7d5677c770 |
| SHA1 | a6257e2909a7c095421f099b64b8662ca7cbfd01 |
| SHA256 | 553fb2fbd49fa5a0939270321e63275ddb0caf3a80221e911a9fcba968459a36 |
| SHA512 | b95a30661d01ccdf93565ef195361eeebc65dfdbccd4f68715728d47532129090f0c8a305ede35e32b64588f938f7dc4769e526d3a6f5bc444461de8e58f9a05 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c5fca9c33e8de8851ccff85b557c874b |
| SHA1 | 0f729c7fec10dd10f2d325b3deb101f8095c2f17 |
| SHA256 | a3f9b133d412eb9f53d60ea33a48a8cd10c0421e0ba234eb31f3b46b8bd47f67 |
| SHA512 | d4ceb64f3b2f239207286aea7268b639fc8aadbe3118753d03850a59a47d8bbcfc7c51756f4c0fd1ae473b41927d01bf8b315b4e911bc2dcf934943a3b91dc08 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7aaf81fb4ae011ec60a25d2233d26a50 |
| SHA1 | 15eb2c1baefc89ac26630eae61d8476fcf15e5e1 |
| SHA256 | 3b5fca8f2019f23de01332ace5958b9d8c143a0c559169bb0822ccd564b48ae6 |
| SHA512 | 2a6e24e8100176c1a326958527bfa2f18ddd9f7abeb77e5ab75680bf7b49ad5b3869e1c5fee576afa8b56bf6bd0e925ff5214f9d46ae5630b00cbaacea9aec8d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fbb974d2b77d8276915e79953c3209ac |
| SHA1 | bd16e5819299ca1f6a0663663ed090e7fdf5504d |
| SHA256 | 48d77287166041d80e47dd0a19244d859c62553b3e065712219c3748056ac68f |
| SHA512 | 790f43e4cd6b0d36eb42e24b06a17fdd796777c0f1d9eb17add5bb64551f3cb57a9b035f5b0e1756f1a54c31e7bba72a16375514b1d5bc2aef25985c6e33d1d2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 639b91692c7e1076352012c922a2e0d4 |
| SHA1 | 9ff7c075a78dcec2d13a52eaf28753b3059ee5e8 |
| SHA256 | 029ac477045d3991ef7168e810710a3fa83020011b79a132f94192ae3b88d28e |
| SHA512 | 3f187e03a94512f54f45c0f3865dbcb36a78454882b66bc1860e8973eda41319429a95ada142b83716eac2b2f76836f0b730d682857a67251ec63809095de752 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9bd337f4e1690b66098cb693981c4385 |
| SHA1 | 6dd1f6ba29ac0a567fb8d74478ed8058a79c3ec9 |
| SHA256 | d3ef53b83229f4e912d99f96c908f723084ac737512952f5485cb98eed0a3ffd |
| SHA512 | 0c4f582e1639ce46182e7bc35a719be636765a34b03eb0872facdcb51108b844e180720ec5c12f2acbe5ceec65f44eef20cdf6520116975b1f84571c0881d930 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | af0a94b1b31ac4b4612df0969fb5b38c |
| SHA1 | b4071ce46f1cb52694001d4144a4698d92c0e48c |
| SHA256 | 8a02a25ec75dd76b7302a02420cef7ffcdfb015b815a5fc2dc4180f4c885bd94 |
| SHA512 | b871bba311f1bb91d1b12caab3f17910f67c7ff14fe34a18b08c51d309331fda5121725f571618cf9e7016af0a2ebb3a7c7e79cc1f5d57d5a4b66ad6d4f0cdc6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 879238acbb1f7cf240085b5378838827 |
| SHA1 | aaa3a58a137f1f1fcd88a7667a7e0c4325622061 |
| SHA256 | bf0dc83df523ddd7a868724ed6c705b3ea6504706cf63308e7a0857aa07a2feb |
| SHA512 | 207fb368c2a6f4ac3a6273e76a51ef8a2ccf48d06d40e5b63e639ee0e988739611a1239bf3221d4f0bc88bac207fa8e8e27dfa6b67e1797389cee054c5103d01 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | baf10d9c7bd95f85c3b0159d25ccacde |
| SHA1 | ee9cc778160f6b045238a3df9193a5639edbdfb6 |
| SHA256 | c7de77ae185bf2411651e98dc116964e831264eeef4b2ca47e87c0becd9289d9 |
| SHA512 | 62306c225765e675d11fbf481b01cedacf92fce165433371de19bf86246023736266b29596213622bb56a7554655b78a5479ceb10552b0c23e45905e3f43af31 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e62df175eaa2491acbfe6aa31aca22e4 |
| SHA1 | 071673f210ea6fea439a87a60004c5057ee88951 |
| SHA256 | f7253870c6ae55b16d1e02ebfc018162ea6bb94a93a59aea01118450ae3f0649 |
| SHA512 | 8e0ff0fd1e9bd815e79e6776a98eca98f7c2b52126292ad38bd283d1803129cb0f6ece7153d398d483e3a6a8a571ef306347737bfe617cb8d4282659e4e8787d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ad5c827c101efc38a6effeb1bf20ac1e |
| SHA1 | 0a323a547de532028c7d73cada8f06f29be75780 |
| SHA256 | 575144e586c383b10f4f5cfc0c95267d01cf1dd279064b6e7ec8205f229e99d6 |
| SHA512 | af4337ca7b8a2a71633179ad779fad3ca623e209e2d259ccd62beebe75611182b6847652c298e58bcf7e2db5c4efe368711e3cd4d2e7e88d2dc50e65fc7534c4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6d83b63df3e8123fba87f70c68a1f588 |
| SHA1 | 5e3f286e7c95cdfe89bde49ff3cb113f3418d54c |
| SHA256 | d38018429d5756aba3fdf65c72b51c0e46503198adf758f57a9ee001d7128858 |
| SHA512 | 9414da159c18db88b8a234204a14f9fbb07350bcfdf8caa353356d2c37ad6681764077162af967d0b4e03a2ffa3daf64ec8b74d526233ae37156c9ad20c09e2a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fbccb16ba3b682969653dbb3b3e2cc37 |
| SHA1 | 83edb79d538346f4426e342cce903c2fb928b666 |
| SHA256 | 2ecc680481566ce776c51f0a93c9565f99f76e01d452a260dd74f535c4fcd42d |
| SHA512 | d3271d44b294a98bb5cac1754e2d8a336182d0e1a76b0a5dc789d7f3ed006853bf82c939269236fde013750474b3732d6e012ce94c4d93e23b425e3e80f7c22f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4e0abc9af446e440b6821a1ab58f1d1c |
| SHA1 | 7f33ed8d82da9dd2a18b614eeab2c01d01320375 |
| SHA256 | 5aaaa0f108ecab6f76c9264922436526c7c7a5276a6f9bc14e5b5a738caf1aee |
| SHA512 | 13613355fcebb2a64f43eeb399631ac977763b425c768b40f605bfa097214410ab3ca711ed21a116b99f076b509c9dbf4070365c094fd1f778b51336aa9e130f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | be70c943ccbf09357dd500ef02b312aa |
| SHA1 | 9b06e25698be5a2fd48d0aec042712abac06feaf |
| SHA256 | 5559214edcf25aba5b729b3b834e834f89b936b3c6a591292fab39c3c200b17e |
| SHA512 | 4b3bf6e7c6a893b6105228033af8a927c57576559118a5e99a39cb730b6d5d41ed325188b761eeeca1302586ba71779e0c6c6215fe559569bd7dd2ad462de378 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bb1dcb13f5421ea8b3ea84df7e5752e0 |
| SHA1 | bacb5adb8186af483f47124f134ce4edb67f6d53 |
| SHA256 | 339f21207f51a2c527bcdda1d444cb2238befd733d904fa468db43b6a2317fa0 |
| SHA512 | 8987eaecb97ef489c3fd0522cd199ab1000295938902b590811ba0a23b96ccf060a44f89b4c527c92974b4a552cb07933c1861ef45ac16a60ed4e74bd36ca38e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 948d665edd2443f80c6d500a41cecca9 |
| SHA1 | b212a36c4e1a254a5cb442fcf1715747346ce497 |
| SHA256 | 61545b6f32a10c82c95283d94819abc99d445bcdfa10639fee5089ba602e3f36 |
| SHA512 | e9f08e631d595bbb10a2a74677ab6b392445067815efeac9fa8bf4f94794c4a2c3f6dacbf00cc94ccf683cdf041c13d024b0169830540215f1ab65d600f0cb07 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 385b92daa3b7d044f4e652efc3b0ce43 |
| SHA1 | ae0bde3c75368c14b78b5a17454cbf59c86a9a51 |
| SHA256 | d166ce137d875997134ef1aa9b0a32cdee594f46483912f5da75030137909c02 |
| SHA512 | 12d103d46a14b73550853fa7af020aebd5703b57c7ef32e38b8be6e4ceca695fe203b9f6ef72b74e22286a69f84513a1e238b8bca7199c15d17b69859eefe517 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 30d22b65533ab7f17efd6a3efd9a2685 |
| SHA1 | cdb22bf50eb4f116ce876cc6ec9306bb14871ddc |
| SHA256 | 14506ed822c365bbf0950f5742a4ec01c5654ceb13b79a6c6d790fce22577f40 |
| SHA512 | b2a0bf26ea39a2be2effbae6aadd7d5588194937596b307343c2ca3393b2324bb1122d6e8dfdb967aa1bfcfeecc94d60761d7542867098783387cf253ae10581 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 094a324d1b4f36d3195e0fd44fb5f314 |
| SHA1 | 3f8c2476b4fdf2ab2f5124db075220fb1f587acf |
| SHA256 | 8bdff387c28295bccc83edff47fa8e66fbc8fd75923c49ce935428a353c3a9cf |
| SHA512 | 587e282e49c599092f71e01e2e360b7c377ccce5d64b27b8dcfa3e0a9e7be020f079a987a5616226d757ad4d83ee1df85c7df9711a34d541f69d01b278480734 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cefd7b122e71c5854fc03aa4346e8796 |
| SHA1 | 6a413d3c6afd18ff3edea76265a1034b2ea49ceb |
| SHA256 | 955b5b7ba2a21510baaedea8a5e99b01d4e42c1a52c1644fa1787339036acd9b |
| SHA512 | 1488a4bc4e31e719024bcab8df64827b55cfa288b34f35397e6ecb270ceb350ddb82fd115c4faec46d70ff59e6e0933999b43a1cfa49284569f498588fc08ac4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0c4a3e3984fa86bf2edbfb00f70d1fc6 |
| SHA1 | 1a182bbf09583c4acd919a83589c4ab38eb532ce |
| SHA256 | f792adcb29535c68b52be01f75910ab07d5063fea57d0593c7024892a9716a02 |
| SHA512 | 856d4b5ee2939ae20940c6ba8e61468986e54cd168b63b5a5511cf83616762385a0e9b57ae9f547675b8fc1c39fc39a04d09fa2b677447f7b8c3aa57ac27ef3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 617c269ffc924eddae28e9e2e1bc0aec |
| SHA1 | c6854699765876625432c0e498ac1d8bfa984b9b |
| SHA256 | 891fe92d0206dd14cb0b2c0f59e058aba5963d49fccee9dbe737f67189a9c62a |
| SHA512 | 6183a67f2c5d25ba026888fd1b4fee8a2c15906c3523a56905d3c72f217b1f2dbf300861ac5f8c03cfde34b0ddd048307ee6301e9177c940b17a33bea911a640 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | edddf04f41cae2119ba42d0bd6938602 |
| SHA1 | a5dac618776b96d6058925b943fb21716b1bc993 |
| SHA256 | f1cdb184fc295007a73ac97cebafa0e7411eb714e9b3f40bd939e46ddedf5074 |
| SHA512 | 9323eb6176383e0d3164b8231b59e72517cfe456ebaa78f8e896844b12210f3dad0d10a6a3f38aacf62c954fd4dae595d8ccda292e186e70d07e0d9b74e0f91e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9ff61fa6c02bfd684b2e532a0933fda7 |
| SHA1 | 38c88d5f979a386e97f31aa920220c1df16f0a1e |
| SHA256 | 891e8451d1e0c2c556c33dbf25fbd825cbf8373370c29c219e5fca280989881a |
| SHA512 | ef9a2ece5a300a2dd7ce5bea63271741ef57311d0111424fc99819559ac800696fc2e25dc58ac17ef87fafb9e93b4e63ec86aa8b14fad5b72e9821fb3fcdab2a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3c1a62b519a56badc5b0258b45c4773e |
| SHA1 | 7c6f0b8225425b862fe0187751e992588f8f7ef9 |
| SHA256 | 92cf0e290dc44d0b983be45d33c90b222edec3c6b8462149269311f6eec11338 |
| SHA512 | b90d39dc88f9cf3018cb328807ddfb0e77529920ac1c08d583bc32a59ca8f5ec3fe8dcd5a33bdca9526d24def0a7f2a506c313738cc41354948608730907b8fe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 84654a09a164ff7ea63998ebcb4e0791 |
| SHA1 | 782843314976b5c7e57fc7cdc99f2b7dbc61c2e0 |
| SHA256 | 8bd019847c39dfc410474a7c8b0079e036ab4a66af5c4fcdbae3f62ad4fd8586 |
| SHA512 | 01b6a5dd37933d3d867bbae971b9cf0dd0e59fe3d8a3d1471111fc32c60e1f2d23cb313752e665028806f068ee78180a3e30d4cc8d2b3e207d8d22522ec17804 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 193dc9bfc05771e80a10ba81f2b3bec3 |
| SHA1 | bb43908ded60a9224f1965265d95c68296f78352 |
| SHA256 | 2e4284f55371a884251e6db2d40d97d4888804982e26c537e976cecd8930d541 |
| SHA512 | 3a24756fb085cc6085a48235bb082ceef9c0df6fdf1c54bc4e6b9b911d01b947f90d0deea78c96c1e583e512af8a1b1524dcb11dc579fc5c3f01f4c13418113c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a43cb74804a1779aa1c42c5434cfb092 |
| SHA1 | 6073d5b6253322ab5745483438e6fe9dc393a03a |
| SHA256 | 2c3282fea510a5588131d83972e3148e911de8da17cddfd8d3e664db9bd20845 |
| SHA512 | 1eb62c60ab19a62c3fb1424d1aadd3fce494f2be0f5ae947fe699cea85484757d2f69c6855c0a4ecf25e15163d368dda964af0aa86a8e932bec846e525e35ca0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0e160b926ddb0f0dba9b08e646367eeb |
| SHA1 | f130f134338da48da248ef7029b592a7dfa6729c |
| SHA256 | cfc5e0e16c198ec8a00923b49c3e50f89fce176e2105c89a346c24cac6ddc6be |
| SHA512 | 1f6367eed9dafc4165ede71fe0ffd331009b4b6841c2d265e9215f97b6a7fddacaee9d5c05951d990c1afc4f4eb989ca1cbb142e533fcea5e916f43e39bec304 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 763dd6a3fd08cc31aaa448f7bb3a267a |
| SHA1 | 78a7810f9ae56012d85ba0fcb79d8275f3df594a |
| SHA256 | b7d9094e5ac176fb03b65f6fbaef9f4f489930614885481d752df454254cd368 |
| SHA512 | 098caf58fd910d8f6c4a408b570a4b055f2b2a2cbc48073180428c7dad696d83da39f52f4a3f8c39fd0303c45d1fc6a01b54bb22e1d28dac85bc615fb0a5d01b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 19864c6c81d73a18009bc35c61f7a0bc |
| SHA1 | b3ee383933587b171c4ad17d41938d3a0a8fe5b1 |
| SHA256 | 9bdf73003e1e5bd6b8b05a39992c536653b07aaee9df8760a7bb29774646db37 |
| SHA512 | 805c7e9ab4dd2157e5fde56d45ab92bea4f52bc1ff4291cdb1ce63fe699e0d666cc71836ee81472fba8d385fb66cb6d3a4302f224c8ad5780e6e0612d26cbacd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ebfbaee1043e4c2e2ad8f376d1a2f153 |
| SHA1 | 1b190878ce736ebd7f74810f61dc8b1dda9c7aeb |
| SHA256 | d3a3dd15959194fe3a27678191c4e6732c2a60b02c0efb86efc70fa0b5646c20 |
| SHA512 | 51beb5d4665c60b9229b01fb9f604239901b704770219786e9375046de3d4fae7cbbf4cbf74a4a1726922aa81831d6664d60a93cde495b3da1303964ac26b821 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e4351a83dbd1b3506c9a997dad75ba8a |
| SHA1 | 98059027f9343a6376cfaa5f1a5098061e90ab09 |
| SHA256 | 2e9b4df553918bc5e25f94e4bb0dc33cc85c2e4e698c8ee62f7d86798adc4669 |
| SHA512 | 20dcad719449f58090c3b2fce688705808ddd55468614c00a2a69c121787e8a4abe44667577af64763171aca9b2500cf990e85a5ffa26ad6d5b73e04c76a36fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4593ba38e03851469fc2c4f031129a51 |
| SHA1 | 0cc6c384630c23dd27548d6881e0f7008dbc44b8 |
| SHA256 | a69b5eefdaae13a3f6e1b3c7db692783550d7fb28b7821d4c5b2c53bb724b1ad |
| SHA512 | 27ccc7e54b8557cd8dcc9fe484746c870e71e43af63ae2702754c282346094bd67ebbce26756d6c4b9de17e72e4fc5fec1731b8d566b76f060fea8b72d113c55 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a4b541cf9c6a1fe6fccc11a3385d3c42 |
| SHA1 | 45a3f6997d9b5df387a5a1e73cb43f4582dbef34 |
| SHA256 | 734e60cdc0f52a245524268b0904226091eebd6f111a877bc0186da0b730ea09 |
| SHA512 | 51d0be2858ddb7fc75209ace1dd6591443f3da407199a9e73814e4df03f16113c7b6ae66f13f6728bb4c518a67bdea9a9c77ec5354bdcc63e985686e6c823ade |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3ae8beb17aa8bd8563a994d1789a9f4b |
| SHA1 | 7b3d1967807de788b050baf6f0033c81059b5cf4 |
| SHA256 | 74dd9f165611d5bf0cca0a11fefa349db9f10a6993483fa6cf07793761cf376b |
| SHA512 | 45ac18c94cc35fb13cc9ec3c069d6fc2d0009e0639cf7901e7bbec60fddc1f9fa3331dbd155e5a7a69fe29eae9f215db2a02e00c2499794459dfd034147672aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f09475fee7cd8f51ac1918360b183b37 |
| SHA1 | a0a8da8a139fd77fd260a3630d7716c107bbfd8a |
| SHA256 | 214653678f03437ef8356b0e3bddfcf69b4187eaa1c3388c1a5831394df9735d |
| SHA512 | 292a91a855e51980bcadf4f33eb70a42864f136e562d9a7f5df47d5ba7f3b53e6ca09b729ad7cd7719ca0f7a9b737282d18785ed5ef2c8d20ca704205705eea3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5b4659cceeef560a671898c048f9e03e |
| SHA1 | ea91769d4c53af8cf9fae14585d5b0559dabfebc |
| SHA256 | 70f9ae5a6667ec6474ffcf2066ae80afafbacbb7832dd335933e9eabaeb88d0f |
| SHA512 | d4eca072e0399c366cdb0bb506c2f48fac8cb8ced5e123730e72e0de388398bfbcaf13249258362e1290ba23aa4035effc024036f4caca8cec48f4809941b1cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 82cd48dd91eb9197c01f4b3395ad0f29 |
| SHA1 | a305d74a3468c6eaac8b4a0e135794765449c776 |
| SHA256 | ddda793c839bce448131d46d6e750b6d9fb6177b15ce925de296df0344e68c77 |
| SHA512 | 682c81659870df8696d27ecd9a08b277e30fae06283fe6c590cd9b98fc45b4350c70576181e8e9b2c80852d286fa65c5ec725af9b2d89c8234d8ebca522e1f07 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 362b886fba53462a8216a2850b1b1895 |
| SHA1 | d5db5f5cbcd7b2ab072ca203274dbb3d1d59a5bf |
| SHA256 | 50a46a7b09581d776e2367f8772521079dddc2ece8f2a1ee075447b88409e736 |
| SHA512 | bc45bd519de0cc6f95c93a07b3bfe1a2deb66ec0dcdcefb14c6a9aeb23d6e7a759d716c2796ae4d6e30124aa811c2ba1ac66d14a79ce2394af846893739e5736 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f920212feb420b8ac941d32a732dcd58 |
| SHA1 | 63ec8fea9e0ec93a6814c8a76a39091ddb4a8b05 |
| SHA256 | 569d2ef72ebd3eee541849f99fde1914b9055adee5de534c15c0b7d0f804cb46 |
| SHA512 | 6be14f133bafd54760697da7f2ba2c850186aee41ededef044ec4d6e5e506f77706261edb25366acf52e88442a208d1fdb7d3e663ad8ecdaf3d7b30b612a5747 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 70e760502bba3a16b4fa79e226101d51 |
| SHA1 | 4f2b7a289d15a2b40872995b05d2e1a01489ec8d |
| SHA256 | c84351cf8dcccee2c6610e5ce31448e787dcb4a8c6301311c7596277f264b2e1 |
| SHA512 | c5d3409f88fa21d57e6c0c81bf2c3ff0bb11ff1e2f37639d65cb4d11eac86901389a3d8247344b1d0083394349d6d950ffb2f965f1d2998a1404f41cdc5d4b46 |
Analysis: behavioral9
Detonation Overview
Submitted
2024-08-28 02:13
Reported
2024-08-28 02:43
Platform
macos-20240711.1-en
Max time kernel
1019s
Max time network
1799s
Command Line
Signatures
Processes
/bin/sh
[sh -c sudo /bin/zsh -c "/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w"]
/bin/bash
[sh -c sudo /bin/zsh -c "/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w"]
/usr/bin/sudo
[sudo /bin/zsh -c /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w]
/bin/zsh
[/bin/zsh -c /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w]
/bin/launchctl
[/bin/launchctl kill SIGTERM system/com.microsoft.OneDriveUpdaterDaemon]
/bin/launchctl
[/bin/launchctl kill SIGTERM system/com.microsoft.OneDriveStandaloneUpdaterDaemon]
/usr/libexec/xpcproxy
[xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E]
/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
[/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.diagnosticd]
/usr/libexec/diagnosticd
[/usr/libexec/diagnosticd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.newsyslog]
/usr/sbin/newsyslog
[/usr/sbin/newsyslog]
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 35-courier.push.apple.com | udp |
| GB | 17.250.81.67:443 | tcp | |
| US | 8.8.8.8:53 | cds.apple.com | udp |
| GB | 104.103.245.125:443 | cds.apple.com | tcp |
| GB | 17.253.77.202:80 | valid.apple.com | tcp |
| US | 8.8.8.8:53 | help.apple.com | udp |
| GB | 95.100.245.89:443 | help.apple.com | tcp |
| GB | 95.100.245.89:443 | help.apple.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | lb._dns-sd._udp.0.0.127.10.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50-courier.push.apple.com | udp |
| US | 8.8.8.8:53 | 5.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 16.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 48.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 24-courier.push.apple.com | udp |
| US | 8.8.8.8:53 | 38.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 48.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 26-courier.push.apple.com | udp |
| US | 8.8.8.8:53 | 8.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 9-courier.push.apple.com | udp |
| US | 8.8.8.8:53 | 49.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 25.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 0-courier.push.apple.com | udp |
| US | 8.8.8.8:53 | 50.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 46.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 12-courier.push.apple.com | udp |
| US | 8.8.8.8:53 | 8.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 21-courier.push.apple.com | udp |
| US | 8.8.8.8:53 | 15-courier.push.apple.com | udp |
| US | 8.8.8.8:53 | 38.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 4.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 29-courier.push.apple.com | udp |
| US | 8.8.8.8:53 | 34.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 26.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 20.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 47-courier.push.apple.com | udp |
| US | 8.8.8.8:53 | 34.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 33.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 22.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 11-courier.push.apple.com | udp |
| US | 8.8.8.8:53 | 38.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 30.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 27.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 35.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 37.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 27.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 49.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 4.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 34.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 31.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 37.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 8.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 35.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 44.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 46.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 29.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 26.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 24.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 28.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 6-courier.push.apple.com | udp |
| US | 8.8.8.8:53 | 27.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 11.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 15.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 31.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 0.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 47.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 40.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 46.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 37.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 50.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 43.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 13.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 4.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 32.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 16.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 26.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 39-courier.push.apple.com | udp |
| US | 8.8.8.8:53 | 38.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 31.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 13.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 10.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 28.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 38.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 0.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 34.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 22.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 49.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 29.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 25.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 22.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 15.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 6.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 48.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 20.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 49.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 39.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 9.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 10.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 37.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 48.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 36.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 32.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 38.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 23.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 8.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 42.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 3.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 50.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 37.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 42.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 33.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 18.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 12.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 41-courier.push.apple.com | udp |
| US | 8.8.8.8:53 | 28.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 30.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 35.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 33.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 19-courier.push.apple.com | udp |
| US | 8.8.8.8:53 | 16.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 8.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 22.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 38.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 6.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 1.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 35.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 12.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 39.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 21.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 24.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 46.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 37.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 50.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 49.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 9.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 43.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 1.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 20.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 44.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 37.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 33.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 27.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 15.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 11.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 40.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 3.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 7-courier.push.apple.com | udp |
| US | 8.8.8.8:53 | 35.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 46.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 30.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 14.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 29.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 21.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 42.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 5.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 36.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 49.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 22.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 34.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 11.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 1.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 23.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 49.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 27.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 1.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 26.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 9.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 44.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 33.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 9.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 29.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 46.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 0.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 8.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 17.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 42.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 45.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 9.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 1.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 47.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 31.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 29.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 34.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 44.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 13.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 24.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 39.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 21.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 19.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 6.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 33.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 24.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 31.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 15.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 33.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 8.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 36.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 20.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 47.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 21.courier-push-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 18.courier-push-apple.com.akadns.net | udp |
Files
Analysis: behavioral13
Detonation Overview
Submitted
2024-08-28 02:13
Reported
2024-08-28 02:13
Platform
debian9-mipsbe-20240418-en
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral18
Detonation Overview
Submitted
2024-08-28 02:13
Reported
2024-08-28 02:43
Platform
ubuntu2404-amd64-20240523-en
Max time kernel
0s
Max time network
1730s
Command Line
Signatures
Changes its process name
| Description | Indicator | Process | Target |
| Changes the process name, possibly in an attempt to hide itself | pool-spawner | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | gmain | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | dconf worker | N/A | N/A |
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/kernel/security/apparmor/features/domain | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/io_uring | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/ipc | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/network | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/ptrace | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/signal | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/mm/transparent_hugepage/hpage_pmd_size | /usr/lib/snapd/snap-seccomp | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/dbus | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/namespaces | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/network_v8 | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/policy | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/query | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/rlimit | /snap/bin/firefox | N/A |
| File opened for reading | /sys/module/apparmor/parameters/enabled | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/dbus/mask | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /sys/kernel/mm/transparent_hugepage/hpage_pmd_size | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/file | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/mount | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/caps | /snap/bin/firefox | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/2522/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/mounts | /snap/bin/firefox | N/A |
| File opened for reading | /proc/self/mountinfo | /snap/bin/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/cgroups | /snap/bin/firefox | N/A |
| File opened for reading | /proc/sys/kernel/seccomp/actions_avail | /snap/bin/firefox | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/2506/status | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/cmdline | /snap/bin/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/2506/attr/apparmor/current | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/sys/kernel/random/uuid | /snap/bin/firefox | N/A |
| File opened for reading | /proc/sys/kernel/cap_last_cap | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/gsettings | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/gsettings | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-launch | N/A |
| File opened for reading | /proc/2501/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/mounts | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/2587/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/gsettings | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/2575/cgroup | /snap/bin/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/2577/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
Processes
/usr/bin/xdg-open
[xdg-open https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/bin/dbus-daemon
[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/usr/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root]
/usr/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/grep
[grep -q ^Enlightenment]
/usr/bin/uname
[uname]
/usr/bin/grep
[grep -q ^file://]
/usr/bin/egrep
[egrep -q ^[[:alpha:]+\.\-]+:]
/usr/local/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/local/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/bin/sed
[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]
/usr/bin/xdg-mime
[xdg-mime query default x-scheme-handler/https]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/usr/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root]
/usr/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/grep
[grep -q ^Enlightenment]
/usr/bin/uname
[uname]
/usr/bin/sed
[sed s/:/ /g]
/usr/bin/grep
[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/sed
[sed s/:/ /g]
/usr/bin/grep
[grep -l x-scheme-handler/https; /.local/share/applications/*.desktop]
/usr/bin/grep
[grep -l x-scheme-handler/https; /usr/local/share//applications/*.desktop]
/usr/bin/grep
[grep -l x-scheme-handler/https; /usr/share//applications/apport-gtk.desktop /usr/share//applications/bluetooth-sendto.desktop /usr/share//applications/display-im6.q16.desktop /usr/share//applications/gcr-prompter.desktop /usr/share//applications/gcr-viewer.desktop /usr/share//applications/geoclue-demo-agent.desktop /usr/share//applications/gkbd-keyboard-display.desktop /usr/share//applications/gnome-about-panel.desktop /usr/share//applications/gnome-applications-panel.desktop /usr/share//applications/gnome-background-panel.desktop /usr/share//applications/gnome-bluetooth-panel.desktop /usr/share//applications/gnome-color-panel.desktop /usr/share//applications/gnome-datetime-panel.desktop /usr/share//applications/gnome-disk-image-mounter.desktop /usr/share//applications/gnome-disk-image-writer.desktop /usr/share//applications/gnome-display-panel.desktop /usr/share//applications/gnome-initial-setup.desktop /usr/share//applications/gnome-keyboard-panel.desktop /usr/share//applications/gnome-language-selector.desktop /usr/share//applications/gnome-mouse-panel.desktop /usr/share//applications/gnome-multitasking-panel.desktop /usr/share//applications/gnome-network-panel.desktop /usr/share//applications/gnome-notifications-panel.desktop /usr/share//applications/gnome-online-accounts-panel.desktop /usr/share//applications/gnome-power-panel.desktop /usr/share//applications/gnome-printers-panel.desktop /usr/share//applications/gnome-privacy-panel.desktop /usr/share//applications/gnome-region-panel.desktop /usr/share//applications/gnome-search-panel.desktop /usr/share//applications/gnome-session-properties.desktop /usr/share//applications/gnome-sharing-panel.desktop /usr/share//applications/gnome-sound-panel.desktop /usr/share//applications/gnome-system-monitor-kde.desktop /usr/share//applications/gnome-system-panel.desktop /usr/share//applications/gnome-ubuntu-panel.desktop /usr/share//applications/gnome-universal-access-panel.desktop /usr/share//applications/gnome-users-panel.desktop /usr/share//applications/gnome-wacom-panel.desktop /usr/share//applications/gnome-wifi-panel.desktop /usr/share//applications/gnome-wwan-panel.desktop /usr/share//applications/hplj1020.desktop /usr/share//applications/ibus-setup-table.desktop /usr/share//applications/im-config.desktop /usr/share//applications/io.snapcraft.SessionAgent.desktop /usr/share//applications/libreoffice-calc.desktop /usr/share//applications/libreoffice-draw.desktop /usr/share//applications/libreoffice-impress.desktop /usr/share//applications/libreoffice-math.desktop /usr/share//applications/libreoffice-startcenter.desktop /usr/share//applications/libreoffice-writer.desktop /usr/share//applications/libreoffice-xsltfilter.desktop /usr/share//applications/nautilus-autorun-software.desktop /usr/share//applications/nm-applet.desktop /usr/share//applications/nm-connection-editor.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Emojier.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Extension.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Wayland.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Setup.desktop /usr/share//applications/org.freedesktop.Xwayland.desktop /usr/share//applications/org.gnome.Calculator.desktop /usr/share//applications/org.gnome.Calendar.desktop /usr/share//applications/org.gnome.Characters.desktop /usr/share//applications/org.gnome.DejaDup.desktop /usr/share//applications/org.gnome.DiskUtility.desktop /usr/share//applications/org.gnome.Evince-previewer.desktop /usr/share//applications/org.gnome.Evince.desktop /usr/share//applications/org.gnome.Evolution-alarm-notify.desktop /usr/share//applications/org.gnome.FileRoller.desktop /usr/share//applications/org.gnome.Logs.desktop /usr/share//applications/org.gnome.Nautilus.desktop /usr/share//applications/org.gnome.OnlineAccounts.OAuth2.desktop /usr/share//applications/org.gnome.PowerStats.desktop /usr/share//applications/org.gnome.RemoteDesktop.Handover.desktop /usr/share//applications/org.gnome.Rhythmbox3.desktop /usr/share//applications/org.gnome.Rhythmbox3.device.desktop /usr/share//applications/org.gnome.Settings.desktop /usr/share//applications/org.gnome.Shell.Extensions.desktop /usr/share//applications/org.gnome.Shell.PortalHelper.desktop /usr/share//applications/org.gnome.Shell.desktop /usr/share//applications/org.gnome.Shotwell-Viewer.desktop /usr/share//applications/org.gnome.Shotwell.Auth.desktop /usr/share//applications/org.gnome.Shotwell.desktop /usr/share//applications/org.gnome.Snapshot.desktop /usr/share//applications/org.gnome.SystemMonitor.desktop /usr/share//applications/org.gnome.Tecla.desktop /usr/share//applications/org.gnome.Terminal.Preferences.desktop /usr/share//applications/org.gnome.Terminal.desktop /usr/share//applications/org.gnome.TextEditor.desktop /usr/share//applications/org.gnome.Totem.desktop /usr/share//applications/org.gnome.Zenity.desktop /usr/share//applications/org.gnome.baobab.desktop /usr/share//applications/org.gnome.clocks.desktop /usr/share//applications/org.gnome.eog.desktop /usr/share//applications/org.gnome.evolution-data-server.OAuth2-handler.desktop /usr/share//applications/org.gnome.font-viewer.desktop /usr/share//applications/org.gnome.seahorse.Application.desktop /usr/share//applications/org.remmina.Remmina-file.desktop /usr/share//applications/org.remmina.Remmina.desktop /usr/share//applications/python3.12.desktop /usr/share//applications/remmina-gnome.desktop /usr/share//applications/rygel.desktop /usr/share//applications/simple-scan.desktop /usr/share//applications/snap-handle-link.desktop /usr/share//applications/software-properties-drivers.desktop /usr/share//applications/software-properties-gtk.desktop /usr/share//applications/software-properties-livepatch.desktop /usr/share//applications/thunderbird.desktop /usr/share//applications/transmission-gtk.desktop /usr/share//applications/update-manager.desktop /usr/share//applications/usb-creator-gtk.desktop /usr/share//applications/xdg-desktop-portal-gnome.desktop /usr/share//applications/xdg-desktop-portal-gtk.desktop /usr/share//applications/yelp.desktop]
/usr/bin/grep
[grep -q %s]
/usr/bin/x-www-browser
[x-www-browser https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w]
/usr/bin/xdg-settings
[xdg-settings get default-web-browser]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/usr/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root]
/usr/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/grep
[grep -q ^Enlightenment]
/usr/bin/uname
[uname]
/usr/bin/xdg-mime
[xdg-mime query default x-scheme-handler/http]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/usr/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root]
/usr/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/grep
[grep -q ^Enlightenment]
/usr/bin/uname
[uname]
/usr/bin/sed
[sed s/:/ /g]
/usr/bin/grep
[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/sed
[sed s/:/ /g]
/usr/bin/grep
[grep -l x-scheme-handler/http; /.local/share/applications/*.desktop]
/usr/bin/grep
[grep -l x-scheme-handler/http; /usr/local/share//applications/*.desktop]
/usr/bin/grep
[grep -l x-scheme-handler/http; /usr/share//applications/apport-gtk.desktop /usr/share//applications/bluetooth-sendto.desktop /usr/share//applications/display-im6.q16.desktop /usr/share//applications/gcr-prompter.desktop /usr/share//applications/gcr-viewer.desktop /usr/share//applications/geoclue-demo-agent.desktop /usr/share//applications/gkbd-keyboard-display.desktop /usr/share//applications/gnome-about-panel.desktop /usr/share//applications/gnome-applications-panel.desktop /usr/share//applications/gnome-background-panel.desktop /usr/share//applications/gnome-bluetooth-panel.desktop /usr/share//applications/gnome-color-panel.desktop /usr/share//applications/gnome-datetime-panel.desktop /usr/share//applications/gnome-disk-image-mounter.desktop /usr/share//applications/gnome-disk-image-writer.desktop /usr/share//applications/gnome-display-panel.desktop /usr/share//applications/gnome-initial-setup.desktop /usr/share//applications/gnome-keyboard-panel.desktop /usr/share//applications/gnome-language-selector.desktop /usr/share//applications/gnome-mouse-panel.desktop /usr/share//applications/gnome-multitasking-panel.desktop /usr/share//applications/gnome-network-panel.desktop /usr/share//applications/gnome-notifications-panel.desktop /usr/share//applications/gnome-online-accounts-panel.desktop /usr/share//applications/gnome-power-panel.desktop /usr/share//applications/gnome-printers-panel.desktop /usr/share//applications/gnome-privacy-panel.desktop /usr/share//applications/gnome-region-panel.desktop /usr/share//applications/gnome-search-panel.desktop /usr/share//applications/gnome-session-properties.desktop /usr/share//applications/gnome-sharing-panel.desktop /usr/share//applications/gnome-sound-panel.desktop /usr/share//applications/gnome-system-monitor-kde.desktop /usr/share//applications/gnome-system-panel.desktop /usr/share//applications/gnome-ubuntu-panel.desktop /usr/share//applications/gnome-universal-access-panel.desktop /usr/share//applications/gnome-users-panel.desktop /usr/share//applications/gnome-wacom-panel.desktop /usr/share//applications/gnome-wifi-panel.desktop /usr/share//applications/gnome-wwan-panel.desktop /usr/share//applications/hplj1020.desktop /usr/share//applications/ibus-setup-table.desktop /usr/share//applications/im-config.desktop /usr/share//applications/io.snapcraft.SessionAgent.desktop /usr/share//applications/libreoffice-calc.desktop /usr/share//applications/libreoffice-draw.desktop /usr/share//applications/libreoffice-impress.desktop /usr/share//applications/libreoffice-math.desktop /usr/share//applications/libreoffice-startcenter.desktop /usr/share//applications/libreoffice-writer.desktop /usr/share//applications/libreoffice-xsltfilter.desktop /usr/share//applications/nautilus-autorun-software.desktop /usr/share//applications/nm-applet.desktop /usr/share//applications/nm-connection-editor.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Emojier.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Extension.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Wayland.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Setup.desktop /usr/share//applications/org.freedesktop.Xwayland.desktop /usr/share//applications/org.gnome.Calculator.desktop /usr/share//applications/org.gnome.Calendar.desktop /usr/share//applications/org.gnome.Characters.desktop /usr/share//applications/org.gnome.DejaDup.desktop /usr/share//applications/org.gnome.DiskUtility.desktop /usr/share//applications/org.gnome.Evince-previewer.desktop /usr/share//applications/org.gnome.Evince.desktop /usr/share//applications/org.gnome.Evolution-alarm-notify.desktop /usr/share//applications/org.gnome.FileRoller.desktop /usr/share//applications/org.gnome.Logs.desktop /usr/share//applications/org.gnome.Nautilus.desktop /usr/share//applications/org.gnome.OnlineAccounts.OAuth2.desktop /usr/share//applications/org.gnome.PowerStats.desktop /usr/share//applications/org.gnome.RemoteDesktop.Handover.desktop /usr/share//applications/org.gnome.Rhythmbox3.desktop /usr/share//applications/org.gnome.Rhythmbox3.device.desktop /usr/share//applications/org.gnome.Settings.desktop /usr/share//applications/org.gnome.Shell.Extensions.desktop /usr/share//applications/org.gnome.Shell.PortalHelper.desktop /usr/share//applications/org.gnome.Shell.desktop /usr/share//applications/org.gnome.Shotwell-Viewer.desktop /usr/share//applications/org.gnome.Shotwell.Auth.desktop /usr/share//applications/org.gnome.Shotwell.desktop /usr/share//applications/org.gnome.Snapshot.desktop /usr/share//applications/org.gnome.SystemMonitor.desktop /usr/share//applications/org.gnome.Tecla.desktop /usr/share//applications/org.gnome.Terminal.Preferences.desktop /usr/share//applications/org.gnome.Terminal.desktop /usr/share//applications/org.gnome.TextEditor.desktop /usr/share//applications/org.gnome.Totem.desktop /usr/share//applications/org.gnome.Zenity.desktop /usr/share//applications/org.gnome.baobab.desktop /usr/share//applications/org.gnome.clocks.desktop /usr/share//applications/org.gnome.eog.desktop /usr/share//applications/org.gnome.evolution-data-server.OAuth2-handler.desktop /usr/share//applications/org.gnome.font-viewer.desktop /usr/share//applications/org.gnome.seahorse.Application.desktop /usr/share//applications/org.remmina.Remmina-file.desktop /usr/share//applications/org.remmina.Remmina.desktop /usr/share//applications/python3.12.desktop /usr/share//applications/remmina-gnome.desktop /usr/share//applications/rygel.desktop /usr/share//applications/simple-scan.desktop /usr/share//applications/snap-handle-link.desktop /usr/share//applications/software-properties-drivers.desktop /usr/share//applications/software-properties-gtk.desktop /usr/share//applications/software-properties-livepatch.desktop /usr/share//applications/thunderbird.desktop /usr/share//applications/transmission-gtk.desktop /usr/share//applications/update-manager.desktop /usr/share//applications/usb-creator-gtk.desktop /usr/share//applications/xdg-desktop-portal-gnome.desktop /usr/share//applications/xdg-desktop-portal-gtk.desktop /usr/share//applications/yelp.desktop]
/usr/bin/gsettings
[gsettings get org.gnome.shell favorite-apps]
/usr/bin/grep
[grep -q 'firefox.desktop']
/usr/bin/gsettings
[gsettings get com.canonical.Unity.Launcher favorites]
/usr/bin/grep
[grep -q 'application://firefox.desktop']
/usr/bin/gsettings
[gsettings get org.mate.panel object-id-list]
/usr/bin/which
[which qdbus]
/snap/bin/firefox
[/snap/bin/firefox https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w]
/usr/lib/snapd/snap-seccomp
[/usr/lib/snapd/snap-seccomp version-info]
/usr/lib/snapd/snap-confine
[/usr/lib/snapd/snap-confine --base core22 snap.firefox.firefox /usr/lib/snapd/snap-exec firefox https://open.spotify.com/track/4hOBHTagUQY2jGiGnkMYbk?si=t3Gj2jJ8SWWL9q21P7MD7w]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | r10.o.lencr.org | udp |
| US | 8.8.8.8:53 | r10.o.lencr.org | udp |
| GB | 92.123.143.185:80 | r10.o.lencr.org | tcp |
| GB | 92.123.143.185:80 | r10.o.lencr.org | tcp |
| US | 8.8.8.8:53 | open.spotify.com | udp |
| US | 8.8.8.8:53 | open.spotify.com | udp |
| US | 151.101.195.42:443 | open.spotify.com | tcp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 35.190.72.216:443 | location.services.mozilla.com | tcp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 8.8.8.8:53 | www.mozilla.org | udp |
| US | 8.8.8.8:53 | www.mozilla.org | udp |
| US | 8.8.8.8:53 | www.mozorg.moz.works | udp |
| GB | 143.204.72.186:443 | www.mozilla.org | tcp |
| US | 8.8.8.8:53 | example.org | udp |
| US | 8.8.8.8:53 | example.org | udp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 35.190.72.216:443 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | r11.o.lencr.org | udp |
| US | 8.8.8.8:53 | r11.o.lencr.org | udp |
| US | 8.8.8.8:53 | getpocket.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | getpocket.cdn.mozilla.net | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | open.spotifycdn.com | udp |
| US | 8.8.8.8:53 | open.spotifycdn.com | udp |
| US | 199.232.214.251:443 | open.spotifycdn.com | tcp |
| US | 199.232.214.251:443 | open.spotifycdn.com | udp |
| US | 199.232.210.251:443 | open.spotifycdn.com | tcp |
| US | 8.8.8.8:53 | apresolve.spotify.com | udp |
| US | 8.8.8.8:53 | apresolve.spotify.com | udp |
| US | 8.8.8.8:53 | clienttoken.spotify.com | udp |
| US | 8.8.8.8:53 | clienttoken.spotify.com | udp |
| US | 8.8.8.8:53 | api-partner.spotify.com | udp |
| US | 8.8.8.8:53 | api-partner.spotify.com | udp |
| US | 8.8.8.8:53 | spclient.wg.spotify.com | udp |
| US | 8.8.8.8:53 | spclient.wg.spotify.com | udp |
| US | 199.232.214.251:443 | open.spotifycdn.com | tcp |
| US | 8.8.8.8:53 | api.spotify.com | udp |
| US | 8.8.8.8:53 | api.spotify.com | udp |
| US | 8.8.8.8:53 | daily-mix.scdn.co | udp |
| US | 8.8.8.8:53 | daily-mix.scdn.co | udp |
| US | 8.8.8.8:53 | exp.wg.spotify.com | udp |
| US | 8.8.8.8:53 | exp.wg.spotify.com | udp |
| US | 8.8.8.8:53 | i.scdn.co | udp |
| US | 8.8.8.8:53 | i.scdn.co | udp |
| US | 8.8.8.8:53 | lineup-images.scdn.co | udp |
| US | 8.8.8.8:53 | lineup-images.scdn.co | udp |
| US | 8.8.8.8:53 | mosaic.scdn.co | udp |
| US | 8.8.8.8:53 | mosaic.scdn.co | udp |
| US | 8.8.8.8:53 | pixel-static.spotify.com | udp |
| US | 8.8.8.8:53 | pixel-static.spotify.com | udp |
| US | 8.8.8.8:53 | pixel.spotify.com | udp |
| US | 8.8.8.8:53 | pixel.spotify.com | udp |
| US | 8.8.8.8:53 | pl.scdn.co | udp |
| US | 8.8.8.8:53 | pl.scdn.co | udp |
| US | 8.8.8.8:53 | gew1-dealer.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-dealer.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.24:443 | pixel.spotify.com | tcp |
| US | 35.186.224.24:443 | pixel.spotify.com | tcp |
| US | 35.186.224.24:443 | pixel.spotify.com | tcp |
| US | 35.186.224.24:443 | pixel.spotify.com | tcp |
| US | 35.186.224.24:443 | pixel.spotify.com | tcp |
| US | 199.232.214.248:443 | pl.scdn.co | tcp |
| US | 35.186.224.24:443 | pixel.spotify.com | tcp |
| US | 199.232.210.248:443 | pl.scdn.co | tcp |
| US | 199.232.214.248:443 | pl.scdn.co | tcp |
| US | 199.232.210.248:443 | pl.scdn.co | tcp |
| US | 35.186.224.24:443 | pixel.spotify.com | tcp |
| US | 35.186.224.41:443 | gew1-dealer.spotify.com | tcp |
| US | 35.186.224.24:443 | pixel.spotify.com | tcp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | tcp |
| GB | 2.18.190.80:443 | i.scdn.co | tcp |
| US | 8.8.8.8:53 | encore.scdn.co | udp |
| US | 8.8.8.8:53 | encore.scdn.co | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 199.232.214.251:443 | open.spotifycdn.com | udp |
| US | 8.8.8.8:53 | www.googleoptimize.com | udp |
| US | 8.8.8.8:53 | www.googleoptimize.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 172.217.169.14:443 | www.googleoptimize.com | tcp |
| GB | 2.18.190.74:443 | encore.scdn.co | tcp |
| GB | 2.18.190.74:443 | encore.scdn.co | tcp |
| GB | 2.18.190.74:443 | encore.scdn.co | tcp |
| GB | 2.18.190.74:443 | encore.scdn.co | tcp |
| GB | 2.18.190.74:443 | encore.scdn.co | tcp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| GB | 142.250.178.3:80 | o.pki.goog | tcp |
| GB | 142.250.178.3:80 | o.pki.goog | tcp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | tiles-cdn.prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | tiles-cdn.prod.ads.prod.webservices.mozgcp.net | udp |
| US | 34.36.165.17:443 | tiles-cdn.prod.ads.prod.webservices.mozgcp.net | tcp |
| US | 34.36.165.17:443 | tiles-cdn.prod.ads.prod.webservices.mozgcp.net | tcp |
| GB | 172.217.169.14:443 | www.googleoptimize.com | udp |
| US | 8.8.8.8:53 | pki-goog.l.google.com | udp |
| US | 8.8.8.8:53 | img-getpocket.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | img-getpocket.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | normandy.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | normandy.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | normandy-cdn.services.mozilla.com | udp |
| US | 35.201.103.21:443 | normandy.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | o22381.ingest.sentry.io | udp |
| US | 8.8.8.8:53 | o22381.ingest.sentry.io | udp |
| US | 8.8.8.8:53 | telemetry-incoming.r53-2.services.mozilla.com | udp |
| GB | 92.123.143.169:80 | r10.o.lencr.org | tcp |
| US | 35.186.224.24:443 | pixel.spotify.com | udp |
| US | 8.8.8.8:53 | web-sdk-assets.spotifycdn.com | udp |
| US | 8.8.8.8:53 | web-sdk-assets.spotifycdn.com | udp |
| US | 199.232.214.250:443 | web-sdk-assets.spotifycdn.com | tcp |
| US | 35.186.224.24:443 | pixel.spotify.com | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 35.186.224.24:443 | pixel.spotify.com | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | www.amazon.co.uk | udp |
| US | 8.8.8.8:53 | www.amazon.co.uk | udp |
| US | 8.8.8.8:53 | uk.hotels.com | udp |
| US | 8.8.8.8:53 | uk.hotels.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.reddit.com | udp |
| US | 8.8.8.8:53 | www.reddit.com | udp |
| US | 8.8.8.8:53 | www.bbc.co.uk | udp |
| US | 8.8.8.8:53 | www.bbc.co.uk | udp |
| US | 8.8.8.8:53 | www.ebay.co.uk | udp |
| US | 8.8.8.8:53 | www.ebay.co.uk | udp |
| US | 8.8.8.8:53 | getpocket.com | udp |
| US | 8.8.8.8:53 | getpocket.com | udp |
| US | 8.8.8.8:53 | www.mozorg.moz.works | udp |
| US | 8.8.8.8:53 | www.menshealth.com | udp |
| US | 8.8.8.8:53 | www.menshealth.com | udp |
| US | 8.8.8.8:53 | reddit.map.fastly.net | udp |
| US | 8.8.8.8:53 | e11847.a.akamaiedge.net | udp |
| US | 8.8.8.8:53 | www.vox.com | udp |
| US | 8.8.8.8:53 | www.vox.com | udp |
| US | 8.8.8.8:53 | bbc.map.fastly.net | udp |
| US | 8.8.8.8:53 | hearst-hdm.map.fastly.net | udp |
| US | 8.8.8.8:53 | www.womenshealthmag.com | udp |
| US | 8.8.8.8:53 | www.womenshealthmag.com | udp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | n.sni.global.fastly.net | udp |
| US | 8.8.8.8:53 | hearst-hdm.map.fastly.net | udp |
| US | 1.1.1.1:53 | r11.o.lencr.org | udp |
| US | 1.1.1.1:53 | r11.o.lencr.org | udp |
| GB | 104.86.110.232:80 | r11.o.lencr.org | tcp |
| GB | 104.86.110.232:80 | r11.o.lencr.org | tcp |
| GB | 104.86.110.232:80 | r11.o.lencr.org | tcp |
| GB | 104.86.110.232:80 | r11.o.lencr.org | tcp |
| GB | 104.86.110.232:80 | r11.o.lencr.org | tcp |
| GB | 104.86.110.232:80 | r11.o.lencr.org | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 1.1.1.1:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | classify-client.services.mozilla.com | udp |
| US | 1.1.1.1:53 | classify-client.services.mozilla.com | udp |
| US | 1.1.1.1:53 | prod-classifyclient.normandy.prod.cloudops.mozgcp.net | udp |
| US | 34.98.75.36:443 | classify-client.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | r11.o.lencr.org | udp |
| US | 1.1.1.1:53 | r11.o.lencr.org | udp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | support.mozilla.org | udp |
| US | 1.1.1.1:53 | support.mozilla.org | udp |
| US | 1.1.1.1:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 1.1.1.1:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | www.spotify.com | udp |
| US | 1.1.1.1:53 | www.spotify.com | udp |
| US | 1.1.1.1:53 | geolocation.onetrust.com | udp |
| US | 1.1.1.1:53 | geolocation.onetrust.com | udp |
| US | 35.186.224.24:443 | www.spotify.com | tcp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 35.186.224.24:443 | www.spotify.com | udp |
| US | 35.186.224.24:443 | www.spotify.com | udp |
| US | 35.186.224.24:443 | www.spotify.com | udp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | pki-goog.l.google.com | udp |
| US | 1.1.1.1:53 | o.pki.goog | udp |
| US | 1.1.1.1:53 | img-getpocket.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | img-getpocket.cdn.mozilla.net | udp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | o22381.ingest.sentry.io | udp |
| US | 1.1.1.1:53 | o22381.ingest.sentry.io | udp |
| US | 1.1.1.1:53 | telemetry-incoming.r53-2.services.mozilla.com | udp |
| US | 34.120.195.249:443 | o22381.ingest.sentry.io | tcp |
| US | 1.1.1.1:53 | inews.co.uk | udp |
| US | 1.1.1.1:53 | inews.co.uk | udp |
| US | 1.1.1.1:53 | www.theguardian.com | udp |
| US | 1.1.1.1:53 | www.theguardian.com | udp |
| US | 34.120.195.249:443 | o22381.ingest.sentry.io | udp |
| US | 1.1.1.1:53 | gew1-spclient.spotify.com | udp |
| US | 1.1.1.1:53 | gew1-spclient.spotify.com | udp |
| US | 1.1.1.1:53 | telemetry-incoming.r53-2.services.mozilla.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 1.1.1.1:53 | theconversation.com | udp |
| US | 1.1.1.1:53 | theconversation.com | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | r11.o.lencr.org | udp |
| US | 8.8.8.8:53 | r11.o.lencr.org | udp |
| US | 8.8.8.8:53 | www.vanityfair.com | udp |
| US | 8.8.8.8:53 | www.vanityfair.com | udp |
| US | 8.8.8.8:53 | time.com | udp |
| US | 8.8.8.8:53 | time.com | udp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| US | 8.8.8.8:53 | pki-goog.l.google.com | udp |
| GB | 142.250.178.3:80 | www.gstatic.com | tcp |
| US | 8.8.8.8:53 | www.theguardian.com | udp |
| US | 8.8.8.8:53 | inews.co.uk | udp |
| US | 8.8.8.8:53 | www.theguardian.com | udp |
| US | 8.8.8.8:53 | inews.co.uk | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | open.spotify.com | udp |
| US | 8.8.8.8:53 | open.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | slate.com | udp |
| US | 8.8.8.8:53 | slate.com | udp |
| US | 8.8.8.8:53 | www.theverge.com | udp |
| US | 8.8.8.8:53 | www.theverge.com | udp |
| US | 8.8.8.8:53 | n.sni.global.fastly.net | udp |
| US | 8.8.8.8:53 | www.timeout.com | udp |
| US | 8.8.8.8:53 | www.timeout.com | udp |
| US | 8.8.8.8:53 | gizmodo.com | udp |
| US | 8.8.8.8:53 | gizmodo.com | udp |
| US | 8.8.8.8:53 | www.theatlantic.com | udp |
| US | 8.8.8.8:53 | www.businessinsider.com | udp |
| US | 8.8.8.8:53 | www.businessinsider.com | udp |
| US | 8.8.8.8:53 | f.shared.global.fastly.net | udp |
| US | 8.8.8.8:53 | na-eu.atlanticmedia.map.fastly.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | fp2e7a.wpc.phicdn.net | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| GB | 88.221.134.155:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | www.bbc.com | udp |
| US | 8.8.8.8:53 | www.bbc.com | udp |
| US | 8.8.8.8:53 | bbc.map.fastly.net | udp |
| US | 8.8.8.8:53 | www.vogue.co.uk | udp |
| US | 8.8.8.8:53 | www.vogue.co.uk | udp |
| US | 8.8.8.8:53 | www.technologyreview.com | udp |
| US | 8.8.8.8:53 | www.technologyreview.com | udp |
| US | 8.8.8.8:53 | services.addons.mozilla.org | udp |
| US | 8.8.8.8:53 | services.addons.mozilla.org | udp |
| GB | 18.245.162.100:443 | services.addons.mozilla.org | tcp |
| US | 8.8.8.8:53 | versioncheck-bg.addons.mozilla.org | udp |
| US | 8.8.8.8:53 | versioncheck-bg.addons.mozilla.org | udp |
| US | 34.160.90.233:443 | versioncheck-bg.addons.mozilla.org | tcp |
| US | 34.160.90.233:443 | versioncheck-bg.addons.mozilla.org | udp |
| US | 8.8.8.8:53 | addons.mozilla.org | udp |
| US | 8.8.8.8:53 | addons.mozilla.org | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| GB | 13.224.132.3:443 | addons.mozilla.org | tcp |
| US | 8.8.8.8:53 | safebrowsing.googleapis.com | udp |
| US | 8.8.8.8:53 | safebrowsing.googleapis.com | udp |
| GB | 142.250.180.10:443 | safebrowsing.googleapis.com | tcp |
| GB | 142.250.178.3:80 | www.gstatic.com | tcp |
| GB | 142.250.180.10:443 | safebrowsing.googleapis.com | udp |
| US | 8.8.8.8:53 | example.org | udp |
| US | 8.8.8.8:53 | example.org | udp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 1.1.1.1:53 | example.org | udp |
| US | 1.1.1.1:53 | example.org | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.54:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.58:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 1.1.1.1:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | gew1-spclient.spotify.com | udp |
| US | 1.1.1.1:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 1.1.1.1:53 | gew1-spclient.spotify.com | udp |
| US | 1.1.1.1:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.59:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.59:443 | api.snapcraft.io | tcp |
| GB | 185.125.188.59:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | canonical-bos01.cdn.snapcraftcontent.com | udp |
| US | 1.1.1.1:53 | canonical-bos01.cdn.snapcraftcontent.com | udp |
| US | 91.189.91.43:443 | canonical-bos01.cdn.snapcraftcontent.com | tcp |
| US | 1.1.1.1:53 | canonical-bos01.cdn.snapcraftcontent.com | udp |
| US | 91.189.91.43:443 | canonical-bos01.cdn.snapcraftcontent.com | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.58:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.59:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | canonical-lgw01.cdn.snapcraftcontent.com | udp |
| US | 1.1.1.1:53 | canonical-lgw01.cdn.snapcraftcontent.com | udp |
| GB | 185.125.190.28:443 | canonical-lgw01.cdn.snapcraftcontent.com | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.54:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.59:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | canonical-bos01.cdn.snapcraftcontent.com | udp |
| US | 91.189.91.43:443 | canonical-bos01.cdn.snapcraftcontent.com | tcp |
| US | 1.1.1.1:53 | _http._tcp.security.ubuntu.com | udp |
| US | 1.1.1.1:53 | _http._tcp.se.archive.ubuntu.com | udp |
| US | 1.1.1.1:53 | security.ubuntu.com | udp |
| US | 1.1.1.1:53 | security.ubuntu.com | udp |
| US | 1.1.1.1:53 | se.archive.ubuntu.com | udp |
| US | 1.1.1.1:53 | se.archive.ubuntu.com | udp |
| GB | 185.125.190.82:80 | security.ubuntu.com | tcp |
| SE | 194.71.11.163:80 | se.archive.ubuntu.com | tcp |
| US | 91.189.91.81:80 | security.ubuntu.com | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.59:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.55:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | gew1-spclient.spotify.com | udp |
| US | 1.1.1.1:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 1.1.1.1:53 | gew1-spclient.spotify.com | udp |
| US | 1.1.1.1:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 1.1.1.1:53 | gew1-spclient.spotify.com | udp |
| US | 1.1.1.1:53 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | tcp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | tcp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 8.8.8.8:53 | gew1-spclient.spotify.com | udp |
| US | 35.186.224.26:443 | gew1-spclient.spotify.com | udp |
Files
Analysis: behavioral7
Detonation Overview
Submitted
2024-08-28 02:13
Reported
2024-08-28 02:43
Platform
android-33-x64-arm64-20240624-en
Max time kernel
1826s
Max time network
1838s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.228:443 | udp | |
| GB | 142.250.187.228:443 | tcp | |
| GB | 216.58.213.10:443 | tcp | |
| US | 162.159.61.3:443 | tcp | |
| US | 172.64.41.3:443 | tcp | |
| US | 172.64.41.3:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | open.spotify.com | udp |
| US | 151.101.131.42:443 | open.spotify.com | tcp |
| US | 151.101.131.42:443 | open.spotify.com | tcp |
| US | 1.1.1.1:53 | remoteprovisioning.googleapis.com | udp |
| US | 1.1.1.1:53 | gmscompliance-pa.googleapis.com | udp |
| GB | 142.250.200.42:443 | gmscompliance-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | spotify.app.link | udp |
| GB | 18.239.236.30:443 | spotify.app.link | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 142.251.5.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | tcp |
| GB | 216.58.212.196:443 | www.google.com | tcp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.200.3:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | rcs-acs-tmo-us.jibe.google.com | udp |
| US | 216.239.36.155:443 | rcs-acs-tmo-us.jibe.google.com | tcp |
| GB | 142.250.187.228:443 | tcp | |
| GB | 142.250.178.4:443 | tcp | |
| GB | 142.250.178.4:443 | tcp | |
| GB | 142.250.187.228:443 | udp | |
| GB | 216.58.204.67:443 | tcp | |
| GB | 216.58.201.98:443 | tcp | |
| GB | 216.58.201.98:443 | tcp | |
| GB | 216.58.201.98:443 | tcp | |
| GB | 216.58.213.6:443 | tcp | |
| GB | 142.250.200.2:443 | tcp | |
| GB | 216.58.212.206:443 | tcp | |
| US | 216.239.32.36:443 | tcp | |
| GB | 172.217.169.1:443 | tcp | |
| GB | 216.58.213.1:443 | tcp | |
| GB | 172.217.169.1:443 | tcp | |
| GB | 172.217.169.1:443 | tcp | |
| GB | 172.217.169.1:443 | tcp | |
| GB | 172.217.169.1:443 | tcp | |
| GB | 216.58.204.67:443 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 216.58.212.228:443 | www.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| BE | 74.125.71.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | udp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | udp |
| GB | 142.250.178.3:443 | update.googleapis.com | tcp |
| GB | 142.250.178.3:443 | udp |
Files
Analysis: behavioral8
Detonation Overview
Submitted
2024-08-28 02:13
Reported
2024-08-28 02:43
Platform
android-x86-arm-20240624-en
Max time kernel
1808s
Max time network
1829s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | open.spotify.com | udp |
| US | 151.101.131.42:443 | open.spotify.com | tcp |
| US | 151.101.131.42:443 | open.spotify.com | tcp |
| US | 1.1.1.1:53 | spotify.app.link | udp |
| US | 1.1.1.1:53 | spotify.app.link | udp |
| GB | 18.239.236.30:443 | spotify.app.link | tcp |
| US | 1.1.1.1:53 | encore.scdn.co | udp |
| US | 1.1.1.1:53 | open.spotifycdn.com | udp |
| US | 1.1.1.1:53 | www.googleoptimize.com | udp |
| GB | 2.18.66.8:443 | encore.scdn.co | tcp |
| GB | 2.18.66.8:443 | encore.scdn.co | tcp |
| GB | 2.18.66.8:443 | encore.scdn.co | tcp |
| GB | 2.18.66.8:443 | encore.scdn.co | tcp |
| GB | 2.18.66.8:443 | encore.scdn.co | tcp |
| US | 199.232.210.251:443 | open.spotifycdn.com | tcp |
| US | 199.232.210.251:443 | open.spotifycdn.com | tcp |
| US | 199.232.210.251:443 | open.spotifycdn.com | tcp |
| US | 199.232.210.251:443 | open.spotifycdn.com | tcp |
| US | 199.232.210.251:443 | open.spotifycdn.com | tcp |
| GB | 142.250.180.14:443 | www.googleoptimize.com | tcp |
| GB | 2.18.66.8:443 | encore.scdn.co | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 216.58.212.195:443 | update.googleapis.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.201.110:443 | android.apis.google.com | tcp |
| GB | 142.250.178.10:443 | tcp | |
| GB | 172.217.16.227:80 | tcp | |
| GB | 172.217.16.228:443 | tcp | |
| GB | 142.250.200.2:443 | tcp | |
| GB | 142.250.187.227:443 | tcp | |
| GB | 142.250.179.238:443 | tcp | |
| GB | 142.250.187.227:443 | tcp | |
| GB | 142.250.179.238:443 | tcp | |
| GB | 142.250.187.227:443 | tcp | |
| GB | 142.250.187.227:443 | tcp | |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.179.227:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 216.58.204.78:443 | tcp |
Files
files/dom-0.html
| MD5 | d1a855a206996421248b5be18328dd74 |
| SHA1 | 2113365f05b7d5c905ef969d5a6a65c437faa6b8 |
| SHA256 | 047f357b9bafa59771c191a8f0f3769812d9aa26ba5bc626b5b55a8f27db837b |
| SHA512 | 3b5bbf172fb99e3649a0cb87401e3819b4079272f0d5ce08b9b6bbbb27bcc4d626720ff442fd86c756a25173c7eba85c7d05566ce6f52ac674814af855f04e3e |
Analysis: behavioral11
Detonation Overview
Submitted
2024-08-28 02:13
Reported
2024-08-28 02:13
Platform
debian12-mipsel-20240221-en
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral12
Detonation Overview
Submitted
2024-08-28 02:13
Reported
2024-08-28 02:13
Platform
debian9-armhf-20240729-en