Analysis Overview
Threat Level: Likely malicious
The file http://www.mediafire.com/file/nix36lf9t48w2i4/setup_undertale_2.0.0.2.exe was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Executes dropped EXE
Loads dropped DLL
Modifies file permissions
Network Service Discovery
Checks installed software on the system
Drops file in System32 directory
Reads CPU attributes
Changes its process name
Checks CPU configuration
Drops file in Windows directory
Subvert Trust Controls: Mark-of-the-Web Bypass
Enumerates kernel/hardware configuration
Browser Information Discovery
Writes file to tmp directory
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Reads runtime system information
NTFS ADS
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Modifies data under HKEY_USERS
Modifies registry class
Suspicious use of SendNotifyMessage
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-30 22:12
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-30 22:12
Reported
2024-08-30 22:19
Platform
win11-20240802-en
Max time kernel
359s
Max time network
378s
Command Line
Signatures
Downloads MZ/PE file
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\setup_undertale_2.0.0.2.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-NQ0TP.tmp\setup_undertale_2.0.0.2.tmp | N/A |
Loads dropped DLL
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
Checks installed software on the system
Network Service Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\GameBarPresenceWriter.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\setup_undertale_2.0.0.2.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\is-NQ0TP.tmp\setup_undertale_2.0.0.2.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\setup_undertale_2.0.0.2.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133695296233980456" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-661032028-162657920-1226909816-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\setup_undertale_2.0.0.2.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-NQ0TP.tmp\setup_undertale_2.0.0.2.tmp | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-NQ0TP.tmp\setup_undertale_2.0.0.2.tmp | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://www.mediafire.com/file/nix36lf9t48w2i4/setup_undertale_2.0.0.2.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffddae8cc40,0x7ffddae8cc4c,0x7ffddae8cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1804,i,18335881449513857799,3955426163163484676,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1800 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2084,i,18335881449513857799,3955426163163484676,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2092 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2180,i,18335881449513857799,3955426163163484676,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2348 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=2976,i,18335881449513857799,3955426163163484676,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3132 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=2980,i,18335881449513857799,3955426163163484676,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3156 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4376,i,18335881449513857799,3955426163163484676,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4360 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4352,i,18335881449513857799,3955426163163484676,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4848 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5216,i,18335881449513857799,3955426163163484676,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5224 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5232,i,18335881449513857799,3955426163163484676,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5376 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5380,i,18335881449513857799,3955426163163484676,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5212 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2984,i,18335881449513857799,3955426163163484676,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5500 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3716,i,18335881449513857799,3955426163163484676,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4976 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5332,i,18335881449513857799,3955426163163484676,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4988 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5532,i,18335881449513857799,3955426163163484676,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3264 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3272,i,18335881449513857799,3955426163163484676,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5252 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5728,i,18335881449513857799,3955426163163484676,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5712 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=6004,i,18335881449513857799,3955426163163484676,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5984 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2640,i,18335881449513857799,3955426163163484676,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5980 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\setup_undertale_2.0.0.2.exe
"C:\Users\Admin\Downloads\setup_undertale_2.0.0.2.exe"
C:\Users\Admin\AppData\Local\Temp\is-NQ0TP.tmp\setup_undertale_2.0.0.2.tmp
"C:\Users\Admin\AppData\Local\Temp\is-NQ0TP.tmp\setup_undertale_2.0.0.2.tmp" /SL5="$30294,129584939,242688,C:\Users\Admin\Downloads\setup_undertale_2.0.0.2.exe"
C:\Windows\SysWOW64\icacls.exe
"C:\Windows\System32\icacls.exe" "C:\Users\Admin\AppData\Local\UNDERTALE" /grant Everyone:(OI)(CI)F
C:\GOG Games\Undertale\UNDERTALE.exe
"C:\GOG Games\Undertale\UNDERTALE.exe"
C:\Windows\System32\GameBarPresenceWriter.exe
"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004D0 0x00000000000004D4
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.17.151.117:80 | www.mediafire.com | tcp |
| US | 104.17.151.117:443 | www.mediafire.com | tcp |
| US | 104.17.151.117:80 | www.mediafire.com | tcp |
| US | 104.17.151.117:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | 117.151.17.104.in-addr.arpa | udp |
| US | 172.67.199.186:443 | the.gatekeeperconsent.com | tcp |
| US | 172.67.199.186:443 | the.gatekeeperconsent.com | tcp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 104.17.151.117:443 | static.mediafire.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | tcp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| GB | 18.154.84.60:443 | cdn.amplitude.com | tcp |
| US | 104.21.63.106:443 | www.ezojs.com | tcp |
| GB | 172.217.169.14:443 | fundingchoicesmessages.google.com | tcp |
| US | 104.16.52.110:443 | otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | 216.74.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.84.154.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.63.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.52.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | tcp |
| GB | 142.250.187.234:443 | translate.googleapis.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | tcp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| US | 172.67.73.78:443 | www.mediafiredls.com | tcp |
| US | 52.42.200.244:443 | api.amplitude.com | tcp |
| US | 172.67.73.78:443 | www.mediafiredls.com | tcp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 104.21.87.79:443 | bshr.ezodn.com | tcp |
| US | 104.21.87.79:443 | bshr.ezodn.com | tcp |
| US | 104.21.87.79:443 | bshr.ezodn.com | tcp |
| IE | 52.17.67.251:443 | bcp.crwdcntrl.net | tcp |
| GB | 18.245.143.83:443 | tags.crwdcntrl.net | tcp |
| IE | 52.19.190.163:443 | bcp.crwdcntrl.net | tcp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | udp |
| US | 104.21.87.79:443 | bshr.ezodn.com | tcp |
| US | 104.21.87.79:443 | bshr.ezodn.com | tcp |
| IE | 52.17.67.251:443 | bcp.crwdcntrl.net | tcp |
| GB | 18.245.143.83:443 | tags.crwdcntrl.net | tcp |
| IE | 52.19.190.163:443 | bcp.crwdcntrl.net | tcp |
| US | 104.21.87.79:443 | bshr.ezodn.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| GB | 216.58.212.234:443 | translate-pa.googleapis.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.21.87.79:443 | bshr.ezodn.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| GB | 216.58.212.234:443 | translate-pa.googleapis.com | tcp |
| GB | 173.194.76.156:443 | stats.g.doubleclick.net | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | udp |
| US | 104.21.87.79:443 | bshr.ezodn.com | tcp |
| US | 8.8.8.8:53 | 194.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.76.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| GB | 172.217.169.14:443 | fundingchoicesmessages.google.com | udp |
| US | 104.21.87.79:443 | bshr.ezodn.com | udp |
| US | 199.91.155.131:443 | download2390.mediafire.com | tcp |
| US | 199.91.155.131:443 | download2390.mediafire.com | tcp |
| US | 104.16.52.110:443 | otnolatrnup.com | tcp |
| US | 104.16.52.110:443 | otnolatrnup.com | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 104.16.52.110:443 | otnolatrnup.com | udp |
| GB | 142.250.187.234:443 | translate.googleapis.com | udp |
| NL | 34.91.91.144:443 | nexters.g2afse.com | tcp |
| NL | 34.91.91.144:443 | nexters.g2afse.com | tcp |
| NL | 34.91.218.141:443 | fraudshield.g2afse.com | tcp |
| NL | 34.91.218.141:443 | fraudshield.g2afse.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| DE | 162.19.138.119:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| US | 104.22.5.69:443 | id.hadron.ad.gt | tcp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | udp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| DE | 3.71.149.231:443 | ups.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| GB | 18.245.255.11:443 | cdn.prod.uidapi.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| GB | 142.250.179.225:443 | 34d1f6174ef2fe0c2ffecc1e313ecb88.safeframe.googlesyndication.com | tcp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| DE | 141.95.98.64:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 79.127.216.47:443 | c3.a-mo.net | tcp |
| GB | 142.250.180.1:443 | ep2.adtrafficquality.google | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| US | 34.120.107.143:443 | oajs.openx.net | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| GB | 108.138.217.110:443 | hb.yellowblue.io | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 147.75.34.47:443 | prebid.a-mo.net | tcp |
| DE | 51.89.9.253:443 | onetag-sys.com | tcp |
| IE | 54.194.247.189:443 | ap.lijit.com | tcp |
| US | 34.120.107.143:443 | oajs.openx.net | udp |
| DE | 3.120.207.148:443 | btlr.sharethrough.com | tcp |
| DE | 3.120.207.148:443 | btlr.sharethrough.com | tcp |
| DE | 3.120.207.148:443 | btlr.sharethrough.com | tcp |
| DE | 3.120.207.148:443 | btlr.sharethrough.com | tcp |
| DE | 3.120.207.148:443 | btlr.sharethrough.com | tcp |
| US | 104.21.87.79:443 | bshr.ezodn.com | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | tcp |
| US | 104.21.87.79:443 | bshr.ezodn.com | udp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | tcp |
| DE | 51.89.9.253:443 | onetag-sys.com | udp |
| US | 35.244.159.8:443 | google-bidout-d.openx.net | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 167.35.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.98.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.107.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.64.124.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.34.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 189.247.194.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.207.120.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| GB | 142.250.179.225:443 | 34d1f6174ef2fe0c2ffecc1e313ecb88.safeframe.googlesyndication.com | udp |
| GB | 142.250.187.198:443 | s0.2mdn.net | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| US | 104.18.36.155:443 | dsum-sec.casalemedia.com | tcp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | tcp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | tcp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 104.18.36.155:443 | dsum-sec.casalemedia.com | udp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| DE | 185.60.217.28:443 | connect.facebook.net | tcp |
| DE | 185.60.217.28:443 | connect.facebook.net | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| BR | 35.215.235.162:443 | e2c46.gcp.gvt2.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| DE | 3.120.207.148:443 | btlr.sharethrough.com | tcp |
| GB | 142.250.187.227:443 | beacons.gvt2.com | tcp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| US | 104.21.87.79:443 | go.ezodn.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| IT | 34.154.74.59:443 | e2c59.gcp.gvt2.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.227:443 | beacons.gvt2.com | tcp |
| CL | 34.176.211.24:443 | e2c55.gcp.gvt2.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| DE | 18.199.220.232:443 | btlr.sharethrough.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | udp |
| US | 104.21.87.79:443 | go.ezodn.com | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| HK | 172.217.27.3:443 | beacons2.gvt2.com | tcp |
| HK | 172.217.27.3:443 | beacons2.gvt2.com | tcp |
| IL | 34.0.72.251:443 | e2c77.gcp.gvt2.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 216.58.212.227:443 | beacons3.gvt2.com | tcp |
| GB | 216.58.212.227:443 | beacons3.gvt2.com | udp |
| GB | 142.250.200.14:443 | clients2.google.com | tcp |
| DE | 185.60.217.35:443 | www.facebook.com | udp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| DE | 18.199.220.232:443 | btlr.sharethrough.com | tcp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 104.21.87.79:443 | go.ezodn.com | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| DE | 185.60.217.35:443 | www.facebook.com | udp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| DE | 18.159.212.21:443 | btlr.sharethrough.com | tcp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| US | 104.21.87.79:443 | go.ezodn.com | udp |
| HK | 172.217.27.3:443 | beacons2.gvt2.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 157.240.221.35:443 | www.facebook.com | udp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| DE | 18.159.212.21:443 | btlr.sharethrough.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | udp |
| US | 104.21.87.79:443 | go.ezodn.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| GB | 157.240.221.35:443 | www.facebook.com | udp |
| DE | 18.156.199.224:443 | btlr.sharethrough.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| DE | 18.156.199.224:443 | btlr.sharethrough.com | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| DE | 18.156.199.224:443 | btlr.sharethrough.com | tcp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 104.21.87.79:443 | go.ezodn.com | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| GB | 163.70.151.35:443 | www.facebook.com | udp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| DE | 3.120.207.148:443 | btlr.sharethrough.com | tcp |
| DE | 3.120.207.148:443 | btlr.sharethrough.com | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| DE | 3.120.207.148:443 | btlr.sharethrough.com | tcp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| US | 104.21.87.79:443 | go.ezodn.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| DE | 185.60.217.35:443 | www.facebook.com | udp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| DE | 3.122.113.82:443 | btlr.sharethrough.com | tcp |
| DE | 3.122.113.82:443 | btlr.sharethrough.com | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
Files
\??\pipe\crashpad_1968_IZPRAGGXDOKIGFHO
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | ce65847044efd40db18365b6309e1ab2 |
| SHA1 | 25a2af433dd8b77579ce1d7a148c6d683ee5cb1c |
| SHA256 | cbfed2846122145cd06ea261033b1b7809db772868229c6e112d09906e27c00f |
| SHA512 | 7d27075a9f27533142994a097746e2d066a07c0ae2a569c94ca70feb68c38ca0e3bd804af6b857e568863ab121ae75cbf5063d2a4901f1ce1ae3ad7027957f43 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d1ebc94c8bc1298c59bf9d26b66ded5a |
| SHA1 | 2b5785c565343f8436cfe421b4095c9d56a0739f |
| SHA256 | 622b3c08d81bb795cc33539e55bdd29d2ca9f480cfec4c7fd2c186a5f2030e08 |
| SHA512 | c32e57000aca0f6d788c67fbdcb39b544fc22189c22579b64bf74b50fccb26e830393e5f39e7d4844b2a85e42e251e0c8a142441e50df6477e0ec22921d71407 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8447a47a927fd18a23c180f91ef69ecb |
| SHA1 | a72c6771d6d003641fa1e7473234941ba7d2a2cf |
| SHA256 | 68258b4f30c0dff5fcae51287098dcb74a497d8ee5941f913e7336fb37b71551 |
| SHA512 | c93f2eb23deeebcd5974716d4525595e275ad9d22821e8ef4215a81d4d737f687acc73ef59c132e1d621b0ead969829a2abf640c756e21df234772f248d39fbc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 3dce48d835bb41313e72cf687f97c987 |
| SHA1 | 64c8e6c58583655a2076cb331501a413fd2f3d1f |
| SHA256 | e9ee0b4e9ef775c091e2fe8385ce99a6bcbe0116e5f706725d1916985d9293ab |
| SHA512 | e81800894c6241a42461dea8da89209348769ac5b27ebe6526b0bd7239d3d0dad28a43b1121177ed0baf4d4e69d835603c138a380a406c2a83a2af7b079c1b10 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1ac57a593fdcce79a1ce42ee3f646cf6 |
| SHA1 | 93247cd51a2cfa2b5c509f02e0281a45b3c5ffc6 |
| SHA256 | 8c82f11458a70082e9dc8195459369cb378c48d9ba97708ddab5fea5f60902ad |
| SHA512 | 1b196756b506393433d1ee524e265030d9d5e47ae138f169faf2b9810016feb356c2922eac7ca794a9e51d264b7ba4936db177eb0972f04de99b029389dae1f3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c3109f407e867299c554b132186e41d7 |
| SHA1 | 2c5a35d8237f9d3d4b24357a640263a11620521c |
| SHA256 | 5e6f1a65d5b4118e69c790988670502f75dca11b6ed003232c0c09eda55318f8 |
| SHA512 | 5a2473c677f6e3cff11a1ac825f6d72ab61e2065b98f50ed1e6fe92851d88701ed00add8ea17598675eae1771cb2ffe98e74b9d79159f5f739cf1cebf3259312 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 05544a04153cc938ce48b0d39c6e850e |
| SHA1 | 445b905cc3e3d08dad4a9dbca422608db628213f |
| SHA256 | 5c294671bed6e8c90496648759eb18b0fcdd113d6abbd34c069c364e70b22d69 |
| SHA512 | b69c26efa96f9aec0f071cd2727116829ddc0284fba621e5550f3f6246db62b6dd4ddd6a57c1d0736f17f9faabf90a7cc18eb559fad4e3a4ddd3f8f0a1f8267e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 355a34426afd246dae98ee75b90b79c2 |
| SHA1 | 3011156636ac09b2665b8521d662f391c906e912 |
| SHA256 | f073bb41e3fb1650fdaa5ab3a2fe7f3db91f53b9457d65d58eb29bcc853d58e0 |
| SHA512 | e848fd8ff071e49f584c9cf27c4c6b3bddc522e18ce636fce5802fcc1da8c36c90d331ae5097b60e795f0f967141b2c4293d39632e10334cba3fdc0f9cd1bc34 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0e71825bc7142f6fbbe2b5cc49ea7c38 |
| SHA1 | 4cabf032d41a649613395e26d68003c7470ebf8f |
| SHA256 | bfca9fce014ac35251d6bcd4121db7516bcce988d306be35a58944a92768cfe3 |
| SHA512 | 52de6806dc8c8c6d19fdea698d117b9f206155f7277cd3bc8bc53004237b47dd95d2e427e6cce92559eea147f1f1062df994b9cbcdd083b8238019bfadcd8c37 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fc536840e554513b043a133498fb5e03 |
| SHA1 | 4b0bfb77e84fea94a8ad02b578b806ce41f10aa3 |
| SHA256 | 8c5d70943cfd879a6a652106e8be883afcc31371cd209cfbf3d6a47e9809acad |
| SHA512 | 2538dd42e5bab05973dbcc67c93469cbcbcce2341fc6a12ab69d7e196cbed1451d0c501fe3d28a790a8b392e0fd32870c66a034c19a238e2ed008d4cdbcf6007 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 01817838a3075007414d51348a8c4173 |
| SHA1 | c08f30cf0f6ba14146fcbe34893c77238a1c90b4 |
| SHA256 | 30933bbe6b86380e5345255b01f60699ae454ccbef8c24ab3f4b781e6766a0d9 |
| SHA512 | f8627a05455112501f8c742c28ee26995e1ac331424a3d8fd3eac3323e8718ad8259c1ee044ebebcdf97920b41b4315fa8934ff9475c5e24be6fca46a3d37711 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fa2316bacae985a6a21f1c24e2787b6e |
| SHA1 | 9a110878b5634a2bb0cb4a54643254f779a716c3 |
| SHA256 | 236e9266456809854288a17db45294eb9204535837ba1c6df2faa2e3012e76ce |
| SHA512 | 8d6083f2e9228984dc04e9acd3325489fe2c85a7447302c62442b218303e719e15dbe55cd0d3ae676ebd6737ad26284541911a30099d127f12c6b65acc3e7d5f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c7a6ce3892e01c0541be702d5ad0c1f2 |
| SHA1 | 82e6b5511152ac0d936f0bdffd122fc308beae20 |
| SHA256 | 163eab316ac6d8473c8445fbc954867bed81ca85078fc44cc43d3186cfa43f0c |
| SHA512 | 422e8eda8a7a8bf953d10cc13049603715f408610780fc5562fb5b0752c7e0f71e5024503d856a555027fad014c8e1c11cf254cc1d4951093338edcc8d0a0c1a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b8019e55eebe328c508321fb00339ba7 |
| SHA1 | f27b0c4dddba6d7af3554ae285c8714cffb5b904 |
| SHA256 | e49dbd0d8f9aacebe759e2d0cec83a4acf34344954c95f8d42ec462448d0cfff |
| SHA512 | 11e329b330f3e72d70c7617d2d228f78f5829e1f3eb6a57e99d093f1d2275cd27cd0a085bee839fddcca4abf1925048fc034584e1575b0994884573493565505 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 73b4a4ca20c6800bb022fdb3ef06c4dc |
| SHA1 | cf5f2487df687d8125451fd55d468c821166d4df |
| SHA256 | da07e7c67d2983ce9e9fb8ee1b5f092dbd706ce55db4f332ee41cfb709766999 |
| SHA512 | ee01b41d7a44c8b59af29d27925781b3803998acf2287355c34158dba3321e704d09df9d6305386967ba0f666464aec29e685e34dbe392e86fa34dceae5953b7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c321da9bf258156df22471eff10c7f7e |
| SHA1 | ddbabe8d2cc716fbb442e4afe8cae6fc2b1fbb01 |
| SHA256 | 7f7d4b47d3c53aed3204e0050ca6221d3fcf2dbdc4e370a9f28a1e9626e13e63 |
| SHA512 | 034742f904810a60144bdde94b304dd896696dec19d7751320e57c79533919e731456df556ff014e88be007bf9db236e40a2c1767bc1816d98bbbe60530defc8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 45d7fe7f1ab1a562ad234f3553efaeee |
| SHA1 | 2172e46c7d6d04d8d048ffb2f5a97bb2a925c855 |
| SHA256 | 3798fe3025f79763f25962731585435604d4d2ad1a7a1a659761535b7bbdc3ab |
| SHA512 | bda243d2261635514c6e5db8ce6716f68e2c9d3679c63fcebca08dad14c733aa537c0230aa16b987a5df359df2c7d4432cb5e3e32408ad21c352ac9558f4462e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020
| MD5 | 13d4f13cd34f37afc507ac239d82ddbd |
| SHA1 | 6d500935a441d438ed052e90de0443bccc8c6d17 |
| SHA256 | 76464e77d22532976bbe5d1829e97854d5c37ed5a46ff300ad9680876ec81d01 |
| SHA512 | 152e6449d09a7b544cf6f986c9695ae07c330f4b13068cca028ab56ffdad6ff2467f371ea4385ad71da023f3beb83fe0ba1d6d413f1ddde14372efe82ae36b6d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 21ce23d04b879539097334b9711c90a7 |
| SHA1 | 427a9c169ed6ec9c21eb67ba5b1f521efc2b80e0 |
| SHA256 | 5b479b4a04dd0984371b204d2f6b01401511096770751639010e83e148b66e41 |
| SHA512 | d0c6a4367f4b58d3f22321a05cf3a6fc4c5c4527d19d931d26ca3a8e1289a7f294227a1c1c1c71b145b168dac284704deb3ed0153b893a460d741ab4980941e3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f
| MD5 | 37959a576d1c511c860b54d397c637b9 |
| SHA1 | 473769a31b689601101799417ef37e224e96c5fe |
| SHA256 | 6f0b3c89250cca84a1caeefe090b014e1a4a5c48d349debe74f365cc863d026b |
| SHA512 | b83ea3aa7884b5a372f0ddcf644a8227dfa90b6e4e8c4019000b7f6765116ec3fef379ab613f4cbd1a186c37842c7ce6f876ea89aad27cfa1686293c0541499e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1a75ba93e7eaa3e968dfa9e39f8c2f24 |
| SHA1 | d2c6a71b84cce12a0b6079f4c6bdcf33e78fc787 |
| SHA256 | ff8b3d0b279784c35b9ad92748f6370567f8d3b6b61f93774c6f4afa1b79227f |
| SHA512 | ed2c02960ce64b567929e19eb53a0ee0a8e1f39d6452d43df443ff9d9ea4daa3a75558859980267ee74fb687594699a9e015532c2c8bed17ef733a7d698acda7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9c32e43d15d4dfb41e27e9fa4420f599 |
| SHA1 | 4e67943b7695a8467285ece8d09e34e13e19ae8c |
| SHA256 | bafff8961184b246197bf670a772a543f7b9b2f1cbb7a46f21f80c5c9a5604f8 |
| SHA512 | 5568f8d6056820d2d6e1041d112dabbe2dc8ba2b4417b07efce0d207918af1aee33635ecd649aba855cc42e4eed022254e907f38b40da931b3aad16bb6d8edba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a18027180fca0342e85c3b3b9635ea35 |
| SHA1 | 118d44c9974cc96319baed7ebd556c6b72530299 |
| SHA256 | 9d09f64a96ca72c65be4a547e92e29c5baa8ea7a3117f4bb87d455d692db6811 |
| SHA512 | ecd67abf617e4409ed5f3ec2bdd000762983818ed2cd86af90d5d4b0e05b0111d470475c9e2c19a28d2f3271e1a94a896b87f27068ce40c5d64f9ee4b37481dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ec58fd74534f8df207ad5b651c849762 |
| SHA1 | 984e954a76f1403f13e2312d39afa9875f8d8198 |
| SHA256 | 395347b0761aff38ddc48a32854d7ae4ce0852144c953caa2d0bf839b3657367 |
| SHA512 | 0ff3d751dc2dfd4a613ac0b92084ab844f06f6a054bfec9b6f6055ef0a6f6061f6edcfbb4556037eb1f9c06b8ace436c36764218df973e54e69bbe9a0849653a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3c2ad781346ed034cb1c6fd503e1ac94 |
| SHA1 | 178127f2a96b9e81efd5c47592e1c3a74e217719 |
| SHA256 | 2ab9079a449f8d48c944ce26c12c2559c44c8fa718f72b72636aa8388f2c019c |
| SHA512 | 01330f22fcc8b042aeab71f20b7b4ed167ccee12eb0ed6f6137abe2b0368c25d34f73206587080183ac5297f8d0717a76867caf2bc57a2b2aa4fc9b47ec0d4a9 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | d222b77a61527f2c177b0869e7babc24 |
| SHA1 | 3f23acb984307a4aeba41ebbb70439c97ad1f268 |
| SHA256 | 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747 |
| SHA512 | d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | b5ad5caaaee00cb8cf445427975ae66c |
| SHA1 | dcde6527290a326e048f9c3a85280d3fa71e1e22 |
| SHA256 | b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8 |
| SHA512 | 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a8203a265d51b1e92c5bb1d6ac2f7f97 |
| SHA1 | 4dd42d99cac99b029b02ee2df1c5fa5d82f0efe5 |
| SHA256 | 1a1fb9c549aadd3a01cd67908ed9998bc9c94fd414bb311ca8650a08a88a9475 |
| SHA512 | 632fc6bda4b1abc89ef9c266f6b849ee4beb96c62b99270fe6ebbf4488ee32a1c96a9053548f057583d1c96238d7529c45470414a964c0c684ed802af2b9dfd9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 54523da854c691af45ee6ed11d432ad1 |
| SHA1 | b7f9179be7aeee8b4b8041434d2ab0120f237ab2 |
| SHA256 | 379941bcfcf2e7fe4e33cde54f102f54c7095e88a9a03ff73ddd16d468606596 |
| SHA512 | 638dd1bd6fb7d9741766a8815488c757f611a173783d0cdf09e46e10bede6eb592d93cc92ab1da772afdb62b7ab4a8f9cf2adfba56f402646d5741073b0f8f4f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | cb71c71af789c84af988f2903d964229 |
| SHA1 | 519291b189916038c6e0aa6353bd86448bf6567d |
| SHA256 | 243dccd590d6db08c6905a5078a854951a57a39ba2211b894d9ed0599dee14b4 |
| SHA512 | f2f86d8cfedd4a0b98f38ca40e0d2adf272ef8506a79f9875811f10014f5dba1dc331d9bdaf595c806e9e23081d1fadb1d0b75e7e21c0f4d432ec8228c91f340 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ab59eb82b9ba9df07655c5575a0af26d |
| SHA1 | 1dec3806a793f1236d6d193650d834e7587b6033 |
| SHA256 | c218564da9d394f8d88831d3c4ac0578416cc97307533541076ef3ad56739cff |
| SHA512 | f41b6af07c7ee31e4edfdb6d0bb1280f78b588780e201a4a3d1f58f74f0d5bf614bbe906379a36830d2c843c0a66116168bc5e1d1891d0237e62f2aa884e3d78 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9a26c01f17951300cbe82a2e4b11e8db |
| SHA1 | 120c0e57d2961db226f49bf49b6667b22e13af8e |
| SHA256 | 30e4f5847f55953a1ef3d92c54f63364946c417148f50df8ad5ce0ff771049be |
| SHA512 | 0205f3430d92007b642722f46a940c7c287caafd7db46ea40d85f41dedded1a0f4aad592f917d670a942139820be2a2a939fc0ff31bf3053914ef5f24d03a57e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8a878003167d61bd1ca57dcfc4e9fdb5 |
| SHA1 | 51a32886859e4d228bc5dda53d126a892a92dd67 |
| SHA256 | d2c9a1fa017b44e30b335214917eb9cefcb970382dfe1eae8ba8e9602783487b |
| SHA512 | 08bc23c5983551006149dc2d5bd1b56801ea192dab140d8966d36efd652edcb50b9c30576be4d391cc9b44891235042d94c8ed9de530b0e4c916d99d9c5e4dd2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6939371f7eaa75b0_0
| MD5 | 5d568952e5d80f4180c49de608f494d3 |
| SHA1 | c8512d7edb315c0c6afe759fc35187cf0b706c9e |
| SHA256 | b36f14aaabb68b27d8adeaade40ad7f0079270be4b07bf5aeba14fb45d32a53a |
| SHA512 | ef45e2a154cf72327735fc0c316bf8d42a36f0c8cb907545f00e7947c4cd69a3f4241140a3f65c061347e36d3f59b50b30076979d4c70e019b10e1eaa59735c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\772f38b2e35002d9_0
| MD5 | 98d863238d10364f364bddb0066ffdc1 |
| SHA1 | 7d7ada7a1301fa8f36e0219a7a6ae52bcbd85b90 |
| SHA256 | fd6fbbb0c0e616034c0b08c6074e3d5659cb4ca34fb55dddd6946566d9d34a75 |
| SHA512 | 3db8fccfa456ff624a6f550673a32d74675a6f1a5c25c7874547bf8db37444ba3153582370d35dc8a7a0b2ba98ed5482e5ea14716d349f04d99d1e1cda4fafea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9f0490aec634a811_0
| MD5 | ff7fc679b27731021763d89d0f6c09ad |
| SHA1 | f37c9d088d627b5f878ea6395c919a33ee32b51b |
| SHA256 | 6d6025d2d4e802dae03e803dee599461e8bb833b11b9aa839a4644c9ebc6fb69 |
| SHA512 | 673e0a2b95b5fc3a4d2fd8d804b91bd57ffc7d9fa12ab3191e4d066d3bdad9edf75a7a116c8af20ebc7f036a3a2663c8c7e74c6032fe8aceb3283b652acedf2c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\787376ff147c7652_0
| MD5 | 2c23f0688fb4bb0b32be166b6c01f9e6 |
| SHA1 | ebf98ee746bd2ab3252383f537cdac5df321dab0 |
| SHA256 | f66f4c16a57bbdb07e0802599ffc41d978fa560346d94710209e2317ef0e6539 |
| SHA512 | 50db07252673b671aa3064339756ce6b35218036f9450f516879b3cbbe3dc7c1b5adec8c256c14e5c7252f6f207f44b141db6e19886bf7dc89777ce1cca54b5b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\74cc8039ce674a82_0
| MD5 | 4cd67ab52168c2f17c048274190868fb |
| SHA1 | 5d1565e06f17c3e10d0ad97a721db7b39e255aab |
| SHA256 | 8f0788552f5e3faf1738932c485153b3f8568c2139c9b0c4fe851cfc4ff0d9fb |
| SHA512 | 7525d304c7518c2d36f527f37fc77b11df1aa1019e532bcf029ca3993d2ff0adfe3b66d2d115cebb588e82561a0aabf9424c0db3de0c4c4c61bbf4ff0f703e43 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ef1a144556ea06fe_0
| MD5 | 45ba8504dc2324bb7f29358be697758f |
| SHA1 | 1ec2c1c4d2bbbca7974104e52ba9003c998b6e85 |
| SHA256 | 54e0a8881ee9850bbbe748d7fd05dc4da5b9bb20c5d0ca0b50e34a11642a00ed |
| SHA512 | fd5ffd3f4833b6bbb84eb120cc99b4a9d23039a87561477ff9a2e2d3591a733c1315e0a848cc314a0f61c974d44a00e372320660076407e6ffe470a45a3239b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b852187183dc0f15_0
| MD5 | f0a7dfea5904189d83d9fe4963c2c731 |
| SHA1 | 01032c48bf386c29561e62071bc728fea29852b0 |
| SHA256 | 4f3bfeef79f95ced9c5f7d2dc4988bc6193f5d38b18317ba010b8393d51acfcd |
| SHA512 | 4e67fc1abea77b19b84978708920573ed910e85ced5d1c0ff88288f7b1af9de6347e54a60ed0b5103a7ac0e7bf716162ea6ecfc4e33309b2a6a2d095ef8d1709 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7c3f1a36842c18d8_0
| MD5 | 257fb579312a1fe8d1ccfae472e46f43 |
| SHA1 | 7cb5262b8170e24d0490b75ef3ee15189252dd31 |
| SHA256 | 7a23a4e5f1dd7e275ac8ab0ecdfa9ce25e33317af96bbcda1d335704d5bb5308 |
| SHA512 | 023c21f749e56dee320f382f5cd3ba7fe1240253e4f3f303dc9238907eaddbea54ec34166fe9d620c65f49179d274161f6110cf24b707301a546d3f26d7c9b99 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5b7070749b0bd1f5_0
| MD5 | 0149c4bd4764c6857f158f7f388ee8a1 |
| SHA1 | f2b39d282d00f3047fb191179087e4fe98d1b3b5 |
| SHA256 | 5bed67a9281c0eaad68b4d922d755e93598bfb0a0a81a30bc94b63a9231dc828 |
| SHA512 | f04f6bbd14134c404b88eda51e9bf07f892c8dd318006e27c1905c08d882e6444af03b03d82ad3b0f6255430bdc6ff076ae4e226db232b01fff6ffff46aa8ce3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 45068446fec2eaf2c866e1e15fdb84d0 |
| SHA1 | 3886cad2aff9b0d66557837f0e81e0ebe8a4bb3e |
| SHA256 | 91fc61b51a942630fca045ce10c4a51b308dfbe43994d654a5e708971ee5846e |
| SHA512 | fc1b81eb4998842f1e39565c82ccd1f01a6238ef5d6ce8e4049c830c149ca78a2ede0e757a14345cea8281b8a813588e4a87d4b78a3b4a404aab6c2b92bff67f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 64bf27d1e7b363220a22624448c31e2b |
| SHA1 | 78b6f06be2484e87779f9dab4399ce3aefecebc6 |
| SHA256 | 655e1019d9041b7f0a764ed620a705260f3a03bc1a75846a8b985ec9b0839640 |
| SHA512 | cce0de3c2974d00794e1c736a1d36eb37f35a2bbab74b7054352fa91d75603843e94f9fde9520c9b97f745faec634c8e2c45885ae6fc8112314b70d7cdb4ca55 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 48dd453a34363ff9dee418c7869eab47 |
| SHA1 | ca876eb279d665721dda26bf2cc5f77d3fa07907 |
| SHA256 | e7407800604a6a4457983dda75a29f884718ac2cada6dd933f603b7ffe48730a |
| SHA512 | b70374918edffe937f84a5f9df66f7a6971b919dbb189bb57437f35e48bb36f2347b3c34f05fd92c367e474c2a36f5523d454ca39baf140b38df7916247e6a4c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | abe1e7d8ff1dd8c1574f9c4ee45cd9ab |
| SHA1 | 2175fe065f0bfee87d4599beb91ee611ef058bd9 |
| SHA256 | 83a6102a95783f52bfa2fc637c15bed3edb63a3b6ae43b2c078a26e22ca0cc5c |
| SHA512 | 419959c51d5b1f58a7fc1bfa1daf85c6b555b28a221385970befa3e53555b10a03d0b8780be732c4b0356e2a5d7c6f15137312da3045b838f01a8ac4634dfe79 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2246859ddeefb6f07e37cb0345c6f462 |
| SHA1 | 5daecbfa5782bcbf1058a985595eb3fa10138405 |
| SHA256 | dc22bb389d709431c5053d5eb5f52f77dcde41b30b5cfdc19a633f4bc727fcc2 |
| SHA512 | 8dd2b83db2fa453520f44d0b3814112d18c46a0c1a57c3542e2d431e70cd6138ad68fd156b992765cd690f60b102f0ac30a6d3df9afeebe34fe3fd2028ad9701 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2acdb580a14b2a21c5ecd0c89c8ce61c |
| SHA1 | f8fe1a182dfb9c57bce245ec04fe0297c144cd3c |
| SHA256 | be935aa7c5047b55c038bc504997dbc597229cb99426196ff8acbd4d3944ddda |
| SHA512 | 16d8da7f545d64d9d5d49e390640d247fce895503d91868e2d39187807696fb2c8360acd033818d92d55b47a2316915991900a11f34a04c676b2da0cbba962f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9f477e024dda725c91fb0b13bce7ef40 |
| SHA1 | d02ecd597f80015e10ae36920137b8ff677ab114 |
| SHA256 | 1e2548b36e80863abe63e4a7d01347266e05e3275e4a3586904797e8c46f3e36 |
| SHA512 | eb5ebccd8b1f06d9cb2b4d302834775f4df6b57e0363dcbfaf8553093abf7d5ef47dc56ac8fed0d577920183737091a3858bcba21cd595974ef6e77c95045165 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | efb6b94e4b53006a0a261178ae50909e |
| SHA1 | 73cc1b9a12d5e6f5f867b8764c71e9958c3ca375 |
| SHA256 | d5cb8fd085a930c4ed775b758bb475108808335b4b35c45f2f326d0ebe5a6973 |
| SHA512 | db7f5e3bd82a6f7fc0b01b8bd8789f0720f9c0853198a50f8af54ae5d808ad54183a3bba1341b5fd8b208e1611b8e5e0134264ab38f52c7832e5f0609adf6585 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7a3bb47389cf49fbde1e017052aa8e31 |
| SHA1 | d3b65776404d83f69d5f2a3cfbf03c7b298ccd18 |
| SHA256 | 046ead1e30b02d6e26c2869429a81cfd41d6e581b292b1fe9a28657003b5e85b |
| SHA512 | 9bb546efe989461ab2497c11984689e0cb10577efacb2aa325090c9451cc4e3db2a2a020ebad40b3c817b4ef635e25e73af9b4f97f304c78b01fb6a2c9f00afe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 059e87f56ec626bb3582fbceebed7a7d |
| SHA1 | 035cc8eb62d68cb1015d68d93119e391947f0c7c |
| SHA256 | fa98c98c623e751ac66fa897d41b5db397217a4d8d49064a64e03ce76d2054f1 |
| SHA512 | e1ba22d445cbe59e70e8395badff1167840b20e8025876ee5bcce70cf685bdbc6a396630dfabaccfe2a1b9ba9eeefed18e7757527f5c595d966eb5be645c6d7d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 054a932e56bcbd3c28a02c4c69c7da7f |
| SHA1 | ac74676318a19225ab0c9f73f3df37cbd1a579da |
| SHA256 | fb05e05710fd2173605da83ce4b14085b87fbb9806609d0b2a2d8de1304d5d3e |
| SHA512 | 11130874a91b268826f344bb960c9d1894d237f95ac9d3d8f7622211f7e6d8b12a615fa14b56fed950a624a5acca9037e041b3270e657b9a7b9d4e0f90d008a9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f53af3a94d39d2195b6e0e3be9ad6e36 |
| SHA1 | 98a720d214776572395fead04d171de68cf6d682 |
| SHA256 | c4baa9b3a2824fb2797d63ef41c97a18e1906d1d8f30ef17de05801da97ae610 |
| SHA512 | 8f236a7f1e45be3abb89df9d54003f4b48a6e9e0d2f31837056ad88360f640979e6d751234e881e444178cbcfbbdbbbbfa8a41f3b4902bc7f137ee14cba2f1c1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a1fb7183bf0c1e837d67c1f0a5743291 |
| SHA1 | 70be86f2c5c986dddf16df045dc104fd2c0b02b5 |
| SHA256 | ac07cebb640ca8f63779b7e7550fcb98e55f8cfbb0ea561c83916fb7a64f00bc |
| SHA512 | 124336eafdb615af85ff7f0ac33ce3980280f8a9b0af6868b1ae72fc765bdb79a834938b6ebd1c16427a6840822c7ddb51f519f6e1a0f65f5407fd0cb089df99 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b00eab774c7790fbd35407b58a547614 |
| SHA1 | 957b2f6a61ad03a61bb8f4894fba48722ee3bc6e |
| SHA256 | ce645a5018dea6f468bd57f2844078d362ccd665c86ca722f63169ff64301ad3 |
| SHA512 | 4d0968b497e97caabfd13fd35221c9db7bf1a7cc022e03cbf06df112b65351647e952d377a0f2205969984e04230fefa5ad05a25babb114dd4c3f80eeabc59d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d85e30b4d6ddce096b94df8de0202e0a |
| SHA1 | 275ca54734878d5127798580346b14266c8d3a73 |
| SHA256 | 482c9d513637241536b5bcacee92a0a20932b7a554c98590112f086c0ed0b682 |
| SHA512 | 4748e56b03703a5de47e21f85bda18c045e5e9a60ba010fa67a9f3ea3a9b1e2e10926afd37fbb65fb920f7ab700fa21ca4dd61577145f8fa02709840542ba673 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\7e200a2e-400c-46dd-b709-8c40427a5981.tmp
| MD5 | cb8f315ce17f7b8a457830f0c3c1d9cb |
| SHA1 | baeb97cd262c08a32dfb99299a48fdb9cbd6ed0c |
| SHA256 | bdfbf126877f31bb1a669e1016553d9a25df765063747362a0270ad83604e11a |
| SHA512 | 048d61a5c063e2aa33e184c2d641072d5c53379e861baad754eae225b4b6a954a66718dd2569fba416d13c8b6b1f67b8d12b24a815bb2fa84dea83ebe6b20e61 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5d3c8da25a6796798d26ada5c7293ca2 |
| SHA1 | 8fac97270d7f45f082cd4485818a056800df8b29 |
| SHA256 | f8fcc63ff2bfdda7dc00e3b0e2686c082cf8920e4d753f0c25160f1229a6b27c |
| SHA512 | 0bab339d25eeed828e1bb12f9b6ba7ff095d399899409db0651da9dbf0ed85ebdcb095d674bd15b8bd75efb7786b333eb45ebee75129ab0321e8bfe27509c8d1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 05f611d28c6bc391b0853c2508f71cde |
| SHA1 | b12ebee6d87ccb1e8e164f9eeac631d35ed58081 |
| SHA256 | fa9d148829e131532f2ea36fa755da36e7d88a79a82cd0aa78a819fac13e5140 |
| SHA512 | 28d9595708944dfabe100296ade39fbfc5dee72802a20fef8162cd98573cf39e0da8b8f0b4a88e1f3e582e4501e0496c9851b4a8344322f0c9459cebfb4e743f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 18c83163cd2204b8e10394b647ca8421 |
| SHA1 | d4b53c640fc63b79a42f879d2c6015ab0b0a5d76 |
| SHA256 | 67fbc1c4b5fd12e85fd10788e75de1e9f7622cc8b6c541dbee80af868a4fff42 |
| SHA512 | b7baa978f0b83f183797837cacdbd8ff9c41998de4defc34684036e96d2bb3016de05a39a2506b485f027fb9e3cfba63b1a5bf014a4abcde55480864944ccc1e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e8c3549d7b1ff054f477a9a5ea8cdedb |
| SHA1 | fce75b0e3bf90a235a842f06f236efe27927c110 |
| SHA256 | bcb41903fb67e7ed0f0a2fe1906e9a4f3eb020de914b5fc3d732a6f41720dc8a |
| SHA512 | 7e833b3dccb7bcfd477d28705b72ef1e975b2bcfe167922b917230830ea4d23a335d0c75ebab70986af8929d6f585b45bd74ef12bd9980fc0466077549fd0d6f |
C:\Users\Admin\Downloads\setup_undertale_2.0.0.2.exe:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5e383b62353161f5e5680671f666806a |
| SHA1 | bd1f840d5790aea72d9ea28e75456110f963f948 |
| SHA256 | 785a650ec9faeaf12f5255fe36077e85a889d7e067841c6b7cc8d3772cef009e |
| SHA512 | 02e6386698d6db6a8b3afb3d85b47143c83f185d7b35e0ca94f8d602369a31794e048216b2293f6bb8f4bef35571d90ec4bdd7fa6692a46849695eec95f9fb4e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2a6c5f693ec0d241c5fc4834b5d13173 |
| SHA1 | 6144cb12698a81231ec36f6682a76159a9fb3b09 |
| SHA256 | 633c36bad3565d5b5e27db1fbff595c02808437dd374d8bde8bc36e2a01224fa |
| SHA512 | c36f753b78b936e89da124dc8b7f84673d3a6a7a30618b66a36dd82a8d393286ef262570caa6c84c2beab8d80cd77cdc910dc1bff73b59b674b649f4ebe06e31 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6c91b145d2a6e129a5667e2e34e7958e |
| SHA1 | 418e40b79f96b72301cb5dee6ee01bcc1e198337 |
| SHA256 | 74bdd1d3bff3a77bc0da0d943808cf4439ca7920cb36309308db2823cf780d3a |
| SHA512 | 2bf6b7157c4a6bee40948b0a04c720cdc2d86a7f1252942e85f496557d9b50534c41c41e615a8d6aadf2880e7c6f5487244e28ca8f29b0d013dd1c5d4238d10f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | fa82c28f4772d4018b549871312915e6 |
| SHA1 | 1b3d22b0f43c4b2d1cb7f64b85a94e0424686218 |
| SHA256 | 44e7270afd16f392205e9122e82c4aca48ed4a88376a099191fa4ce0475c5651 |
| SHA512 | c12dbb0017d047449190da34d6d8c45f102884d7dc8fc2ca7f91ce1043428259c0240ed7d4d3b52294bc1c6a1a55e1423d247be0eb980f41ea6b30cd14d7c3f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | cbaeb7ab57d53041b36bf04d132de0f3 |
| SHA1 | 9e349ad51243054f6ea45feec142ed94ce288590 |
| SHA256 | c6839bf0a242e86a189c646bc5f2beb65841668e8668b4ba5fd5d3dc9595d81d |
| SHA512 | 75ec80219f5392f141855e646c6d9ee9788b7ab55c3b47e06ea0660efed88f9bff4e7497911f09754ec60a87b06e0d3287ba9a4a9c2333cfe170a2262217224e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 34f631c88b7c4c4237a7108d861f8fca |
| SHA1 | 0c4b9c613e4a624fc237a991d76a6697cc7f24d7 |
| SHA256 | 75a17a9d0e0ddc622747f3f4f85355e7176d1dcc6c7ea524df90f85990b904dc |
| SHA512 | e48a3502f0f9f3d68c25089d02992238c86bf59df8b4c3ed4a9b79ee16562330c0c864575fb36b7ca37191d895baed54fb4cdd44b7608acf88fe9dd2e1b86778 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6a09e9b84be55590ba71f80376cc3a15 |
| SHA1 | 1320f9d0f1d2d451baaa7cd983352221080e299e |
| SHA256 | f52d51ba215dd0d73256686ff9b50146b31bda4ba286387902651de402211d1c |
| SHA512 | 565376f2301910cda58dfbe3a6fb1b4da2c648b71b422c48d9fc70984f11aabf510e291ce255f4881f67f9b01c9370c9e6a923655b01ec84b322fd9bc07eace6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 961d8731c2da36c4d0535f4325518dbf |
| SHA1 | afe9b5a883a13278107bd2fc1b5969960734639c |
| SHA256 | 4e87d6f4589fa35600fdf203afb301edd73dd04dec55735011d097f6b4e78c0f |
| SHA512 | a73b701105ffacf8e7a0c508a46f9cedab7cd51c7a5c2e5ce392774e1528f93f5d76e8463d2d3dee29d16498272aba518bf33f618ad4adb213d8858aeedb406a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ee526ff725c72843eb47cd95205187ac |
| SHA1 | 79225f0dc82dea05564b306eac8199f3a18717fb |
| SHA256 | 8cf434ebaa7bf37d2805df1a0f7f07c6df12893045ab4a4eda8bdbc3383d26f6 |
| SHA512 | 61971079d4b0db6017675c8ccdcde35db439678c023b2d8e72e5452d598d0df6b045b6ea7aedc0ccb33ff428dad70c0fcfaf6aab7be4e39a367515f7fbefb194 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3443a93a673bd8de383bb61a9b8aa947 |
| SHA1 | 052f4c42035538e6576172101f680a6ffe693b10 |
| SHA256 | 6d63ed8a643a6158495c4cc4cab144c7ab4b1d04eb06d54571c0d971714f4747 |
| SHA512 | c63e809c130bf56c8c04b80b593e8b0f8f99565e987633bf69d731e0853c62dde643ff97a1a7a2b215284285e8ae5a9c0c7ee228c704b393f7d8f8368f45f629 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d8758e6ea7aee13c73932a9b30e3dd9d |
| SHA1 | 0c9f925b53976b08bb8efb54a95093a13b988a86 |
| SHA256 | d21bda192ea910bc5fd57c57db9b9390d3a07c74b4f7c30c5ec9bd5598995551 |
| SHA512 | 29eaae194080261fbc0099b795608a524596c42f816a6c2de603de9157e7de8a80463edfc659cfe520df980589b688bdc60d9256208ba1fd7b862a878cf0626d |
memory/1220-901-0x0000000000401000-0x0000000000424000-memory.dmp
memory/1220-899-0x0000000000400000-0x0000000000446000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-NQ0TP.tmp\setup_undertale_2.0.0.2.tmp
| MD5 | a348289ef079798dc7d48faad4a64b87 |
| SHA1 | 7e15a36ebadec0ccc65d6a68c7b467e63e14a1be |
| SHA256 | 9783653f6a21c1c36da87ee8ee80b6f3d047af99690d9310260362a493c1268e |
| SHA512 | 33b392ebbf2db63890dd2c0f1d4b3bb1443cf1b8d6e9fe0b3f7b33a0337c031746218beedf1281a6775d52d7e52fd7d9b46ba1d323d82d86a969f95c7515579f |
memory/1320-906-0x0000000000400000-0x000000000054E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\get_hw_caps.dll
| MD5 | 2e35d2894df3b691dbd8e0d4f4c84efc |
| SHA1 | d0fc14963e397d185e9f2d7dea1d07bc6308d5b9 |
| SHA256 | 869079ba362cbc560d673db290248ec2aa075a74f22a82d90621f1118f8e1c4d |
| SHA512 | 29ba662ab2e77aef0547ff76213a1b6ef52be27a446923790a27cf8b69377621048387dbb9f22001b6d15837dddada84c7350614ec9622258319658822705f90 |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\innocallback.dll
| MD5 | 1c55ae5ef9980e3b1028447da6105c75 |
| SHA1 | f85218e10e6aa23b2f5a3ed512895b437e41b45c |
| SHA256 | 6afa2d104be6efe3d9a2ab96dbb75db31565dad64dd0b791e402ecc25529809f |
| SHA512 | 1ec4d52f49747b29cfd83e1a75fc6ae4101add68ada0b9add5770c10be6dffb004bb47d0854d50871ed8d77acf67d4e0445e97f0548a95c182e83b94ddf2eb6b |
memory/1320-920-0x0000000002BB0000-0x0000000002BC5000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\GameuxInstallHelper.dll
| MD5 | 4d3ac88054df63fc810427bdaa96c458 |
| SHA1 | e4d554e03ba91f6b53a2a80253b339f56e303c94 |
| SHA256 | b07ffcd0af80f6b9fba09abe816ba2f0ff0d336639f1768fc317291bc635ece6 |
| SHA512 | d4732ad89bbb19b316dff1b9c534acf98bb985c89d1295f08e24b21531123426500b3712979dda2f0e941a5969c0cbca15bbd52f6c167653f96a494a6677ca54 |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\crcdll.dll
| MD5 | 1d51fac9e2384eeb674199cfd5281d7d |
| SHA1 | 861dfdc121357d605d0cc3793266713788109eb2 |
| SHA256 | 23e90ce5a1f2d634a7bf5d5d0522fafeea6df9e536e16f5ce91035d5197128ec |
| SHA512 | 921b00adfe43b883200960e8d0958d4e6b97f6d5cfc096ee277766a3e44cc7805a20877a4edf8bd4d9102bb71a20ac218a9a512f4f76bd751d3ef14f4e0a6eda |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\botva2.dll
| MD5 | 0177746573eed407f8dca8a9e441aa49 |
| SHA1 | 6b462adf78059d26cbc56b3311e3b97fcb8d05f7 |
| SHA256 | a4b61626a1626fdabec794e4f323484aa0644baa1c905a5dcf785dc34564f008 |
| SHA512 | d4ac96da2d72e121d1d63d64e78bcea155d62af828324b81889a3cd3928ceeb12f7a22e87e264e34498d100b57cdd3735d2ab2316e1a3bf7fa099ddb75c5071a |
memory/1320-971-0x0000000007110000-0x000000000711E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\background.jpg
| MD5 | e186979c952749422f41229b396f03ba |
| SHA1 | 07b98bae245203d2e33ed726f4c4fdccc44000ea |
| SHA256 | e7fed16156e54ddb197272ab6ca1da0cdbe0492baf870ed0c6df01e5d61505a2 |
| SHA512 | c6b926011a1a97ad4e50a12c3ba0bec8e0f4ec9103f52447e5003921efb5afafd0196180042a749adea1c04f6add91a53ad0526c785481b7c819d20d3e4e0d4a |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\EULAAccepted.png
| MD5 | 461dfeb75927bdb39f9db5348612a611 |
| SHA1 | b7893b1fff6801e37ee7337d876962a09184941e |
| SHA256 | 0de278f5ca6d8570d9bda592268a14a28b87d3631fea2d25721947397aaab79c |
| SHA512 | 68528cf45c81c2c024a672f42c2cd6d4f72c015b443f103ca21deb8ee2bec4f4027490e7f33b5338a87537b5bf7f255f2828aed149f622155ec89cc81687651b |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\EULAShow.png
| MD5 | c596bc9111edc702bbbb29b70984254f |
| SHA1 | d4712c7b91ff4f8994e7907d31357c42eb47c738 |
| SHA256 | 6112851daea2aaa7174e8cfac4a0f61c968bc090342503804c476eff47cc2462 |
| SHA512 | db50d0a39ec644873a03d64552fff1776cc94f016e8dfc8918e65aee94f7529a6de4637567b5e65c4ea988f3775785c4b52c2d96fe8dbc52b1e21ff59c737c2a |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\btn_md5.png
| MD5 | 3befe9739354ee24a0b1ea8df05ce274 |
| SHA1 | ab0bda986a8c46aa19f57b75a2b7b22445a3c625 |
| SHA256 | b0193ab375f604fa4a25cabdea8f713babde1c07ab562ffc5679352c8e01db47 |
| SHA512 | ac016a59e0bfc9b22c376ae5d498c5660893a983d932b2bd502dabe032883c69e79ea8d93c2db49f95415c3cdb068e9f7d1d85527a4f9e68e065a989852d09dd |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\ok.png
| MD5 | 103c1368e60806b1b7995a0894eacf87 |
| SHA1 | 971392527f6e4b655044773132505c901a6b5469 |
| SHA256 | 0d37d4421a39ca8852eb6760b8e914302bdc6cfcc7b170dc1b6c9bb9be148b7e |
| SHA512 | 652177e94438aff102f2ed873b26f0985ebed134763852b49b1ca2698463c1dbeb85152f19c8e18d397229ec5cb2cd1d17c61d454ab7c425a2cab540adc8228a |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\error.png
| MD5 | df10adc25b673e74e19971c17bee5a98 |
| SHA1 | ee16fb1cf9491f5e611282f0574b27d76fede412 |
| SHA256 | 142b16dc6239421691fa6e619d1a61e61176d89fa018a88b46893c29a57aad8b |
| SHA512 | dc3de10e0321966cbbfb2e57b3b41da6f26dff0c7233a47469da58775b5c471e6b5181e4d4ffc81ef8b83dbcad74ccc1aad7678518f99c9185a441d2a23e010f |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\01.System-Shock-2.png
| MD5 | 5f0539ce5754ab5c5e0a2c34c7cfb370 |
| SHA1 | f33268b73f9c899823ab3b6eeb122f84e4d67357 |
| SHA256 | 58cb880d7487feb7f6c550af1bffe46680ada0ebd092d155bfec92b759c8eab2 |
| SHA512 | a5e4248032acabb847df604780d57f69a5dd3e21d8e6509dd211903a7bcdc467ff9a78b71e0da10c9f6967717df207fc8c685c8e217d05fbf634305bf887859b |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\1456487183.ini
| MD5 | 4329204bf23061a738b6c5ea40a61ae1 |
| SHA1 | 08cd0b3d309c8c7cc279a3dd99945e85c811c6bf |
| SHA256 | 9a0b177c544189a32121751db047d727d31b1012de2b90bc4fda8e7cfa125ead |
| SHA512 | 8119b744a5b0d00e3ebdd1bec67a900914e01ed94929c9bd27fcf2b346591665964cb861f5d5f72138f9d5b9360773032d0603fc26b29714010fba8355ddf00d |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\01.Baldur's-Gate-2-Complete.png
| MD5 | b399afa2fb7d5b793c1cddfee90c8829 |
| SHA1 | ca8e45034947e40c643f2cb18d16d75d438afc30 |
| SHA256 | 139025852cb530b179c84c1748692be0f0ac21fc18d7f49dffc5f0a6b7aa85f1 |
| SHA512 | 1fb6ddaf5e1985f5b430436cc3952eb92d9d5d04f9598ab67157430a95e28939fa9d600da45e5ad214d5f605d467f7f4cf7a28594f53ff7b6c55eee1108f536d |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\02.Planescape-Torment.png
| MD5 | 0fed0da056d9d6f7debe898c44f79d3d |
| SHA1 | c76646c642377e1bd8d101febc4986d8fa37d7c1 |
| SHA256 | 9ed27528f03e8abf32cac836472fe27d8012e476ff148615a118977056f7e183 |
| SHA512 | 6c17ff7e8fd41aa3a75b3662591006cf706fc6af6e92369dde4514187da95b85ee6797b2ca9f0b1cb1bd30142bca3e5d190ccd0255706684d72fef9ce51f0bb3 |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\04.Witcher-2-Assassins-of-Kings.png
| MD5 | 6754c9c260530bebf5926600117d13a8 |
| SHA1 | c95f4847f39d2ca42b600ecd16baff4a88d98924 |
| SHA256 | af33c715c9eac00434b6e4dbc5dde8bbdb98ab6f0f0a3daeb2d7272b40e39c90 |
| SHA512 | 29f1b4562c8095d90210183fbeee3a2cf54a636d2f5cf7f36fa4a5ffa48f8c2340c487e975eef65656085fbfb352ad4dbe35a823b696f059b2d6de9e2c685bbe |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\05.Might-and-Magic-6-Pack-Limited-Edition.png
| MD5 | ed161483c5a79f3f381ad19d1e6ebd25 |
| SHA1 | afcb96430d1cdb5b85e1c177fb09b99e1c0e6952 |
| SHA256 | 301d622cdb7628f02df53def69da5eedcc19959daf091fc63c4db5160adfd24e |
| SHA512 | 79b097b8371ee4eb3b3eb3f0777a77676fce0ed97838be4666c3ee96b0895e19f26142f28b145dcbb21fc9aab648afc46fdb07ca532f7cb12509db65e5ca18d8 |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\BigOK.png
| MD5 | 5b43a5d975a53f4fc1da67ce9f7784c1 |
| SHA1 | 8543fa1e471030049942252b23cb22e0880c3af5 |
| SHA256 | 59d8bb3e87a89ef523c0495addce38d69560af42aaa82f56dd41b12e6612c13a |
| SHA512 | 5dd5c4e9859a555a4a32da76f5231b44f7556274c6501da530b2cdd570bcb4675f710bee708322a40ed3ef9280c0d652b4e7ef0e9eaf128c08534f59291917f5 |
memory/1220-1105-0x0000000000400000-0x0000000000446000-memory.dmp
memory/1320-1106-0x0000000000400000-0x000000000054E000-memory.dmp
memory/1320-1108-0x0000000007110000-0x000000000711E000-memory.dmp
memory/1320-1109-0x0000000000400000-0x000000000054E000-memory.dmp
memory/1320-1107-0x0000000002BB0000-0x0000000002BC5000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a5c0877f77f2e81f9dcdc48fa7514663 |
| SHA1 | 8b4f5d2b6a3f37409cb8dd1b58e3297cecc27670 |
| SHA256 | 5f5f0290bf3bc8a0b093271df42ee2a78b4392f77c429865a523281bac0cbbe8 |
| SHA512 | 571b471c0597bf47435a8762663005045c7ff6d724aeed76b27159e7f83437d10dec724c9fba5a7802c7698fb138814b43e69a29b7197dd2ddc35ef18db6e72e |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\track_left.png
| MD5 | 55dacb00cbe2825a8540236c5777a205 |
| SHA1 | 18a52ac6c741b558500fbc1716d46b4fe4471982 |
| SHA256 | a8340fb5380c922b60ea40043590dba067dcfed6e22636851691df38156a3aa8 |
| SHA512 | 2ea444cc1080f20761c8d71d96fcd04ef48254cdc1dc41d1d139f459ea5613fe12f6e4bd026bf33a5c01ff038e72e05dae2f8fba33ff517dd395e1911f10ff10 |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\track_center.png
| MD5 | 3f2b0c22f8ea28dcbb82b39a16a039aa |
| SHA1 | b3f4dfc2ea86fbdad05877b4c356b7fa8016731d |
| SHA256 | 794f9eeca7fd99846968376b76a296c927532cef1271325cbf555caa0d0d5860 |
| SHA512 | b4bf65d751717e85418947662d315ae3bcb177f60914832fefeeb95da9eddb75eb5531c62e5a5a70ff03c8a025b5a03e61ffbdecc9f483bea9684454ca9362d3 |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\track_right.png
| MD5 | ddec70b6c49be3e8c3a7d01c2f6ff1c5 |
| SHA1 | 5383271999f787c36b1dc8f3cc13c8407b195439 |
| SHA256 | f54cd6e42f2b2bc5cb8a15f6a28f1499abf094a519ebdf39f4c4e167312c9c16 |
| SHA512 | f43f94b194b5a7eafcec9e831f61042859c30e1af2e2447195bdd06b12c90982181161a1c1be5aa5223ff664f88e4891bd71cfffb7ef672d6fe4f614030e0e01 |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\progress_left.png
| MD5 | 290c7612ad7a077028cd3dc78ce99673 |
| SHA1 | 18995fbe39d05e4a1cafc7cc2e0f6fb745442f77 |
| SHA256 | 85e39d909a7300fa2043ec42818582867b981401264b14fc5408e477ae0b4668 |
| SHA512 | 799841f5b8a1056e78a49c823009750e4b93af130a6c4ff9dc6d386c06b88614e53b46a6df62f5a217d5c99da01cf4e2fe8392c73d39e81000045291cf24205a |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\progress_right.png
| MD5 | c25a41f022a74308d944d1e807d72f44 |
| SHA1 | 83c6bbec3fb373fcc78ce0e737742100994cd6d4 |
| SHA256 | 396a3351fe409328782ab138282cf9cec061a5a9540a3506700a620db1f54e7d |
| SHA512 | d2f4449195f3e60c826cfabb52a083d829eb9d0509272977d8fdb33bc5214678949cd27d0594684594e0a3eda2351c39cec8d91923cb716ad144ccf2b966c8e6 |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\progress_center.png
| MD5 | ad7fc1e37e40da38dd57adc446cc6c0e |
| SHA1 | 08033265deb9b45243cfa0065d98ffe13a039e26 |
| SHA256 | 2b9dae87340e66b67ab1d8247d4a137628e324969f92fe1098f95a7c5bab2f43 |
| SHA512 | dd715d74f8e1ed6ab75b7b6530b383ac47040d8baa7728be160f6d230bf485a9cc54f15f7dc85b122ce56e54d63fa4890e510dfc89d9c9344e31f789ebac8756 |
C:\GOG Games\Undertale\Support.ico
| MD5 | 650bee8a9ef04c41760502a1c3b89c76 |
| SHA1 | c18a2d771d2487e6c6dc51a2ba1127f4ebb0213a |
| SHA256 | 05fe749ef47d1ec862d6c55be78e66d1011226bf1f78409acf57cb79cec5eb20 |
| SHA512 | a2120e8df9434b31406a4160cba4f006a25990cb0c1257c10c1a06ba314df28b193abf7183b978d6f516577bfa4c5d689c77599d51a7833601a553a7750867bf |
C:\GOG Games\Undertale\gog.ico
| MD5 | 88cbd6c016021b7b4a4b15879476ec6b |
| SHA1 | b6d0919b43934b29a550369370de069ed569b36e |
| SHA256 | f6a71321521ba89713f0bd38b21f809e87e8a789cb172e8e4693f9479e30b1e4 |
| SHA512 | 47569c2a3e5bd791c59423e31abfb3777acf5a0a53a8b3170084324010349c2a60e6e14f945390e9f256feb30fabe8c50497123d393f7b6408dc8f4bf362dcb5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3d8fe0148971638cc5aef52621d61f87 |
| SHA1 | 0ff17dc6cc61d4720e149cb9d86b4dfbd3f08c30 |
| SHA256 | 4c0217e58fa6aad22e523032b725a8ce7f25cf5ab7664faa49e1b3ad8e333ea0 |
| SHA512 | 979a669a8d815d5921832f8adfd4a5de2dff353ea6ec37c15d4141bbcd8155e8a70dcca534e9dea64ff226fb87177beb4c24f0e8863063573326055968f9ad5d |
memory/1320-1575-0x0000000000400000-0x000000000054E000-memory.dmp
memory/1320-1577-0x0000000007110000-0x000000000711E000-memory.dmp
memory/1320-1576-0x0000000002BB0000-0x0000000002BC5000-memory.dmp
C:\GOG Games\Undertale\UNDERTALE.exe
| MD5 | 93d87952773a2bb59a8667d0bc06c2c0 |
| SHA1 | 480c87f42e8ecbcde1104f4a61de5dee6a9cb3c5 |
| SHA256 | 9ec41f5094544c938fc075f5506c089d0c1e11fb93afba79a196981bef81d19b |
| SHA512 | d9fce47e5c037e4954437c95abea6959e39c91d0bcd596f1c3267e5c09e5a0defade4c63617609b5386879bcae06e3c60e909fcf2476e250bc960eea0c2d1c6d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | aaf4e194510466e6bf2edeaf0ae5844e |
| SHA1 | d742ca8a6786c8d8ab55e92ca7998e27cc11ce46 |
| SHA256 | f23a5a297bf1b9bd24d7d9c1fceed0f53f1ad973f4c55d36fd6e1cf0e83ed3f2 |
| SHA512 | 3287e02648dbf55b2009bdeb7c66d6f220914f115b8964384079292615a65e84d213707ba6bf33ddb6c896c0235e7ab8864acb6fd718353d708b66ae60d4330f |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\GOG_new.png
| MD5 | 4ae6f5b38a7dafc08c75e3ba3c141eb3 |
| SHA1 | f423034b8ddad1cee41261e809d216c97f2d8e7b |
| SHA256 | ab52ceed113fa6bf9e6bd267b6302f61cc86365cdfd7253fed4ec8dfe01dfcaa |
| SHA512 | 10afbb5404b1a67b376845d8e2b7f15faee975b55c61d2a98b3c2fa22bc3c4811a9d0795d210d51a3ea50f8ba4a6278fec173c9d435db7bb372ecd6319c3de60 |
C:\Users\Admin\AppData\Local\Temp\is-50OTP.tmp\error_icon.png
| MD5 | 263720c4b8bb111567a2a49989b8f467 |
| SHA1 | cf346fa3c70164648e0eaf72a37c6f4920ab4792 |
| SHA256 | acdf96ee4261fae138e6350a0ad50b367022ed5b908fa168baad92644f566ee8 |
| SHA512 | 94f06a81dc735cf264abde86e6169e5fd78d873d2e926fd48287d2ac5208fc930c3c432186e3510add002bd1b4ae32ad8d35270b17c3ce5f18c43764a8e9de43 |
C:\GOG Games\Undertale\D3DX9_43.dll
| MD5 | 86e39e9161c3d930d93822f1563c280d |
| SHA1 | f5944df4142983714a6d9955e6e393d9876c1e11 |
| SHA256 | 0b28546be22c71834501f7d7185ede5d79742457331c7ee09efc14490dd64f5f |
| SHA512 | 0a3e311c4fd5c2194a8807469e47156af35502e10aeb8a3f64a01ff802cd8669c7e668cc87b593b182fd830a126d002b5d5d7b6c77991158bffdb0b5b997f6b3 |
memory/1220-1759-0x0000000000400000-0x0000000000446000-memory.dmp
C:\GOG Games\Undertale\options.ini
| MD5 | 396f73a1185a5642f5f1e2538b64396a |
| SHA1 | d72d687a5a1258986f218bfccacc6118c39ec4f9 |
| SHA256 | e267293f58d257d2dd1e00ad25425bdb798fcbf75256a7d45b7d7086159dbc58 |
| SHA512 | e17cfca14ce79c71eea01973385fa4151989d40bfc5a04b97fd3534ff5b4f04b385d11867d80a60325aa0bd13403910fee73ab9379f0e05c669d24d5d95957da |
memory/1320-1757-0x0000000000400000-0x000000000054E000-memory.dmp
C:\GOG Games\Undertale\splash.png
| MD5 | 188cf6da0fd3f7ec3e1be7d6a2c38663 |
| SHA1 | 17f12013c22612b58382ab7ef01da4a96036fb9a |
| SHA256 | 358239b9859b8b15135b8092ce1cf45473db83e0cbe50c632bcd2a510d41cd05 |
| SHA512 | 4d60a961cd3f30d180f07fd894d74db0f730e93323338b112918c44719f2d2cc4b4b18803288fc0d047710840cbc78106fb3eb13a6249747b6d21fb7382fda45 |
C:\Users\Admin\Videos\Captures\desktop.ini
| MD5 | b0d27eaec71f1cd73b015f5ceeb15f9d |
| SHA1 | 62264f8b5c2f5034a1e4143df6e8c787165fbc2f |
| SHA256 | 86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2 |
| SHA512 | 7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c |
C:\GOG Games\Undertale\mus_story.ogg
| MD5 | f8ae724c02da7fd9549604d0b9bb200a |
| SHA1 | 4fb96d75fa73733f68091e05192752c5ca9fda2e |
| SHA256 | 83e5ae316f2ca2351f29e071fe43187749748ee3e69f0c360e367b033432467e |
| SHA512 | 459c3b19c9cf76684b921a9636c64e3164724b9680ddacf5eb250d047ca6fbba4dc3223ce663e18091d374c8314bd80eee30a010ea7bd6ec244cdf5086647535 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fb4d7467d0806b9394d81eadab20b2e4 |
| SHA1 | 763e2670ffa913ae01f515f5dced67a86a046e04 |
| SHA256 | c9c491b479c8132d66b911744a0c0620a8ded1033b3f5108b7ec65f1f090a8f1 |
| SHA512 | 14c8aab8a7734011caedd801263b9960ab57301b6d0a114c1820689741f948265404fe77d5521380a299f0e723ba751321643da483635e71771a4c5caa0165ff |
C:\GOG Games\Undertale\mus_intronoise.ogg
| MD5 | a3e449250984ae2e4954e546a54d624a |
| SHA1 | a15bb303a9c21ad905e2e7098e4f7e231566ca97 |
| SHA256 | 323dcb2a727698754879897fe8a23ba52446ed22c9499de27c8a467651554c28 |
| SHA512 | 0d5ddcd44b83b84d04c3437db6a0c3252166b26ffdf2ae389b7b17fd53e9415cc0fe2cef013ef2fecd38af61f73fd3e707afc4784a45a341dc3fb570e052a6cf |
Analysis: behavioral2
Detonation Overview
Submitted
2024-08-30 22:12
Reported
2024-08-30 22:43
Platform
ubuntu2404-amd64-20240523-en
Max time kernel
20s
Max time network
640s
Command Line
Signatures
Changes its process name
| Description | Indicator | Process | Target |
| Changes the process name, possibly in an attempt to hide itself | pool-spawner | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | gmain | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | pool-spawner | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | gmain | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | glean.dispatche | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPC I/O Parent | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Timer | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Netlink Monitor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Netlink Monitor | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Socket Thread | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPDL Background | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Backgro~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | IPDL Background | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | HTML5 Parser | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | HTML5 Parser | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | pool-firefox | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | pool-firefox | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | gdbus | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | JS Watchdog | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | JS Watchdog | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BGReadURLs | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BGReadURLs | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cache2 I/O | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cookie | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | Cookie | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | TaskCon~ller #0 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | TaskCon~ller #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BgIOThr~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BgIOThr~Pool #2 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BgIOThr~Pool #2 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | BgIOThr~Pool #1 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #2 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #2 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #3 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #4 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #5 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #3 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #4 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #5 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #6 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #6 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #7 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #7 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #8 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #8 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #9 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #10 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #10 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #9 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #11 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #11 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #12 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #12 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #13 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #14 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #13 | N/A | N/A |
| Changes the process name, possibly in an attempt to hide itself | StreamTrans #14 | N/A | N/A |
Checks CPU configuration
| Description | Indicator | Process | Target |
| File opened for reading | /proc/cpuinfo | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
Reads CPU attributes
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/size | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/size | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/present | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cpu_capacity | /snap/firefox/4259/usr/lib/firefox/glxtest | N/A |
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/module/apparmor/parameters/enabled | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /sys/kernel/mm/transparent_hugepage/hpage_pmd_size | /usr/lib/snapd/snap-seccomp | N/A |
| File opened for reading | /sys/fs/cgroup/system.slice/boot.mount | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/system.slice/system-modprobe.slice | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/session.slice/org.gnome.SettingsDaemon.Power.service | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/vendor | /snap/firefox/4259/usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/fs/cgroup/system.slice/systemd-logind.service | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/session.slice | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/device | /snap/firefox/4259/usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/app.slice/gnome-session-monitor.service | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/devices/system/cpu | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/system/cpu | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/session.slice/gvfs-metadata.service | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/devices/virtual/dma_heap/system/uevent | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/system.slice/dbus.service | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/system.slice/kerneloops.service | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/system.slice/agent.service | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/drm/renderD128 | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features | /snap/bin/firefox | N/A |
| File opened for reading | /sys/fs/cgroup/system.slice/systemd-udevd.service/udev | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/devices/system/cpu | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/fs/cgroup/system.slice/accounts-daemon.service | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/system.slice/cron.service | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/session.slice/org.gnome.SettingsDaemon.ScreensaverProxy.service | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/devices/system/cpu | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/fs/cgroup/system.slice/snap-thunderbird-470.mount | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/system.slice/wpa_supplicant.service | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/background.slice | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/session.slice/gvfs-afc-volume-monitor.service | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/device | /snap/firefox/4259/usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/devices/system/cpu | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/network_v8 | /snap/bin/firefox | N/A |
| File opened for reading | /sys/fs/cgroup/system.slice/polkit.service | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/system.slice/ssh.socket | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/user.slice/user-0.slice | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/session.slice/org.gnome.SettingsDaemon.MediaKeys.service | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/kernel/mm/transparent_hugepage/hpage_pmd_size | /usr/bin/snapctl | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/vendor | /snap/firefox/4259/usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/devices/system/node/node0/meminfo | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/caps | /snap/bin/firefox | N/A |
| File opened for reading | /sys/kernel/security/apparmor/features/domain | /snap/bin/firefox | N/A |
| File opened for reading | /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/app.slice/app-gnome\x2dsession\x2dmanager.slice/[email protected] | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/session.slice/at-spi-dbus-bus.service | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/session.slice/org.gnome.SettingsDaemon.XSettings.service | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/vendor | /snap/firefox/4259/usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/app.slice/app-org.gnome.Terminal.slice/vte-spawn-b4734e3b-affa-41aa-acb9-af45dfd5c0c3.scope | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/bus/pci/devices | /snap/firefox/4259/usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/fs/cgroup/system.slice/avahi-daemon.service | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/system.slice/power-profiles-daemon.service | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/system.slice/snap-bare-5.mount | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/class | /snap/firefox/4259/usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/fs/cgroup/system.slice/rtkit-daemon.service | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/app.slice/app-gnome\x2dsession\x2dmanager.slice | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/session.slice/org.gnome.SettingsDaemon.Housekeeping.service | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/app.slice/snap.firefox.firefox-d031047b-4f9a-43cf-a76b-ccffd7d401b1.scope/cpu.max | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/drm/card1/card1-Virtual-1/uevent | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/kernel/mm/transparent_hugepage/hpage_pmd_size | /usr/bin/snapctl | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/device | /snap/firefox/4259/usr/lib/firefox/glxtest | N/A |
| File opened for reading | /sys/devices/pci0000:00/0000:00:02.0/drm/card1/uevent | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/sys-kernel-config.mount | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/sys-kernel-debug.mount | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/system.slice/ModemManager.service | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/app.slice/dconf.service | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/session.slice/org.gnome.SettingsDaemon.Rfkill.service | /usr/lib/snapd/snap-confine | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/self/fd/49 | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/158 | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/2535/attr/apparmor/current | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /proc/self/fd/42 | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/2845/stat | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/stat | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/2890/stat | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/self/fd/47 | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/mountinfo | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /proc/self/fd/51 | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/stat | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/2460/cmdline | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/mountinfo | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/filesystems | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/mkdir | N/A |
| File opened for reading | /proc/self/fd/44 | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/2830/smaps | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/2466/status | /usr/bin/dbus-daemon | N/A |
| File opened for reading | /proc/self/fd/10 | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /proc/self/task/2902/stat | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/fd/71 | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/cgroup | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /proc/self/cgroup | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/55 | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/93 | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/mountinfo | /snap/bin/firefox | N/A |
| File opened for reading | /proc/2535/cgroup | /snap/bin/firefox | N/A |
| File opened for reading | /proc/self/fd/57 | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/self/fd/30 | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/41 | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/11 | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/maps | /usr/bin/grep | N/A |
| File opened for reading | /proc/filesystems | /usr/bin/sed | N/A |
| File opened for reading | /proc/filesystems | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/9 | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /proc/self/fd/11 | /usr/lib/snapd/snap-confine | N/A |
| File opened for reading | /proc/self/fd/33 | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd/81 | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/2816/statm | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/mountinfo | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/cmdline | /usr/lib/snapd/snap-exec | N/A |
| File opened for reading | /proc/self/fd/50 | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/2721/stat | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/stat | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/sys/kernel/cap_last_cap | /usr/bin/dbus-daemon | N/A |
Writes file to tmp directory
| Description | Indicator | Process | Target |
| File opened for modification | /tmp/firefox/.parentlock | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
| File opened for modification | /tmp/mozilla-temp-713443461 | /snap/firefox/4259/usr/lib/firefox/firefox | N/A |
Processes
/usr/bin/xdg-open
[xdg-open http://www.mediafire.com/file/nix36lf9t48w2i4/setup_undertale_2.0.0.2.exe]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/bin/dbus-daemon
[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/usr/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root]
/usr/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/grep
[grep -q ^Enlightenment]
/usr/bin/uname
[uname]
/usr/bin/grep
[grep -q ^file://]
/usr/bin/egrep
[egrep -q ^[[:alpha:]+\.\-]+:]
/usr/local/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/local/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/bin/sed
[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]
/usr/bin/xdg-mime
[xdg-mime query default x-scheme-handler/http]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/usr/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root]
/usr/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/grep
[grep -q ^Enlightenment]
/usr/bin/uname
[uname]
/usr/bin/sed
[sed s/:/ /g]
/usr/bin/grep
[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/sed
[sed s/:/ /g]
/usr/bin/grep
[grep -l x-scheme-handler/http; /.local/share/applications/*.desktop]
/usr/bin/grep
[grep -l x-scheme-handler/http; /usr/local/share//applications/*.desktop]
/usr/bin/grep
[grep -l x-scheme-handler/http; /usr/share//applications/apport-gtk.desktop /usr/share//applications/bluetooth-sendto.desktop /usr/share//applications/display-im6.q16.desktop /usr/share//applications/gcr-prompter.desktop /usr/share//applications/gcr-viewer.desktop /usr/share//applications/geoclue-demo-agent.desktop /usr/share//applications/gkbd-keyboard-display.desktop /usr/share//applications/gnome-about-panel.desktop /usr/share//applications/gnome-applications-panel.desktop /usr/share//applications/gnome-background-panel.desktop /usr/share//applications/gnome-bluetooth-panel.desktop /usr/share//applications/gnome-color-panel.desktop /usr/share//applications/gnome-datetime-panel.desktop /usr/share//applications/gnome-disk-image-mounter.desktop /usr/share//applications/gnome-disk-image-writer.desktop /usr/share//applications/gnome-display-panel.desktop /usr/share//applications/gnome-initial-setup.desktop /usr/share//applications/gnome-keyboard-panel.desktop /usr/share//applications/gnome-language-selector.desktop /usr/share//applications/gnome-mouse-panel.desktop /usr/share//applications/gnome-multitasking-panel.desktop /usr/share//applications/gnome-network-panel.desktop /usr/share//applications/gnome-notifications-panel.desktop /usr/share//applications/gnome-online-accounts-panel.desktop /usr/share//applications/gnome-power-panel.desktop /usr/share//applications/gnome-printers-panel.desktop /usr/share//applications/gnome-privacy-panel.desktop /usr/share//applications/gnome-region-panel.desktop /usr/share//applications/gnome-search-panel.desktop /usr/share//applications/gnome-session-properties.desktop /usr/share//applications/gnome-sharing-panel.desktop /usr/share//applications/gnome-sound-panel.desktop /usr/share//applications/gnome-system-monitor-kde.desktop /usr/share//applications/gnome-system-panel.desktop /usr/share//applications/gnome-ubuntu-panel.desktop /usr/share//applications/gnome-universal-access-panel.desktop /usr/share//applications/gnome-users-panel.desktop /usr/share//applications/gnome-wacom-panel.desktop /usr/share//applications/gnome-wifi-panel.desktop /usr/share//applications/gnome-wwan-panel.desktop /usr/share//applications/hplj1020.desktop /usr/share//applications/ibus-setup-table.desktop /usr/share//applications/im-config.desktop /usr/share//applications/io.snapcraft.SessionAgent.desktop /usr/share//applications/libreoffice-calc.desktop /usr/share//applications/libreoffice-draw.desktop /usr/share//applications/libreoffice-impress.desktop /usr/share//applications/libreoffice-math.desktop /usr/share//applications/libreoffice-startcenter.desktop /usr/share//applications/libreoffice-writer.desktop /usr/share//applications/libreoffice-xsltfilter.desktop /usr/share//applications/nautilus-autorun-software.desktop /usr/share//applications/nm-applet.desktop /usr/share//applications/nm-connection-editor.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Emojier.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Extension.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Wayland.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Setup.desktop /usr/share//applications/org.freedesktop.Xwayland.desktop /usr/share//applications/org.gnome.Calculator.desktop /usr/share//applications/org.gnome.Calendar.desktop /usr/share//applications/org.gnome.Characters.desktop /usr/share//applications/org.gnome.DejaDup.desktop /usr/share//applications/org.gnome.DiskUtility.desktop /usr/share//applications/org.gnome.Evince-previewer.desktop /usr/share//applications/org.gnome.Evince.desktop /usr/share//applications/org.gnome.Evolution-alarm-notify.desktop /usr/share//applications/org.gnome.FileRoller.desktop /usr/share//applications/org.gnome.Logs.desktop /usr/share//applications/org.gnome.Nautilus.desktop /usr/share//applications/org.gnome.OnlineAccounts.OAuth2.desktop /usr/share//applications/org.gnome.PowerStats.desktop /usr/share//applications/org.gnome.RemoteDesktop.Handover.desktop /usr/share//applications/org.gnome.Rhythmbox3.desktop /usr/share//applications/org.gnome.Rhythmbox3.device.desktop /usr/share//applications/org.gnome.Settings.desktop /usr/share//applications/org.gnome.Shell.Extensions.desktop /usr/share//applications/org.gnome.Shell.PortalHelper.desktop /usr/share//applications/org.gnome.Shell.desktop /usr/share//applications/org.gnome.Shotwell-Viewer.desktop /usr/share//applications/org.gnome.Shotwell.Auth.desktop /usr/share//applications/org.gnome.Shotwell.desktop /usr/share//applications/org.gnome.Snapshot.desktop /usr/share//applications/org.gnome.SystemMonitor.desktop /usr/share//applications/org.gnome.Tecla.desktop /usr/share//applications/org.gnome.Terminal.Preferences.desktop /usr/share//applications/org.gnome.Terminal.desktop /usr/share//applications/org.gnome.TextEditor.desktop /usr/share//applications/org.gnome.Totem.desktop /usr/share//applications/org.gnome.Zenity.desktop /usr/share//applications/org.gnome.baobab.desktop /usr/share//applications/org.gnome.clocks.desktop /usr/share//applications/org.gnome.eog.desktop /usr/share//applications/org.gnome.evolution-data-server.OAuth2-handler.desktop /usr/share//applications/org.gnome.font-viewer.desktop /usr/share//applications/org.gnome.seahorse.Application.desktop /usr/share//applications/org.remmina.Remmina-file.desktop /usr/share//applications/org.remmina.Remmina.desktop /usr/share//applications/python3.12.desktop /usr/share//applications/remmina-gnome.desktop /usr/share//applications/rygel.desktop /usr/share//applications/simple-scan.desktop /usr/share//applications/snap-handle-link.desktop /usr/share//applications/software-properties-drivers.desktop /usr/share//applications/software-properties-gtk.desktop /usr/share//applications/software-properties-livepatch.desktop /usr/share//applications/thunderbird.desktop /usr/share//applications/transmission-gtk.desktop /usr/share//applications/update-manager.desktop /usr/share//applications/usb-creator-gtk.desktop /usr/share//applications/xdg-desktop-portal-gnome.desktop /usr/share//applications/xdg-desktop-portal-gtk.desktop /usr/share//applications/yelp.desktop]
/usr/bin/grep
[grep -q %s]
/usr/bin/x-www-browser
[x-www-browser http://www.mediafire.com/file/nix36lf9t48w2i4/setup_undertale_2.0.0.2.exe]
/usr/bin/xdg-settings
[xdg-settings get default-web-browser]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/usr/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root]
/usr/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/grep
[grep -q ^Enlightenment]
/usr/bin/uname
[uname]
/usr/bin/xdg-mime
[xdg-mime query default x-scheme-handler/http]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/usr/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root]
/usr/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/grep
[grep -q ^Enlightenment]
/usr/bin/uname
[uname]
/usr/bin/sed
[sed s/:/ /g]
/usr/bin/grep
[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/grep
[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/grep
[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/sed
[sed s/:/ /g]
/usr/bin/grep
[grep -l x-scheme-handler/http; /.local/share/applications/*.desktop]
/usr/bin/grep
[grep -l x-scheme-handler/http; /usr/local/share//applications/*.desktop]
/usr/bin/grep
[grep -l x-scheme-handler/http; /usr/share//applications/apport-gtk.desktop /usr/share//applications/bluetooth-sendto.desktop /usr/share//applications/display-im6.q16.desktop /usr/share//applications/gcr-prompter.desktop /usr/share//applications/gcr-viewer.desktop /usr/share//applications/geoclue-demo-agent.desktop /usr/share//applications/gkbd-keyboard-display.desktop /usr/share//applications/gnome-about-panel.desktop /usr/share//applications/gnome-applications-panel.desktop /usr/share//applications/gnome-background-panel.desktop /usr/share//applications/gnome-bluetooth-panel.desktop /usr/share//applications/gnome-color-panel.desktop /usr/share//applications/gnome-datetime-panel.desktop /usr/share//applications/gnome-disk-image-mounter.desktop /usr/share//applications/gnome-disk-image-writer.desktop /usr/share//applications/gnome-display-panel.desktop /usr/share//applications/gnome-initial-setup.desktop /usr/share//applications/gnome-keyboard-panel.desktop /usr/share//applications/gnome-language-selector.desktop /usr/share//applications/gnome-mouse-panel.desktop /usr/share//applications/gnome-multitasking-panel.desktop /usr/share//applications/gnome-network-panel.desktop /usr/share//applications/gnome-notifications-panel.desktop /usr/share//applications/gnome-online-accounts-panel.desktop /usr/share//applications/gnome-power-panel.desktop /usr/share//applications/gnome-printers-panel.desktop /usr/share//applications/gnome-privacy-panel.desktop /usr/share//applications/gnome-region-panel.desktop /usr/share//applications/gnome-search-panel.desktop /usr/share//applications/gnome-session-properties.desktop /usr/share//applications/gnome-sharing-panel.desktop /usr/share//applications/gnome-sound-panel.desktop /usr/share//applications/gnome-system-monitor-kde.desktop /usr/share//applications/gnome-system-panel.desktop /usr/share//applications/gnome-ubuntu-panel.desktop /usr/share//applications/gnome-universal-access-panel.desktop /usr/share//applications/gnome-users-panel.desktop /usr/share//applications/gnome-wacom-panel.desktop /usr/share//applications/gnome-wifi-panel.desktop /usr/share//applications/gnome-wwan-panel.desktop /usr/share//applications/hplj1020.desktop /usr/share//applications/ibus-setup-table.desktop /usr/share//applications/im-config.desktop /usr/share//applications/io.snapcraft.SessionAgent.desktop /usr/share//applications/libreoffice-calc.desktop /usr/share//applications/libreoffice-draw.desktop /usr/share//applications/libreoffice-impress.desktop /usr/share//applications/libreoffice-math.desktop /usr/share//applications/libreoffice-startcenter.desktop /usr/share//applications/libreoffice-writer.desktop /usr/share//applications/libreoffice-xsltfilter.desktop /usr/share//applications/nautilus-autorun-software.desktop /usr/share//applications/nm-applet.desktop /usr/share//applications/nm-connection-editor.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Emojier.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Extension.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Wayland.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Setup.desktop /usr/share//applications/org.freedesktop.Xwayland.desktop /usr/share//applications/org.gnome.Calculator.desktop /usr/share//applications/org.gnome.Calendar.desktop /usr/share//applications/org.gnome.Characters.desktop /usr/share//applications/org.gnome.DejaDup.desktop /usr/share//applications/org.gnome.DiskUtility.desktop /usr/share//applications/org.gnome.Evince-previewer.desktop /usr/share//applications/org.gnome.Evince.desktop /usr/share//applications/org.gnome.Evolution-alarm-notify.desktop /usr/share//applications/org.gnome.FileRoller.desktop /usr/share//applications/org.gnome.Logs.desktop /usr/share//applications/org.gnome.Nautilus.desktop /usr/share//applications/org.gnome.OnlineAccounts.OAuth2.desktop /usr/share//applications/org.gnome.PowerStats.desktop /usr/share//applications/org.gnome.RemoteDesktop.Handover.desktop /usr/share//applications/org.gnome.Rhythmbox3.desktop /usr/share//applications/org.gnome.Rhythmbox3.device.desktop /usr/share//applications/org.gnome.Settings.desktop /usr/share//applications/org.gnome.Shell.Extensions.desktop /usr/share//applications/org.gnome.Shell.PortalHelper.desktop /usr/share//applications/org.gnome.Shell.desktop /usr/share//applications/org.gnome.Shotwell-Viewer.desktop /usr/share//applications/org.gnome.Shotwell.Auth.desktop /usr/share//applications/org.gnome.Shotwell.desktop /usr/share//applications/org.gnome.Snapshot.desktop /usr/share//applications/org.gnome.SystemMonitor.desktop /usr/share//applications/org.gnome.Tecla.desktop /usr/share//applications/org.gnome.Terminal.Preferences.desktop /usr/share//applications/org.gnome.Terminal.desktop /usr/share//applications/org.gnome.TextEditor.desktop /usr/share//applications/org.gnome.Totem.desktop /usr/share//applications/org.gnome.Zenity.desktop /usr/share//applications/org.gnome.baobab.desktop /usr/share//applications/org.gnome.clocks.desktop /usr/share//applications/org.gnome.eog.desktop /usr/share//applications/org.gnome.evolution-data-server.OAuth2-handler.desktop /usr/share//applications/org.gnome.font-viewer.desktop /usr/share//applications/org.gnome.seahorse.Application.desktop /usr/share//applications/org.remmina.Remmina-file.desktop /usr/share//applications/org.remmina.Remmina.desktop /usr/share//applications/python3.12.desktop /usr/share//applications/remmina-gnome.desktop /usr/share//applications/rygel.desktop /usr/share//applications/simple-scan.desktop /usr/share//applications/snap-handle-link.desktop /usr/share//applications/software-properties-drivers.desktop /usr/share//applications/software-properties-gtk.desktop /usr/share//applications/software-properties-livepatch.desktop /usr/share//applications/thunderbird.desktop /usr/share//applications/transmission-gtk.desktop /usr/share//applications/update-manager.desktop /usr/share//applications/usb-creator-gtk.desktop /usr/share//applications/xdg-desktop-portal-gnome.desktop /usr/share//applications/xdg-desktop-portal-gtk.desktop /usr/share//applications/yelp.desktop]
/usr/bin/gsettings
[gsettings get org.gnome.shell favorite-apps]
/usr/bin/grep
[grep -q 'firefox.desktop']
/usr/bin/gsettings
[gsettings get com.canonical.Unity.Launcher favorites]
/usr/bin/grep
[grep -q 'application://firefox.desktop']
/usr/bin/gsettings
[gsettings get org.mate.panel object-id-list]
/usr/bin/which
[which qdbus]
/snap/bin/firefox
[/snap/bin/firefox http://www.mediafire.com/file/nix36lf9t48w2i4/setup_undertale_2.0.0.2.exe]
/usr/lib/snapd/snap-seccomp
[/usr/lib/snapd/snap-seccomp version-info]
/usr/lib/snapd/snap-confine
[/usr/lib/snapd/snap-confine --base core22 snap.firefox.firefox /usr/lib/snapd/snap-exec firefox http://www.mediafire.com/file/nix36lf9t48w2i4/setup_undertale_2.0.0.2.exe]
/usr/lib/snapd/snap-exec
[/usr/lib/snapd/snap-exec firefox http://www.mediafire.com/file/nix36lf9t48w2i4/setup_undertale_2.0.0.2.exe]
/snap/firefox/4259/snap/command-chain/desktop-launch
[/snap/firefox/4259/snap/command-chain/desktop-launch /snap/firefox/4259/firefox.launcher http://www.mediafire.com/file/nix36lf9t48w2i4/setup_undertale_2.0.0.2.exe]
/usr/bin/date
[date +%s.%N]
/usr/bin/chmod
[chmod 700 /root/snap/firefox/4259/.config]
/usr/bin/md5sum
[md5sum]
/usr/bin/cat
[cat /root/snap/firefox/4259/.config/user-dirs.dirs.md5sum]
/usr/bin/md5sum
[md5sum]
/usr/bin/cat
[cat /root/snap/firefox/4259/.config/user-dirs.locale.md5sum]
/usr/bin/grep
[grep -qs ^\s*confinement:\s*classic\s* /snap/firefox/4259/meta/snap.yaml]
/usr/bin/snapctl
[snapctl is-connected gnome-42-2204]
/usr/bin/snapctl
[snapctl is-connected gsettings]
/usr/bin/mkdir
[mkdir -p /run/user/0/snap.firefox -m 700]
/usr/bin/realpath
[realpath /root/snap/firefox/4259/.config]
/usr/bin/realpath
[realpath /root/snap/firefox/common]
/usr/bin/mkdir
[mkdir -p /run/user/0/snap.firefox/dconf]
/usr/bin/ln
[ln -sf ../../dconf/user /run/user/0/snap.firefox/dconf/user]
/usr/bin/rm
[rm -rf /root/snap/firefox/4259/.config/ibus/bus]
/usr/bin/ln
[ln -sfn /root/.config/ibus/bus /root/snap/firefox/4259/.config/ibus]
/snap/firefox/4259/firefox.launcher
[/snap/firefox/4259/firefox.launcher http://www.mediafire.com/file/nix36lf9t48w2i4/setup_undertale_2.0.0.2.exe]
/snap/firefox/4259/usr/lib/firefox/firefox
[/snap/firefox/4259/usr/lib/firefox/firefox http://www.mediafire.com/file/nix36lf9t48w2i4/setup_undertale_2.0.0.2.exe]
/usr/bin/snapctl
[/usr/bin/snapctl is-connected]
/usr/bin/snapctl
[/usr/bin/snapctl is-connected gsettings]
/snap/firefox/4259/usr/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/usr/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/local/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/local/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/games/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/local/games/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/gnome-platform/usr/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/usr/lib/firefox/glxtest
[/snap/firefox/4259/usr/lib/firefox/glxtest -f 12]
/snap/firefox/4259/usr/lib/firefox/firefox
[/snap/firefox/4259/usr/lib/firefox/firefox -contentproc -parentBuildID 20240510023632 -prefsLen 20605 -prefMapSize 239489 -appDir /snap/firefox/4259/usr/lib/firefox/browser {0ee6d978-b4be-4eac-8e27-62eecc1052d0} 2535 true socket]
/snap/firefox/4259/usr/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/usr/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/local/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/local/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/games/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/local/games/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/gnome-platform/usr/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/usr/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/usr/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/local/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/local/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/games/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/local/games/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/gnome-platform/usr/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/usr/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/usr/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/local/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/local/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/games/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/local/games/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/gnome-platform/usr/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/usr/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/usr/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/local/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/local/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/games/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/local/games/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/gnome-platform/usr/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/usr/lib/firefox/firefox
[/snap/firefox/4259/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 23762 -prefMapSize 239489 -jsInitLen 231800 -parentBuildID 20240510023632 -greomni /snap/firefox/4259/usr/lib/firefox/omni.ja -appomni /snap/firefox/4259/usr/lib/firefox/browser/omni.ja -appDir /snap/firefox/4259/usr/lib/firefox/browser {2adb8fc3-495f-4b58-8c93-114a93e7b6a7} 2535 true tab]
/snap/firefox/4259/usr/lib/firefox/firefox
[/snap/firefox/4259/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 23436 -prefMapSize 239489 -jsInitLen 231800 -parentBuildID 20240510023632 -greomni /snap/firefox/4259/usr/lib/firefox/omni.ja -appomni /snap/firefox/4259/usr/lib/firefox/browser/omni.ja -appDir /snap/firefox/4259/usr/lib/firefox/browser {37874d0d-9155-4731-a25d-7066ab6e363a} 2535 true tab]
/snap/firefox/4259/usr/sbin/xdg-settings
[xdg-settings]
/snap/firefox/4259/usr/bin/xdg-settings
[xdg-settings]
/snap/firefox/4259/sbin/xdg-settings
[xdg-settings]
/snap/firefox/4259/bin/xdg-settings
[xdg-settings]
/usr/local/sbin/xdg-settings
[xdg-settings]
/usr/local/bin/xdg-settings
[xdg-settings]
/usr/sbin/xdg-settings
[xdg-settings]
/usr/bin/xdg-settings
[xdg-settings check default-web-browser firefox.desktop]
/usr/bin/dbus-send
[dbus-send --print-reply=literal --session --dest=io.snapcraft.Settings /io/snapcraft/Settings io.snapcraft.Settings.Check string:default-web-browser string:firefox.desktop]
/usr/bin/cut
[cut -b4-]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/usr/sbin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/usr/bin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/sbin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/bin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/local/sbin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/local/bin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/sbin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/sbin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/bin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/games/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/local/games/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/gnome-platform/usr/bin/dbus-launch
[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/usr/lib/firefox/firefox
[/snap/firefox/4259/usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 23785 -prefMapSize 239489 -jsInitLen 231800 -parentBuildID 20240510023632 -greomni /snap/firefox/4259/usr/lib/firefox/omni.ja -appomni /snap/firefox/4259/usr/lib/firefox/browser/omni.ja -appDir /snap/firefox/4259/usr/lib/firefox/browser {3e607a14-0f7c-495d-8790-31592d69a4c3} 2535 true tab]
/snap/firefox/4259/usr/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/usr/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/local/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/local/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/sbin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/games/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/usr/local/games/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/gnome-platform/usr/bin/dbus-launch
[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]
/snap/firefox/4259/usr/lib/firefox/firefox
[/snap/firefox/4259/usr/lib/firefox/firefox -contentproc -childID 4 -isForBrowser -prefsLen 29782 -prefMapSize 239489 -jsInitLen 231800 -parentBuildID 20240510023632 -greomni /snap/firefox/4259/usr/lib/firefox/omni.ja -appomni /snap/firefox/4259/usr/lib/firefox/browser/omni.ja -appDir /snap/firefox/4259/usr/lib/firefox/browser {53eabdc8-bcdc-4ae0-9c25-cd447d6559db} 2535 true tab]
/snap/firefox/4259/usr/lib/firefox/firefox
[/snap/firefox/4259/usr/lib/firefox/firefox -contentproc -parentBuildID 20240510023632 -sandboxingKind 0 -prefsLen 30728 -prefMapSize 239489 -appDir /snap/firefox/4259/usr/lib/firefox/browser {8ec7c394-0bde-4121-a9a3-e8d2bbcf1443} 2535 true utility]
/snap/firefox/4259/usr/lib/firefox/firefox
[/snap/firefox/4259/usr/lib/firefox/firefox -contentproc -parentBuildID 20240510023632 -prefsLen 30728 -prefMapSize 239489 -appDir /snap/firefox/4259/usr/lib/firefox/browser {de56749e-f78e-4a06-a43d-55a32229810a} 2535 true rdd]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | r10.o.lencr.org | udp |
| US | 8.8.8.8:53 | r10.o.lencr.org | udp |
| US | 35.190.72.216:443 | location.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.17.151.117:80 | www.mediafire.com | tcp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 8.8.8.8:53 | www.mozilla.org | udp |
| US | 8.8.8.8:53 | www.mozilla.org | udp |
| US | 8.8.8.8:53 | www.mozorg.moz.works | udp |
| US | 8.8.8.8:53 | example.org | udp |
| US | 8.8.8.8:53 | example.org | udp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 35.190.72.216:443 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| GB | 142.250.178.3:80 | o.pki.goog | tcp |
| US | 8.8.8.8:53 | getpocket.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | getpocket.cdn.mozilla.net | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | r11.o.lencr.org | udp |
| US | 8.8.8.8:53 | r11.o.lencr.org | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| GB | 96.17.179.57:80 | r11.o.lencr.org | tcp |
| US | 172.67.199.186:443 | the.gatekeeperconsent.com | tcp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| US | 104.21.63.106:80 | www.ezojs.com | tcp |
| GB | 172.217.169.14:80 | translate.google.com | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 1.1.1.1:53 | r10.o.lencr.org | udp |
| US | 1.1.1.1:53 | r10.o.lencr.org | udp |
| GB | 2.23.210.75:80 | r10.o.lencr.org | tcp |
| GB | 2.23.210.75:80 | r10.o.lencr.org | tcp |
| GB | 2.23.210.75:80 | r10.o.lencr.org | tcp |
| GB | 2.23.210.75:80 | r10.o.lencr.org | tcp |
| US | 1.1.1.1:53 | o.pki.goog | udp |
| US | 1.1.1.1:53 | o.pki.goog | udp |
| US | 172.67.199.186:443 | the.gatekeeperconsent.com | udp |
| US | 1.1.1.1:53 | privacy.gatekeeperconsent.com | udp |
| US | 1.1.1.1:53 | privacy.gatekeeperconsent.com | udp |
| US | 1.1.1.1:53 | cdn.amplitude.com | udp |
| US | 1.1.1.1:53 | cdn.amplitude.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| GB | 18.154.84.20:443 | cdn.amplitude.com | tcp |
| US | 1.1.1.1:53 | static.mediafire.com | udp |
| US | 1.1.1.1:53 | static.mediafire.com | udp |
| US | 104.17.151.117:80 | static.mediafire.com | tcp |
| US | 104.17.150.117:80 | static.mediafire.com | tcp |
| US | 104.17.150.117:80 | static.mediafire.com | tcp |
| US | 104.17.150.117:80 | static.mediafire.com | tcp |
| US | 104.17.150.117:80 | static.mediafire.com | tcp |
| US | 1.1.1.1:53 | cdn.otnolatrnup.com | udp |
| US | 1.1.1.1:53 | cdn.otnolatrnup.com | udp |
| US | 104.17.150.117:80 | static.mediafire.com | tcp |
| US | 104.16.53.110:443 | cdn.otnolatrnup.com | tcp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| FR | 13.37.187.223:80 | g.ezoic.net | tcp |
| GB | 172.217.169.14:443 | translate.google.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 104.16.53.110:443 | cdn.otnolatrnup.com | udp |
| US | 1.1.1.1:53 | www.mozilla.org | udp |
| US | 1.1.1.1:53 | www.mozorg.moz.works | udp |
| GB | 143.204.72.186:443 | www.mozilla.org | tcp |
| GB | 143.204.72.186:443 | www.mozilla.org | tcp |
| US | 1.1.1.1:53 | img-getpocket.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | img-getpocket.cdn.mozilla.net | udp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | example.org | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 1.1.1.1:53 | example.org | udp |
| US | 1.1.1.1:53 | go.ezodn.com | udp |
| US | 1.1.1.1:53 | go.ezodn.com | udp |
| US | 104.21.87.79:80 | go.ezodn.com | tcp |
| US | 104.21.87.79:80 | go.ezodn.com | tcp |
| US | 104.21.87.79:80 | go.ezodn.com | tcp |
| US | 1.1.1.1:53 | r11.o.lencr.org | udp |
| US | 1.1.1.1:53 | r11.o.lencr.org | udp |
| GB | 172.217.169.14:443 | translate.google.com | udp |
| US | 1.1.1.1:53 | shavar.prod.mozaws.net | udp |
| US | 1.1.1.1:53 | ad-delivery.net | udp |
| US | 1.1.1.1:53 | ad-delivery.net | udp |
| GB | 104.86.110.202:80 | r11.o.lencr.org | tcp |
| GB | 104.86.110.202:80 | r11.o.lencr.org | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 1.1.1.1:53 | api.amplitude.com | udp |
| US | 1.1.1.1:53 | otnolatrnup.com | udp |
| US | 1.1.1.1:53 | otnolatrnup.com | udp |
| US | 104.16.52.110:443 | otnolatrnup.com | tcp |
| US | 1.1.1.1:53 | www.mediafiredls.com | udp |
| US | 1.1.1.1:53 | www.mediafiredls.com | udp |
| US | 104.26.2.173:443 | www.mediafiredls.com | tcp |
| US | 1.1.1.1:53 | translate.googleapis.com | udp |
| US | 1.1.1.1:53 | translate.googleapis.com | udp |
| US | 1.1.1.1:53 | udp | |
| US | 1.1.1.1:53 | getpocket.com | udp |
| US | 1.1.1.1:53 | www.mozorg.moz.works | udp |
| US | 1.1.1.1:53 | www.forbes.com | udp |
| US | 1.1.1.1:53 | www.forbes.com | udp |
| US | 1.1.1.1:53 | news.sky.com | udp |
| US | 1.1.1.1:53 | news.sky.com | udp |
| US | 1.1.1.1:53 | www.standard.co.uk | udp |
| US | 1.1.1.1:53 | www.standard.co.uk | udp |
| GB | 104.86.110.200:80 | r11.o.lencr.org | tcp |
| GB | 142.250.200.10:443 | translate.googleapis.com | tcp |
| US | 1.1.1.1:53 | e10653.e12.akamaiedge.net | udp |
| US | 1.1.1.1:53 | m.sni.global.fastly.net | udp |
| US | 104.16.52.110:443 | otnolatrnup.com | udp |
| GB | 142.250.200.10:443 | translate.googleapis.com | tcp |
| US | 1.1.1.1:53 | g.ezodn.com | udp |
| US | 1.1.1.1:53 | g.ezodn.com | udp |
| US | 1.1.1.1:53 | securepubads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | securepubads.g.doubleclick.net | udp |
| US | 104.21.87.79:443 | g.ezodn.com | tcp |
| US | 104.21.87.79:80 | g.ezodn.com | tcp |
| GB | 216.58.213.3:80 | o.pki.goog | tcp |
| US | 104.21.87.79:443 | g.ezodn.com | tcp |
| US | 104.21.87.79:80 | g.ezodn.com | tcp |
| US | 104.21.87.79:80 | g.ezodn.com | tcp |
| FR | 13.37.187.223:80 | g.ezoic.net | tcp |
| US | 1.1.1.1:53 | api.btloader.com | udp |
| US | 1.1.1.1:53 | api.btloader.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.21.87.79:443 | g.ezodn.com | udp |
| US | 1.1.1.1:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 104.21.87.79:443 | g.ezodn.com | udp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| GB | 142.250.200.10:443 | translate.googleapis.com | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | a1887.dscq.akamai.net | udp |
| GB | 142.250.200.34:80 | securepubads.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | region1.analytics.google.com | udp |
| US | 1.1.1.1:53 | region1.analytics.google.com | udp |
| US | 1.1.1.1:53 | stats.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | stats.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | www.google.co.uk | udp |
| US | 1.1.1.1:53 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| BE | 142.251.173.157:443 | stats.g.doubleclick.net | tcp |
| GB | 172.217.169.3:443 | www.google.co.uk | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 1.1.1.1:53 | bshr.ezodn.com | udp |
| US | 1.1.1.1:53 | bshr.ezodn.com | udp |
| US | 1.1.1.1:53 | tags.crwdcntrl.net | udp |
| US | 1.1.1.1:53 | tags.crwdcntrl.net | udp |
| US | 1.1.1.1:53 | bcp.crwdcntrl.net | udp |
| US | 1.1.1.1:53 | bcp.crwdcntrl.net | udp |
| US | 1.1.1.1:53 | ad.crwdcntrl.net | udp |
| US | 1.1.1.1:53 | ad.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | example.org | udp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 8.8.8.8:53 | example.org | udp |
| US | 104.21.87.79:443 | bshr.ezodn.com | tcp |
| GB | 18.245.143.118:443 | tags.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| IE | 54.77.8.248:443 | ad.crwdcntrl.net | tcp |
| IE | 34.248.222.184:443 | ad.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | www.theguardian.com | udp |
| US | 8.8.8.8:53 | www.theguardian.com | udp |
| US | 8.8.8.8:53 | theconversation.com | udp |
| US | 8.8.8.8:53 | theconversation.com | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 35.166.93.156:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| US | 8.8.8.8:53 | getpocket.com | udp |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | www.forbes.com | udp |
| US | 8.8.8.8:53 | m.sni.global.fastly.net | udp |
| US | 8.8.8.8:53 | ocsp.r2m02.amazontrust.com | udp |
| US | 8.8.8.8:53 | ocsp.r2m02.amazontrust.com | udp |
| GB | 143.204.67.183:80 | ocsp.r2m02.amazontrust.com | tcp |
| GB | 143.204.67.183:80 | ocsp.r2m02.amazontrust.com | tcp |
| BE | 142.251.173.157:443 | stats.g.doubleclick.net | udp |
| GB | 172.217.169.3:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
Files
/run/snapd/ns/snap.firefox.fstab
| MD5 | 65408163d77c5bbcc5b17dc2e313c93e |
| SHA1 | b8891c89ce55f6c1bbe476fd4912a7af296ce79a |
| SHA256 | d86e32b299b19c1c03a025d8d5ed026cdf923fc9a1015439cde134b3d13d1fff |
| SHA512 | 394e2394e44e38210817f5f02779f7b8253c3ff1b4aa816bce7a0b95e40f47094d01cb43ec5e7ec593404f5ddf6fc49bb4175eece231a3cee7c5295e0d9349a7 |
/run/snapd/ns/snap.firefox.fstab.xy4WccDjWR0d~
| MD5 | d3b8a4bef831c1af5a8e73baf4e17321 |
| SHA1 | 9003cd9615181c5206884a70b15007f445bb787f |
| SHA256 | c1420ba137b0818c9b9441c16ee8117a0496da9a14fab1196f3af52cfd84c189 |
| SHA512 | 774811259cfa34e21c3dc3453359d26909868dff52997d39017a3e1d6b1c941504ee1a78fbbb0797b5de05f7a0472e3188e61f19a67c8b7dd5be34943d2b27ed |
/run/snapd/ns/snap.firefox.info
| MD5 | c8a656e0f7f0ab827ac5660e607ebf5c |
| SHA1 | 6e9e07995163d959573ce09500bd81ba768e16a5 |
| SHA256 | 33bef3e80216bc82b2a8c8cd5c4b3f1f8aba46829cd0b9870b224b4b30e5dc47 |
| SHA512 | 817d7a1eca70645a70328fe8eaa1c2dc48c82bb996e343e4359747ddf04a8fc19ef698057e9fd3af9e333cfb8b724f8a664b1777a55929b1ebf2dc6ccda60556 |
/root/snap/firefox/common/.cache/fontconfig/CACHEDIR.TAG.TMP-k2X6ai
| MD5 | a35a052cd1bf3054da63c05fdea2a9d5 |
| SHA1 | 88cd8062fd44a38bc3fcf14f403f45d404e46207 |
| SHA256 | 941d2d55dca52da5a5177f48dfe4ee3e353f7544d5186b34edf72cc3b6290ad8 |
| SHA512 | fece354b93257d3bb79a406fbad40a5ecb9608b2a2ce14ca3bbc3c76c0506089273665e9e05a2df5036483a869bc5eb9ec17dc420b8e8e38ac963dc1269f24d8 |
/tmp/mozilla-temp-713443461
| MD5 | 9aa6c29eb5b9deda17d825a13a9931ca |
| SHA1 | 49da7b0d2608beab34011cdc2e8ba8d7cab5f364 |
| SHA256 | 2788501fc094beab0b9d6212feb53b7c53898e6cf0d34cd9fe1d1a4a2a6963b5 |
| SHA512 | 99cbc886a70069ea491adfd617f6fb6f4745021ee48bad21f2a9fcab09e28542a36c8cd4892fa79be798fb2c6c38cd6905e20a38bd61a6f0f4f7c8d7db6a5630 |