Analysis Overview
SHA256
d1048024d5eecf64b99144683fe0b839ecbd1e294c2a45c92b2f11fe0878e7c8
Threat Level: Known bad
The file Client-built.exe was found to be: Known bad.
Malicious Activity Summary
Discordrat family
Discord RAT
Unsigned PE
Browser Information Discovery
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-30 20:02
Signatures
Discordrat family
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-30 20:02
Reported
2024-08-30 20:05
Platform
win7-20240705-en
Max time kernel
59s
Max time network
145s
Command Line
Signatures
Discord RAT
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\Client-built.exe
"C:\Users\Admin\AppData\Local\Temp\Client-built.exe"
C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -u -p 2508 -s 596
C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x514
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef66a9758,0x7fef66a9768,0x7fef66a9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1176 --field-trial-handle=1376,i,6995522887769145443,12378963001751183148,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1512 --field-trial-handle=1376,i,6995522887769145443,12378963001751183148,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1632 --field-trial-handle=1376,i,6995522887769145443,12378963001751183148,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2136 --field-trial-handle=1376,i,6995522887769145443,12378963001751183148,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2336 --field-trial-handle=1376,i,6995522887769145443,12378963001751183148,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1480 --field-trial-handle=1376,i,6995522887769145443,12378963001751183148,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2908 --field-trial-handle=1376,i,6995522887769145443,12378963001751183148,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3656 --field-trial-handle=1376,i,6995522887769145443,12378963001751183148,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4020 --field-trial-handle=1376,i,6995522887769145443,12378963001751183148,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=2484 --field-trial-handle=1376,i,6995522887769145443,12378963001751183148,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=928 --field-trial-handle=1376,i,6995522887769145443,12378963001751183148,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3948 --field-trial-handle=1376,i,6995522887769145443,12378963001751183148,131072 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| GB | 142.250.180.14:443 | developers.google.com | tcp |
| GB | 142.250.180.14:443 | developers.google.com | tcp |
| GB | 142.250.180.14:443 | developers.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.187.206:443 | apis.google.com | tcp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | developerprofiles-pa.clients6.google.com | udp |
| GB | 142.250.187.234:443 | developerprofiles-pa.clients6.google.com | tcp |
Files
memory/2508-0-0x000007FEF5CE3000-0x000007FEF5CE4000-memory.dmp
memory/2508-1-0x000000013F390000-0x000000013F3A8000-memory.dmp
memory/2508-2-0x000007FEF5CE0000-0x000007FEF66CC000-memory.dmp
memory/2508-3-0x000007FEF5CE0000-0x000007FEF66CC000-memory.dmp
\??\pipe\crashpad_2624_JKUUSNQGSHWXSNIY
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp
| MD5 | 18e723571b00fb1694a3bad6c78e4054 |
| SHA1 | afcc0ef32d46fe59e0483f9a3c891d3034d12f32 |
| SHA256 | 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa |
| SHA512 | 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001
| MD5 | e7226392c938e4e604d2175eb9f43ca1 |
| SHA1 | 2098293f39aa0bcdd62e718f9212d9062fa283ab |
| SHA256 | d46ec08b6c29c4ca56cecbf73149cc66ebd902197590fe28cd65dad52a08c4e1 |
| SHA512 | 63a4b99101c790d40a813db9e0d5fde21a64ccaf60a6009ead027920dbbdb52cc262af829e5c4140f3702a559c7ac46efa89622d76d45b4b49a9ce01625ef145 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002
| MD5 | c594a826934b9505d591d0f7a7df80b7 |
| SHA1 | c04b8637e686f71f3fc46a29a86346ba9b04ae18 |
| SHA256 | e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610 |
| SHA512 | 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | df4084623be4b14549a398e81b9c9453 |
| SHA1 | a10b49a0d1c6dbb6d82b2446f8146fe21037493e |
| SHA256 | 1bbf6db4dd8687fe04ddc9346711ecf00c8a52cbc16376e37c9217e2de2ca7fc |
| SHA512 | 39021beb0f477bfab3859e57693111cea87a9728ce68d7c70e700f83f81095e04d2e44f8f58507e7377d8f2d06d5c0925eae9e4c40dbab790f49da3292d1e89e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3972f251cf7c0474bb407f580f7cd4ee |
| SHA1 | a0d022bdc68a6a7625a82a33f61ec764094d3bab |
| SHA256 | e5a15493a20d5107dafe8c951f1f7493db1324c3b3049b7538214e956c6e3589 |
| SHA512 | 447bdc5e5e8c8b572a5e173d3745af2c328c2db8a544057a6c7acf26d210fb3e21866228f60a35132b7bdf23314546c4bc57665858e1da69a0cf5d53fea2f6f7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 88eb0b99a894d63c6f68c7cd1e848204 |
| SHA1 | f021468dc5498a19eb2f4df2a04198e13d9e9de6 |
| SHA256 | 00bfb06dc813b3f9ca54add02ec0b9fcd7f096907ac2dff1a26fe2b9fc51157c |
| SHA512 | b1ce9e523c690723836056fe58ee95b255937606aa465dbec15a993e8942cc5619830445f074f09d320229ed34f5e5cd4983e4cc22f7141454d78dadb5962792 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 545d0e10d48bab573bd600cdbf8eeadb |
| SHA1 | 21b45303cc49be5d79d792531295bc4634f09346 |
| SHA256 | 03d0a589dea7dd4d30e122cae64d8b860f0a0611a79637fbf6da1467ca38263b |
| SHA512 | 512958092a16a3aedf7996824fc9dbabf3a054df0c380c23bf2427cda81709ca938cc9e098494ac300c33d7ff95ced42f32edd35ca0c4843f0f0f54e021f3181 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e41c628041375097_0
| MD5 | c9c737b53385b0b97504d472cc01e783 |
| SHA1 | d0faab11e11787044540789c46d1063b8cead5e7 |
| SHA256 | 21fce885c3b6ef706dacee4d75a1d146fb994e0ad80e4dfe068f02caee6d78d4 |
| SHA512 | 94a46321ae5cd32b49f5fce748103e8f37fc032bbd09a624772ff8d1685a20c45da1b3081a56e83cdcb1dfeee7d28825e2859c55fdbcbc406e1cf40efe886ae1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\522b2402ddc94a60_0
| MD5 | 0954c29421dbbf92e8708124a5dc756d |
| SHA1 | 50b0d17f79357ddf6b4de241e3907c6689a92597 |
| SHA256 | d3d62a9c21a6199b1d768d820b39f40cccb767c7220538bee9f26b20ac183384 |
| SHA512 | 26fbe1f33787a84abd8340cc63d7ce2443b97ae41623469f26da7be68761aea4e6f445f846fab398d6cadc68699c2769873bf58c14a180636e8b8b741e9a07a7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT~RFf7a1f63.TMP
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_developers.google.com_0.indexeddb.leveldb\000002.dbtmp
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b78fcb4c953293c723376da951a15ac3 |
| SHA1 | cd77b2e54404236841fd446803ce2909acb59820 |
| SHA256 | beba50891bd79d9ae7c5b8b5d26eac889c9833c91ff5512048dbd2867cb4851d |
| SHA512 | fc031007bf878c9570e57236270af75a0708f22d8bac80672aed2356c287772fa9f5079f9bce64e45a21323028d2363d6cc5e79e5de476108d25b9bca6e9a119 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4dc6d2cd869143f31c7e781019a75e9d |
| SHA1 | d76e131bef7b0fa3ddfbe773f9c963a3c981e12e |
| SHA256 | 26a0ef64c2e663c20195744c161873fb8c5bd0cbd6321875a413c9114b25104f |
| SHA512 | 62e961f61ffaa4f60bcaeb5d975726a1587ad93da76e42f2de1e76dce33d5a35554037264ec0e238d8a15e8c5503edd91a57bd8ccc0c64562a84b9d7ca7ef7a9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | be444dae045bb556210b422fc5634f66 |
| SHA1 | 4d9e1483a2633c3f1398ee2d5c3a61a6146416b5 |
| SHA256 | 587497cfdf71c7bf750cc603f497fd1628ab374a9a5ea922d0dd971ef10910a2 |
| SHA512 | 79d7a7b6eab3fc34bcad18e4654d633e29a161e5960770730260ee1e73903008d088948e3b52c5495d76ee6e81063a4cfe5f68ddd082797296b8431e2fbf60f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 376cea6b0eb2342105ff31893bcc38a3 |
| SHA1 | 3ce04c28e2b2c7cfb5deb39ec44b09f6c7e9f6d2 |
| SHA256 | e674020f0aa7c86dfe0cfa51ee59fa705b1962383f5c5ca8ba7b0970b6d8f697 |
| SHA512 | 358360a638ab43c01b3a3b772a3c818ab1c47abb8d867cd65937b90fdeb3b12f8d36da332775f80fdd3177c31645d32fa58b7421d7b25ac5373aba6d5e2273db |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5e06d102a04966745c462e168f4911d3 |
| SHA1 | 60b534c2990c50d144bf6c820cce2467640bef1b |
| SHA256 | 70272af2e76005d6d2098b783e5632d1df4483f9d62dc1839ab5ada519759f85 |
| SHA512 | aa3a949f8c2a29f69f2ea7d65830b3c234a24e249abd41c5c9a8a7f1910c9af436fe044b08cc7461bb146945ddabe152774d39f73195c67fc5087d236e5edade |
Analysis: behavioral2
Detonation Overview
Submitted
2024-08-30 20:02
Reported
2024-08-30 20:05
Platform
win10v2004-20240802-en
Max time kernel
149s
Max time network
151s
Command Line
Signatures
Discord RAT
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\Client-built.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\Client-built.exe
"C:\Users\Admin\AppData\Local\Temp\Client-built.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | gateway.discord.gg | udp |
| US | 162.159.134.234:443 | gateway.discord.gg | tcp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.140.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.134.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 150.171.28.10:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.56.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.56.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | udp |
Files
memory/4908-0-0x00007FFDF29C3000-0x00007FFDF29C5000-memory.dmp
memory/4908-1-0x000001A9407B0000-0x000001A9407C8000-memory.dmp
memory/4908-2-0x000001A95ADD0000-0x000001A95AF92000-memory.dmp
memory/4908-3-0x00007FFDF29C0000-0x00007FFDF3481000-memory.dmp
memory/4908-4-0x000001A95B5D0000-0x000001A95BAF8000-memory.dmp
memory/4908-5-0x00007FFDF29C0000-0x00007FFDF3481000-memory.dmp