Analysis Overview
Threat Level: Known bad
The file https://pleasebux.com/ was found to be: Known bad.
Malicious Activity Summary
Downloads MZ/PE file
Loads dropped DLL
Reads user/profile data of web browsers
Executes dropped EXE
Enumerates connected drives
System Location Discovery: System Language Discovery
Browser Information Discovery
Modifies system certificate store
Modifies registry class
Suspicious use of SetWindowsHookEx
Suspicious behavior: EnumeratesProcesses
NTFS ADS
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-09-04 14:23
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-09-04 14:23
Reported
2024-09-04 14:26
Platform
win10v2004-20240802-en
Max time kernel
146s
Max time network
149s
Command Line
Signatures
Downloads MZ/PE file
Executes dropped EXE
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zS8E685138\setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zS8E685138\setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zS83A3F148\setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zS83A3F148\setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe | N/A |
Reads user/profile data of web browsers
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\D: | C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe | N/A |
| File opened (read-only) | \??\F: | C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe | N/A |
| File opened (read-only) | \??\D: | C:\Users\Admin\AppData\Local\Temp\7zS8E685138\setup.exe | N/A |
| File opened (read-only) | \??\F: | C:\Users\Admin\AppData\Local\Temp\7zS8E685138\setup.exe | N/A |
| File opened (read-only) | \??\D: | C:\Users\Admin\AppData\Local\Temp\7zS83A3F148\setup.exe | N/A |
| File opened (read-only) | \??\F: | C:\Users\Admin\AppData\Local\Temp\7zS83A3F148\setup.exe | N/A |
| File opened (read-only) | \??\D: | C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe | N/A |
| File opened (read-only) | \??\F: | C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe | N/A |
Browser Information Discovery
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202409041424331\assistant\assistant_installer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS8E685138\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202409041424331\assistant\assistant_installer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS8E685138\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\OperaGXSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS83A3F148\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202409041424331\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\OperaGXSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\OperaGXSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS83A3F148\setup.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-523280732-2327480845-3730041215-1000\{E44E1C84-4D2A-47DA-BE6F-F985AE576E42} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 040000000100000010000000d474de575c39b2d39c8583c5c065498a0f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc30b00000001000000120000004400690067006900430065007200740000001d00000001000000100000008f76b981d528ad4770088245e2031b630300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25190000000100000010000000ba4f3972e7aed9dccdc210db59da13c92000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a | C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 5c000000010000000400000000080000190000000100000010000000ba4f3972e7aed9dccdc210db59da13c90300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc251d00000001000000100000008f76b981d528ad4770088245e2031b630b0000000100000012000000440069006700690043006500720074000000140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc36200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8040000000100000010000000d474de575c39b2d39c8583c5c065498a2000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a | C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474 | C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 0f0000000100000014000000ce0e658aa3e847e467a147b3049191093d055e6f53000000010000007f000000307d3020060a2b06010401b13e01640130123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c009000000010000003e000000303c06082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030906082b0601050507030106082b060105050703080b0000000100000030000000440069006700690043006500720074002000420061006c00740069006d006f0072006500200052006f006f007400000062000000010000002000000016af57a9f676b0ab126095aa5ebadef22ab31119d644ac95cd4b93dbf3f26aeb140000000100000014000000e59d5930824758ccacfa085436867b3ab5044df01d0000000100000010000000918ad43a9475f78bb5243de886d8103c7f000000010000000c000000300a06082b060105050703097e000000010000000800000000c001b39667d601030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae47420000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9 | C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 19000000010000001000000068cb42b035ea773e52ef50ecf50ec529030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae4747e000000010000000800000000c001b39667d6017f000000010000000c000000300a06082b060105050703091d0000000100000010000000918ad43a9475f78bb5243de886d8103c140000000100000014000000e59d5930824758ccacfa085436867b3ab5044df062000000010000002000000016af57a9f676b0ab126095aa5ebadef22ab31119d644ac95cd4b93dbf3f26aeb0b0000000100000030000000440069006700690043006500720074002000420061006c00740069006d006f0072006500200052006f006f007400000009000000010000003e000000303c06082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030906082b0601050507030106082b0601050507030853000000010000007f000000307d3020060a2b06010401b13e01640130123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000ce0e658aa3e847e467a147b3049191093d055e6f20000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9 | C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25 | C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 402980.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://pleasebux.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb757a46f8,0x7ffb757a4708,0x7ffb757a4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2296 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2624 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5216 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5216 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6152 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=1604 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=1312 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6140 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7076 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7332 /prefetch:8
C:\Users\Admin\Downloads\OperaGXSetup.exe
"C:\Users\Admin\Downloads\OperaGXSetup.exe"
C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe
C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe --server-tracking-blob=NDg0NGE4M2ZiOTA5YTA4ZjE1ZmIwMDQ2ZjU0ZTIwZjhkZTkxMWEzNGJiZWIxM2RmYjc1YmRjZWFmZDhjMjExZTp7ImNvdW50cnkiOiJHQiIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3d3dy5vcGVyYS5jb20vIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYUdYU2V0dXAuZXhlIiwicHJvZHVjdCI6Im9wZXJhX2d4IiwicXVlcnkiOiIvb3BlcmFfZ3gvc3RhYmxlL3dpbmRvd3M/ZWRpdGlvbj1zdGQtMiZ1dG1fc291cmNlPVBXTmdhbWVzJnV0bV9tZWRpdW09cGEmdXRtX2NhbXBhaWduPVBXTl9HQl9YVlJfMTI5NyZlZGl0aW9uPXN0ZC0yJnV0bV9jb250ZW50PTEyOTdfNTNkNmUxYTJiYzNlNGJjMTkwMjEzMzNjZTg1MzI5NzEmdXRtX2lkPWZjYzdmN2ZmOTdlNTQ0OGNhZTkwZTcxNzA1MDUxMDE4Jmh0dHBfcmVmZXJyZXI9aHR0cHMlM0ElMkYlMkZ3d3cub3BlcmEuY29tJTJGZ3glM0Z1dG1fc291cmNlJTNEUFdOZ2FtZXMlMjZ1dG1fbWVkaXVtJTNEcGElMjZ1dG1fY2FtcGFpZ24lM0RQV05fR0JfWFZSXzEyOTclMjZ1dG1fY29udGVudCUzRDEyOTdfNTNkNmUxYTJiYzNlNGJjMTkwMjEzMzNjZTg1MzI5NzElMjZ1dG1faWQlM0RmY2M3ZjdmZjk3ZTU0NDhjYWU5MGU3MTcwNTA1MTAxOCUyNmVkaXRpb24lM0RzdGQtMiZ1dG1fc2l0ZT1vcGVyYV9jb20mdXRtX2xhc3RwYWdlPW9wZXJhLmNvbSUyRiZ1dG1faWQ9ZmNjN2Y3ZmY5N2U1NDQ4Y2FlOTBlNzE3MDUwNTEwMTgmZGxfdG9rZW49ODA2ODA4MjkiLCJ0aW1lc3RhbXAiOiIxNzI1NDU5ODU3Ljk1NzMiLCJ1c2VyYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTIuMC40NTE1LjEzMSBTYWZhcmkvNTM3LjM2IEVkZy85Mi4wLjkwMi42NyIsInV0bSI6eyJjYW1wYWlnbiI6IlBXTl9HQl9YVlJfMTI5NyIsImNvbnRlbnQiOiIxMjk3XzUzZDZlMWEyYmMzZTRiYzE5MDIxMzMzY2U4NTMyOTcxIiwiaWQiOiJmY2M3ZjdmZjk3ZTU0NDhjYWU5MGU3MTcwNTA1MTAxOCIsImxhc3RwYWdlIjoib3BlcmEuY29tLyIsIm1lZGl1bSI6InBhIiwic2l0ZSI6Im9wZXJhX2NvbSIsInNvdXJjZSI6IlBXTmdhbWVzIn0sInV1aWQiOiJlOWQ5NDY3ZS04NmFhLTRlYWMtOWY2OS00M2M4ZjkwZWIyZTIifQ==
C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe
C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=112.0.5197.115 --initial-client-data=0x30c,0x334,0x338,0x310,0x33c,0x748f1b54,0x748f1b60,0x748f1b6c
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe" --version
C:\Users\Admin\Downloads\OperaGXSetup.exe
"C:\Users\Admin\Downloads\OperaGXSetup.exe"
C:\Users\Admin\AppData\Local\Temp\7zS8E685138\setup.exe
C:\Users\Admin\AppData\Local\Temp\7zS8E685138\setup.exe --server-tracking-blob=NDg0NGE4M2ZiOTA5YTA4ZjE1ZmIwMDQ2ZjU0ZTIwZjhkZTkxMWEzNGJiZWIxM2RmYjc1YmRjZWFmZDhjMjExZTp7ImNvdW50cnkiOiJHQiIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3d3dy5vcGVyYS5jb20vIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYUdYU2V0dXAuZXhlIiwicHJvZHVjdCI6Im9wZXJhX2d4IiwicXVlcnkiOiIvb3BlcmFfZ3gvc3RhYmxlL3dpbmRvd3M/ZWRpdGlvbj1zdGQtMiZ1dG1fc291cmNlPVBXTmdhbWVzJnV0bV9tZWRpdW09cGEmdXRtX2NhbXBhaWduPVBXTl9HQl9YVlJfMTI5NyZlZGl0aW9uPXN0ZC0yJnV0bV9jb250ZW50PTEyOTdfNTNkNmUxYTJiYzNlNGJjMTkwMjEzMzNjZTg1MzI5NzEmdXRtX2lkPWZjYzdmN2ZmOTdlNTQ0OGNhZTkwZTcxNzA1MDUxMDE4Jmh0dHBfcmVmZXJyZXI9aHR0cHMlM0ElMkYlMkZ3d3cub3BlcmEuY29tJTJGZ3glM0Z1dG1fc291cmNlJTNEUFdOZ2FtZXMlMjZ1dG1fbWVkaXVtJTNEcGElMjZ1dG1fY2FtcGFpZ24lM0RQV05fR0JfWFZSXzEyOTclMjZ1dG1fY29udGVudCUzRDEyOTdfNTNkNmUxYTJiYzNlNGJjMTkwMjEzMzNjZTg1MzI5NzElMjZ1dG1faWQlM0RmY2M3ZjdmZjk3ZTU0NDhjYWU5MGU3MTcwNTA1MTAxOCUyNmVkaXRpb24lM0RzdGQtMiZ1dG1fc2l0ZT1vcGVyYV9jb20mdXRtX2xhc3RwYWdlPW9wZXJhLmNvbSUyRiZ1dG1faWQ9ZmNjN2Y3ZmY5N2U1NDQ4Y2FlOTBlNzE3MDUwNTEwMTgmZGxfdG9rZW49ODA2ODA4MjkiLCJ0aW1lc3RhbXAiOiIxNzI1NDU5ODU3Ljk1NzMiLCJ1c2VyYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTIuMC40NTE1LjEzMSBTYWZhcmkvNTM3LjM2IEVkZy85Mi4wLjkwMi42NyIsInV0bSI6eyJjYW1wYWlnbiI6IlBXTl9HQl9YVlJfMTI5NyIsImNvbnRlbnQiOiIxMjk3XzUzZDZlMWEyYmMzZTRiYzE5MDIxMzMzY2U4NTMyOTcxIiwiaWQiOiJmY2M3ZjdmZjk3ZTU0NDhjYWU5MGU3MTcwNTA1MTAxOCIsImxhc3RwYWdlIjoib3BlcmEuY29tLyIsIm1lZGl1bSI6InBhIiwic2l0ZSI6Im9wZXJhX2NvbSIsInNvdXJjZSI6IlBXTmdhbWVzIn0sInV1aWQiOiJlOWQ5NDY3ZS04NmFhLTRlYWMtOWY2OS00M2M4ZjkwZWIyZTIifQ==
C:\Users\Admin\AppData\Local\Temp\7zS8E685138\setup.exe
C:\Users\Admin\AppData\Local\Temp\7zS8E685138\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=112.0.5197.115 --initial-client-data=0x31c,0x320,0x324,0x2d0,0x328,0x72671b54,0x72671b60,0x72671b6c
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe" --version
C:\Users\Admin\Downloads\OperaGXSetup.exe
"C:\Users\Admin\Downloads\OperaGXSetup.exe"
C:\Users\Admin\AppData\Local\Temp\7zS83A3F148\setup.exe
C:\Users\Admin\AppData\Local\Temp\7zS83A3F148\setup.exe --server-tracking-blob=NDg0NGE4M2ZiOTA5YTA4ZjE1ZmIwMDQ2ZjU0ZTIwZjhkZTkxMWEzNGJiZWIxM2RmYjc1YmRjZWFmZDhjMjExZTp7ImNvdW50cnkiOiJHQiIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3d3dy5vcGVyYS5jb20vIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYUdYU2V0dXAuZXhlIiwicHJvZHVjdCI6Im9wZXJhX2d4IiwicXVlcnkiOiIvb3BlcmFfZ3gvc3RhYmxlL3dpbmRvd3M/ZWRpdGlvbj1zdGQtMiZ1dG1fc291cmNlPVBXTmdhbWVzJnV0bV9tZWRpdW09cGEmdXRtX2NhbXBhaWduPVBXTl9HQl9YVlJfMTI5NyZlZGl0aW9uPXN0ZC0yJnV0bV9jb250ZW50PTEyOTdfNTNkNmUxYTJiYzNlNGJjMTkwMjEzMzNjZTg1MzI5NzEmdXRtX2lkPWZjYzdmN2ZmOTdlNTQ0OGNhZTkwZTcxNzA1MDUxMDE4Jmh0dHBfcmVmZXJyZXI9aHR0cHMlM0ElMkYlMkZ3d3cub3BlcmEuY29tJTJGZ3glM0Z1dG1fc291cmNlJTNEUFdOZ2FtZXMlMjZ1dG1fbWVkaXVtJTNEcGElMjZ1dG1fY2FtcGFpZ24lM0RQV05fR0JfWFZSXzEyOTclMjZ1dG1fY29udGVudCUzRDEyOTdfNTNkNmUxYTJiYzNlNGJjMTkwMjEzMzNjZTg1MzI5NzElMjZ1dG1faWQlM0RmY2M3ZjdmZjk3ZTU0NDhjYWU5MGU3MTcwNTA1MTAxOCUyNmVkaXRpb24lM0RzdGQtMiZ1dG1fc2l0ZT1vcGVyYV9jb20mdXRtX2xhc3RwYWdlPW9wZXJhLmNvbSUyRiZ1dG1faWQ9ZmNjN2Y3ZmY5N2U1NDQ4Y2FlOTBlNzE3MDUwNTEwMTgmZGxfdG9rZW49ODA2ODA4MjkiLCJ0aW1lc3RhbXAiOiIxNzI1NDU5ODU3Ljk1NzMiLCJ1c2VyYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTIuMC40NTE1LjEzMSBTYWZhcmkvNTM3LjM2IEVkZy85Mi4wLjkwMi42NyIsInV0bSI6eyJjYW1wYWlnbiI6IlBXTl9HQl9YVlJfMTI5NyIsImNvbnRlbnQiOiIxMjk3XzUzZDZlMWEyYmMzZTRiYzE5MDIxMzMzY2U4NTMyOTcxIiwiaWQiOiJmY2M3ZjdmZjk3ZTU0NDhjYWU5MGU3MTcwNTA1MTAxOCIsImxhc3RwYWdlIjoib3BlcmEuY29tLyIsIm1lZGl1bSI6InBhIiwic2l0ZSI6Im9wZXJhX2NvbSIsInNvdXJjZSI6IlBXTmdhbWVzIn0sInV1aWQiOiJlOWQ5NDY3ZS04NmFhLTRlYWMtOWY2OS00M2M4ZjkwZWIyZTIifQ==
C:\Users\Admin\AppData\Local\Temp\7zS83A3F148\setup.exe
C:\Users\Admin\AppData\Local\Temp\7zS83A3F148\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=112.0.5197.115 --initial-client-data=0x324,0x328,0x32c,0x2fc,0x330,0x71a01b54,0x71a01b60,0x71a01b6c
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe" --version
C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe
"C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=1 --general-interests=1 --general-location=1 --personalized-content=1 --personalized-ads=1 --vought_browser=0 --launchopera=1 --installfolder="C:\Users\Admin\AppData\Local\Programs\Opera GX" --profile-folder --language=en --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --initial-pid=880 --package-dir-prefix="C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_20240904142433" --session-guid=018d8900-54ea-4fc5-8d4c-be9c8f0884ce --server-tracking-blob=NzgxYjYzYmQ4YzgwMWU4MTNiOTA0MjkzMzdlM2FkMjlhNzYzOWY5MzJiNDBkMjU0YjdiNDIzZDVkNmNkZGY5Zjp7ImNvdW50cnkiOiJHQiIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3d3dy5vcGVyYS5jb20vIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYUdYU2V0dXAuZXhlIiwicHJvZHVjdCI6eyJuYW1lIjoib3BlcmFfZ3gifSwicXVlcnkiOiIvb3BlcmFfZ3gvc3RhYmxlL3dpbmRvd3M/ZWRpdGlvbj1zdGQtMiZ1dG1fc291cmNlPVBXTmdhbWVzJnV0bV9tZWRpdW09cGEmdXRtX2NhbXBhaWduPVBXTl9HQl9YVlJfMTI5NyZlZGl0aW9uPXN0ZC0yJnV0bV9jb250ZW50PTEyOTdfNTNkNmUxYTJiYzNlNGJjMTkwMjEzMzNjZTg1MzI5NzEmdXRtX2lkPWZjYzdmN2ZmOTdlNTQ0OGNhZTkwZTcxNzA1MDUxMDE4Jmh0dHBfcmVmZXJyZXI9aHR0cHMlM0ElMkYlMkZ3d3cub3BlcmEuY29tJTJGZ3glM0Z1dG1fc291cmNlJTNEUFdOZ2FtZXMlMjZ1dG1fbWVkaXVtJTNEcGElMjZ1dG1fY2FtcGFpZ24lM0RQV05fR0JfWFZSXzEyOTclMjZ1dG1fY29udGVudCUzRDEyOTdfNTNkNmUxYTJiYzNlNGJjMTkwMjEzMzNjZTg1MzI5NzElMjZ1dG1faWQlM0RmY2M3ZjdmZjk3ZTU0NDhjYWU5MGU3MTcwNTA1MTAxOCUyNmVkaXRpb24lM0RzdGQtMiZ1dG1fc2l0ZT1vcGVyYV9jb20mdXRtX2xhc3RwYWdlPW9wZXJhLmNvbSUyRiZ1dG1faWQ9ZmNjN2Y3ZmY5N2U1NDQ4Y2FlOTBlNzE3MDUwNTEwMTgmZGxfdG9rZW49ODA2ODA4MjkiLCJzeXN0ZW0iOnsicGxhdGZvcm0iOnsiYXJjaCI6Ing4Nl82NCIsIm9wc3lzIjoiV2luZG93cyIsIm9wc3lzLXZlcnNpb24iOiIxMCIsInBhY2thZ2UiOiJFWEUifX0sInRpbWVzdGFtcCI6IjE3MjU0NTk4NTcuOTU3MyIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTMxIFNhZmFyaS81MzcuMzYgRWRnLzkyLjAuOTAyLjY3IiwidXRtIjp7ImNhbXBhaWduIjoiUFdOX0dCX1hWUl8xMjk3IiwiY29udGVudCI6IjEyOTdfNTNkNmUxYTJiYzNlNGJjMTkwMjEzMzNjZTg1MzI5NzEiLCJpZCI6ImZjYzdmN2ZmOTdlNTQ0OGNhZTkwZTcxNzA1MDUxMDE4IiwibGFzdHBhZ2UiOiJvcGVyYS5jb20vIiwibWVkaXVtIjoicGEiLCJzaXRlIjoib3BlcmFfY29tIiwic291cmNlIjoiUFdOZ2FtZXMifSwidXVpZCI6ImU5ZDk0NjdlLTg2YWEtNGVhYy05ZjY5LTQzYzhmOTBlYjJlMiJ9 --desktopshortcut=1 --wait-for-package --initial-proc-handle=7409000000000000
C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe
C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=112.0.5197.115 --initial-client-data=0x324,0x328,0x32c,0x2fc,0x330,0x71a01b54,0x71a01b60,0x71a01b6c
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202409041424331\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202409041424331\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe"
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202409041424331\assistant\assistant_installer.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202409041424331\assistant\assistant_installer.exe" --version
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202409041424331\assistant\assistant_installer.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202409041424331\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=73.0.3856.382 --initial-client-data=0x288,0x28c,0x290,0x264,0x294,0x11b4f48,0x11b4f58,0x11b4f64
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7208 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2036,11951459807487316933,17992239017586813473,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6348 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pleasebux.com | udp |
| DE | 79.133.41.61:443 | pleasebux.com | tcp |
| DE | 79.133.41.61:443 | pleasebux.com | udp |
| US | 8.8.8.8:53 | dlm0f6ot1zx75.cloudfront.net | udp |
| NL | 18.238.248.12:443 | dlm0f6ot1zx75.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 72.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.41.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.248.238.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.39.156.108.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | buxy.club | udp |
| US | 172.67.174.134:443 | buxy.club | tcp |
| US | 172.67.174.134:443 | buxy.club | tcp |
| US | 8.8.8.8:53 | sparkbux.com | udp |
| DE | 79.133.41.61:443 | sparkbux.com | tcp |
| DE | 79.133.41.61:443 | sparkbux.com | udp |
| US | 8.8.8.8:53 | 134.174.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | smrturl.co | udp |
| US | 172.67.149.199:443 | smrturl.co | tcp |
| US | 172.67.149.199:443 | smrturl.co | tcp |
| US | 8.8.8.8:53 | go.smartorfast.com | udp |
| NL | 34.141.179.97:443 | go.smartorfast.com | tcp |
| NL | 34.141.179.97:443 | go.smartorfast.com | tcp |
| US | 8.8.8.8:53 | get-gx.com | udp |
| US | 18.213.255.17:443 | get-gx.com | tcp |
| US | 18.213.255.17:443 | get-gx.com | tcp |
| US | 8.8.8.8:53 | 97.179.141.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 199.149.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.opera.com | udp |
| DE | 18.196.177.63:443 | www.opera.com | tcp |
| DE | 18.196.177.63:443 | www.opera.com | tcp |
| US | 8.8.8.8:53 | 17.255.213.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn-production-opera-website.operacdn.com | udp |
| US | 8.8.8.8:53 | www.googleoptimize.com | udp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 172.217.169.14:443 | www.googleoptimize.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| US | 8.8.8.8:53 | www-static.operacdn.com | udp |
| US | 8.8.8.8:53 | 63.177.196.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.63.122.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| DE | 18.196.177.63:443 | www.opera.com | tcp |
| US | 8.8.8.8:53 | 78.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 173.194.76.157:443 | stats.g.doubleclick.net | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 228.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.76.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| GB | 88.221.134.3:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 3.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 88.221.134.250:443 | r.bing.com | tcp |
| GB | 88.221.134.250:443 | r.bing.com | tcp |
| GB | 95.101.143.185:443 | th.bing.com | tcp |
| GB | 95.101.143.185:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 250.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 40.126.31.73:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | csp.microsoft.com | udp |
| US | 13.107.246.64:443 | csp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 217.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| GB | 172.217.169.14:443 | www.googleoptimize.com | udp |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 173.194.76.157:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 150.171.27.10:443 | bat.bing.com | tcp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 8.8.8.8:53 | 89.33.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 204.79.197.237:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | 1.129.74.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | h.clarity.ms | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.64.8.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www-static.operacdn.com | udp |
| US | 8.8.8.8:53 | net.geo.opera.com | udp |
| NL | 185.26.182.112:443 | net.geo.opera.com | tcp |
| US | 8.8.8.8:53 | 11199305.fls.doubleclick.net | udp |
| GB | 142.250.200.6:443 | 11199305.fls.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 112.182.26.185.in-addr.arpa | udp |
| GB | 142.250.200.6:443 | 11199305.fls.doubleclick.net | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 6.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.169.217.172.in-addr.arpa | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 8.8.8.8:53 | desktop-netinstaller-sub.osp.opera.software | udp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| US | 8.8.8.8:53 | 121.217.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | autoupdate.geo.opera.com | udp |
| NL | 82.145.216.19:443 | autoupdate.geo.opera.com | tcp |
| NL | 82.145.216.19:443 | autoupdate.geo.opera.com | tcp |
| US | 8.8.8.8:53 | 19.216.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | features.opera-api2.com | udp |
| NL | 82.145.216.15:443 | features.opera-api2.com | tcp |
| US | 8.8.8.8:53 | 15.216.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.204.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.config.opr.gg | udp |
| US | 104.18.24.17:443 | api.config.opr.gg | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| GB | 216.58.201.99:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | download.opera.com | udp |
| NL | 185.26.182.122:443 | download.opera.com | tcp |
| US | 8.8.8.8:53 | download5.operacdn.com | udp |
| US | 8.8.8.8:53 | 17.24.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.182.26.185.in-addr.arpa | udp |
| US | 104.18.10.89:443 | download5.operacdn.com | tcp |
| US | 8.8.8.8:53 | 89.10.18.104.in-addr.arpa | udp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| US | 8.8.8.8:53 | download3.operacdn.com | udp |
| GB | 95.101.143.131:443 | download3.operacdn.com | tcp |
| US | 8.8.8.8:53 | 131.143.101.95.in-addr.arpa | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| NL | 34.141.179.97:443 | go.smartorfast.com | tcp |
| US | 8.8.8.8:53 | get-gx.com | udp |
| US | 8.8.8.8:53 | www.opera.com | udp |
| US | 8.8.8.8:53 | cdn-production-opera-website.operacdn.com | udp |
| DE | 3.125.90.140:443 | www.opera.com | tcp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.90.125.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www-static.operacdn.com | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.redditstatic.com | udp |
| US | 8.8.8.8:53 | static.hotjar.com | udp |
| US | 8.8.8.8:53 | snap.licdn.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| GB | 173.222.211.56:443 | snap.licdn.com | tcp |
| GB | 13.224.245.87:443 | static.hotjar.com | tcp |
| US | 151.101.1.140:443 | www.redditstatic.com | tcp |
| NL | 157.240.201.15:443 | connect.facebook.net | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | script.hotjar.com | udp |
| US | 151.101.1.140:443 | www.redditstatic.com | tcp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 8.8.8.8:53 | pixel-config.reddit.com | udp |
| US | 8.8.8.8:53 | alb.reddit.com | udp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| GB | 18.245.253.22:443 | script.hotjar.com | tcp |
| US | 151.101.1.140:443 | alb.reddit.com | tcp |
| US | 151.101.129.140:443 | alb.reddit.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| DE | 157.240.27.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 56.211.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.245.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.201.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.253.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.27.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | h.clarity.ms | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e765f3d75e6b0e4a7119c8b14d47d8da |
| SHA1 | cc9f7c7826c2e1a129e7d98884926076c3714fc0 |
| SHA256 | 986443556d3878258b710d9d9efbf4f25f0d764c3f83dc54217f2b12a6eccd89 |
| SHA512 | a1872a849f27da78ebe9adb9beb260cb49ed5f4ca2d403f23379112bdfcd2482446a6708188100496e45db1517cdb43aba8bb93a75e605713c3f97cd716b1079 |
\??\pipe\LOCAL\crashpad_1240_ASIGNEONCEDLOWID
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 53bc70ecb115bdbabe67620c416fe9b3 |
| SHA1 | af66ec51a13a59639eaf54d62ff3b4f092bb2fc1 |
| SHA256 | b36cad5c1f7bc7d07c7eaa2f3cad2959ddb5447d4d3adcb46eb6a99808e22771 |
| SHA512 | cad44933b94e17908c0eb8ac5feeb53d03a7720d97e7ccc8724a1ed3021a5bece09e1f9f3cec56ce0739176ebbbeb20729e650f8bca04e5060c986b75d8e4921 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0262f1b8875a63310122209127977387 |
| SHA1 | 1d3e59832699cc65a9b81c4cd4dcd3e780c85ffc |
| SHA256 | 8bb236a9c1e36a74735f32996601b95770fa074b586869e9ad7f0f34b8c7eec1 |
| SHA512 | 510d1f686a3cd17e9e30a6f0fa615ee10738b526f93ee4995e17605a73521ac57c20acbc1416291f1611394e91220231c0b78b1d118a7c294f987f7b1578c5a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 482efe17d5887e950485fa5a4c64e699 |
| SHA1 | 490ddf00c9128e78a241d717f27b5999b3973ee0 |
| SHA256 | 2038a1733ea94211dbc3ffdb1a6be5472c507b2e21357e98f49bf8a67a590bf3 |
| SHA512 | 0e8c87ed67e6e7c8314b7ccfa6c6e15a0a0de12c2c31fcaabd141d7f777beb2ac7990efc166d6ac0b3851c59fe7f3d045c2b389143a91a123e4cadb0a0075001 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b250cf482e269ea8fa4833171d7049ed |
| SHA1 | 9c118440ef51c96839eccdae7d4d31e90cb73a03 |
| SHA256 | 9ab9817f45d9872a7c52fa2faeac560cd18f0e96c2394dd24182f48896b32c4f |
| SHA512 | 1e1dfd67b61d5dc3b560235383cb5faef7cb53ddcf862818b170dca87d523b716fc28a0e911cad2745337d7bc54f25a7a5732b2000deb0a4119bb8a4c5b142c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 22ac1d76811774583dffd91418f0de5b |
| SHA1 | 186891584c1b9bbc019cbd5334ca4f2a864e1bb0 |
| SHA256 | ab3d3ae7868d3d6bc30d21bbd7afa583b1cf7723dd81eda6ebeab9c1c1f22b28 |
| SHA512 | 22ee93d2a1cfdb03a920788202cebd2391dbac6bf1eb165556404b8b2fc3e1b859ac61696e430333fcacbd97feaeee214eb646722ab2115564986e8cfbf56858 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 250fdb3564c65b4c2f6a9bb6adf55b83 |
| SHA1 | 1fd630cdc982ff6d9a5dde8551bfb2c310141cfd |
| SHA256 | dcd840eb9e94bf92ebc537c3f6aa4b637c5a5400d935730aede99ed4580fd80b |
| SHA512 | e5d7bb050e648b6567e58891359e076fb0b3be676235b5c4a17e6c5be8e96dfca2f11a85804487d1d9d174300faacd21be663a84105bd7e45b496694d1397720 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57dd7f.TMP
| MD5 | 95a3c125dd905c20f8efc0188046e728 |
| SHA1 | 44e4d4a0b335d4f8d2d867d3a5d4dc6fa9f889a3 |
| SHA256 | d513ae9a71f5b1afecadbac073b31d6f85ebb04dbf5ccf61021dec6b88cf0344 |
| SHA512 | ed62d97e38c3ea614d4cd5e73982ef0c2f8adbe0a5e6ee1f81c5312a95ff5b013bac7fd889044546bd9ecdd64d9e66582e214b6ccce40258d025be4cb25a8c82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8aebeab327801fb6fccdd3898d94796e |
| SHA1 | bc212da08fd3941a8c94f85e70638e6a9c3b8bc0 |
| SHA256 | 9ca66bfb12e185ec67db1be7337181551c4303c5e78774272ba9116cbf45f9c9 |
| SHA512 | e7a763dc5d1f675b7af8deb8e0e7d4bc000b058572370f24a6ebec85ede3844fb48517db56d09bfa85d6ef24db4473b95d0b8e9ae3f5681b2efacae6da67cef2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b896c243cd41c2ede6f9f498826812f9 |
| SHA1 | 3818c29f4cde793f00b9c8d8ec98b6a90bbb9af7 |
| SHA256 | 7170f16603bc554b8ce26e9ab235832a2f44cb83a75e4f081317a436defc1ec7 |
| SHA512 | 4a27a553b24b744b6b674adcd2766c6ce9378f01e474d97f25d4cd9443472dda0075111b396f20c0550bfd126cd78e3593bb41d71442e21d7bcd273d655bb0fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
| MD5 | 51eb43e0006dd8bff136d7837755236a |
| SHA1 | 9ebbfb2bc59d92a58410e346827c5b648751685b |
| SHA256 | 002bd760239c407c22525973a0b8e8152c376c002a36d4345eb31ba5d6733d75 |
| SHA512 | 80ebfc107a595d84ef1a6eff9ebc92706614d6c80ca81f6ae591bde16b7ebbd15f4d12e25a09507c4d61f3fc1530a5423c8cea6b7f5e684a3eb34db27206f992 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | 63319906ae1745894ea0d74deff3cbf8 |
| SHA1 | 4ee2150249334c23d6021386d30a7c441b9ced13 |
| SHA256 | 72bc1227c73b341e574bbd741783539bf4e4a2ee7f9d1e142e2bc6707a7e98cb |
| SHA512 | 0783803646ffa71994944e8ba9660a08ec3be66c7ad6589fee2e16b79805550db15f45097ff58def28aff96b0e74dd5feec75890ea7177fd7fa1aa80921d5f36 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | 3dba85126302ae3c69942e2f2f40743b |
| SHA1 | 62e2b606f7a62e1cc75fa772217173da0c1d0f3f |
| SHA256 | c1d03f31611f103e342f9a1a1b5e7ee8dc66b00a5a01126028e62acb9a4a6e4a |
| SHA512 | 0252aa5469a5fac1626f677d5e02eb7a83ecb97c316b551e403c2c3f7e8c137a32014c1866c537955dfcecd341983cea0aeb52db4756c7f1e547466a8f597de8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\29340163-1824-455c-9281-83e330a94ca2.tmp
| MD5 | eb260534af7776fd9fba04034b13e4bd |
| SHA1 | 3e3eff66c492f6dd8adbb42489459264411c7f75 |
| SHA256 | ee675c4cad8f9e477c480d6ab0b282633286addce1ee977fd48733cb3c4926bd |
| SHA512 | 23a09e3ff8155af630ee037195952d90ff6ff70f7c221d56358c70e5618fceabe7c1b84200d569590c72b15a72a66d9d51ca61db9bce12c785042cb0903d2e4b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2a84abe5321581e2e2f5e14b88ccf499 |
| SHA1 | e2ff9a1154bd48bfa108b80017c2cfe2bed35539 |
| SHA256 | 06121e21d9ee5e8b28fc3c515bb5543c2cc19d9f584e171c06590e2b3e18d9ee |
| SHA512 | ee8ea95037f5068fb30eb5f93c963759d78535bdc501801c18377b2deb4262c9e654d0eac1018ab13f16397eee5f22d8b000857d2c06f76fb5ee18e8b1c50f87 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 528938c8cc94e4cca1ac4f81384ae908 |
| SHA1 | 6e9e3e9c04c81113f86e7b2a546f4604388c8ed3 |
| SHA256 | 93424b872c97de2a51618bf6f55932460794b1ea22be9330495343a246adf166 |
| SHA512 | 07183b6cfd72736035d148ff941de6423f90c5472785d616bb41080499b17d7edc54f011121aa14f4a8c209f2c2721ef9ed101e36dc9c7824fadf9885c42973b |
C:\Users\Admin\Downloads\OperaGXSetup.exe
| MD5 | eb29c619aa8e37aa85970a3947d0813e |
| SHA1 | 2b8e0d3300c5590ef5a0075f6c6f8a649fc29e24 |
| SHA256 | d708e619d371dcdb961ebfd045402ce5b46457175db9f428c92b21e5f49447dc |
| SHA512 | 332fd479b5eb98ba106cece02e30bac3b4ba82392906e4824e6f060fcc0e392be9237c4281796b9afb05adab1fa066c0d49195aa214cc0210e326872c02f14e1 |
C:\Users\Admin\AppData\Local\Temp\7zS45440738\setup.exe
| MD5 | defd30ea336650cc29c0c79fad6fa6b5 |
| SHA1 | 935d871ed86456c6dd3c83136dc2d1bda5988ff3 |
| SHA256 | 015a13bd912728e463df6807019b1914dffc3e6735830472e3287150a02e13f4 |
| SHA512 | 8c6ebbf398fb44ff2254db5a7a2ffbc8803120fa93fa6b72c356c6e8eca45935ab973fe3c90d52d5a7691365caf5b41fe2702b6c76a61a0726faccc392c40e54 |
C:\Users\Admin\AppData\Local\Temp\Opera_installer_240904142433024880.dll
| MD5 | 640ed3115c855d32ee1731c54702eab7 |
| SHA1 | 1ac749b52794cbadfec8d9219530e9a79fc9427c |
| SHA256 | 29b4cabc7a0e9dffbc2395b976749be0aad88357dd3b1d7e0cfc9b0c645421a3 |
| SHA512 | bebe55fdbb363b78c4a6371304f65b89e03a03cee5a8ebceee1681261d8df64a0de36888ed763c3a607ae2732ab54e2e41edb624f37a7fdf8755c40e6bb96f53 |
C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports\settings.dat
| MD5 | 566e590128a748eb3a015c18cd845174 |
| SHA1 | 66519acbbac5cf9f642306ab23c3a6670d644bbc |
| SHA256 | c83e4106915572cafb85cd3f823ffe750469c78cdd293f33ea34bd183870c94f |
| SHA512 | 698d87323b1674b3608827d94cf605d6e16527c23fcf6fc9928f181783e3b3d4388a0ee05a00504b465562b8f3385e581a87256bb13ec5ce4e6388e26b992d9c |
C:\Users\Admin\AppData\Local\Temp\opera_installer_ui.lck
| MD5 | d5333984775cfd846cadacaa13565e4e |
| SHA1 | b700fc571867a9a3a0c3ca4a657375fbfa3949dd |
| SHA256 | e350163b0af5a851b5c3f1193c785f90577300d4d3015aa737d57089da982ca5 |
| SHA512 | 6fa7852f92a337a99cd15c74e0b5f382b50f25add41fe292d94448441ce4c4ad06ee0b9819ffb3299774d3712e0aad8cd7a19e783507e83aa585699eb67e08cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ba40e060ff4ebef6ddda79d2fb650f05 |
| SHA1 | dd87f59e42b07c47f0afa28a5c3d42d971b63ed6 |
| SHA256 | b07c2ea108b5f76183786333cf0dd2612f3b9d2bfd33af69a48a33db8e714f74 |
| SHA512 | 1d80dc267b373cc1eac4a78450acdcd603851243a209c90d1179925097f0d770e3fd60f3dfc4586f38dd9e2eb4b9f44ccb36a53721df3d7f4cc60f845759347c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 16d6c024a60ff1c5b53dd12fa18e49ce |
| SHA1 | e4714d8d5a891cb1368f45ddadcd2a6d7f7d438c |
| SHA256 | 5834964811a799fd4ed499f2b6654f8cfcb2fb2227bd58694aa27c97ae35eb69 |
| SHA512 | 69279496c7add7d1e54d3e05cf202d0e8692a9e8d45b3e456600a1e8648d313a7fddd9ea7aee475f32ba2abf8d7311a00c4ebc5f1cca688d1b89fb052abc4c5a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 964665b8228d6a1872e685b6c45dff08 |
| SHA1 | 606584c269965d7bb533bce323be6d316717498a |
| SHA256 | c424dca933dc65c3354ee5394102eea614f2289370fad4497809e9ec16ed11e3 |
| SHA512 | c3c66c08541f4bc687e13ace6295d41f5ad4610ab9cd2ff82edbadd16e00a4fae7ed7a6e491df6821131def8025aecd0176542b5dc27df094c247c8c69095833 |
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202409041424331\additional_file0.tmp
| MD5 | e9a2209b61f4be34f25069a6e54affea |
| SHA1 | 6368b0a81608c701b06b97aeff194ce88fd0e3c0 |
| SHA256 | e950f17f4181009eeafa9f5306e8a9dfd26d88ca63b1838f44ff0efc738e7d1f |
| SHA512 | 59e46277ca79a43ed8b0a25b24eff013e251a75f90587e013b9c12851e5dd7283b6172f7d48583982f6a32069457778ee440025c1c754bf7bb6ce8ae1d2c3fc5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | b29fdf571d2c6921dbe7885e194bd831 |
| SHA1 | c21f90ad83509f9b2b3dbc3589d6bddee6e05aa6 |
| SHA256 | 81b1b4ca1778ff0a6756c0934fd5ef5f5bd5408b5b0906f2b6c1615349443fc6 |
| SHA512 | 246d94fc9cf0a4df093a2b9ca988126d375a0a80415612b81c92b63e32dc74c46502d0e4430cefda263b25bc30616db70b4408f477d2c3523d4e68670646099f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d
| MD5 | 97a3bed6457d042c94c28ed74ec2d887 |
| SHA1 | 02ce7a6171fb1261fde13a8c7cbb58992e9d5299 |
| SHA256 | ae56cf83207570afbb8a6ab7cbc4128b37f859cb6f55661e69e97a3314c02f67 |
| SHA512 | 6c8cf955ec73ad9d97bbb36c7ce723bfa58c9aef849aa775ee64ce15afa70afb40e8cd45989dadec420d2e8edda9ec0f05cc76a0602df0b6c4e5d45de0f4ce7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 188b723dbc6474c7fcbb1c69df02a15f |
| SHA1 | e91fd755ca1ea1a60948a0317c57fc2183db96c8 |
| SHA256 | e9e4d849bac613a9fa88859f6e1ae798e55886b3d8ea25471140d83c5e775e06 |
| SHA512 | 217340960a0bc09da267bae71e47d9b5a5c9d5114bbf1410923f0b1c5ac43db85f9cf1b1970b69d9c5ece6ab732f105df564302555ba32c77175cfb8ebf70b0b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 69d9397d1315d50c50531a91d644f382 |
| SHA1 | a4bc7663ce66fe9ca1cabf814ae9c40d34d898b7 |
| SHA256 | 57f0095b0f12ea95b4b787ca6cb3607bcdcfd6d6ce4896e363e5e79dd4cd1862 |
| SHA512 | 65c5f6c8a000e812619e778270f1fecffbf13aac804e9c8dce284bdc8a03a60cd07f2a8010f220bfdb90e4954964560ed6a5b80e33d90045646ec650e37f46c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 48bb8594bc4d944b76492d4d63966e80 |
| SHA1 | cabd6dce130fbb4083583f267ba71f97f3ede4bc |
| SHA256 | 76a13825baf103ede3f79aee12d693f5ce0bbb3e9764e1dad7d5ce20d2c3bd86 |
| SHA512 | 172f946dbbf58d0676bdcdc772e543d1d7e099ba629f3cfc97e639f2c19a422791540e313335eaa7c117b8135aa3bbaa683dfb3ded91134bfd147646f2857f89 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | cb9aaa5e28d1b3c9b56cf09cddc62de8 |
| SHA1 | f1c3941ab5c0216390e58555c21b4e8f4cca377a |
| SHA256 | 25a5071025cae2d67f93f38baf1f0922cd48fcf30e4c132aac50647bb1112043 |
| SHA512 | d822ff4d2c00ff439b568d0290f3d72fdb0b7796845079a94c0ddcd3c5f2f43f9838e18f07031294f4f606658f1221f52bc4fd50ee5545cbfd6e12265c47a876 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b13bb5d833de9dafb31f13c1431ebf81 |
| SHA1 | 24599f97f163684a3dec5c0b87a2dbbbe37ff1a1 |
| SHA256 | dae7689ca116397d34c25c020f8920411720899dac719e71cb3012b2b1be698f |
| SHA512 | 2583cf0f292a031e9c481a078ae63fb3bcd6db9f6152b0000b9b7ab8b5425208096387318814e1cf34249a6c729a223e6ae037792902d000f85e56be5495df8c |