Analysis Overview
SHA256
ad2cad5a7d6db613dd16f685577c76a006cca700d31bf508fa8310fd8a7438e5
Threat Level: Known bad
The file solara-bootstrapper was found to be: Known bad.
Malicious Activity Summary
Suspicious use of NtCreateUserProcessOtherParentProcess
Rhadamanthys
Command and Scripting Interpreter: PowerShell
Event Triggered Execution: Image File Execution Options Injection
Downloads MZ/PE file
Checks computer location settings
Event Triggered Execution: Component Object Model Hijacking
Loads dropped DLL
Executes dropped EXE
Maps connected drives based on registry
Network Share Discovery
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Enumerates processes with tasklist
Checks system information in the registry
Drops file in Program Files directory
System Location Discovery: System Language Discovery
Enumerates physical storage devices
System Network Configuration Discovery: Internet Connection Discovery
Browser Information Discovery
Modifies registry class
Scheduled Task/Job: Scheduled Task
Suspicious use of SetWindowsHookEx
Modifies system certificate store
Uses Task Scheduler COM API
Suspicious use of SendNotifyMessage
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Detects videocard installed
System policy modification
Enumerates system info in registry
Modifies data under HKEY_USERS
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Suspicious behavior: GetForegroundWindowSpam
GoLang User-Agent
Opens file in notepad (likely ransom note)
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-09-13 20:58
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-09-13 20:58
Reported
2024-09-13 21:05
Platform
win10v2004-20240802-en
Max time kernel
392s
Max time network
395s
Command Line
Signatures
Rhadamanthys
Suspicious use of NtCreateUserProcessOtherParentProcess
| Description | Indicator | Process | Target |
| PID 6056 created 2624 | N/A | C:\Imbasers\timbers.exe | C:\Windows\system32\sihost.exe |
Command and Scripting Interpreter: PowerShell
Downloads MZ/PE file
Event Triggered Execution: Image File Execution Options Injection
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\MicrosoftEdgeUpdate.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Maps connected drives based on registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Disk\Enum | C:\Users\Admin\AppData\Local\Temp\Temp1_setup.zip\setup\myproject.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum\0 | C:\Users\Admin\AppData\Local\Temp\Temp1_setup.zip\setup\myproject.exe | N/A |
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | N/A | N/A |
Network Share Discovery
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Enumerates processes with tasklist
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
Drops file in Program Files directory
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Imbasers\timbers.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\openwith.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe | N/A |
System Network Configuration Discovery: Internet Connection Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Detects videocard installed
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\Wbem\wmic.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
GoLang User-Agent
| Description | Indicator | Process | Target |
| HTTP User-Agent header | Go-http-client/1.1 | N/A | N/A |
| HTTP User-Agent header | Go-http-client/1.1 | N/A | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133707347416751398" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32\ = "{31FB561A-CD57-4AF0-AE52-5652A86256B1}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ = "IAppBundle" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods\ = "17" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\LOCALSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ = "ServiceModule" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32\ = "{31FB561A-CD57-4AF0-AE52-5652A86256B1}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ = "IAppCommand" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods\ = "24" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\ProxyStubClsid32\ = "{31FB561A-CD57-4AF0-AE52-5652A86256B1}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32\ = "{31FB561A-CD57-4AF0-AE52-5652A86256B1}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods\ = "41" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ProxyStubClsid32\ = "{31FB561A-CD57-4AF0-AE52-5652A86256B1}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ = "IGoogleUpdate3WebSecurity" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\NumMethods\ = "12" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32\ = "{31FB561A-CD57-4AF0-AE52-5652A86256B1}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32\ = "{31FB561A-CD57-4AF0-AE52-5652A86256B1}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ = "IGoogleUpdate3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\LOCALSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebSvc\ = "Microsoft Edge Update Update3Web" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32\ = "{31FB561A-CD57-4AF0-AE52-5652A86256B1}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\NumMethods\ = "24" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32\ = "{31FB561A-CD57-4AF0-AE52-5652A86256B1}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ = "IGoogleUpdateCore" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8F09CD6C-5964-4573-82E3-EBFF7702865B}\ProgID\ = "MicrosoftEdgeUpdate.CoreClass.1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32\ = "{31FB561A-CD57-4AF0-AE52-5652A86256B1}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachine\ = "Microsoft Edge Update Broker Class Factory" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\ProgID\ = "MicrosoftEdgeUpdate.ProcessLauncher.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ = "IProcessLauncher2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ProxyStubClsid32\ = "{31FB561A-CD57-4AF0-AE52-5652A86256B1}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32\ = "{31FB561A-CD57-4AF0-AE52-5652A86256B1}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32\ = "{31FB561A-CD57-4AF0-AE52-5652A86256B1}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\ELEVATION | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\LocalizedString = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.195.19\\msedgeupdate.dll,-3000" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ = "ICredentialDialog" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ = "IProgressWndEvents" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\APPID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ProgID\ = "MicrosoftEdgeUpdate.Update3COMClassService.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349 | C:\ProgramData\driver1.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349\Blob = 040000000100000010000000497904b0eb8719ac47b0bc11519b74d00f00000001000000140000003e8e6487f8fd27d322a269a71edaac5d57811286090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef40b000000010000001c0000005300650063007400690067006f002000280041004100410029000000140000000100000014000000a0110a233e96f107ece2af29ef82a57fd030a4b41d00000001000000100000002e0d6875874a44c820912e85e964cfdb030000000100000014000000d1eb23a46d17d68fd92564c2f1f1601764d8e3491900000001000000100000002aa1c05e2ae606f198c2c5e937c97aa2200000000100000036040000308204323082031aa003020102020101300d06092a864886f70d0101050500307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c18414141204365727469666963617465205365727669636573301e170d3034303130313030303030305a170d3238313233313233353935395a307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c1841414120436572746966696361746520536572766963657330820122300d06092a864886f70d01010105000382010f003082010a0282010100be409df46ee1ea76871c4d45448ebe46c883069dc12afe181f8ee402faf3ab5d508a16310b9a06d0c57022cd492d5463ccb66e68460b53eacb4c24c0bc724eeaf115aef4549a120ac37ab23360e2da8955f32258f3dedccfef8386a28c944f9f68f29890468427c776bfe3cc352c8b5e07646582c048b0a891f9619f762050a891c766b5eb78620356f08a1a13ea31a31ea099fd38f6f62732586f07f56bb8fb142bafb7aaccd6635f738cda0599a838a8cb17783651ace99ef4783a8dcf0fd942e2980cab2f9f0e01deef9f9949f12ddfac744d1b98b547c5e529d1f99018c7629cbe83c7267b3e8a25c7c0dd9de6356810209d8fd8ded2c3849c0d5ee82fc90203010001a381c03081bd301d0603551d0e04160414a0110a233e96f107ece2af29ef82a57fd030a4b4300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff307b0603551d1f047430723038a036a0348632687474703a2f2f63726c2e636f6d6f646f63612e636f6d2f414141436572746966696361746553657276696365732e63726c3036a034a0328630687474703a2f2f63726c2e636f6d6f646f2e6e65742f414141436572746966696361746553657276696365732e63726c300d06092a864886f70d010105050003820101000856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e | C:\ProgramData\driver1.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349\Blob = 5c0000000100000004000000000800001900000001000000100000002aa1c05e2ae606f198c2c5e937c97aa2030000000100000014000000d1eb23a46d17d68fd92564c2f1f1601764d8e3491d00000001000000100000002e0d6875874a44c820912e85e964cfdb140000000100000014000000a0110a233e96f107ece2af29ef82a57fd030a4b40b000000010000001c0000005300650063007400690067006f002000280041004100410029000000620000000100000020000000d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef453000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f00000001000000140000003e8e6487f8fd27d322a269a71edaac5d57811286040000000100000010000000497904b0eb8719ac47b0bc11519b74d0200000000100000036040000308204323082031aa003020102020101300d06092a864886f70d0101050500307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c18414141204365727469666963617465205365727669636573301e170d3034303130313030303030305a170d3238313233313233353935395a307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c1841414120436572746966696361746520536572766963657330820122300d06092a864886f70d01010105000382010f003082010a0282010100be409df46ee1ea76871c4d45448ebe46c883069dc12afe181f8ee402faf3ab5d508a16310b9a06d0c57022cd492d5463ccb66e68460b53eacb4c24c0bc724eeaf115aef4549a120ac37ab23360e2da8955f32258f3dedccfef8386a28c944f9f68f29890468427c776bfe3cc352c8b5e07646582c048b0a891f9619f762050a891c766b5eb78620356f08a1a13ea31a31ea099fd38f6f62732586f07f56bb8fb142bafb7aaccd6635f738cda0599a838a8cb17783651ace99ef4783a8dcf0fd942e2980cab2f9f0e01deef9f9949f12ddfac744d1b98b547c5e529d1f99018c7629cbe83c7267b3e8a25c7c0dd9de6356810209d8fd8ded2c3849c0d5ee82fc90203010001a381c03081bd301d0603551d0e04160414a0110a233e96f107ece2af29ef82a57fd030a4b4300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff307b0603551d1f047430723038a036a0348632687474703a2f2f63726c2e636f6d6f646f63612e636f6d2f414141436572746966696361746553657276696365732e63726c3036a034a0328630687474703a2f2f63726c2e636f6d6f646f2e6e65742f414141436572746966696361746553657276696365732e63726c300d06092a864886f70d010105050003820101000856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e | C:\ProgramData\driver1.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Scheduled Task/Job: Scheduled Task
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\schtasks.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Temp1_setup.zip\setup\myproject.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious use of WriteProcessMemory
System policy modification
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe | N/A |
Uses Task Scheduler COM API
Processes
C:\Windows\system32\sihost.exe
sihost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\solara-bootstrapper.html
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff889c9cc40,0x7ff889c9cc4c,0x7ff889c9cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1976,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1972 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2152,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2192 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2224,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2528 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff889c9cc40,0x7ff889c9cc4c,0x7ff889c9cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3132,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3152 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3148,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3292 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3992,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4000 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3608,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4744 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4668,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3144 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4612,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3144 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5308,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1044 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5324,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5428 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5696,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3936 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Temp1_setup.zip\setup\Read it to me.txt
C:\Users\Admin\AppData\Local\Temp\Temp1_setup.zip\setup\myproject.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_setup.zip\setup\myproject.exe"
C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe
C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\MicrosoftEdgeUpdate.exe" /installsource taggedmi /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMTkiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuMTkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NkRFQTgzNUYtMUFGNC00RTdGLTgwNUYtMzM3MkVDQTZGN0VFfSIgdXNlcmlkPSJ7MTNGQTUyNjgtQUI3Qy00MEFCLTg5NkUtRDNGQTlBMjUwRjg3fSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0iezE2QzhBNUVDLTU0MkQtNEI5MC04MjJGLUZERjY1NzE3QTQ0NH0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgbG9naWNhbF9jcHVzPSI4IiBwaHlzbWVtb3J5PSI4IiBkaXNrX3R5cGU9IjIiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMTkwNDEuMTI4OCIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTk1LjE1IiBuZXh0dmVyc2lvbj0iMS4zLjE5NS4xOSIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjcyNzE0ODQ5NyIgaW5zdGFsbF90aW1lX21zPSI2NzIiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource taggedmi /sessionid "{6DEA835F-1AF4-4E7F-805F-3372ECA6F7EE}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMTkiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuMTkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NkRFQTgzNUYtMUFGNC00RTdGLTgwNUYtMzM3MkVDQTZGN0VFfSIgdXNlcmlkPSJ7MTNGQTUyNjgtQUI3Qy00MEFCLTg5NkUtRDNGQTlBMjUwRjg3fSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7RTBCOUMzOEEtRjI4QS00QzhELTlDRDktMTgzMTA5MjlCQkVGfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O0UreGJBejZZNnNVMTI4OWJTNnFsNFZSTGJramZCVUdUTUpzanJIcjQ0aUk9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEyMy4wLjYzMTIuMTIzIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSI0MiIgaW5zdGFsbGRhdGV0aW1lPSIxNzIyNjAyNjYyIiBvb2JlX2luc3RhbGxfdGltZT0iMTMzNjcwNzUyODYxNDQyNzM1Ij48ZXZlbnQgZXZlbnR0eXBlPSIzMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMjExNDMyNSIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjczNDk2MDg4NiIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3328,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5804 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5848,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5896 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4076,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4100 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=3984,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2688 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=3124,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3964 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5724,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4064 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=6196,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6256 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6204,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6180 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6504,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6208 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5476,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6492 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=4032,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6588 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6704,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6720 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=6100,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6872 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=6852,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7056 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=7040,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6756 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6736,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6800 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=7112,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5392 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=6824,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6820 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6976,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6904 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=6948,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=6720,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7444 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=7084,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7560 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=6912,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7688 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=7088,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7804 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=7212,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7920 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=7420,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8036 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=7912,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7788 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=8432,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8388 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=8452,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8560 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=8720,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8712 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=8828,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8728 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=9032,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8980 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=9164,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9140 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=9304,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9328 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=9320,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9172 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=8976,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9588 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=9580,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9736 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=9160,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9908 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=9888,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10056 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=9924,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10196 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=4040,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9468 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=9604,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9944 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=10656,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10632 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=10784,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10748 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=10768,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10756 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=11028,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11060 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=10640,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11220 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=11332,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11340 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=11476,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3548 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=10764,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9584 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=8356,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9768 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=11480,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9356 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=3548,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11464 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=10728,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10228 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=10716,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10608 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=10576,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11312 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=9972,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10024 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=10000,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10020 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=8600,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8576 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=9852,i,5014486554259045730,3390731377843107132,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9824 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D63A61E4-FC60-4486-86B9-43D8D84DBC21}\MicrosoftEdge_X64_128.0.2739.79.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D63A61E4-FC60-4486-86B9-43D8D84DBC21}\MicrosoftEdge_X64_128.0.2739.79.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D63A61E4-FC60-4486-86B9-43D8D84DBC21}\EDGEMITMP_9892D.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D63A61E4-FC60-4486-86B9-43D8D84DBC21}\EDGEMITMP_9892D.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D63A61E4-FC60-4486-86B9-43D8D84DBC21}\MicrosoftEdge_X64_128.0.2739.79.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D63A61E4-FC60-4486-86B9-43D8D84DBC21}\EDGEMITMP_9892D.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D63A61E4-FC60-4486-86B9-43D8D84DBC21}\EDGEMITMP_9892D.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=128.0.6613.138 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D63A61E4-FC60-4486-86B9-43D8D84DBC21}\EDGEMITMP_9892D.tmp\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=128.0.2739.79 --initial-client-data=0x230,0x234,0x238,0x22c,0x208,0x7ff6ae4716d8,0x7ff6ae4716e4,0x7ff6ae4716f0
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMTkiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuMTkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NkRFQTgzNUYtMUFGNC00RTdGLTgwNUYtMzM3MkVDQTZGN0VFfSIgdXNlcmlkPSJ7MTNGQTUyNjgtQUI3Qy00MEFCLTg5NkUtRDNGQTlBMjUwRjg3fSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0iezAzNEJBMzk2LTZFMDMtNDJDMi1BOThDLUQ0OTFFRTM4NzI1OX0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgbG9naWNhbF9jcHVzPSI4IiBwaHlzbWVtb3J5PSI4IiBkaXNrX3R5cGU9IjIiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMTkwNDEuMTI4OCIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxMjguMC4yNzM5Ljc5IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2NzQ0MzM2NDY3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjc0NDMzNjQ2NyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjczNjg2ODkwNTUiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5mLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzNjMGRlMmJmLTY1YmYtNDlkNS1hY2IxLTM3OWJhODIxNWM2MD9QMT0xNzI2ODY2MTM3JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PUV0ODA4JTJmS1RBRUhtWWtOdDZwbnBLb2FZSU05WHR2ZXpRbGFLWFFIa2pFM3E5Q3FoZW9tRCUyYkZnbmZ1d1UlMmZRODAlMmJmU0NpTVV3M0xvcGU1eDZRaGYzemclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNzM5MDk1ODQiIHRvdGFsPSIxNzM5MDk1ODQiIGRvd25sb2FkX3RpbWVfbXM9IjU1NDczIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNzM2ODgwOTIwOCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjczODQ5OTUyMjEiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc4NDAxNzEwMDEiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSI0NTMiIGRvd25sb2FkX3RpbWVfbXM9IjYyNDMwIiBkb3dubG9hZGVkPSIxNzM5MDk1ODQiIHRvdGFsPSIxNzM5MDk1ODQiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjQ1NTE0Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=myproject.exe --user-data-dir="C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --disable-features=msSmartScreenProtection --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=1648.4528.9086163811324642718
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=128.0.6613.138 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=128.0.2739.79 --initial-client-data=0x178,0x17c,0x180,0x154,0x188,0x7ff883a49fd8,0x7ff883a49fe4,0x7ff883a49ff0
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView" --webview-exe-name=myproject.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1872,i,15099097607065773303,8425118532005079852,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection --variations-seed-version --mojo-platform-channel-handle=1868 /prefetch:2
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView" --webview-exe-name=myproject.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --field-trial-handle=2060,i,15099097607065773303,8425118532005079852,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection --variations-seed-version --mojo-platform-channel-handle=2116 /prefetch:3
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView" --webview-exe-name=myproject.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --field-trial-handle=2384,i,15099097607065773303,8425118532005079852,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection --variations-seed-version --mojo-platform-channel-handle=2316 /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView" --webview-exe-name=myproject.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3576,i,15099097607065773303,8425118532005079852,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection --variations-seed-version --mojo-platform-channel-handle=3596 /prefetch:1
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell -WindowStyle hidden -Command "Add-MpPreference -ExclusionPath \"C:\ProgramData\";" powershell -WindowStyle hidden -Command "Add-MpPreference -ExclusionPath \"C:\Users\Admin\AppData\Local\Temp\Temp1_setup.zip\setup\myproject.exe\""
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -WindowStyle hidden -Command Add-MpPreference -ExclusionPath C:\Users\Admin\AppData\Local\Temp\Temp1_setup.zip\setup\myproject.exe
C:\Windows\System32\Wbem\wmic.exe
wmic path win32_VideoController get name
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\System32\Wbem\wmic.exe
wmic csproduct get uuid
C:\ProgramData\driver1.exe
C:\ProgramData\driver1.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell -WindowStyle Hidden -Command "Add-MpPreference -ExclusionPath 'C:\Users'"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell -WindowStyle Hidden -Command "Add-MpPreference -ExclusionPath 'C:\Windows'"
C:\Windows\system32\schtasks.exe
schtasks /create /tn WinDriver /tr C:\ProgramData\Microsoft\WinDriver.exe /sc onstart /ru SYSTEM
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell -WindowStyle Hidden -Command "Add-MpPreference -ExclusionPath 'C:\Program Files'"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell -WindowStyle Hidden -Command "Add-MpPreference -ExclusionPath 'C:\Program Files (x86)'"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell -WindowStyle Hidden -Command "Add-MpPreference -ExclusionPath 'C:\Recovery'"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell -WindowStyle Hidden -Command "Add-MpPreference -ExclusionPath 'C:\Imbasers'"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell -WindowStyle Hidden -Command "Add-MpPreference -ExclusionPath '%USERPROFILE%\Desktop'"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell -WindowStyle Hidden -Command "Add-MpPreference -ExclusionPath 'C:\ProgramData'"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Imbasers\timbers.exe
C:\Imbasers\timbers.exe
C:\Windows\SysWOW64\openwith.exe
"C:\Windows\system32\openwith.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.160.190.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 227.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | dns-tunnel-check.googlezip.net | udp |
| US | 8.8.8.8:53 | tunnel.googlezip.net | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 216.58.213.10:443 | ogads-pa.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.212.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 206.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 216.58.201.110:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.111.133:443 | avatars.githubusercontent.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | repository-images.githubusercontent.com | udp |
| US | 185.199.110.133:443 | repository-images.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | repository-images.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | repository-images.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | repository-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.110.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.113.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | private-user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.sf.dl.delivery.mp.microsoft.com | udp |
| US | 152.199.21.175:443 | msedge.sf.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 159.113.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| IE | 20.166.2.191:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 191.2.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.f.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 199.232.214.172:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 74.125.195.94:443 | id.google.com | tcp |
| GB | 216.58.213.10:443 | ogads-pa.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | www.pornhub.com | udp |
| US | 66.254.114.41:443 | www.pornhub.com | tcp |
| US | 66.254.114.41:443 | www.pornhub.com | tcp |
| US | 8.8.8.8:53 | static.trafficjunky.com | udp |
| US | 8.8.8.8:53 | ei.phncdn.com | udp |
| GB | 216.58.212.206:443 | play.google.com | udp |
| GB | 64.210.156.20:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.20:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.23:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.23:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.23:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.23:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.23:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.23:443 | ei.phncdn.com | tcp |
| US | 8.8.8.8:53 | 94.195.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.114.254.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | media.trafficjunky.net | udp |
| US | 8.8.8.8:53 | prvc.io | udp |
| US | 8.8.8.8:53 | cdn1-smallimg.phncdn.com | udp |
| US | 66.254.114.156:443 | cdn1-smallimg.phncdn.com | tcp |
| GB | 64.210.156.18:443 | media.trafficjunky.net | tcp |
| US | 104.21.56.52:443 | prvc.io | tcp |
| GB | 64.210.156.23:443 | media.trafficjunky.net | tcp |
| US | 8.8.8.8:53 | ss.phncdn.com | udp |
| US | 8.8.8.8:53 | s.optnx.com | udp |
| US | 8.8.8.8:53 | s3t3d2y8.afcdn.net | udp |
| US | 8.8.8.8:53 | a.adtng.com | udp |
| NL | 95.211.229.247:443 | s.optnx.com | tcp |
| US | 66.254.114.171:443 | a.adtng.com | tcp |
| GB | 84.17.50.9:443 | s3t3d2y8.afcdn.net | tcp |
| US | 8.8.8.8:53 | 20.156.210.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.156.210.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.114.254.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.156.210.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.56.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 247.229.211.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | hw-cdn2.adtng.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| GB | 64.210.156.4:443 | hw-cdn2.adtng.com | tcp |
| GB | 64.210.156.4:443 | hw-cdn2.adtng.com | tcp |
| GB | 64.210.156.4:443 | hw-cdn2.adtng.com | tcp |
| US | 8.8.8.8:53 | etahub.com | udp |
| US | 66.254.114.62:443 | etahub.com | tcp |
| US | 8.8.8.8:53 | storage.googleapis.com | udp |
| GB | 216.58.212.251:443 | storage.googleapis.com | tcp |
| US | 8.8.8.8:53 | 171.114.254.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.50.17.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.156.210.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.114.254.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.212.58.216.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 74.125.195.94:443 | id.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | temp-mail.org | udp |
| US | 104.26.7.95:443 | temp-mail.org | tcp |
| US | 104.26.7.95:443 | temp-mail.org | tcp |
| US | 104.26.7.95:443 | temp-mail.org | tcp |
| US | 104.26.7.95:443 | temp-mail.org | tcp |
| US | 8.8.8.8:53 | cdn.paddle.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cdn4.buysellads.net | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| GB | 159.65.211.77:443 | cdn4.buysellads.net | tcp |
| US | 172.66.40.60:443 | cdn.paddle.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| GB | 142.250.187.226:443 | securepubads.g.doubleclick.net | tcp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| GB | 142.250.187.226:443 | securepubads.g.doubleclick.net | udp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 95.7.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.211.65.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.40.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.74.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.223.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| GB | 52.84.90.106:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | srv.buysellads.com | udp |
| NL | 23.218.48.210:443 | secure.cdn.fastclick.net | tcp |
| US | 172.67.36.110:443 | cdn.hadronid.net | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| GB | 18.245.143.100:443 | tags.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | rt.marphezis.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| NL | 152.42.150.143:443 | srv.buysellads.com | tcp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | pbjs.e-planning.net | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | exchange.cootlogix.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 104.18.34.178:443 | mp.4dex.io | tcp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| NL | 193.3.178.4:443 | pbjs.e-planning.net | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| NL | 188.166.203.175:443 | rt.marphezis.com | tcp |
| US | 157.230.58.126:443 | exchange.cootlogix.com | tcp |
| US | 157.230.58.126:443 | exchange.cootlogix.com | tcp |
| US | 157.230.58.126:443 | exchange.cootlogix.com | tcp |
| US | 157.230.58.126:443 | exchange.cootlogix.com | tcp |
| US | 157.230.58.126:443 | exchange.cootlogix.com | tcp |
| US | 157.230.58.126:443 | exchange.cootlogix.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| FR | 178.32.197.49:443 | prg.smartadserver.com | tcp |
| FR | 178.32.197.49:443 | prg.smartadserver.com | tcp |
| FR | 178.32.197.49:443 | prg.smartadserver.com | tcp |
| FR | 178.32.197.49:443 | prg.smartadserver.com | tcp |
| FR | 178.32.197.49:443 | prg.smartadserver.com | tcp |
| FR | 178.32.197.49:443 | prg.smartadserver.com | tcp |
| GB | 108.138.217.61:443 | hb.yellowblue.io | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | c.4dex.io | udp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| GB | 18.245.250.165:443 | aax.amazon-adsystem.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 104.22.4.69:443 | id.hadron.ad.gt | tcp |
| US | 104.18.22.145:443 | cadmus.script.ac | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | 70.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.90.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.36.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.143.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.150.42.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.48.218.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.75.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.34.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.64.124.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.178.3.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.203.166.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.197.32.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.58.230.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 165.250.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.34.241.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.4.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.22.18.104.in-addr.arpa | udp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 104.22.5.69:443 | a.ad.gt | tcp |
| US | 8.8.8.8:53 | ccbef00ebb28e789eda1bca87927e5ad.safeframe.googlesyndication.com | udp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.178.1:443 | ccbef00ebb28e789eda1bca87927e5ad.safeframe.googlesyndication.com | tcp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.178.1:443 | ccbef00ebb28e789eda1bca87927e5ad.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| NL | 185.89.210.90:443 | secure.adnxs.com | tcp |
| NL | 185.89.210.90:443 | secure.adnxs.com | tcp |
| NL | 185.89.210.90:443 | secure.adnxs.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | 120.33.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.169.217.172.in-addr.arpa | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| US | 8.8.8.8:53 | acdn.adnxs-simple.com | udp |
| GB | 88.221.135.89:443 | acdn.adnxs-simple.com | tcp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| NL | 96.16.53.133:443 | acdn.adnxs.com | tcp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 34.95.69.49:443 | i.clean.gg | tcp |
| US | 34.95.69.49:443 | i.clean.gg | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.69.95.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.53.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csm.nl3.eu.criteo.net | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | web2.temp-mail.org | udp |
| US | 104.26.6.95:443 | web2.temp-mail.org | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| DE | 51.89.9.251:443 | onetag-sys.com | udp |
| NL | 185.89.210.244:443 | ams3-ib.adnxs.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | ssp-sync.criteo.com | udp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| US | 8.8.8.8:53 | bab89e65ccee741087331b17e22f6d7d.safeframe.googlesyndication.com | udp |
| GB | 142.250.178.1:443 | bab89e65ccee741087331b17e22f6d7d.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| GB | 159.65.211.77:443 | srv.buysellads.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | 95.6.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.1.250.178.in-addr.arpa | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | qsearch-a.akamaihd.net | udp |
| US | 8.8.8.8:53 | warp.media.net | udp |
| US | 8.8.8.8:53 | hblg.media.net | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| GB | 95.100.244.20:443 | contextual.media.net | tcp |
| NL | 23.220.112.27:443 | hblg.media.net | tcp |
| GB | 92.123.140.147:443 | qsearch-a.akamaihd.net | tcp |
| GB | 92.123.140.147:443 | qsearch-a.akamaihd.net | tcp |
| NL | 23.220.112.27:443 | hblg.media.net | tcp |
| GB | 95.100.244.20:443 | contextual.media.net | tcp |
| GB | 95.100.244.20:443 | contextual.media.net | tcp |
| US | 8.8.8.8:53 | lg3.media.net | udp |
| US | 8.8.8.8:53 | 108.136.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.140.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.112.220.23.in-addr.arpa | udp |
| GB | 95.100.244.20:443 | contextual.media.net | udp |
| US | 8.8.8.8:53 | akl-navvy.media.net | udp |
| US | 34.160.55.127:443 | akl-navvy.media.net | tcp |
| US | 8.8.8.8:53 | 127.55.160.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | hb.trustedstack.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | sync.adkernel.com | udp |
| US | 147.182.130.98:443 | sync.cootlogix.com | tcp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| GB | 2.16.170.51:443 | hb.trustedstack.com | tcp |
| NL | 23.53.112.234:443 | ads.pubmatic.com | tcp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| US | 104.22.51.98:443 | spl.zeotap.com | tcp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| US | 8.8.8.8:53 | 234.112.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.130.182.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.57.245.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.51.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| GB | 2.16.170.51:443 | hb.trustedstack.com | tcp |
| US | 8.8.8.8:53 | dmp.adform.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | trc.taboola.com | udp |
| US | 8.8.8.8:53 | dmp.v.fwmrm.net | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| US | 8.8.8.8:53 | dsp.adfarm1.adition.com | udp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| GB | 142.250.200.2:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| DE | 85.114.159.118:443 | dsp.adfarm1.adition.com | tcp |
| US | 151.101.65.44:443 | trc.taboola.com | tcp |
| US | 3.144.50.134:443 | dmp.v.fwmrm.net | tcp |
| FR | 178.32.197.57:443 | sync.smartadserver.com | tcp |
| IE | 3.251.32.23:443 | dpm.demdex.net | tcp |
| DK | 37.157.6.237:443 | dmp.adform.net | tcp |
| IE | 52.208.141.37:443 | bcp.crwdcntrl.net | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | eu-west-1-cs-rtb.openwebmp.com | udp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| DE | 51.89.9.251:443 | onetag-sys.com | udp |
| FR | 178.32.197.57:443 | sync.smartadserver.com | tcp |
| IE | 52.213.210.147:443 | match.prod.bidr.io | tcp |
| GB | 13.224.222.101:443 | eu-west-1-cs-rtb.openwebmp.com | tcp |
| US | 104.17.44.93:443 | gum.aidemsrv.com | tcp |
| DE | 138.201.8.249:443 | sync.richaudience.com | tcp |
| US | 64.202.112.63:443 | b1sync.zemanta.com | tcp |
| US | 64.202.112.63:443 | b1sync.zemanta.com | tcp |
| US | 184.73.221.102:443 | api-2-0.spot.im | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | aa.agkn.com | udp |
| US | 8.8.8.8:53 | beacon.krxd.net | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| IE | 54.72.64.168:443 | aa.agkn.com | tcp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| DE | 3.71.149.231:443 | ups.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | usermatch.krxd.net | udp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| FR | 178.32.197.57:443 | sync.smartadserver.com | tcp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| GB | 23.194.15.107:443 | secure-assets.rubiconproject.com | tcp |
| US | 54.156.197.53:443 | sync.srv.stackadapt.com | tcp |
| IE | 52.31.21.125:443 | jadserve.postrelease.com | tcp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| GB | 88.221.134.35:443 | player.aniview.com | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | mwzeom.zeotap.com | udp |
| IE | 52.94.222.140:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | tracker.open-adsyield.com | udp |
| US | 8.8.8.8:53 | obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com | udp |
| DE | 138.201.8.249:443 | sync.richaudience.com | tcp |
| US | 3.90.19.95:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 172.111.38.111:443 | tracker.open-adsyield.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| IE | 34.243.149.65:443 | obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com | tcp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 89.149.192.75:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| DE | 91.228.74.200:443 | cms.quantserve.com | tcp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| IE | 52.94.222.140:443 | aax-eu.amazon-adsystem.com | tcp |
| DE | 91.228.74.200:443 | cms.quantserve.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| US | 192.132.33.68:443 | bttrack.com | tcp |
| US | 8.8.8.8:53 | simage2.pubmatic.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| NL | 198.47.127.205:443 | image2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 8.8.8.8:53 | dsp-cookie.adfarm1.adition.com | udp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| DE | 80.82.210.217:443 | dsp-cookie.adfarm1.adition.com | tcp |
| US | 8.8.8.8:53 | 51.170.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.245.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.193.197.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.197.32.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.32.251.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.159.114.85.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.141.208.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.50.144.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.210.213.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.222.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.44.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.112.202.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.64.72.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.221.73.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.149.71.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.15.194.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.21.31.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.197.156.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.222.94.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.149.243.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.19.90.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.38.111.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dsp-ap.eskimi.com | udp |
| NL | 188.42.63.48:443 | dsp-ap.eskimi.com | tcp |
| GB | 142.250.200.2:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 8.8.8.8:53 | d5p.de17a.com | udp |
| NL | 35.214.237.73:443 | csync.loopme.me | tcp |
| SE | 13.53.196.230:443 | d5p.de17a.com | tcp |
| US | 8.8.8.8:53 | cacerts.rapidssl.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 8.8.8.8:53 | ipac.ctnsnet.com | udp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | tcp |
| US | 8.8.8.8:53 | ad.mrtnsvr.com | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| FR | 178.32.197.56:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | dsp.360yield.com | udp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| FR | 178.32.197.56:443 | rtb-csync.smartadserver.com | tcp |
| IE | 63.34.152.168:443 | dsp.360yield.com | tcp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.210.82.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.63.42.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.8.201.138.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.237.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.196.53.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.163.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.197.32.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cm-supply-web.gammaplatform.com | udp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| FR | 178.32.197.56:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | cr.frontend.weborama.fr | udp |
| US | 8.8.8.8:53 | um.simpli.fi | udp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | pubmatic-match.dotomi.com | udp |
| US | 8.8.8.8:53 | ad.turn.com | udp |
| US | 8.8.8.8:53 | match.adsby.bidtheatre.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| IE | 18.200.40.125:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | tcp |
| NL | 35.204.158.49:443 | um.simpli.fi | tcp |
| DK | 37.157.5.84:443 | c1.adform.net | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| NL | 64.227.64.62:443 | match.adsby.bidtheatre.com | tcp |
| NL | 89.207.16.204:443 | pubmatic-match.dotomi.com | tcp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | idsync.frontend.weborama.fr | udp |
| US | 34.111.131.239:443 | idsync.frontend.weborama.fr | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| IE | 52.30.121.65:443 | ap.lijit.com | tcp |
| US | 8.8.8.8:53 | 168.152.34.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.129.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.158.204.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.40.200.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.64.227.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 204.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.5.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.131.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pixel.tapad.com | udp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| US | 8.8.8.8:53 | 62.113.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.121.30.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | simage4.pubmatic.com | udp |
| GB | 185.64.190.81:443 | simage4.pubmatic.com | tcp |
| US | 8.8.8.8:53 | core.iprom.net | udp |
| US | 8.8.8.8:53 | cm.adgrx.com | udp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| IE | 52.215.155.11:443 | cm.adgrx.com | tcp |
| US | 8.8.8.8:53 | green.erne.co | udp |
| US | 8.8.8.8:53 | a.tribalfusion.com | udp |
| FR | 141.95.171.142:443 | green.erne.co | tcp |
| US | 172.64.150.63:443 | a.tribalfusion.com | tcp |
| US | 8.8.8.8:53 | matching.truffle.bid | udp |
| DE | 162.55.120.196:443 | matching.truffle.bid | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | uipglob.semasio.net | udp |
| US | 8.8.8.8:53 | pixel.onaudience.com | udp |
| DK | 77.243.51.122:443 | uipglob.semasio.net | tcp |
| US | 8.8.8.8:53 | pixel-eu.onaudience.com | udp |
| CA | 148.113.153.94:443 | pixel.onaudience.com | tcp |
| FR | 54.38.113.7:443 | pixel-eu.onaudience.com | tcp |
| US | 8.8.8.8:53 | s.tribalfusion.com | udp |
| US | 8.8.8.8:53 | sync.targeting.unrulymedia.com | udp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | 81.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.155.215.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.171.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.150.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.120.55.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.51.243.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.113.38.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.153.113.148.in-addr.arpa | udp |
| FR | 5.135.209.104:443 | rtb-csync.smartadserver.com | tcp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| FR | 5.135.209.104:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 104.209.135.5.in-addr.arpa | udp |
| FR | 149.202.238.105:443 | rtb-csync.smartadserver.com | tcp |
| IE | 52.213.210.147:443 | match.prod.bidr.io | tcp |
| FR | 149.202.238.105:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 105.238.202.149.in-addr.arpa | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| GB | 64.210.156.23:443 | ss.phncdn.com | tcp |
| GB | 64.210.156.20:443 | ss.phncdn.com | tcp |
| US | 104.21.56.52:443 | prvc.io | udp |
| US | 66.254.114.171:443 | a.adtng.com | tcp |
| US | 8.8.8.8:53 | ht-cdn2.adtng.com | udp |
| GB | 64.210.156.21:443 | ht-cdn2.adtng.com | tcp |
| GB | 64.210.156.21:443 | ht-cdn2.adtng.com | tcp |
| US | 8.8.8.8:53 | eg-cdn.trafficjunky.net | udp |
| PL | 93.184.223.43:443 | eg-cdn.trafficjunky.net | tcp |
| US | 8.8.8.8:53 | 21.156.210.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.223.184.93.in-addr.arpa | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 8.8.8.8:53 | 67.112.168.52.in-addr.arpa | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | tcp |
| N/A | 127.0.0.1:80 | tcp | |
| N/A | 127.0.0.1:80 | tcp | |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 64.210.156.23:443 | ht-cdn2.adtng.com | tcp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 64.210.156.23:443 | ht-cdn2.adtng.com | tcp |
| US | 8.8.8.8:53 | ew.phncdn.com | udp |
| DE | 147.45.47.37:2001 | 147.45.47.37 | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | 37.47.45.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| DE | 147.45.47.37:1488 | 147.45.47.37 | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 185.199.108.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 21.112.82.140.in-addr.arpa | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 13.107.21.239:443 | tcp | |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 88.221.134.67:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 239.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.134.221.88.in-addr.arpa | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | httpbin.org | udp |
| US | 34.231.0.251:443 | httpbin.org | tcp |
| US | 8.8.8.8:53 | 107.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.0.231.34.in-addr.arpa | udp |
Files
\??\pipe\crashpad_2036_YAEIBZLFIMLDTCON
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 89f10307a4e87f78ad0b6081cd8e23f6 |
| SHA1 | a26e92f89231b60cbd742d0a259d63eebe2388d0 |
| SHA256 | dcf169dc4a6449c4cc490dbdb448505ec91dd219619f32496100649c259388b9 |
| SHA512 | 5845e6b34d0effafa10ba9c5eded904c13af64128ce3a152a3c2cad9c6fa38b7358916a0948eb6288c9c9ead23bd5195e16c77c49971fb53d6ceabc1e276f0f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 44eb6970a4efe636443af6bedaaa3546 |
| SHA1 | a25ff770a5f9442409a4584ff9eb26e4ab5fa0bd |
| SHA256 | 3104f282183962d1d9526854b53145b4f14cf9b2b0f5c268f13e653f87ef548a |
| SHA512 | 0649331ebbfa2b9683250fc77d6b7350a8a0298f880434a06d468028d9d790386eaf14f0fd477d8485a672d66e0bb73d6d899a37f7c61b87ffd62c817f7e3e13 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001
| MD5 | 08ec57068db9971e917b9046f90d0e49 |
| SHA1 | 28b80d73a861f88735d89e301fa98f2ae502e94b |
| SHA256 | 7a68efe41e5d8408eed6e9d91a7b7b965a3062e4e28eeffeefb8cdba6391f4d1 |
| SHA512 | b154142173145122bc49ddd7f9530149100f6f3c5fd2f2e7503b13f7b160147b8b876344f6faae5e8616208c51311633df4c578802ac5d34c005bb154e9057cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 28b2d57cf06b08b744a7798d3fb2a153 |
| SHA1 | 867b2fd36e93b28e1c728c5d9edde7a30a100af1 |
| SHA256 | 7e740fa0ab18ea20cfdfa30a10fe040c308f74a2dba7f6c0989e9bef0a660146 |
| SHA512 | 115e03c99d49e25468a8f6de7e45f2be44eda6df82790482ff805e4d479e4c5f8c237eca659fa591686dfc81819efb180a1f9e6dda06289dc44b3476c6f448d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\77b6ce39-92b0-43ba-adf0-374491c0f678.tmp
| MD5 | 10d5d9c874019219aba5c79ea9ec2aae |
| SHA1 | e061bab64e5d189aa9ad6a99a6a5d747f76bea49 |
| SHA256 | d80ef7895315b46fcb82014605d5a8d61951e914ed69c7cb49c9642b9701ca73 |
| SHA512 | 083126da1edadfebc193bccf6cbdbe67f6a019868e386b09b9830bfa88dd6eb0b036f7dfc0fedfe2cb79bb436fcdac6339b3bc18ee21ec7499ab35e03320d8cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 90d0410ea21a56c16405f2cd7683db9a |
| SHA1 | 9650ea99045ce490cd5021b09636a412ba33b39f |
| SHA256 | 90f0b05b7682c24fa1c493dfa6150c6e17c94db798edbeafee894a4a809c0c97 |
| SHA512 | 06fa2f4b3e2ef112edef1c268e6b60888e0622b2e99fff40e079b38d70e9505e19003734d502073ebccac7c09dd2149cbcd746d284e4fcc89f18818929e39ee4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6f234bd17d0fedbd1f101ee4c25f0b7a |
| SHA1 | f3a7a4f5ea435b5a8b20a7ea8054b6aa1173fa90 |
| SHA256 | dc4706bf93e759f7bf2b679c27101b40d784ec6871b4a9aee1b909b302d698fd |
| SHA512 | 4c4594d252dbbf6d048af6abae6fe6479c37056869ecdd9974987d865a245a70a932735b4f6986c566355735979d4e2d8a17084be9b36a8fdc1177c4dba0bf01 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f845cc633c20f2a84d46bd36e272dac9 |
| SHA1 | a388b5a3e5bc8b285e02f17181698a4d989d1792 |
| SHA256 | bb6b663b210011b5839fcb37272d079ad752ea52175e81f3d5effbaadafaee0b |
| SHA512 | e5668b7df5b2b1860da9862e6bf2c5720b27961141908849d1279562be1b1d45e67f59cc0443fbb3940c60b4797548a186fd21e3fe85169880ec89227230b819 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7eb1184b925c6cb43703a3c712d6b489 |
| SHA1 | 9001b519b24fbcb9c88d8679d10869e5548374b3 |
| SHA256 | 90925e6affc36b6c1549ab816c26d7e08d24afb9497c8deba7016f7a6759f66b |
| SHA512 | 65b58231750b67cd64f6fd107e3ab8cc2fc2a2f34ee5cedb08181d9a05f3905c585d2f36f2336d7bfe8de978633d2be0f3513f8ad524b70a542dcdc71bed1256 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | fce2ca978f0bdf286da4e985dac9a805 |
| SHA1 | c17115e2595c8f4d63a6ba6b1318984d0d4f619a |
| SHA256 | b045adaa7b4fd2c25c9f9aa55bbb37201dfc8dba23d604ba5423adde61128e82 |
| SHA512 | 6f267bd2f23cd1c4990c75124ade3d5b029010b41d34848e7a522a67300eb7a05e0f59aa2c57411da1fa5fd1f593789908c0922b88262c6abf35d2238a3aec95 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bb578669027c95d71de10e0322e4c80b |
| SHA1 | 9790a7abd35b24bac7defe91a4ceaf0e78e470db |
| SHA256 | faf5c124bb5e70da0b3b345d738df06f524116a227245b9970fdca19613428f3 |
| SHA512 | deac41b066f024794b34c48f080813a627114cf30e5e8b65d7e3960569f0221dd3e46fa764e3a8c4d8e55fe5f06340b422a8b92211ead8d7dababde6036869ce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d74e12f00231543677d1caf00485fbe5 |
| SHA1 | 06a92c227fc90b3a7582e836da31acd9f95beae1 |
| SHA256 | 887fc71ead097837f5190141b73d23f000df0facf94b299419e1d602285d6c84 |
| SHA512 | 70e6598ce9bdab341a95d1140018fe30cb8f29a615ba34cca23704ba6854f33b6cd1e86b87ae0a02ff5cf0e701c2f75dce7eb961e87ba0ed46bb3e875e1f0ab8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | dd8dfba1f6e055719462b1b7d731de75 |
| SHA1 | ec73a54427bb4c7bd04279ff9bce25213a48fb6f |
| SHA256 | a40d2a494fda4d83158a164848ffbf7e6f5e18fdec001d965a2906d8ec381506 |
| SHA512 | e115964aefe4f94d22d58ab740c9fbd16b6080494f17d519c929b7b5cdf4bba2492552e6289a73d93a2f988fda96a0673849bbf55441b4438c70743478d08a76 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ff6bc8a42dd5b31c1d32384f84e3831b |
| SHA1 | 39a6fca146f9834c90e9e32f86374ede7517204d |
| SHA256 | 28db3460fe44bbf80f0d390b4df46e09f3296739a7d581c92e8d61425c8ee59e |
| SHA512 | 2b910958bc4aaf3e1b524dd052baf277dbb151650947c5a7d9addc6e90c49994bbc037085036020040bb0c1a500b14ca2b6eaaab6c370fbbb49349194f24720a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0553d960e2343291e2bdff9782893ad9 |
| SHA1 | 05fd5ff4713d3f04d5fa8ed3501c671ab170f43a |
| SHA256 | ae7d625d701c39418025b6109ba025008353117d71569ae961bd0a53a23a3eea |
| SHA512 | 0f9582ee4d8b8f804dd01148e92975f2e4204b388ab9225eaa659139f7303685e798b9976574cccddb165c3980c3adbff61fe14586c4d8501b7b689417144516 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8930b8b33d8113d817f2a3b5c9101e13 |
| SHA1 | e6c710c78da4773de967be0afc408fe3124249ba |
| SHA256 | 4dab863ac2a0fdb9ce1964a2da3542998df0d8429bec6d1918b7dc635da82689 |
| SHA512 | 07421d092b1966de42128556baa52e01c4d3830d4a151915e080e7d38a8e6875e0438470b884e8498af66cbc76f5f06343b3ea8e79d967cd2d38decbc13c1d59 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ac763869111a1ea0cae5dab352d87d96 |
| SHA1 | 1f995acee6a8436fe2241cce00d933f3c5d2f695 |
| SHA256 | 306cd2fd73e9dcd3f9a1a4e78cb84930ec79c3b18c1f095c7432e97ae5169b98 |
| SHA512 | 5312b3b820d6cf1f258addd232e9fb1f64e2293f6efba4e935d03ddae2c00088d21dd81e32448f8dfe622075cfd3f156b2b71bf1e1f3d9992578956168bad245 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8aa8e89c7b36566411eee40e38829905 |
| SHA1 | d33141caa22272c87a98c2b4af87b9d88ae7dc33 |
| SHA256 | 0f43d0e4dcfdfdef71931c9b430ab8d112b8e2d3dc28e5b1c1645b8a333d623b |
| SHA512 | c6fd70c1016faa00ed1874e3e119f800055673e23bbf2ed7ccdf31d65375cfea32b26a3b38005df99de549bd68580049740aa460dbf6d7493c96c244aa0c2640 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dce5feed1fe8eb543fbb0662e95b45eb |
| SHA1 | d33a43b4055539b3a25b90dbe458c738ff6a866f |
| SHA256 | 0ef316ed2a7233e4e82587b7f77c098584f0baf6f8cf8e8e1df266b604260331 |
| SHA512 | b5d38748e1188fe8efa7e2e174786478dc7d2c6391668a3163881a6358a92907fb2afe5bf3cf71de25159e19fb4bac387bbba2c6f201847182106bfbd246da84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4c56bec4ad29a10990d683df05ce1cda |
| SHA1 | 7a89fd8e47aef944dbd39470fff135306827d69a |
| SHA256 | 2a36460f6d8036587865f31ccc505f62d86bf91f68e6ffc43329e83a5a5a989b |
| SHA512 | 11b627d10465ad5d93d69df5f2a0e5da12ec2427cde4fb466c2edf8e9188d22a2e63e71f50411acd6b5b3821af1bb79d66aa2bf4f37999b24c1737ad3efc9df9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 840de28bdda987b2cd33e741b876c0b4 |
| SHA1 | 9124cefebe051e019a35693c0c5d988f2eff9114 |
| SHA256 | 2b683f48feb9ab20fa6e1976d13a44983f12690361653f1d277628cce9f9aab6 |
| SHA512 | 827446643a743d703de35918cc17e8263edd853753242843cf91dedd3ea4ea3c4292c7dec1f53a4ea5649d502e7fbddeab7402275f7e72c192818e3bcaec8087 |
C:\Users\Admin\Downloads\setup.zip.crdownload
| MD5 | 1baf851f46a5ea24e21ebd492d6b745c |
| SHA1 | 308f821d54bdc34d51c0ab69353fdb7f013cf19b |
| SHA256 | 3f86aac3627bc0050d3c823a3195f6c192f5fb15e080442c1f910453163078c2 |
| SHA512 | 14d4b66272b63293b94a481e138efdec8c399628b40f4ff6137b107c7f38f0b00a71c4471e39428c13ab1b40cff76675cf26c7db4adb3d1f443a92947c188bae |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 27a2bedf1116c671e57c2ad66d5e8629 |
| SHA1 | 58deb7a77212d5e4ec3089d21c2c55132ce8bcf8 |
| SHA256 | 97983d336093e611c6cc2d64b003d267ff18bdbc6537358ed7bf3326c575831e |
| SHA512 | 007590f49645f05f6f5adfe74889527875816579c01c70955bcb0321d0fda2f3f762bb87a455d28d1b2c794e403b327967ad2da10e10a7ee82a0489865765a20 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2b841382eaccb8952ce26c576c7184a5 |
| SHA1 | b0e800e158a071963bd8fc6a49425e483721017c |
| SHA256 | 7642dabe4615d6b92f80db44c952d99f81a2b6a51f3c3007c99cdb664337d2d5 |
| SHA512 | 0daefe83e40432d3029a477fdea8df1a5dd8150bfd9c8728a6dc475163955c37d9dc3e32aed640af312b3ef536dd5d4c87418a2e7fc4c699e8e2dcd1c948623d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 938a14dc607cbd37a45a2120f4362371 |
| SHA1 | ac707fcf8ad530aa6c0fe95916ef137e1bc1c955 |
| SHA256 | 0a933a6c4d661f454df3c357fb4e79cc937d6354929c42c47fe2e369352d0047 |
| SHA512 | 5b470d74fc5c51e2525014815a8a3dd1a7ab83b4e20561d13f15bad399467ff3925df85cb5f69926a71e0e0de53094c32f9533ae9369530d427daf98a99b9468 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8c7b2ebb307cb59227db381bba543b98 |
| SHA1 | c7603779e21d30dff27ab83e01f000ef651e2ca5 |
| SHA256 | 26d948c66f4aafd181d1b65a73c7cbf44bb472122409ea115186c653cfdb805b |
| SHA512 | 6313a7f81f17e6a649acc8c04f0c5444a6913dc739edf3841ae398da056c6857ac9d5ac0c9e201a8efe0d47f1fae7ef334b26b15b6962d410719d641151f608e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f3d8ac51d35079c2df1cde8765a5fc4e |
| SHA1 | 02c97c48d99a9acbc6299e1e1bab1e16b5a3d626 |
| SHA256 | d2a30f4612a796f6df04a8f7066851b70ba4a0203b3108743d307d6f7bbbfa78 |
| SHA512 | 64720ba3e504762d492bb0d0dbd10be8ffdc257c3eae6f3caba7efdea210d25118d5f57d666731bbdff9e015cfa249ac13e86edeb6e279c5fc0f5f5a3d1cba5d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d18cd7b96544a57178aec552f044f832 |
| SHA1 | f769a68c8f85a69da5d02525c09f7e44a3a1b2e6 |
| SHA256 | 9c306729504d9e4c5faade62403f77d3c75192db29f8db4e325870ff36a054f1 |
| SHA512 | 0a842e9fd1553206e300470ccf2c88682498fb39cdb26be12dcac844fa94cd654a4ed431343678c313c68011782d26c9279e0e9e8ab95815f1147f6ae4b99362 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 22938e1f2d441ffb335fd338ff853bb7 |
| SHA1 | 4273aa871b03f76ec20423f950b0c0b80d1af7d8 |
| SHA256 | 3aa594f8e66f4993a2b49b0719a5e2daf893c49247dfac60d9887d1cbfa20fbc |
| SHA512 | 6859447ff35a08bccb5eeebbdbb7d364537686817dfaa4fd57861970787fb738f0467ba7dcc4ecd52a3e617b6be3f89fa71450ebe8d5b65ab7c61229d16452e3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 442dab5cda65cd631710fa22efb36b8c |
| SHA1 | 6ab9bc84a6eb590bff84e51d624875b38604481c |
| SHA256 | 7cdcb5e9452c271c957ab7946e906af1c8f5c08e77db56712c331e4ecaf7a2c4 |
| SHA512 | 255db7cd4d9a7a402afb628935151440cde96f5439fd86fea4cea5c890c3dc3ccc765d272fab1f4ccace9a43c612cc150d9e01d7e488ad711eebd914007cc8ae |
C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe
| MD5 | d2ebd82a5d3fac11d44d90d8df253bb9 |
| SHA1 | ba94b456e111ea9573fe150ad4090a66540c9938 |
| SHA256 | 04b65aa7b23d0c7ebbd6e022a600fbc43c0ee896ed280e48ac59e17fb0a2311d |
| SHA512 | 49e9ef8066200cd6ec079943c1fbcda95cab2d3042f635ed57949e0c0701ecdf34ea8f16324994dc77bc3ec9fc67882ea88b4d543974e90bf4e8cf69b15e073c |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\MicrosoftEdgeUpdate.exe
| MD5 | b0d94ffd264b31a419e84a9b027d926b |
| SHA1 | 4c36217abe4aebe9844256bf6b0354bb2c1ba739 |
| SHA256 | f471d9ff608fe58da68a49af83a7fd9a3d6bf5a5757d340f7b8224b6cd8bddf6 |
| SHA512 | d68737f1d87b9aa410d13b494c1817d5391e8f098d1cdf7b672f57713b289268a2d1e532f2fc7fec44339444205affb996e32b23c3162e2a539984be05bb20c4 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdate.dll
| MD5 | b0da0a3975239134c6454035e5c3ed79 |
| SHA1 | fbea5c89ef828564f3d3640d38b8a9662c5260e6 |
| SHA256 | c590d1af571d75d85cfe6cb3d1aa0808c702bcefd1b74b93ea423676859fb8ba |
| SHA512 | 5fbfa431a855d634bcbef4c54e5cc62b6435629305efee11559f66473c427ad0775c09364d37aaa7a4a8a963800886f6547a52ae680a1ff2c4dcc52c87d994bb |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_en.dll
| MD5 | be845ba29484bdc95909f5253192c774 |
| SHA1 | 70e17729024ab1e13328ac9821d495de1ac7d752 |
| SHA256 | 28414cd85efe921a07537f8c84c0a98a2a85fdbd5dfa3141e722ed7b433d0a96 |
| SHA512 | 2800ec29ece429151c4cd463c5042492ac24e82b4999a323607d142a6e1a08cb69258190a6722afbbcfb3c9cdc6eebdedf89ee6549e0f420f6fbae3aa0501fd4 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\MicrosoftEdgeUpdateCore.exe
| MD5 | e468fe744cbaebc00b08578f6c71fbc0 |
| SHA1 | 2ae65aadb9ab82d190bdcb080e00ff9414e3c933 |
| SHA256 | 7c75c35f4222e83088de98ba25595eb76013450fc959d7feefcab592d1c9839f |
| SHA512 | 184a6f2378463c3ccc0f491f4a12d6cac38b10a916c8525a27acd91f681eb8fb0be956fc4bdb99e5a6c7b76f871069f939c996e93a68ff0a6c305195a6049276 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe
| MD5 | 1d35f02c24d817cd9ae2b9bd75a4c135 |
| SHA1 | 8e9a8fe8ca927f2b40f751f2f2b1e206f1d0905f |
| SHA256 | 0abf4f0fe0033a56ebdaff875b63cc083fd9c8628d2fb2ab5826d3c0c687b262 |
| SHA512 | 17d8582c96b22372a6e1a925ccc75531f9bab75ebe651a513774a02021801d38e8f49b4e9679a9dfc53ccc29193fed18ab2e2935b9b7423605e63501028240e9 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_af.dll
| MD5 | c54dfe1257b6b4e1c6b65dabf464c9fa |
| SHA1 | aef273340160af0470321e36e9c89e1a858e9d39 |
| SHA256 | 0c426d4d48efff328a0da5497af24e83892a2ed1d6397a6dc42f9548a24dbff5 |
| SHA512 | 58ae24dfc6045ce1f8ed782a03cb3d02c10b99a2992b9326711fb8700c8e7d05cfbca21e9b47cb4b1f4f806a9bb7667672026c715aad2f175febb6ba2b5f95db |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_az.dll
| MD5 | ace0925ded0a4507d82e6d32a77c50df |
| SHA1 | c760ff52c71de3080631120c6992dcd0ac4e37bd |
| SHA256 | 8e3c517bfc5986310c35f30b9681d9c919a7d62e299014410132ddc2b41f00b3 |
| SHA512 | 8adec80e179f205d0571625c1a63a0188e6533adefd48691f2fc287a546c12249c2126e6958d1732fa8847492a8287723a0196fbc0f2b9af3c54e1ab418cc3e6 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_da.dll
| MD5 | 08fb61cf492ccd1236907af7a6b1bd4b |
| SHA1 | 9f6e0f7610d42f8a402d3adb7b66374f4d0f3cb5 |
| SHA256 | d6261d4bd9ce4011caee1e0efefb5685a5bb5e29130ad8639e4578fc90027631 |
| SHA512 | 747982680ebc9e3c0993a69923c94382df6bfc113ebb76d31f65f9d824abef1a051a4e351f0f42296fd84e7663fc3bcc784da51dbce0554c3a880ac2258aa16c |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_de.dll
| MD5 | 970e46bfaca8f697e490e8c98a6f4174 |
| SHA1 | 2bc396e8f49324dee9eb8cc49cdb61f5313130d9 |
| SHA256 | eeff2c2487c6456e6a3ed43fe5fbb9d3b72e301d3e23867b5d64f5941eb36dcb |
| SHA512 | 789f29ee2c34d86da5c69225bb8b2fd96273c20146126c28d3d36a880bbda5b16ace479ce59aafdf645328255105133f489278023e63e04e9fa1fb34cc1f3ae1 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_ka.dll
| MD5 | e802f3589731c88d166a8b0e3bae1dc7 |
| SHA1 | b94e21b646c26053c19a0e6238f0e4fbde0a2fa6 |
| SHA256 | 173f78b786cd1a58a47ec9f7c662e403b191fa42cb7308aa7eb6b0f744bfae0b |
| SHA512 | ecf9eb33afb00c6839d6778e36685b904267e6f384a7d307230000a506e6ac6e95132c2f50a4cbe523d834dd6c7ecd1277d47b73188130e097a0b64c0ec64a51 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_ja.dll
| MD5 | ffc1ff9f4cb8fcb529f8580d3b92a80c |
| SHA1 | d0ef21a7407c5eebe1fc21b6549c92c6222bf0cd |
| SHA256 | d508f613bbec62a237a5616959dbc292fe4a79adc8783fb91725f3f2c32658d2 |
| SHA512 | 6345362f03f3bc4409c1e5875b2e7cb58b5df9737c9c5502a19314046281e682a3ea7ac5adbbb933a130f52efad4da4eb9ad99ebfdd41bdba23d1fbea4180475 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_iw.dll
| MD5 | dede65e2268976ded6f598ecea661025 |
| SHA1 | 45c6fd614dac74eecf83709081b4f289c05271dd |
| SHA256 | 9379736bb1b621367e42736d311288d33742a9e0ca3e056b4638491fc434a880 |
| SHA512 | 92a46ca5e3c40bf55fede64aecd7fd05f6419c645d38325546c46632775fe72cff4152e473ffbc15d478da62c76a088ebfb4db91b9a0691a9ce1c763ad3f9285 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_it.dll
| MD5 | b8b03be1e73e1ccc0df159c48e875038 |
| SHA1 | 37d1b2216f1e90a69b1be65b2c4f0f5f35e78aef |
| SHA256 | 4ee8f48af5136fb80f5d031395f92abb2b3571fdf7c4c98ae833c2ee74c49160 |
| SHA512 | ef47c8c0f8aed7a4d912986e2a3fbc34b54fdea25b006bcb63d502a6cefc42bca717a93e16ff1c137892a91b894ea15d95a53dd3b52b850bf1a75ec9bd7b3013 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_is.dll
| MD5 | b675cc1f6f5f174c265c0887d9591915 |
| SHA1 | abb182cfbe1d5723ecc380c5fa08b24c1f421af1 |
| SHA256 | c012110ad65f8244494ef2aa70696128a949fbc5797e5139afa7d4195457df1f |
| SHA512 | be1b23a563a2b4f6b658df3f8075d48bf3921c5951a6fbe77c24a0949997e068403f5bcaa3f93030b01d7a69b1aa74ce06f37038c30145e03a9822f4854f7c0d |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_id.dll
| MD5 | 5b5366c7779dc9ce9f3a15b6f22289ac |
| SHA1 | d9995fee337b9696be970a2a48a845ed71bd7d2b |
| SHA256 | da6d5c982387286396f54c043bacf106f78fc76db4a33984c8b2cb88882fc9b3 |
| SHA512 | 35362a3719833449bd9e757194f9b0b28c3d68a0c62f52d224b1cd5eca5a2343e1db868668e2b30d927a1966b5db5cd0b2230d7f4576627e486eb3a86913b195 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_hu.dll
| MD5 | e56f98d6b32f82f391d5b087a135a7ec |
| SHA1 | c8de62b4b22a8153cb788e03f7e04c55a5ae5396 |
| SHA256 | 236252a34d2efdb4e801bd827a791935aadfe6c0a471f1b252d9bf2d291a6bae |
| SHA512 | 45b9933478505759e7217a65e3a054885841c5ae9bc58983c6cb216ea2a15c53f45ecfb6b40fee07d54c289819ddc2161a651e5183e244e0f43946176f224c8a |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_hr.dll
| MD5 | 8bbd58f9644187747407b0a18c60aa0a |
| SHA1 | 82888f3f2ce1dd7b9b3f5ac26bed0a6da5601dff |
| SHA256 | 35008c4ea7f22ac78d28e72311d4b3fa28d6af24072fa94558a9b3771a4b545e |
| SHA512 | 1fa7d62692062c1d22e3fe0e5c15bfbb2def115be2991001a998fcc6bbb5983d9343b06172e8f38b245587b15762b655ef58ec508160b576779963e5889efca8 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_hi.dll
| MD5 | 6b97796e1746317567ed7cffe9441d3b |
| SHA1 | dd269b22021eb37fe854ff181a09bf7f9568f7ac |
| SHA256 | a4ce75f6b1de6a2500bfd6b0ebc1c268cb3d7080dc9e7661bedd9361f7215d42 |
| SHA512 | f1856ac881de7acb7f61f2d7c1d064458855c3621fcfa951f1d1207f3d85fd6f64b26547ea1391c4145bdeee23e6611acb2fe80b8c1258dd108085e371d34d73 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_gu.dll
| MD5 | 951dfd4709b3fdbe79a6e43828387592 |
| SHA1 | 0c7bbf1852135456692970639869618fb616ba5e |
| SHA256 | 21c72dc48cd33291520e3f432d8d59ec103496ab6508f41fa1b081b3bdf98bb8 |
| SHA512 | b338c345db00135ceb3577a67bcbc36b37be742e39aa6a333bac93ba20ab1463df55a381be95c9e9effaed4daa0ce93203ff2994459f9a23813dc0afdff03e8d |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_gl.dll
| MD5 | be03945025cc2f68f8edd4e1ca3c32b7 |
| SHA1 | d4b1c83f6b72796377bfd3b42c55733eed8fc5e4 |
| SHA256 | aa95c108db3582a4be98fe83519aab3fed09c8cc9b326469edb89871d6562373 |
| SHA512 | a03656acfc123f06a071f0e326ce15bf17e2efe080fa276acd50cb40e35000d74a3d0762da327c59a7564bb3f03532bf04c733ae850852f62ce71fd513e9080a |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_gd.dll
| MD5 | 6de337fa9f131077042f7ce421a9fa42 |
| SHA1 | 25e21b64cdf60a1da2f940b3c873eefd680a5fc9 |
| SHA256 | 263e07308785bd7e510eda95499ab3d3d66942f0bfd0a5722258e2a87b5d0a90 |
| SHA512 | e747fc105c4ede0d4f73492e3757975a9410499caf867bc149cd43bdbf1be03d3df82fe04c7cf99e3ad6ee06fb5011fc5b069bd502c2f3b3e578f587d0362e3d |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_ga.dll
| MD5 | f7b123f6dd6c8d8832a8bb8b7831e42c |
| SHA1 | 7e9524b79036568b2b4446ee00c76460fb791c6d |
| SHA256 | 119b9e288832f2a4d47d63b693bb195a72f27e9c0aa014b2c3ccd5d185f7afc7 |
| SHA512 | 6bd457d1e3f943a4ca5a1d36907fe526a4f2965a8411280a2988ef1d264203af0797365c1306e7ce103cabec2ead17d194f20848b4c665e986705c3ed6e291c9 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_fr-CA.dll
| MD5 | 8e1793233c6e05eeaf4fe3b0f0a4f67c |
| SHA1 | 97697fe9ba6b3cb5cfe87bb94587c724ed879c3b |
| SHA256 | b9caaa668b71964316ee15e6e49f8ae81e5ed167fdb69fc31bc6df834ab4e7a5 |
| SHA512 | 3d2fbf5e05e7b9e21c85ad7f59db9556046e4c1755f0b138d6de38eeadd3480e772e35798f9339aa7daffbf92afbc385f9c0bb4e4f5c65292dff3b280f52bd6f |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_fr.dll
| MD5 | 5e63ac4b5abe6c84f305898a0f9ba0bb |
| SHA1 | e70baf6f175c297a9b491272ce8f131ba781553c |
| SHA256 | 711b5968d2116d7e97aa5852ec864db35d3c186f341fb024cd1ef4525256131a |
| SHA512 | c383e4df4337bf9a66f684dabd2faa95cb49abb424c76d0603f91af7b7260be5b2877246da293d5df83fdb59d291d63a7d73303c34682a50ea84a8fcd7d6e874 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_fil.dll
| MD5 | 6b2319c3634103272f39fc71d7f95426 |
| SHA1 | a1d692a68c5cbb70d29a197ec32c9529c15a0473 |
| SHA256 | 28c610ba7f8332be050c30e296acaee423bc0a7a9cacc7b3d60618e284ff9cfa |
| SHA512 | 51738dd14b410c689ed56530ac555824c773bcb163f4dbaddc86e684e04c1f06271001f0b2bef7d6231f17231b2e3e35f9aba2974c48eff6d1a8ab877e5a6031 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_fi.dll
| MD5 | a9b037f7bc8f5b382bf6c69b993dbeb1 |
| SHA1 | 7beb733f3561ac3083a3dfca3b7644c5154e1330 |
| SHA256 | b498d1b38a81199b62a98a0e36aa9e955e1c0143436908538314089c0e59d128 |
| SHA512 | a63c1e1a4d8d2e5043e0cdc420d1c545b0adbcdaa1a65f09454d47cc9642c1ffcb16e76454e90c75fd88f29917024b11418a606acbd560a98b79cd8631186332 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_fa.dll
| MD5 | c4cb44ee190c5aa8dd7749659437e5cc |
| SHA1 | 667f4aa01a4262fff2e01838f94330c0ebc285a2 |
| SHA256 | dc184d54d00d51d2f8de623c0c4b07e9408f7b02e1f1085107edaf14dcbee136 |
| SHA512 | 0330d733e89811c4a89deb202ec517de3128ad266483f37bd8d91eb6e45336febf7297da4f3465c683ed1b6e08114d6a3f52ff74484276509b9816ae7dccbb10 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_eu.dll
| MD5 | c0da1ad8854f64b7988d70c9db199d5f |
| SHA1 | b184335283bf0026615f2a4a120fda87961c774b |
| SHA256 | 73190820d59e5bfe769b82ada48b0c9ed353524bd5cab303f5175d7d9bbb74ee |
| SHA512 | 424ef2d0ceaba76b64c3349ec1ff5088cb8aff9103fb38da238c80e6452a967f3dca09860b2b8fe9c01e20bebadc539960a5bc241a91bab98bfedf29c2f777ea |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_et.dll
| MD5 | 111118683f6e8ed7ceb11166378aebb0 |
| SHA1 | fd3e1cf198885ab5d9082d540d58f983d8a0f5ff |
| SHA256 | 5cc4930c50716138e25987baacb9a9aed7d30ff5c0ac927e35f7fc006f5179c4 |
| SHA512 | cc3480f05d8d59d3d705204e15ff6453a6d9c77bdb1011d069bb1f83b3d4e14204f19caa7e7ecbb6e3ed92d429ac46940791903440fbfeca2f7e7e12b9a47f6c |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_es-419.dll
| MD5 | dc8fcfbcd75867bae9dc28246afc9597 |
| SHA1 | 8fd9361636303543044b2918811dbdab8c55866c |
| SHA256 | 3deb382ffdfbd2d96ff344ec4339f13703074f533241f98f0ccd8d3f8c98f4bd |
| SHA512 | ac8fbf033677a6862f3d02cf93bf1838c24f006b40fd44336ae13ecc2287ae4c733cc3d601e39556586131e8a9e2d930814399ac68165a26458a6cbf51b11d32 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_es.dll
| MD5 | 9c0ef804e605832ba0728540b73558a7 |
| SHA1 | a305f6b43a3226120d3010ca8c77441f6a769131 |
| SHA256 | 626835e07c1fc4ab670127682f3e5225881a2d4ddea873c5271e9032668fa641 |
| SHA512 | c27a4b24600bdd33a4f9430e8d4d8f7f3718efcaf2d1ec36023e34b996817af79b5a9baeea1506f97d2716c9b2b5509bbc1bf4d7cab779554eebadaa8c942dfe |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_en-GB.dll
| MD5 | fe685e8edec8a3b3c16e7954b787e118 |
| SHA1 | ac71544158bf86d357d78d003f5ff2b4b5fd4ef3 |
| SHA256 | 4b60ce6e3c8f725ad8e88cd0d0a3f0155a7145915670a532fe1143fb2dfbf49e |
| SHA512 | e30d12a607d1c6fd2060ab38f443af680f8c8655900b0a21f3f0b488033f9300915667bdfa59ff4fd3488f58ac52c7f5598ff5078bf849bd177d1d8c10533f04 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_cy.dll
| MD5 | 1146f59b139b9d810996a1bae978f214 |
| SHA1 | cc9d54e6e3ce1efc4ef851eba35222547b996937 |
| SHA256 | 7b5ce6c7fa03e69a93694fa59c61be88b3eb8cd8951790f3bdd7cba2d99e6b83 |
| SHA512 | 0c94943646b0a08662eda2d236b7c88ecec0745faff5b9c6097f68e73a20059f8d2de47a9c00e58c6d2083331a34a0fa19b0964f3c62a6b8cfa02bc1e283e75a |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_cs.dll
| MD5 | 8b49a989a56d4a5aabd0a03f179ed92e |
| SHA1 | ca2f84217c867eb853830e95c7717ce35bd997f9 |
| SHA256 | 849e23c2f53d06462bd0f38e9d7c98e9389486f526a90c461c04c0aa1db7b7be |
| SHA512 | f4861ab9200db234550cd2e355ce200b7746c614e9c326287c0509d152f29d41d7a056e4fd27e3150cb433cd0234c4ae1cbc0c3a8b5892ecb3e8d4632a985aa7 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_ca-Es-VALENCIA.dll
| MD5 | 2e9132ee071ca5653baf90b9b1ea382e |
| SHA1 | 8a0c1e5a0df6432c50539d68caf697b8adaf1556 |
| SHA256 | adf6e6542f1422c431ef92a209886224fbb53b5c67e68ac070d5c8a4c6ee569a |
| SHA512 | 0b021758117109e4414c7ef37356106a96b68536ade8d3f1d1fb3dfce7c1132ab6fe02f7292ed225c09814a9c57124f731fd35069d220760678eab565f320976 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_ca.dll
| MD5 | 917c18cfa84c8b8e83d8321f03be093b |
| SHA1 | c0a4a743f4059183724fc8c26e84b5a80bb2f7f0 |
| SHA256 | 6c56355b232c3bd35f397f99648c020733ea2d57db1cd4beafffcd962b896ae4 |
| SHA512 | 03359c6104e9f0cb2d66b6f1bf5598b2bb00d9e7a62fbd0c5475ca67b5194e96c2e6053a2a1c22323ba0002c614caab0477597fd34b57dd1f5acdb19f70c0854 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_bs.dll
| MD5 | 9f4c9469ef1930ec3ca02ea3b305e963 |
| SHA1 | e588ffdf150b55bb4ba38e2aaf175aaf6e1826d0 |
| SHA256 | fef14de38a4501cf538c89ca2d1ec389031124f69df9090df94fb4461e54ad58 |
| SHA512 | c166189ad76cb395a2aeea724f2088f42dd4d361518856166fb92b3335b8fc670e99eb7b1c4c9ac2c872c8283826cc2c88009bd975e690efbcc3d99289557e96 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_bn-IN.dll
| MD5 | afa21b2feee2831c5478e113ed814b76 |
| SHA1 | 9e883c990a31b8cd0ed2f80f732f404386cc55d9 |
| SHA256 | 183bcae9e143b78d04c2ed83ab6cac8cbd82f1d2bcf7bbb2506886a3925ac556 |
| SHA512 | 294838c67f6d87fc3b4975c73d24e1c38173c8ad4a14c215945e9910ddc306e9deb0168f38661c85b5c77929fcbf56093f632a35c1b39181203fbd662d71f7f8 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_bn.dll
| MD5 | 8e0ff856270ca13f8c07825e39ae3613 |
| SHA1 | b351f8ae0cc13d97d201a268990b75fc9e6cd422 |
| SHA256 | 18cd8ed69df17e1bcb517285caa88c8a73e093984fecbea2587e7144a8812a73 |
| SHA512 | 25f3821c20aa222a28143951c9f370d3feceaf41e449f718640dce9af0e88e518bc40d2d02f5e64148d8909feedcfa6a8caf65a87ad12637a8bc13c848b1f178 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_el.dll
| MD5 | 3d22a75afd81e507e133fe2d97388f2e |
| SHA1 | f7f68cb6867d8c6386438d5a6e26539be493505b |
| SHA256 | 823fe6edc1fb0ebdfb8ebbaa2d36f6dc0424c8f26b6594a390ae0eaafd319ab0 |
| SHA512 | 34a62ebe8d057a6f6e6f6b2672ebb95d4d7c49e739f4beee4bbfb5e917b7176aba4d70b0e84bd727c967d0885c08264dfb42371fe0d3fe4f8f12dbb1e26ca69a |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_bg.dll
| MD5 | aeb3a05ce4eecdef3d23dbc0094fe21f |
| SHA1 | e2a5c49b4d0fddcad28649bd09d0cc7af4c0b2c8 |
| SHA256 | 6c874a312ae57b8b0deac8457a200fcfc90aceaaa252628701c92aa8b9a823e8 |
| SHA512 | 4a7fe6cf8300b394d7471d9a2d759ebed59690ce925270d6ceaa4e14ee06f01b67f8219559e9ec917477f4c5aae03329ae2c6e231f3fd41c645d02d26b29f367 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_ar.dll
| MD5 | 3374d9bc4467dbdeaf50bbd5a26edcfa |
| SHA1 | 6d7bd73ad27148bad7488959d7ebea22b6805436 |
| SHA256 | 5c8a8755cc0b1213fb0d5b57e10a53702f2091479d3c058d0c756134e548c685 |
| SHA512 | c0c02e54d7e0060b6ffa5bedf8d79cf4b40f77711680d2161b5186c5a8a10e521169dfa7ab6b8e4816c98e4aefd136f209a40c78104cb618c21105e095537719 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_am.dll
| MD5 | ccdf8ae84e25f2df4df2c9dd61b94461 |
| SHA1 | 64cd90b95a17d9ecf2a44afc0d83730b263ba5fe |
| SHA256 | 816c64b37e4c42cd418d05bc34a64e9c4acb4ce08b2a18ac5484374ca7b76e76 |
| SHA512 | 242a8a93326d3a5ea1fd367ef6cc2b343f08f4ff68d88d91044d0ad7fce490f47524a6e57940991ff0893a590459e96c588944f2b115cee703413ca594046f7f |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\EdgeUpdate.dat
| MD5 | 369bbc37cff290adb8963dc5e518b9b8 |
| SHA1 | de0ef569f7ef55032e4b18d3a03542cc2bbac191 |
| SHA256 | 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3 |
| SHA512 | 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1 |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\NOTICE.TXT
| MD5 | 6dd5bf0743f2366a0bdd37e302783bcd |
| SHA1 | e5ff6e044c40c02b1fc78304804fe1f993fed2e6 |
| SHA256 | 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5 |
| SHA512 | f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\msedgeupdateres_as.dll
| MD5 | 87e596d8f0ac9fbe2d3176665eeb68f3 |
| SHA1 | 1c9364d55b4844cd250504abe30dcff9792ee576 |
| SHA256 | c39669e004facfb0c500788747a4427fe26dcdb50ae695562e6e417f4eb190cd |
| SHA512 | ef3708632e19332ddf460e081f8444ff8b4ec483c6b3e57f386df66d5f62d222b1d3f9f3728928701a6e48720133133c43619858853585a7d70b7bd5d8cf847e |
C:\Program Files (x86)\Microsoft\Temp\EU8F80.tmp\MicrosoftEdgeComRegisterShellARM64.exe
| MD5 | 3a6b04122205ec351f8fbef3e20f65c4 |
| SHA1 | ba2e989a1f1963652405b632f5020e972da76a8c |
| SHA256 | 7ba65317643fbc0d03195bdeeba318732823a91ef27f62483d5fc0ed3fea4912 |
| SHA512 | 2a0dbc91e79c42bf934ce7ab41ff6ed900322706bb71ffa1f3ade4ad85e0e1de2fa31540e1f1e0e979ad749c84343563ebe341585965f2f3a62debd6b4ab0cb0 |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | f428f9ede27e43c246ae769879cffad2 |
| SHA1 | f3bc3e7d6a42e8b1245337982fa1321c5d53714a |
| SHA256 | 3785e513b265f40ad21a254e9fcbb40c5fad805e74fc39ab58acf510dfb25a21 |
| SHA512 | 1c71651d4e6381a71e42c0431415f91a630c521b77dc296724da05ccf0f95da78b46d0396db6c6f095a8d021e057b6ef4ba64d4a0f8ef9e120b96c53f950a79c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b9eba1bd1bb46700138191f40bbee100 |
| SHA1 | 7471735cd1af2accb40e930d471eba01844477fd |
| SHA256 | 66496776fe62c602095a9f7a8e1d79e5d305620b1ca6218188670d1d0ad17df0 |
| SHA512 | a7ac34a2e7208561efd286b927b00867103a65021651cd8fbb2c52f45e42691b7b7d0759e4d5abe7d00795a2a49092709c664f03a663685e2f7cd62e0509b362 |
memory/4800-767-0x0000000000B70000-0x0000000000BA5000-memory.dmp
memory/4800-768-0x0000000074DD0000-0x0000000074FF5000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c664dc4c0ee8b4c2f2919564d5a2840e |
| SHA1 | 9cf6b396d074eefdd5f284922f7289070fa86c87 |
| SHA256 | fcdf6e936eb95b417b5c698d7bfb104205ade48066388b73c3086f0cc27aef26 |
| SHA512 | aaa64835dc883717ee57c90a5639b12741655139da8a634991d3329d6648e214a98935c775855daef261777d74e324984ac2240f17d97114f9cd100ac5788e4c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\20beb42b-cd5f-462d-a2f0-e592110194c9.tmp
| MD5 | cfe07aa963b1734952e628981e36baf6 |
| SHA1 | 01898b6e1ee3172ad3db0edecdd46a56e3cc2226 |
| SHA256 | 7044bc9e86d215c952fa1ae2c93478cc75c2c57cffc039672b018ad6a44c19bf |
| SHA512 | 421d3961d9ab3be73d31cced53afb637fea8365d9820b25356938fb2729f492e5c64fe241bd5790ddc1ea7865644f345c5969fd35a11fe3ef53977ae1485b7cc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 5915ba4385fe2c807b808436bbba9a69 |
| SHA1 | 2cb6affd6aae1f32090995a259c05f431f6246b9 |
| SHA256 | a66d1cdcf98f90189870712d20600248ead530f9b954be5d255ffc162c77c972 |
| SHA512 | fe6164b04cf2963c275c52235124e5aa28cda490c4ed476c5d3f13943a32543ab7d680106c6bf0fd1f8fa20885334e99a54a39417a268385c9ee7a7a34905be6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ac4fb33f2e4060839c9f043c69e5b0b8 |
| SHA1 | 4d2db7b5b98787d4a0483fb4b273d2b0053e21a1 |
| SHA256 | d2b9385c667088637129c7508eb21a848f5833e1e196fd2eba54300192a76380 |
| SHA512 | 2e63cbedf0d9a04ff081cf12471a64a777145ed56b095c10d265d652fa723c52064fef0dba7995b72e78c089559e2dd991b35fd9a06f4c4ead7a82bff9b69cd9 |
memory/4800-937-0x0000000074DD0000-0x0000000074FF5000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d7043ae18c70ea754009b7e8a64bd261 |
| SHA1 | 1044285ab170169e77346bcbf8861f4c6e518721 |
| SHA256 | 8efe7544ec3002a7037c752a2f5fb94b8a6ec6bb7b2fcf04396aa89f077f2fbe |
| SHA512 | 99537c73021f6f55ecef79bc7ab7d09161dc9a70fe9a053e944e1334c42ad90167b03fe9c231988b1b78d51cd8514ea2396cb716e8983dc61cd191d5ec567937 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013
| MD5 | 87c2b09a983584b04a63f3ff44064d64 |
| SHA1 | 8796d5ef1ad1196309ef582cecef3ab95db27043 |
| SHA256 | d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0 |
| SHA512 | df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016
| MD5 | 9083b41eca7d1f9b2c67c2984adffaaf |
| SHA1 | 6a92163d6e40a07efe4134bfb0063af94e4e99d2 |
| SHA256 | 53845215a835f1de97e4f5f9c953646c90e3b0592b9395fe219d670ea56b20e8 |
| SHA512 | 5cc193ff9f00993cd354de6ec7109f8aa73ef9145d20562104ce44c444ff7e442067dc23ae4eebb06e733c23271afe565464db7dc85f0f9b4abccd2534c36fcf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015
| MD5 | 06063460b8504e78c660d9ee11685f14 |
| SHA1 | 7b2bbb4f2e9a07e1b0598ebbc532ad99a58032e4 |
| SHA256 | c25818b8631997c59a97e86f903a4b080f1568a94a44c4fc871d74c41712cde7 |
| SHA512 | 1cb6605848655aac403c71330445837f0b24c2055aa721e0a3b93208bec61a97895d3dd458763de6b85995b26a2a5a8cb6393cd763b2938e74cf3e5d683a2c8e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e34d0fa23f6618b1_0
| MD5 | dfff4e99a9173a2b3582d40f8504ea48 |
| SHA1 | 055935214e1d67af2f9eb8173da68d930de78678 |
| SHA256 | d5590967102aa8124b52b03977d0e0274c5cfff70c623f7ec007e18cd8018ecf |
| SHA512 | 03f373b4620a5262b03da0ef5eb85d8e527cc947ec97103d746285883a7cc0818089121c6ac4f1fc2c356220af5000b066abcab5ef229029e7673c46a5b97b83 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 28549ed8c545d5ce256f1cf75d60e3e9 |
| SHA1 | 049a40bc110e8dcc7602d48e4d68144375239e02 |
| SHA256 | 7e27256893c8e783d0ef26b973794aa56d3127249d33230015c0587f95724f16 |
| SHA512 | 5add242ba644e8f47005a42d857f5c09ed8bc2fa12fbf36592da73ee1adabd4638d3da955632d6e1ad5ce63c75b52642b1271d282311180004164a6ec49039e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 0f356aa2aa4b0603236b071990134bb9 |
| SHA1 | 0a6c83833ca5aec3ca4778daf9cd20000ac89130 |
| SHA256 | 4ba8ad1781e2357e9deaf3228ab791941b3f7d78d2010f569f37a28488a91295 |
| SHA512 | cc5d0ffaddd3010136c6ca447f7e0fe837b41a95949b66a4b46514ac2802f7104bb8012c5c6cf06338dec177c76c83c44add483ce353044ed6ec20c82542233a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d78ea67a74fd4ecadd11edb120aee9a7 |
| SHA1 | ca06c1f2a8d62c8d24402eed94ce490298737e73 |
| SHA256 | f8f7345e26e079176b8d35a07311b4acf6a2c3b8c328070f7460b49c0ba14849 |
| SHA512 | 91d8944e62c5378a04e6e0a9ae13da48886f435a112c2db0beb963841d8ef8518ba448f6178f78f50648f2dddc6be7a67f76adb41a8f1860b60c5ad3752e8865 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4dff82039337e5266ad00d4b316d7aca |
| SHA1 | 08ee6c911181d0dbcb4ad188658dbe08937a7521 |
| SHA256 | 510e85beb1e23b7e2e9c6fdb3e5821dda3209418a8756630fbd998e36fe17612 |
| SHA512 | e36ec8aa0e85a950b0e8b876a1ecbeeb2be1fe570465750569f531a5a8ade3f6d28ec2869f05341c5ec75e03ae2390588fbc6aafc4b427f7f4535015d11e687e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000066
| MD5 | c86e1b32988ffbc37474c5ea5457a62e |
| SHA1 | 3b337c4d43ff0b4ff79f9bbcecff8143839c6cfe |
| SHA256 | d94398ba2ed0b438809ec4203c64c002b4a0d960fbd34ab144b78fe7a49323fd |
| SHA512 | 58ac67c26bca36a29799d49ed95980a15b1e279282e425ce13620cbe93a8cff74e1c520b896f8e9545a6b7eb8266394547949d88ad96bcf2a879da65521e7f16 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\022c27b968c04880_0
| MD5 | 011cf13e39ba0c7363117c99ab52c20d |
| SHA1 | f8db79a500e635e582c8fd62595ee2305cfdc19f |
| SHA256 | 0ae7cba3b7c43410325d98563ecd8a0c802ed5a667735149d4976f2aab9cd8cd |
| SHA512 | bd9a2b3774951dc22a93be7480dac5f0e739d1d4b342457654f74437810f9e1f645483df5ce5e7c841d68fc6ed47e087617caff7fb7adfcfb8d74a8dd287918b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d5b39ba0c2fcb1c8_0
| MD5 | ca0d087200320ddc563d97d3ef29bd89 |
| SHA1 | 050bc041b530de00e2ebc6a9fd3c012dcd9c5b37 |
| SHA256 | 049f3e5a417b5a051f5959b1388f70e8dca8aad9cee4ece12bf71c3d0dbfa456 |
| SHA512 | 6403ee329e5f9a57de3645464327b3a48ee007e940aed49099cee8056dd26bbeacde79348bb98da6486fa7171cae3dc774b58c279a8ed99dbaeccaa125e63b3c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000068
| MD5 | 6fb26b39d8dcf2f09ef8aebb8a5ffe23 |
| SHA1 | 578cac24c947a6d24bc05a6aa305756dd70e9ac3 |
| SHA256 | 774379647c0a6db04a0c2662be757a730c20f13b4c03fe0b12d43c0f09e7a059 |
| SHA512 | c40f4771c10add1b20efb81ee3b61fc5ede4701587f29a1c2cdde8b6faabd1c76d769bf8b99aa19082012f95d99ba448a472463fb9056acd2e43542e14e605cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 076f2b67d7935920cf64845307d85906 |
| SHA1 | d5f9af1d497df2be7e57cc68a01611d5eab1ce15 |
| SHA256 | d20e277f9a4009b947d6c5f3627793fae5c1c230f8f864f237ee186464aec30b |
| SHA512 | fd2cfcfeead9fab99f5332fa7142be00927298063cde25c68deac6d6570073106ee3779d7662493830a11bc99ebbaf269504cebaa7d42c288fef1158feb8e858 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | dbe84ab429396553b87b283d1fa76f21 |
| SHA1 | 1fc073d46819a91983c28964c94dcff1fad463b5 |
| SHA256 | 4079fa96b4f0d9aad10f616fbd1275841037a33a580c648967b6508c5b399b8c |
| SHA512 | 222e22beb289a278a2483955418b50314790f7e688db98b267f05a1ea82f22395285f410b38674568b4a3ab75a1d12d887d236c91e1ab00b23a035ef2f5804e5 |
C:\Program Files\MsEdgeCrashpad\settings.dat
| MD5 | f5691b3c7fb48f143db81764197122fd |
| SHA1 | 3e66a6a9a6048ec7bce758254a36262ec34517cb |
| SHA256 | 53cc8fa97b42e3a3250e05d5e850e326406bbcc9bef0288ec5bdc3795c459f7b |
| SHA512 | 935b4e589bcf493b63a58b4d848ce2872006cd196437d8561c9d095a2f8f02b8a25a149044b1f636d61f0feaeb0b47bf3799a5826791e3863f2f48636b1d5cee |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f61703e6e224606abf280647d2653c52 |
| SHA1 | 4e6ddf32782e9097dfa528b68d4765cf456a21df |
| SHA256 | d13276da8b3a28f2dfb8e60f73618520c7b7033452a44d4598a8ffd656d10908 |
| SHA512 | bd80039b33a220fc3d1c801a6471a3111ee7c737305364ef4b173b52bcc5ed565565894cd6f9dff5180865acbec87a39b63c7c66fc7062fbeb2a95febe46b692 |
C:\Program Files (x86)\Microsoft\EdgeCore\128.0.2739.79\Installer\setup.exe
| MD5 | 337bec799cf5a4312866be547387e091 |
| SHA1 | 763f4f372b7920365e8e850680b24594d4e3c45d |
| SHA256 | d4d15e2686afd133e9870c4a8e98ab041e9db746dbab5a14373098a8e5b28281 |
| SHA512 | cdee342bf56c499e5516d9799c35fc3fd1c833de6863225b961d6d5058625f36ee93fb770f7ea1d604a829e8145caea4ddd178be34d8adf9d9853be41888e365 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | eff9599519734fa0af6c75c75798621a |
| SHA1 | 4100276ff5a2189567911f21dcb34dc45661f5f0 |
| SHA256 | f70eb25a1a1a87ed294eae5a82f7232448828b78b2f366997d87dda2c4e1d0da |
| SHA512 | b28579e4e404be3fb49e378dd9b88ed4fc8ab7fa95b2acf0c4a5cff1bd24bc3f29b55bcd4b8e51a8b7c0d0f9af65e5879256107cef71a05d22040cc8f281aac0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000079
| MD5 | c594a826934b9505d591d0f7a7df80b7 |
| SHA1 | c04b8637e686f71f3fc46a29a86346ba9b04ae18 |
| SHA256 | e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610 |
| SHA512 | 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 874318e3c14af1c3a0972b0aa172bf60 |
| SHA1 | bdffd0c7d3b08dedb67862321e5eecf93e92aac7 |
| SHA256 | 0c73442fa4c2bbe52e3e6aee7e97bef5a93d194ef0ea54e0960e77abfb9c9fdc |
| SHA512 | e031ae110e2a03e4fb2466e0cf3551ffa8451d58419585fd3ee26fa9e6dfd7554da0dccb58b97ee2ad81f4874f8deba9fb672f85a3a7847ebb9b1e0bca98afe1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 934f627b1df2b53058e1188ca1c1030b |
| SHA1 | edda9e2048eedb493dbce444c15147679b772377 |
| SHA256 | b101c49a9846e3db39479cdef66481b2733a3a402d778ceccc1f0cc249f3f888 |
| SHA512 | 49dddecac11acf61d116366e788bc599125b072bc6dfcfac8098ea324687017f87132adc0c5a7ada29c18dc473848ff2850939e499def6366cbd90ef82e1abc8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 045c6e8dc0f5e240fc1cf77645f61220 |
| SHA1 | 84833fce5ac749debd98a3fc42b695c363a7a22f |
| SHA256 | ce623df9d973ecdab106258ddab6416e1f4e6722f1d3ea8f16eff391597b91cd |
| SHA512 | 1fe6b740bfa3fc49fdaeb83cd961703980817dd02bb1f44a208a51e78da6b832b4a2fea272f0c1ee20bd307ebc39a79fab0de2795bc83300b92c87a21cda6ffd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7eb8ed3c18079213673cd5f40287a2be |
| SHA1 | e6f68facdc04e85294f396d56767b02085c5cd66 |
| SHA256 | 7315a0d9f832cd256f99d4a483f3f24900e9113f9c65b303b6e6064c86dbfec3 |
| SHA512 | 36ca8ac4405006513291350f0264e58e555b81d9199f7da396801dd2f5300299044152a55315f651a6aa389263c14f78851cc94445b585bcf0420e04f4ad59e9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 50fe58b98ae0324c96ef89520da8f8f6 |
| SHA1 | c9263a727b94bdd9b545d7fd52b7c324415144ee |
| SHA256 | dee9bab60ba7dd5411141b006c836b8a500517359ce35d5403d3f631d3845341 |
| SHA512 | 962fbee87808818792a472d0f8a4bdb1f38ec57fb7c44679e2276c463e97404fa5462d012aa9f578d5ec0764dd7995ff4facd899e4cb222ea18aff2bce89f6d2 |
memory/4800-1702-0x0000000000B70000-0x0000000000BA5000-memory.dmp
C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView\Crashpad\settings.dat
| MD5 | c9f3016cb828ca20ce2e92babc20aeab |
| SHA1 | fc91d4f8153b7a46ebff48e65340733ca26422f8 |
| SHA256 | 15fafcc14c5165fdac1c67c49a83acf6a02de8188c226424f5be0abf28504489 |
| SHA512 | 3b92b89f22628880a1403f294ade529c57f9156b985a6939e82e4f87a6d8d9ffc69bb0076fbc61a3a06443048fe23a1e04d7135fa031e9a9c2178f8c0902d034 |
C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView\Local State
| MD5 | a0ddf148a8c54d2704022ebbb4de11aa |
| SHA1 | d6566c313884bde42f5a93bce1c921623e8deacd |
| SHA256 | a662b9a4fe57456d3164176d638f8fa41ea6eaaf94017c36182df726577782b0 |
| SHA512 | 32515cfbed9d69fb28979d1999ec58c4d87592ea5dbecfdcc70112cc3df588db076b574099d4015e20eafe0b25b525de4f47a40db2d4edf74af8892752451b11 |
C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView\Default\Extension Scripts\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView\Default\Extension Rules\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView\Local State
| MD5 | cc8a5ebaa7bb0a01f4db019536f18deb |
| SHA1 | da79a0e8ca06f55242b4b6eacc4f63db5018e7e9 |
| SHA256 | 621795f0abffa1b8545cccd6cfbb476248f6ecd1b868f7e91c3c41e5a75d6e77 |
| SHA512 | c36045b7b0d934442c9a24d20f27359d07a39bdc8af0d90f5269fb417bff90ad37d08491de7b8cdeee8e67ab21b7c3d8d932e0a602eacac0b8835d8c3b890550 |
memory/6952-1731-0x00007FF896DA0000-0x00007FF896DA1000-memory.dmp
C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView\Local State
| MD5 | 5dd8a11356ab2a955b7c7fc34b68e0df |
| SHA1 | e20f6872af118ce02af3d2ff34d0f343a18c3832 |
| SHA256 | 5fcea38ed09891273cb25abdda0d4d41726efaf8daa5b409c3f38415a5d853ac |
| SHA512 | 0eb4d4dc7f95db5a62aed4a6bbeba69f3a40f941d1ef5418aea8e3156c6dee18b3adb93057e33c8b72ebf0b607d0d6319ef140e8be8ea3866b41be7bc4fb2efa |
C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView\Local State~RFe5c4d4d.TMP
| MD5 | 239b744610f2891b14d5aebe1a997989 |
| SHA1 | 83749aed1ef8defa16a501cea56e01f1647e3501 |
| SHA256 | c69214b2bc7b1e42045f2b1e509c45fb190df9b07aeb558971b360966311cc82 |
| SHA512 | fcb6976693560a679d7ed5a101ab02e248352a0b603150db11faa5fb18cde3d35884f2787ad75f9b2c1ac8b72ea3f3a396638aa736f7f1e12b46dffe35c984b4 |
memory/4440-1807-0x00007FF897170000-0x00007FF897171000-memory.dmp
memory/4812-1815-0x00007FF896DA0000-0x00007FF896DA1000-memory.dmp
memory/4440-1806-0x00007FF898560000-0x00007FF898561000-memory.dmp
C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView\GrShaderCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView\GrShaderCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView\GrShaderCache\data_1
| MD5 | d0d388f3865d0523e451d6ba0be34cc4 |
| SHA1 | 8571c6a52aacc2747c048e3419e5657b74612995 |
| SHA256 | 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b |
| SHA512 | 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17 |
C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView\GrShaderCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
memory/6192-1862-0x000002062B490000-0x000002062B4B2000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_2h1knpdm.xw3.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d03a38bfd148a10ba53a47f28f39fa95 |
| SHA1 | 8f9db39dacaaf602b35f4aab13c9f4fddccbe67b |
| SHA256 | 3df6aaa831721d67a6e4228116d629b262fbe64bd4b4e751511a904fb0322958 |
| SHA512 | 36e947f5a18dddb8b43a42b1235e0373d7853d2ff1a381df5670c8c7f4ce805651c7697cbebe3daea4ec0ba53429d2be703e614037746ba5a77414ca6c86791c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7433e5dac362b68d11d3b18942cef492 |
| SHA1 | af35d4bbda7fd41cd8a1ef50c68924203ad41906 |
| SHA256 | ef6be775fa5e4d1c8c20d35fc1aad3c48f836578310a8464762db41c44dccaf9 |
| SHA512 | f6a3c250ff16a71bea72e5935a9eba462db261deb5cf5850837f98ed449ead8ee0f865bba8d315c3dac18a9bc5413070f9eaad3e420bfbbbae3f0da6f65782f7 |
C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView\Local State
| MD5 | c15438bda3e0704b7da02a46b635cf3a |
| SHA1 | e2b59a6b4452c4928662b58eda2c7c84a63bb1e0 |
| SHA256 | 542e294efc8cb33c5bb95994346668b33ccad15a838032c47561a7d718224547 |
| SHA512 | bf9dd8c747c240196327d0084a7aa081002cd65efddac2448ab33068859f487c722225498a3e80ccb8e2c389e303c0e80bccca4dc33ce4419d08c7683c640e47 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5e1d99777411df08bc870e44d7ed1899 |
| SHA1 | 232ba732bc1766edd180209ea2b7a55f65f414e7 |
| SHA256 | dbf934698a8c584418df65fddc1982d7d83d9e897086add8b097868ee3cc72c1 |
| SHA512 | cddd0ffd2cd2953dec643e1d8546a7a5381d404684b083e4851424526594a1240b330c1c5d3cf8096b88eb4c40d579f128ccb84e18aee590230bc79c25806d18 |
C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView\Default\Code Cache\js\index-dir\the-real-index
| MD5 | cf478493cf721a4afe852bf2fc4646a8 |
| SHA1 | dba496e340b7424b37e43a119a1b3a15949ec724 |
| SHA256 | a749ab28fac3e8fb812492552814752f6125d0629de2763f8a83bb65a0a4f7c2 |
| SHA512 | b2fd4025962a30dd9e4ecbd1e65711e686c7772aefd4eeba2b7661916790ccf4fc47a53f92c21b3183ac5c725c63d583701b25f4c713ef6d9d28676313aaf85c |
C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4dbb5d52945a19000ed996bf56fd1ad7 |
| SHA1 | 0a7320d49b86d1a9be04a6b077ca31ae16747305 |
| SHA256 | 788b0b3ee124b9cca83071d9ffa1a4c2e4dc9e600154923d6c1f17f5616fc238 |
| SHA512 | dfe6aee7739814d4af18fc6e4a6caddd527d62029d5dfb34a37432779f95cb317fd17c7a729cb7e123ab1059b09b22064e017895a96197b5a3e3eccd7369aa90 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b049e5e8aacf619cc17f484ec4aa83e5 |
| SHA1 | 39c6b05022774f173377c44b12c880ae0aab1fec |
| SHA256 | 8a3a61c9c4b3ef441e314330466126319a44145e7e268edc46a1ae0cd2f17d8c |
| SHA512 | 6aa1d7b51223ff35494b6f590b4856c6a290b71466776118c9f6654a21bf357ad07122620305311cb8c89a1400c227bb015303142a592ca2af98d9ee92008aac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 948376779640782bbb97d6136b2286fc |
| SHA1 | b7beb63c0d2ed85e999586929ebdd7397b583aac |
| SHA256 | e0fbab069e3abe951b9a6064fd2246f6eabd88c7c2404d759b5a3083a31218ac |
| SHA512 | 01b34b55dc970d9c0574b2ce55a8a343fd6c07e8a1bde0e208a740093119799cde450429d22079498d5abcd9e196a64d8d6e48e03fbba332f680c87c294b45e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 32417d5d8d64f018952b259d3e9e1be0 |
| SHA1 | e39eff15e341e7f0d7fbe6de66c6e8eaa72de71f |
| SHA256 | e9ffed02a3fd2f2dff804f04d6929d16d8b391b8a943c04e4702bb6f0f7683c2 |
| SHA512 | 5b4376124ef51eee75f6d9d790fa0f52bb2a07e2af2036407e2d9b308a64bd8043eecb9cf3a97630dac1a8d4ae30ac776bf2dba4aea419c77c225389da8c7f7e |
C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView\Default\2a15cfa8-9825-491a-8a5d-78930e20b6a0.tmp
| MD5 | 106aa41996e969b0b3ceb00d00e36c85 |
| SHA1 | f822db59a2236780615a892d1c8d0e1fcdc3d83c |
| SHA256 | 4d47bed3aadf79ee20c3f36dde5bc07b9eca87b1c14770813ab8f7a39162e492 |
| SHA512 | 3f394d8d7bea4015165352c2d691515c2bd02dac5329df43d9f4d4a0244859f8e0fa604ce7866d3039fe5e2a50127922ed6b110773f1055ef7aa89e70ef5f818 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | b1a6952d0ef62f37ef68cd049d993c43 |
| SHA1 | e58ac3f8ff427b696f782ae7f529885760cfb1cc |
| SHA256 | 5fa28e5e7ab2f87331431f48ad3f42fcab45e053a6cac8a55ca3465591694730 |
| SHA512 | 58bbadd749ff32963e42fa3fe7195e3ced1b7ba923d4cb6f62dd798fa0130f815dae9fcda6fb6896eeddfe23915c7acdb80c26e7a946998f3a041a705ef17252 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 789fa3401fd9803294fc2cce78cb9cd5 |
| SHA1 | 819b1d3ab7f99bba91973a4280d4f75472a32fa0 |
| SHA256 | 575ad6cbded645a62129bc3580065c275e0ee266d75374a66dc226a98b36d651 |
| SHA512 | c953f322a23e0baf1c1dad1d85ede24fcbd959b81fd688b671e97a465cb3c9fbd9b1488601605847a9b35e4ef1228fb78a61d178bc1ba868e4576a04af348113 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dcaf902046a68f0bf29abca9695a7d6e |
| SHA1 | fc80c449e0c6659c45a79fc4c330c65a095bf1a9 |
| SHA256 | d21ce86879d6349d71aec9a67cc877d471b279ed0088fcb0b0565a81dbc11ef2 |
| SHA512 | 0798df8a8db704970ee880255ac8ad9b956092e62d67f03f62b4e6dd70cd3719ef0fe7d6cdb6f8fdcd2e70d0ca39932bbda0f1757da15295190ed4311db2794b |
memory/6952-2121-0x000001B13E2B0000-0x000001B13E2E0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9751cd0435ce91425483d27563d428c7 |
| SHA1 | 65e419724f6e7ac0a8bf331cb56cdcf09a798fa1 |
| SHA256 | b1de5d479ad2f5075720a82426bfb00e635e5394131064a64529e6c2355fb661 |
| SHA512 | d5d3d735a14aed44688022c9ebd8fd92899206c2ae97c62fff49ea11544dcda497a876f7fecb78add9f2517881cc8bd1312ccc2fcf6ee46ce453eed7ae1d06f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b406c69b537db3d9657e00f1aeb87ac1 |
| SHA1 | 096170b4149e6c0925f6aa714ba1fdc253bb5329 |
| SHA256 | 45f2d8fd0f7086e98579059963a5f1b1719cba4a48b100e2e5566dfb1e0189a8 |
| SHA512 | a0fb6b437b1d34ca29e3ceaba169f9b9e80eda76512f4a3cf805a6f106e7b1e2a7738cda80b54177e59cf77a77452d71136948fc39025198a2cbf8e695f23b28 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d6e55016ecb072f6cb2085a0b7871897 |
| SHA1 | a73fb740e3eeb97c273de8b0dce025bc2e2e8185 |
| SHA256 | 0897e5cfe89e1f5593430359aee43edf4f55d457987f60977ae42132f9c0e5b7 |
| SHA512 | d71935b291fa0bbbeef28bb744c842141e313adb8d8ee5fa05230da7c83ec502f487b946d002e56681cd033c4ee3573c7adf4a59405d156268254dffd437b02e |
C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView\Local State
| MD5 | 100c5528fbf5f1b7c7289c5b9209eb3f |
| SHA1 | 1ce4455a5a12aa7e3ec679b3d43e509bac70cd3e |
| SHA256 | 726217fb16d61d6d4bd3104d9217231f02aab64d8e705f8203dff2c9a48ff6d3 |
| SHA512 | 37283a2b07871ddf7d1948069fed9d72f2eb8597446322a081b8761f06efef6ca68bba062520108850b0fb3fa5fc2fdd63a912a9817643bca6f35b21533128ca |
memory/6056-2277-0x0000000000AC0000-0x0000000000B3E000-memory.dmp
memory/6056-2279-0x00000000033D0000-0x00000000037D0000-memory.dmp
memory/6056-2280-0x00000000033D0000-0x00000000037D0000-memory.dmp
memory/6056-2281-0x00007FF898BD0000-0x00007FF898DC5000-memory.dmp
memory/6056-2283-0x00000000757A0000-0x00000000759B5000-memory.dmp
memory/5484-2284-0x00000000003A0000-0x00000000003A9000-memory.dmp
memory/6056-2285-0x0000000000AC0000-0x0000000000B3E000-memory.dmp
memory/5484-2287-0x00000000024C0000-0x00000000028C0000-memory.dmp
memory/5484-2290-0x00000000757A0000-0x00000000759B5000-memory.dmp
memory/5484-2288-0x00007FF898BD0000-0x00007FF898DC5000-memory.dmp
C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView\Default\Network\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Roaming\myproject.exe\EBWebView\Default\Network\Network Persistent State~RFe5d70be.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d5db6c1727e1a93933996a0b3d6db6b9 |
| SHA1 | 44c1203623ca74f4901659917d894d1bd691187b |
| SHA256 | fdc6216d17664eea62f585ca9cb1e2b4e7faa13151477705296880ed93547201 |
| SHA512 | 585c718c58e03a6d6f04ef3a51e7a463337bae3359116705f80841f13868dd7be470032888f66e0dfe2aff495a8510961b79eb8a02095e15455e4c94e9cdd404 |