Analysis Overview
SHA256
f85ba2e1604219d15c2b7816312f0c530411416cf3789fcc0ab73d7ee6dce36a
Threat Level: Likely malicious
The file LDPlayer9_ru_1552109_ld.exe was found to be: Likely malicious.
Malicious Activity Summary
Possible privilege escalation attempt
Creates new service(s)
Manipulates Digital Signatures
Modifies file permissions
Checks for any installed AV software in registry
Downloads MZ/PE file
Drops Chrome extension
Event Triggered Execution: Component Object Model Hijacking
Checks computer location settings
Loads dropped DLL
Checks installed software on the system
Drops file in Program Files directory
Launches sc.exe
Drops file in Windows directory
Executes dropped EXE
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Browser Information Discovery
Reads user/profile data of web browsers
Suspicious use of WriteProcessMemory
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SetWindowsHookEx
Kills process with taskkill
Modifies registry class
Modifies Internet Explorer settings
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: LoadsDriver
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: AddClipboardFormatListener
Runs net.exe
Checks processor information in registry
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
Suspicious behavior: EnumeratesProcesses
Modifies data under HKEY_USERS
Modifies system certificate store
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-10-09 10:42
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-09 10:42
Reported
2024-10-09 11:12
Platform
win7-20240903-en
Max time kernel
1558s
Max time network
1559s
Command Line
Signatures
Checks for any installed AV software in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\AVG\AV | C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\AVG\AV | C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\AVAST Software\Avast | C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\AVAST Software\Avast | C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe | N/A |
Downloads MZ/PE file
Checks installed software on the system
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe | N/A |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6\Blob = 19000000010000001000000044ba5fd9039fc9b56fd8aadccd597ca6030000000100000014000000317a2ad07f2b335ef5a1c34e4b57e8b7d8f1fca61d00000001000000100000005959ddbc9c7632ba0a05f06316846fe6140000000100000014000000a848b4242fc6ea24a0d78e3cb93c5c78d79833e4090000000100000016000000301406082b0601050507030406082b060105050703010b000000010000002e00000053007400610072006600690065006c006400200054006500630068006e006f006c006f006700690065007300000053000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00f000000010000001400000007eeabaf80a9ef4ae1b2cb9b4b5fc70d0428e6a92000000001000000eb020000308202e730820250020101300d06092a864886f70d01010505003081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d301e170d3939303632363030313935345a170d3139303632363030313935345a3081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100ce3a71cae5abc8599255d7abd8740ef9eed9f655475965470e0555dceb98363c5c535dd330cf38ecbd4189ed254209246b0a5eb37cdd522d4ce6d4d67d5a59a965d449132d244d1c506fb5c185543bfe71e4d35c42f980e0911a0a5b393667f33f557c1b3fb45f647334e3b412bf8764f8da12ff3727c1b343bbef7b6e2e69f70203010001300d06092a864886f70d0101050500038181003b7f506f6f509499496238381f4bf8a5c83ea78281f62bc7e8c5cee83a1082cb18008e4dbda8587fa17900b5bbe98daf41d90f34ee218119a0324928f4c48e56d55233fd50d57e996c03e4c94cfccb6cab66b34a218ce5b50c323e10b2cc6ca1dc9a984c025bf3ceb99ea5720e4ab73f3ce61668f8beed744cbc5bd5621f43dd | C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6\Blob = 040000000100000010000000a923759bba49366e31c2dbf2e766ba870f000000010000001400000007eeabaf80a9ef4ae1b2cb9b4b5fc70d0428e6a953000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00b000000010000002e00000053007400610072006600690065006c006400200054006500630068006e006f006c006f0067006900650073000000090000000100000016000000301406082b0601050507030406082b06010505070301140000000100000014000000a848b4242fc6ea24a0d78e3cb93c5c78d79833e41d00000001000000100000005959ddbc9c7632ba0a05f06316846fe6030000000100000014000000317a2ad07f2b335ef5a1c34e4b57e8b7d8f1fca619000000010000001000000044ba5fd9039fc9b56fd8aadccd597ca62000000001000000eb020000308202e730820250020101300d06092a864886f70d01010505003081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d301e170d3939303632363030313935345a170d3139303632363030313935345a3081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100ce3a71cae5abc8599255d7abd8740ef9eed9f655475965470e0555dceb98363c5c535dd330cf38ecbd4189ed254209246b0a5eb37cdd522d4ce6d4d67d5a59a965d449132d244d1c506fb5c185543bfe71e4d35c42f980e0911a0a5b393667f33f557c1b3fb45f647334e3b412bf8764f8da12ff3727c1b343bbef7b6e2e69f70203010001300d06092a864886f70d0101050500038181003b7f506f6f509499496238381f4bf8a5c83ea78281f62bc7e8c5cee83a1082cb18008e4dbda8587fa17900b5bbe98daf41d90f34ee218119a0324928f4c48e56d55233fd50d57e996c03e4c94cfccb6cab66b34a218ce5b50c323e10b2cc6ca1dc9a984c025bf3ceb99ea5720e4ab73f3ce61668f8beed744cbc5bd5621f43dd | C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A | C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 0f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e6500b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f007200690074007900000053000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c009000000010000002a000000302806082b0601050507030106082b0601050507030206082b0601050507030406082b06010505070303140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e71d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a2000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794 | C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 190000000100000010000000fd960962ac6938e0d4b0769aa1a64e26030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a1d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e709000000010000002a000000302806082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030353000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f00720069007400790000000f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e6502000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794 | C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 040000000100000010000000324a4bbbc863699bbe749ac6dd1d46240f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e6500b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f007200690074007900000053000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c009000000010000002a000000302806082b0601050507030106082b0601050507030206082b0601050507030406082b06010505070303140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e71d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a190000000100000010000000fd960962ac6938e0d4b0769aa1a64e262000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794 | C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6 | C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6\Blob = 0f000000010000001400000007eeabaf80a9ef4ae1b2cb9b4b5fc70d0428e6a953000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00b000000010000002e00000053007400610072006600690065006c006400200054006500630068006e006f006c006f0067006900650073000000090000000100000016000000301406082b0601050507030406082b06010505070301140000000100000014000000a848b4242fc6ea24a0d78e3cb93c5c78d79833e41d00000001000000100000005959ddbc9c7632ba0a05f06316846fe6030000000100000014000000317a2ad07f2b335ef5a1c34e4b57e8b7d8f1fca62000000001000000eb020000308202e730820250020101300d06092a864886f70d01010505003081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d301e170d3939303632363030313935345a170d3139303632363030313935345a3081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100ce3a71cae5abc8599255d7abd8740ef9eed9f655475965470e0555dceb98363c5c535dd330cf38ecbd4189ed254209246b0a5eb37cdd522d4ce6d4d67d5a59a965d449132d244d1c506fb5c185543bfe71e4d35c42f980e0911a0a5b393667f33f557c1b3fb45f647334e3b412bf8764f8da12ff3727c1b343bbef7b6e2e69f70203010001300d06092a864886f70d0101050500038181003b7f506f6f509499496238381f4bf8a5c83ea78281f62bc7e8c5cee83a1082cb18008e4dbda8587fa17900b5bbe98daf41d90f34ee218119a0324928f4c48e56d55233fd50d57e996c03e4c94cfccb6cab66b34a218ce5b50c323e10b2cc6ca1dc9a984c025bf3ceb99ea5720e4ab73f3ce61668f8beed744cbc5bd5621f43dd | C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe
"C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | res.ldrescdn.com | udp |
| US | 8.8.8.8:53 | dagswotxcmrj6.cloudfront.net | udp |
| CZ | 65.9.94.70:443 | dagswotxcmrj6.cloudfront.net | tcp |
| GB | 163.181.154.242:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.242:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | middledata.ldplayer.net | udp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| GB | 163.181.154.242:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | d1odpp2eg70dto.cloudfront.net | udp |
| GB | 3.162.19.58:443 | d1odpp2eg70dto.cloudfront.net | tcp |
| GB | 3.162.19.58:443 | d1odpp2eg70dto.cloudfront.net | tcp |
| GB | 3.162.19.58:443 | d1odpp2eg70dto.cloudfront.net | tcp |
| GB | 3.162.19.58:443 | d1odpp2eg70dto.cloudfront.net | tcp |
Files
\Users\Admin\AppData\Local\Temp\Setup\ds.dll
| MD5 | f45a92aba92be451667f7771edecdd32 |
| SHA1 | bb8496d04363a8ae818a9b3efc0fbcc1ba893f78 |
| SHA256 | 22e95eb59a7cb402fadc1783c7f3c613aa18ebd09480e30f4a6557df8d066b26 |
| SHA512 | a6d734db225021487df46b2f62fb7a71883e2aa8837eb0097082510d8f01b519842cd26700ce84f2e2fd9012cb396ea894123d31a0e3e22636ecb859f68010af |
memory/2700-11-0x0000000004F60000-0x0000000004FA0000-memory.dmp
memory/2700-12-0x0000000073C3E000-0x0000000073C3F000-memory.dmp
memory/2700-16-0x0000000003190000-0x00000000031A4000-memory.dmp
memory/2700-17-0x00000000743F0000-0x0000000074404000-memory.dmp
memory/2700-27-0x0000000004F60000-0x0000000004FA0000-memory.dmp
memory/2700-28-0x0000000073C3E000-0x0000000073C3F000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Cab3620.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar3642.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 32563f30bf43d42e928876fc38cc2b48 |
| SHA1 | fecbd50d26078299cba35eba5b1390869ca300ca |
| SHA256 | 72325b539947088b23a888c56b8226671a3dab92a8c56480278301894308cbf8 |
| SHA512 | 08387c6b06d71eb82c1ce0f26434a9e71ec31649a69b8b7d1f44a52fd5acf27d4cb3a24087880e199421445d912e95f0e18f293c30c24cc278ac846a7ec92842 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d69158579a90eea6f9c0728a330c721e |
| SHA1 | b435e0af3e1ebbcc56c7d9d9377f1b0e706b1f2d |
| SHA256 | e1298bc0c74c0d13937b5ee084c9a6979a699da931afe917e21e3342efa405cd |
| SHA512 | a814efe24521dd800bbf8d439382e000657353b487f4ca507d21bafa1cb26ecfa0866dd697f5b51253b5503c8311f94f025a79bc5c677e9c8b188aef643ef1d3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | af2b415ebdf7d58bd044de3d3d991b1f |
| SHA1 | d4d18870724fd807d8a8d1cce231a762920212db |
| SHA256 | b704eb58f439fc78647d1803d89e253d02da6ddd833a2a63094b787532ef2c3c |
| SHA512 | 071926fed849779fff69b09b864ca786b99b8052e70add3d7e00f09ac77b5328500e7e3a54ca266b640e5396dab3b33a75bad1aa102b764cecaa83dd00d8c77d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2c56d267fec98b857822ab3651bbfc5c |
| SHA1 | 8cc0885e08319af9dfaf95d9ed95b6d9c71eef0c |
| SHA256 | 363e9922aca686de27c726698cdf6b044ece9e7af2f0d501aba17cc91c756d9f |
| SHA512 | f55b0f6885039a4aaae691b2871b943432f2fa4aad673c6c463b0d21bf82ef59041caf605a7b856e439245c2cd1916458d9e16e39269cc4a6df8aece435181e2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | aff24d7382ebb35f502a95a16d78e216 |
| SHA1 | de6ccc2e583466699b1356f72bcdc0f384d92d76 |
| SHA256 | 185e6339ec232a58ea73cce84e156c1d753c819eaf7fa3082ba1314ba5baab2a |
| SHA512 | db7a5ff3d3c61bb1777b1f9ef2901a223418511bbf3d647fb8b6896d60d0e048b9a22e37cd6ed94f5e59f8af0baaa66da036d5dccbe53d1f6f4b2483d0f9f262 |
memory/2700-253-0x00000000029E0000-0x0000000002A24000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2024-10-09 10:42
Reported
2024-10-09 10:46
Platform
win10v2004-20241007-en
Max time kernel
241s
Max time network
242s
Command Line
Signatures
Creates new service(s)
Manipulates Digital Signatures
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.25\FuncName = "WVTAsn1SpcLinkEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function = "SoftpubAuthenticode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{C689AABA-8E78-11D0-8C47-00C04FC295EE}\FuncName = "CryptSIPVerifyIndirectData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.30\FuncName = "WVTAsn1SpcSigInfoEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.4.3\FuncName = "WVTAsn1SealingSignatureAttributeEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{DE351A42-8E59-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$Function = "SoftpubInitialize" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$Function = "DriverInitializePolicy" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.1\CallbackAllocFunction = "SoftpubLoadDefUsageCallData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2006\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.4\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{DE351A43-8E59-11D0-8C47-00C04FC295EE}\FuncName = "CryptSIPGetSignedDataMsg" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$Function = "SoftpubCheckCert" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.27\FuncName = "WVTAsn1SpcFinancialCriteriaInfoDecode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.4.3\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.4.2\FuncName = "WVTAsn1IntentToSealAttributeEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$Function = "SoftpubCheckCert" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2223\FuncName = "WVTAsn1CatMemberInfo2Encode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.1\DefaultId = "{573E31F8-AABA-11D0-8CCB-00C04FC295EE}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.2\CallbackAllocFunction = "SoftpubLoadDefUsageCallData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2004\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.20\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2002\FuncName = "WVTAsn1SpcFinancialCriteriaInfoDecode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2007\FuncName = "WVTAsn1SpcSpOpusInfoEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{DE351A42-8E59-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$Function = "SoftpubLoadMessage" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$Function = "SoftpubCleanup" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}\FuncName = "CryptSIPVerifyIndirectData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{189A3842-3041-11D1-85E1-00C04FC295EE}\$Function = "SoftpubDefCertInit" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$Function = "SoftpubAuthenticode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.2\CallbackFreeFunction = "SoftpubFreeDefUsageCallData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllCreateIndirectData\{DE351A43-8E59-11D0-8C47-00C04FC295EE}\FuncName = "CryptSIPCreateIndirectData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2222\FuncName = "WVTAsn1CatMemberInfoEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{189A3842-3041-11D1-85E1-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$Function = "SoftpubLoadSignature" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2130\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{189A3842-3041-11D1-85E1-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{DE351A42-8E59-11D0-8C47-00C04FC295EE}\FuncName = "CryptSIPGetSignedDataMsg" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{C689AABA-8E78-11D0-8C47-00C04FC295EE}\FuncName = "CryptSIPPutSignedDataMsg" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllFormatObject\1.3.6.1.5.5.7.3.4\Dll = "cryptdlg.dll" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2005\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2006\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{C689AABA-8E78-11D0-8C47-00C04FC295EE}\FuncName = "CryptSIPGetSignedDataMsg" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function = "SoftpubInitialize" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\DiagnosticPolicy\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$Function = "SoftpubDumpStructure" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2011\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "SoftpubCleanup" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}\FuncName = "CryptSIPPutSignedDataMsg" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.27\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
Possible privilege escalation attempt
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
Downloads MZ/PE file
Drops Chrome extension
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\8.1.0.5487_0\manifest.json | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Program Files\McAfee\WebAdvisor\UIHost.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Checks installed software on the system
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-overlay-ru-RU.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-shared-sv-SE.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-uninstall-nb-NO.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\telemetry\serializers\optionsdialog.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\MFW\packages\webadvisor\wa-controller-checklist.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-uninstall-da-DK.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\driver-PreW10\Ld9BoxSup.sys | C:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\tstInt.exe | C:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\api-ms-win-core-util-l1-1-0.dll | C:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\new-tab-res-toast-en-US.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\analyticstelemetry\events\pushnotification.luc | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-options-ja-JP.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-shared-pt-PT.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-ss-toast-variants-hr-HR.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\telemetry\serializers\survey.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\Temp1660042577\jslang\wa-res-shared-en-US.js | C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-oem-ss-toast-variants-pt-PT.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-checklist-sr-Latn-CS.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\MFW\packages_web_view\builtin\wa-ui-dialog.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-pscore-toast-pt-BR.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-shared-da-DK.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-sstoast-bing-cs-CZ.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-sstoast-de-DE.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\MFW\packages\builtin\mcafee-logo.png | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\MFW\packages\webadvisor\settings-icon-selected.png | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File opened for modification | C:\Program Files\McAfee\Webadvisor\Analytics\rules.js | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| File opened for modification | C:\Program Files\McAfee\Webadvisor\Analytics\sha256.js | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\analyticstelemetry\events\lowsearchusertargeting.luc | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File opened for modification | C:\Program Files\McAfee\Webadvisor\Analytics\engine.js | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| File opened for modification | C:\Program Files\McAfee\Webadvisor\Analytics\transport_template.js | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| File created | C:\Program Files\ldplayer9box\platforms\qoffscreen.dll | C:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-shared-fr-FR.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-sstoast-bing-hu-HU.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\MFW\packages\builtin\mcafee_pc_install_icon.png | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\USBUninstall.exe | C:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-sstoast-pps-it-IT.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-sstoast-pps-sk-SK.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-score-toast-da-DK.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\wa-ui-uninstall.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\api-ms-win-core-file-l1-2-0.dll | C:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\MFW\packages\builtin\logomark_white.png | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\MFW\packages_web_view\webadvisor\wa-options.css | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-sstoast-adblock-es-ES.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-uninstall-tr-TR.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File opened for modification | C:\Program Files\McAfee\Webadvisor\Analytics\mcutil.js | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| File created | C:\Program Files\ldplayer9box\x86\api-ms-win-crt-environment-l1-1-0.dll | C:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\x86\api-ms-win-crt-string-l1-1-0.dll | C:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\McAfee\Temp1660042577\browserplugin.cab | C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\MFW\packages\nps\clipboard.png | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-ext-install-toast-ja-JP.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File opened for modification | C:\Program Files\McAfee\Webadvisor\Analytics\transport_ai.js | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| File created | C:\Program Files\ldplayer9box\libcurl.dll | C:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\VBoxHostChannel.dll | C:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\McAfee\Temp1660042577\taskmanager.cab | C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\installer.exe | N/A |
| File created | C:\Program Files\McAfee\Temp1660042577\jslang\wa-res-shared-ja-JP.js | C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-checklist-es-ES.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-score-toast-hu-HU.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\x86\vccorlib140.dll | C:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\McAfee\Temp1660042577\jslang\wa-res-shared-fr-CA.js | C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\MFW\packages\builtin\wa_logo_upsell.png | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\MFW\packages_web_view\builtin\wa-ui-checklist.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-ss-toast-variants-da-DK.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-ss-toast-variants-nb-NO.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
| File created | C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-sstoast-bing-ja-JP.js | C:\Program Files\McAfee\Temp1660042577\installer.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Logs\DISM\dism.log | C:\Windows\SysWOW64\dism.exe | N/A |
| File opened for modification | C:\Windows\Logs\DISM\dism.log | C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\dismhost.exe | N/A |
Executes dropped EXE
Launches sc.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
Loads dropped DLL
Browser Information Discovery
Enumerates physical storage devices
Reads user/profile data of web browsers
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\LDPlayer\LDPlayer9\driverconfig.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\takeown.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\net1.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\dism.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\taskkill.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\LDPlayer\LDPlayer9\LDPlayer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\taskkill.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\taskkill.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\takeown.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\takeown.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\taskkill.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\net.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{7EDA7082-862B-11EF-AEE2-468C69F2ED48} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31136312" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\ldnews.exe = "11001" | C:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f02a1e56381adb01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\dnplayer.exe = "11001" | C:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "2" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\MINIE\TabBandWidth = "500" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\VersionManager | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "1396215429" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31136312" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000086445aa8a430244a91c2b800ab210a510000000002000000000010660000000100002000000098db6a2fa9ed8f5cd091ef4949820f8b0abf8a59a1734daee81f6c03edd600b0000000000e8000000002000020000000428b6964259d8c4b95d1c969c704855ba5005abce736b1af4637d146dfd35ad420000000ec145571a7c9b280be0a247720217b6dbe613048255bf93cab56cd83904f996d40000000c4e33c804238c57f79432d0ad50866151f68d445ba5a716b01d11acff26778a14e52c28dc30411e72c558cdd1771e1ab88e557250167a88a3d411e7cb2da61b4 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION | C:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLLowDateTime = "1251635200" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "1396225398" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 90932456381adb01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\MINIE | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000086445aa8a430244a91c2b800ab210a5100000000020000000000106600000001000020000000b77fd6fd841c5735195d8a5f9589d45acb7481f05d53ca9047f33e40e0368a05000000000e800000000200002000000044ad06eae21c234cef54c8b10572ac031b0850a5371747931340cc4c0236e5d920000000eacff3487079ca323a2e9529e085b7e98b277b6c6af6e528f6f1601e7b0489c740000000498e3f4fc545229a795bb5fbb4bc9eaaf1eebc22d27b226212502640f60ade0a2eb49acacadd0db60be0ec82f9661ac99523b30321f45216e69d633ceeb24ffb | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.19041.546\"hypervisor=\"No Hypervisor (No SLAT)\"" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\IESettingSync | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLHighDateTime = "50" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133729443183871724" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files\McAfee\WebAdvisor\updater.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-7708-444B-9EEF-C116CE423D39}\NumMethods | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-402E-022E-6180-C3944DE3F9C8}\NumMethods | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-7006-40D4-B339-472EE3801844}\ = "IGuestKeyboardEvent" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-4A75-437E-B0BB-7E7C90D0DF2A} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-C380-4510-BC7C-19314A7352F1}\NumMethods\ = "21" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-4521-44CC-DF95-186E4D057C83}\NumMethods | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-92C9-4A77-9D35-E058B39FE0B9}\ = "ICanShowWindowEvent" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-1EC0-4C0F-857F-FBE2A737A256}\NumMethods | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-8079-447A-A33E-47A69C7980DB} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-F7B7-4B05-900E-2A9253C00F51}\TypeLib\ = "{20191216-1750-46f0-936e-bd127d5bc264}" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-6E15-4F71-A6A5-94E707FAFBCC}\ProxyStubClsid32 | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{20191216-26c0-4fe1-bf6f-67f633265bba}\VersionIndependentProgID | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-93AF-42A7-7F13-79AD6EF1A18D}\ = "IRecordingScreenSettings" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-5FDC-4ABA-AFF5-6A39BBD7C38B}\NumMethods | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ldmnq.apk\Shell | C:\LDPlayer\LDPlayer9\LDPlayer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-48DF-438D-85EB-98FFD70D18C9}\NumMethods | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-D612-47D3-89D4-DB3992533948}\NumMethods | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{20191216-26c0-4fe1-bf6f-67f633265bba}\InprocServer32\ThreadingModel = "Free" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-71B2-4817-9A64-4ED12C17388E}\TypeLib | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-35F3-4F4D-B5BB-ED0ECEFD8538} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{20191216-1750-46F0-936E-BD127D5BC264}\1.3\0\win32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-9849-4F47-813E-24A75DC85615} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-E4B1-486A-8F2E-747AE346C3E9} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-e8b8-4838-b10c-45ba193734c1} | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-7F29-4AAE-A627-5A282C83092C}\TypeLib\Version = "1.3" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-1A29-4A19-92CF-02285773F3B5}\NumMethods | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-73A5-46CC-8227-93FE57D006A6}\ProxyStubClsid32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-81A9-4005-9D52-FC45A78BF3F5} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-7BDC-11E9-8BC2-8FFDB8B19219}\NumMethods\ = "39" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-7E67-4144-BF34-41C38E8B4CC7}\ProxyStubClsid32 | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-35F3-4F4D-B5BB-ED0ECEFD8538}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-F7B7-4B05-900E-2A9253C00F51}\TypeLib\Version = "1.3" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-e4b1-486a-8f2e-747ae346c3e9} | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-402E-022E-6180-C3944DE3F9C8} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-5637-472A-9736-72019EABD7DE} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-3188-4C8C-8756-1395E8CB691C}\ProxyStubClsid32 | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-6038-422C-B45E-6D4A0503D9F1}\NumMethods | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-3346-49D6-8F1C-41B0C4784FF2}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-BF98-47FB-AB2F-B5177533F493}\ = "IStorageController" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-26F1-4EDB-8DD2-6BDDD0912368} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\VirtualBox.VirtualBoxClient\CLSID | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-D545-44AA-8013-181B8C288554}\TypeLib\ = "{20191216-1750-46f0-936e-bd127d5bc264}" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-9641-4397-854A-040439D0114B}\NumMethods | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-6989-4002-80CF-3607F377D40C} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-48DF-438D-85EB-98FFD70D18C9}\TypeLib | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-58D9-43AE-8B03-C1FD7088EF15}\TypeLib\ = "{20191216-1750-46f0-936e-bd127d5bc264}" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-6679-422a-b629-51b06b0c6d93} | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-FEBE-4049-B476-1292A8E45B09}\NumMethods | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-4A75-437E-B0BB-7E7C90D0DF2A}\ProxyStubClsid32 | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-00C2-4484-0077-C057003D9C90}\NumMethods | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-0B79-4350-BDD9-A0376CD6E6E3} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-7006-40D4-B339-472EE3801844}\ProxyStubClsid32 | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-4A06-81FC-A916-78B2DA1FA0E5}\TypeLib\ = "{20191216-1750-46f0-936e-bd127d5bc264}" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-7966-481D-AB0B-D0ED73E28135}\ProxyStubClsid32 | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-C196-4D26-B8DB-4C8C389F1F82}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-E4B1-486A-8F2E-747AE346C3E9}\ProxyStubClsid32 | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-B7F1-4A5A-A4EF-A11DD9C2A458}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-486F-40DB-9150-DEEE3FD24189}\ProxyStubClsid32 | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-647D-45AC-8FE9-F49B3183BA37}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-61D9-4940-A084-E6BB29AF3D83}\NumMethods | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-D8ED-44CF-85AC-C83A26C95A4D}\ProxyStubClsid32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-394D-44D3-9EDB-AF2C4472C40A} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-CF37-453B-9289-3B0F521CAF27}\NumMethods | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-0547-448E-BC7C-94E9E173BF57}\NumMethods | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 0f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c0b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000006200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df8653000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c01400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b1d00000001000000100000005467b0adde8d858e30ee517b1a19ecd909000000010000000c000000300a06082b060105050703030300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b8200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 1900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b40300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b809000000010000000c000000300a06082b060105050703031d00000001000000100000005467b0adde8d858e30ee517b1a19ecd91400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b53000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c06200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df860b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000000f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 040000000100000010000000e94fb54871208c00df70f708ac47085b0f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c0b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000006200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df8653000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c01400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b1d00000001000000100000005467b0adde8d858e30ee517b1a19ecd909000000010000000c000000300a06082b060105050703030300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b81900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b4200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 5c0000000100000004000000001000001900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b40300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b809000000010000000c000000300a06082b060105050703031d00000001000000100000005467b0adde8d858e30ee517b1a19ecd91400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b53000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c06200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df860b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000000f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c040000000100000010000000e94fb54871208c00df70f708ac47085b200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D69B561148F01C77C54578C10926DF5B856976AD | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D69B561148F01C77C54578C10926DF5B856976AD\Blob = 040000000100000010000000c5dfb849ca051355ee2dba1ac33eb0280f00000001000000200000005229ba15b31b0c6f4cca89c2985177974327d1b689a3b935a0bd975532af22ab090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b06010505070308530000000100000040000000303e301f06092b06010401a032010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00b000000010000003000000047006c006f00620061006c005300690067006e00200052006f006f00740020004300410020002d002000520033000000620000000100000020000000cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b1400000001000000140000008ff04b7fa82e4524ae4d50fa639a8bdee2dd1bbc1d000000010000001000000001728e1ecf7a9d86fb3cec8948aba953030000000100000014000000d69b561148f01c77c54578c10926df5b856976ad190000000100000010000000d0fd3c9c380d7b65e26b9a3fedd39b8f2000000001000000630300003082035f30820247a003020102020b04000000000121585308a2300d06092a864886f70d01010b0500304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523331133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e301e170d3039303331383130303030305a170d3239303331383130303030305a304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523331133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e30820122300d06092a864886f70d01010105000382010f003082010a0282010100cc2576907906782216f5c083b684ca289efd057611c5ad8872fc460243c7b28a9d045f24cb2e4be1608246e152ab0c8147706cdd64d1ebf52ca30f823d0c2bae97d7b614861079bb3b1380778c08e149d26a622f1f5efa9668df892795389f06d73ec9cb26590d73deb0c8e9260e8315c6ef5b8bd20460ca49a628f6693bf6cbc82891e59d8a615737ac7414dc74e03aee722f2e9cfbd0bbbff53d00e10633e8822bae53a63a16738cdd410e203ac0b4a7a1e9b24f902e3260e957cbb904926868e538266075b29f77ff9114efae2049fcad401548d1023161195eb897efad77b7649a7abf5fc113ef9b62fb0d6ce0546916a903da6ee983937176c6698582170203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604148ff04b7fa82e4524ae4d50fa639a8bdee2dd1bbc300d06092a864886f70d01010b050003820101004b40dbc050aafec80ceff796544549bb96000941acb3138686280733ca6be674b9ba002daea40ad3f5f1f10f8abf73674a83c7447b78e0af6e6c6f03298e333945c38ee4b9576caafc1296ec53c62de4246cb99463fbdc536867563e83b8cf3521c3c968fecedac253aacc908ae9f05d468c95dd7a58281a2f1ddecd0037418fed446dd75328977ef367041e15d78a96b4d3de4c27a44c1b737376f41799c21f7a0ee32d08ad0a1c2cff3cab550e0f917e36ebc35749bee12e2d7c608bc3415113239dcef7326b9401a899e72c331f3a3b25d28640ce3b2c8678c9612f14baeedb556fdf84ee05094dbd28d872ced36250651eeb92978331d9b3b5ca47583f5f | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D69B561148F01C77C54578C10926DF5B856976AD\Blob = 5c000000010000000400000000080000190000000100000010000000d0fd3c9c380d7b65e26b9a3fedd39b8f030000000100000014000000d69b561148f01c77c54578c10926df5b856976ad1d000000010000001000000001728e1ecf7a9d86fb3cec8948aba9531400000001000000140000008ff04b7fa82e4524ae4d50fa639a8bdee2dd1bbc620000000100000020000000cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b0b000000010000003000000047006c006f00620061006c005300690067006e00200052006f006f00740020004300410020002d002000520033000000530000000100000040000000303e301f06092b06010401a032010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f00000001000000200000005229ba15b31b0c6f4cca89c2985177974327d1b689a3b935a0bd975532af22ab040000000100000010000000c5dfb849ca051355ee2dba1ac33eb0282000000001000000630300003082035f30820247a003020102020b04000000000121585308a2300d06092a864886f70d01010b0500304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523331133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e301e170d3039303331383130303030305a170d3239303331383130303030305a304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523331133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e30820122300d06092a864886f70d01010105000382010f003082010a0282010100cc2576907906782216f5c083b684ca289efd057611c5ad8872fc460243c7b28a9d045f24cb2e4be1608246e152ab0c8147706cdd64d1ebf52ca30f823d0c2bae97d7b614861079bb3b1380778c08e149d26a622f1f5efa9668df892795389f06d73ec9cb26590d73deb0c8e9260e8315c6ef5b8bd20460ca49a628f6693bf6cbc82891e59d8a615737ac7414dc74e03aee722f2e9cfbd0bbbff53d00e10633e8822bae53a63a16738cdd410e203ac0b4a7a1e9b24f902e3260e957cbb904926868e538266075b29f77ff9114efae2049fcad401548d1023161195eb897efad77b7649a7abf5fc113ef9b62fb0d6ce0546916a903da6ee983937176c6698582170203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604148ff04b7fa82e4524ae4d50fa639a8bdee2dd1bbc300d06092a864886f70d01010b050003820101004b40dbc050aafec80ceff796544549bb96000941acb3138686280733ca6be674b9ba002daea40ad3f5f1f10f8abf73674a83c7447b78e0af6e6c6f03298e333945c38ee4b9576caafc1296ec53c62de4246cb99463fbdc536867563e83b8cf3521c3c968fecedac253aacc908ae9f05d468c95dd7a58281a2f1ddecd0037418fed446dd75328977ef367041e15d78a96b4d3de4c27a44c1b737376f41799c21f7a0ee32d08ad0a1c2cff3cab550e0f917e36ebc35749bee12e2d7c608bc3415113239dcef7326b9401a899e72c331f3a3b25d28640ce3b2c8678c9612f14baeedb556fdf84ee05094dbd28d872ced36250651eeb92978331d9b3b5ca47583f5f | C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8 | C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe | N/A |
Runs net.exe
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| N/A | N/A | C:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe
"C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ru_1552109_ld.exe"
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k UnistackSvcGroup
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Music\DenyPush.mov"
C:\Windows\SysWOW64\taskkill.exe
"taskkill" /F /IM dnplayer.exe /T
C:\Windows\SysWOW64\taskkill.exe
"taskkill" /F /IM dnmultiplayer.exe /T
C:\Windows\SysWOW64\taskkill.exe
"taskkill" /F /IM dnmultiplayerex.exe /T
C:\Windows\SysWOW64\taskkill.exe
"taskkill" /F /IM bugreport.exe /T
C:\LDPlayer\LDPlayer9\LDPlayer.exe
"C:\LDPlayer\LDPlayer9\\LDPlayer.exe" -silence -downloader -openid=1552109 -language=ru -path="C:\LDPlayer\LDPlayer9\"
C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe
"C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe" /affid 91082 PaidDistribution=true CountryCode=GB
C:\LDPlayer\LDPlayer9\dnrepairer.exe
"C:\LDPlayer\LDPlayer9\dnrepairer.exe" listener=197298
C:\Windows\SysWOW64\net.exe
"net" start cryptsvc
C:\Windows\SysWOW64\net1.exe
C:\Windows\system32\net1 start cryptsvc
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" Softpub.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" Wintrust.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" Initpki.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" Initpki.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" dssenh.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" rsaenh.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" cryptdlg.dll /s
C:\Windows\SysWOW64\takeown.exe
"takeown" /f "C:\LDPlayer\LDPlayer9\vms" /r /d y
C:\Windows\SysWOW64\icacls.exe
"icacls" "C:\LDPlayer\LDPlayer9\vms" /grant everyone:F /t
C:\Windows\SysWOW64\takeown.exe
"takeown" /f "C:\LDPlayer\LDPlayer9\\system.vmdk"
C:\Windows\SysWOW64\icacls.exe
"icacls" "C:\LDPlayer\LDPlayer9\\system.vmdk" /grant everyone:F /t
C:\Windows\SysWOW64\dism.exe
C:\Windows\system32\dism.exe /Online /English /Get-Features
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\dismhost.exe
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\dismhost.exe {578F6AC8-9E52-4AC3-86CA-A430283AE328}
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" -nohome
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4948 CREDAT:17410 /prefetch:2
C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\installer.exe
"C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\\installer.exe" /setOem:Affid=91082 /s /thirdparty /upgrade
C:\Program Files\McAfee\Temp1660042577\installer.exe
"C:\Program Files\McAfee\Temp1660042577\installer.exe" /setOem:Affid=91082 /s /thirdparty /upgrade
C:\Windows\SYSTEM32\regsvr32.exe
regsvr32.exe /s "C:\Program Files\McAfee\WebAdvisor\win32\WSSDep.dll"
C:\Windows\SysWOW64\regsvr32.exe
/s "C:\Program Files\McAfee\WebAdvisor\win32\WSSDep.dll"
C:\Windows\SYSTEM32\regsvr32.exe
regsvr32.exe /s "C:\Program Files\McAfee\WebAdvisor\x64\WSSDep.dll"
C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
"C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe"
C:\Program Files\McAfee\WebAdvisor\UIHost.exe
"C:\Program Files\McAfee\WebAdvisor\UIHost.exe"
C:\Windows\SysWOW64\sc.exe
sc query HvHost
C:\Windows\SysWOW64\sc.exe
sc query vmms
C:\Windows\SysWOW64\sc.exe
sc query vmcompute
C:\Program Files\ldplayer9box\Ld9BoxSVC.exe
"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" /RegServer
C:\Windows\SYSTEM32\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\VBoxC.dll" /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\x86\VBoxClient-x86.dll" /s
C:\Windows\SYSTEM32\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\VBoxProxyStub.dll" /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\x86\VBoxProxyStub-x86.dll" /s
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc" create Ld9BoxSup binPath= "C:\Program Files\ldplayer9box\Ld9BoxSup.sys" type= kernel start= auto
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc" start Ld9BoxSup
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"powershell.exe" New-NetFirewallRule -DisplayName "Ld9BoxSup" -Direction Inbound -Program 'C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe' -RemoteAddress LocalSubnet -Action Allow
C:\Program Files\McAfee\WebAdvisor\updater.exe
"C:\Program Files\McAfee\WebAdvisor\updater.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c dir "C:\Program Files (x86)\McAfee Security Scan" 2>nul
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ff8956fcc40,0x7ff8956fcc4c,0x7ff8956fcc58
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"powershell.exe" New-NetFirewallRule -DisplayName "Ld9BoxNat" -Direction Inbound -Program 'C:\Program Files\ldplayer9box\VBoxNetNAT.exe' -RemoteAddress LocalSubnet -Action Allow
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1960,i,6411328159014560596,15347550481897885483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1940 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2088,i,6411328159014560596,15347550481897885483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2092 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2296,i,6411328159014560596,15347550481897885483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2308 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3100,i,6411328159014560596,15347550481897885483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3104 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3112,i,6411328159014560596,15347550481897885483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3236 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4476,i,6411328159014560596,15347550481897885483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4444 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4636,i,6411328159014560596,15347550481897885483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4616 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4388,i,6411328159014560596,15347550481897885483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4316 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4880,i,6411328159014560596,15347550481897885483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4376 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4888,i,6411328159014560596,15347550481897885483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5000 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5168,i,6411328159014560596,15347550481897885483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5184 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5340,i,6411328159014560596,15347550481897885483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5328 /prefetch:8
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c dir "C:\Program Files (x86)\McAfee Security Scan" 2>nul
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"powershell.exe" New-NetFirewallRule -DisplayName "dnplayer" -Direction Inbound -Program 'C:\LDPlayer\LDPlayer9\dnplayer.exe' -RemoteAddress LocalSubnet -Action Allow
C:\LDPlayer\LDPlayer9\driverconfig.exe
"C:\LDPlayer\LDPlayer9\driverconfig.exe"
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\takeown.exe
"takeown" /f C:\LDPlayer\ldmutiplayer\ /r /d y
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5344,i,6411328159014560596,15347550481897885483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5316 /prefetch:1
C:\Windows\SysWOW64\icacls.exe
"icacls" C:\LDPlayer\ldmutiplayer\ /grant everyone:F /t
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5212,i,6411328159014560596,15347550481897885483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5060 /prefetch:8
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5156,i,6411328159014560596,15347550481897885483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3096 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4608,i,6411328159014560596,15347550481897885483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5176 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5352,i,6411328159014560596,15347550481897885483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5452 /prefetch:8
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3148,i,6411328159014560596,15347550481897885483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5020 /prefetch:8
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x28c,0x290,0x294,0x268,0x23c,0x7ff63b4e4698,0x7ff63b4e46a4,0x7ff63b4e46b0
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://vk.com/ldplayer
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8919046f8,0x7ff891904708,0x7ff891904718
C:\LDPlayer\LDPlayer9\dnplayer.exe
"C:\LDPlayer\LDPlayer9\\dnplayer.exe"
C:\Windows\SysWOW64\sc.exe
sc query HvHost
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x49c 0x4a0
C:\Windows\SysWOW64\sc.exe
sc query vmms
C:\Windows\SysWOW64\sc.exe
sc query vmcompute
C:\Program Files\ldplayer9box\Ld9BoxSVC.exe
"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2368 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2668 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c dir "C:\Program Files (x86)\McAfee Security Scan" 2>nul
C:\Program Files\ldplayer9box\vbox-img.exe
"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "C:\LDPlayer\LDPlayer9\vms\..\system.vmdk" --uuid 20160302-bbbb-bbbb-0eee-bbbb00000000
C:\Program Files\ldplayer9box\vbox-img.exe
"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "C:\LDPlayer\LDPlayer9\vms\leidian0\data.vmdk" --uuid 20160302-cccc-cccc-0eee-000000000000
C:\Program Files\ldplayer9box\vbox-img.exe
"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "C:\LDPlayer\LDPlayer9\vms\leidian0\sdcard.vmdk" --uuid 20160302-dddd-dddd-0eee-000000000000
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-0eee-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-0eee-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-0eee-000000000000 --vrde config
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://ru.ldplayer.net/blog/how-to-update-the-graphics-driver.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xfc,0x10c,0x7ff8919046f8,0x7ff891904708,0x7ff891904718
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-0eee-000000000000 --vrde config
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4728 /prefetch:1
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-0eee-000000000000 --vrde config
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://ru.ldplayer.net/blog/how-to-enable-vt.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8919046f8,0x7ff891904708,0x7ff891904718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7420 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6752 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6456 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6456 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5452 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5852 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://ru.ldplayer.net/blog/how-to-enable-vt.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8919046f8,0x7ff891904708,0x7ff891904718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,7155963399322414054,11786682080138795731,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5916 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | res.ldrescdn.com | udp |
| US | 8.8.8.8:53 | dagswotxcmrj6.cloudfront.net | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| CZ | 65.9.94.22:443 | dagswotxcmrj6.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| GB | 163.181.154.242:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | 22.94.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 242.154.181.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | d1odpp2eg70dto.cloudfront.net | udp |
| US | 8.8.8.8:53 | 133.194.101.151.in-addr.arpa | udp |
| GB | 3.162.19.100:443 | d1odpp2eg70dto.cloudfront.net | tcp |
| GB | 163.181.154.242:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.19.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | middledata.ldplayer.net | udp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 97.136.219.8.in-addr.arpa | udp |
| GB | 3.162.19.100:443 | d1odpp2eg70dto.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 197.87.175.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | d1odpp2eg70dto.cloudfront.net | udp |
| GB | 3.162.19.100:443 | d1odpp2eg70dto.cloudfront.net | tcp |
| US | 8.8.8.8:53 | analytics.apis.mcafee.com | udp |
| US | 52.26.104.76:443 | analytics.apis.mcafee.com | tcp |
| US | 8.8.8.8:53 | 76.104.26.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apiru.ldmnq.com | udp |
| CZ | 65.9.95.14:443 | apiru.ldmnq.com | tcp |
| US | 8.8.8.8:53 | 14.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.94.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sadownload.mcafee.com | udp |
| GB | 2.19.117.71:443 | sadownload.mcafee.com | tcp |
| US | 8.8.8.8:53 | middledata.ldplayer.net | udp |
| SG | 8.219.4.49:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 71.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.89.9.65.in-addr.arpa | udp |
| CZ | 65.9.95.14:443 | apiru.ldmnq.com | tcp |
| US | 8.8.8.8:53 | 49.4.219.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.2.101.151.in-addr.arpa | udp |
| GB | 2.19.117.71:443 | sadownload.mcafee.com | tcp |
| US | 8.8.8.8:53 | home.mcafee.com | udp |
| GB | 104.124.169.75:443 | home.mcafee.com | tcp |
| US | 8.8.8.8:53 | 75.169.124.104.in-addr.arpa | udp |
| US | 52.26.104.76:443 | analytics.apis.mcafee.com | tcp |
| SG | 8.219.4.49:443 | middledata.ldplayer.net | tcp |
| US | 52.26.104.76:443 | analytics.apis.mcafee.com | tcp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.200.46:80 | clients2.google.com | tcp |
| GB | 142.250.200.46:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 216.58.204.65:443 | clients2.googleusercontent.com | tcp |
| GB | 142.250.200.46:443 | clients2.google.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 65.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 216.58.201.110:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sadownload.mcafee.com | udp |
| GB | 2.19.117.71:443 | sadownload.mcafee.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| SG | 8.219.4.49:443 | middledata.ldplayer.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.19.199.152.in-addr.arpa | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | middledata.ldplayer.net | udp |
| SG | 8.219.48.146:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 146.48.219.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apien.ldplayer.net | udp |
| US | 8.8.8.8:53 | res.ldrescdn.com | udp |
| SG | 8.219.48.146:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | ad.ldplayer.net | udp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| CZ | 65.9.95.22:443 | apien.ldplayer.net | tcp |
| CZ | 65.9.95.93:443 | ad.ldplayer.net | tcp |
| US | 8.8.8.8:53 | ocsp.r2m03.amazontrust.com | udp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | vk.com | udp |
| RU | 87.240.129.133:443 | vk.com | tcp |
| RU | 87.240.129.133:443 | vk.com | tcp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | 241.154.181.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.129.240.87.in-addr.arpa | udp |
| CZ | 65.9.98.16:80 | ocsp.r2m03.amazontrust.com | tcp |
| US | 8.8.8.8:53 | res.ldplayer.net | udp |
| GB | 79.133.176.235:443 | res.ldplayer.net | tcp |
| US | 8.8.8.8:53 | login.vk.com | udp |
| RU | 95.213.56.1:443 | login.vk.com | tcp |
| US | 8.8.8.8:53 | api.vk.com | udp |
| US | 8.8.8.8:53 | ru.ldplayer.net | udp |
| RU | 87.240.190.75:443 | api.vk.com | tcp |
| GB | 163.181.154.240:443 | ru.ldplayer.net | tcp |
| GB | 163.181.154.240:443 | ru.ldplayer.net | tcp |
| US | 8.8.8.8:53 | st6-23.vk.com | udp |
| NL | 95.142.206.3:443 | st6-23.vk.com | tcp |
| NL | 95.142.206.3:443 | st6-23.vk.com | tcp |
| NL | 95.142.206.3:443 | st6-23.vk.com | tcp |
| US | 8.8.8.8:53 | cdn.ldplayer.net | udp |
| US | 8.8.8.8:53 | cmp.setupcmp.com | udp |
| US | 104.26.4.6:443 | cmp.setupcmp.com | tcp |
| GB | 163.181.154.241:443 | ru.ldplayer.net | tcp |
| GB | 79.133.176.186:443 | cdn.ldplayer.net | tcp |
| SG | 8.219.48.146:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 16.98.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.56.213.95.in-addr.arpa | udp |
| GB | 163.181.154.241:443 | ru.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 235.176.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.190.240.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.154.181.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.206.142.95.in-addr.arpa | udp |
| GB | 163.181.154.241:443 | ru.ldplayer.net | tcp |
| US | 8.8.8.8:53 | encdn.ldmnq.com | udp |
| GB | 163.181.154.239:443 | encdn.ldmnq.com | tcp |
| GB | 163.181.154.241:443 | encdn.ldmnq.com | tcp |
| US | 8.8.8.8:53 | yandex.ru | udp |
| RU | 77.88.44.55:443 | yandex.ru | tcp |
| US | 8.8.8.8:53 | encdn.ldmnq.com | udp |
| US | 8.8.8.8:53 | res.ldrescdn.com | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | encdn00.ldmnq.com | udp |
| US | 104.26.4.6:443 | cmp.setupcmp.com | tcp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| GB | 142.250.200.46:443 | fundingchoicesmessages.google.com | tcp |
| CZ | 65.9.95.4:443 | encdn00.ldmnq.com | tcp |
| CZ | 65.9.95.4:443 | encdn00.ldmnq.com | tcp |
| GB | 163.181.154.240:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | stpd.cloud | udp |
| SG | 8.219.48.146:443 | middledata.ldplayer.net | tcp |
| US | 104.18.30.49:443 | stpd.cloud | tcp |
| RU | 95.213.56.1:443 | login.vk.com | tcp |
| GB | 163.181.154.238:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.238:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.238:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.238:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.238:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.238:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | 6.4.26.104.in-addr.arpa | udp |
| GB | 142.250.200.46:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 239.154.181.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.44.88.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.176.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | avatars.mds.yandex.net | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| RU | 93.158.134.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | ads.adfox.ru | udp |
| RU | 87.250.247.183:443 | avatars.mds.yandex.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 77.88.21.179:443 | ads.adfox.ru | tcp |
| RU | 87.240.129.133:443 | vk.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.178.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | encdn01.ldmnq.com | udp |
| US | 8.8.8.8:53 | encdn09.ldmnq.com | udp |
| US | 8.8.8.8:53 | encdn03.ldmnq.com | udp |
| CZ | 65.9.95.56:443 | encdn03.ldmnq.com | tcp |
| CZ | 65.9.95.56:443 | encdn03.ldmnq.com | tcp |
| CZ | 65.9.95.72:443 | encdn01.ldmnq.com | tcp |
| CZ | 65.9.95.72:443 | encdn01.ldmnq.com | tcp |
| CZ | 65.9.95.72:443 | encdn01.ldmnq.com | tcp |
| CZ | 65.9.95.72:443 | encdn01.ldmnq.com | tcp |
| CZ | 65.9.95.63:443 | encdn09.ldmnq.com | tcp |
| CZ | 65.9.95.63:443 | encdn09.ldmnq.com | tcp |
| US | 8.8.8.8:53 | 49.30.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.154.181.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.134.158.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.247.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.131.154.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 179.21.88.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | apiru.ldplayer.net | udp |
| US | 8.8.8.8:53 | usersdk.ldmnq.com | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| CZ | 65.9.95.85:443 | apiru.ldplayer.net | tcp |
| GB | 172.217.169.66:443 | www.googletagservices.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | udp |
| SG | 8.222.254.73:443 | usersdk.ldmnq.com | tcp |
| SG | 8.222.254.73:443 | usersdk.ldmnq.com | tcp |
| US | 8.8.8.8:53 | 63.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 66.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.200.38:443 | static.doubleclick.net | tcp |
| GB | 142.250.187.193:443 | yt3.ggpht.com | tcp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 172.217.169.2:443 | securepubads.g.doubleclick.net | tcp |
| GB | 172.217.169.2:443 | securepubads.g.doubleclick.net | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | 73.254.222.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| BE | 64.233.184.84:443 | accounts.google.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | apiru.ldmnq.com | udp |
| CZ | 65.9.95.108:80 | apiru.ldmnq.com | tcp |
| US | 8.8.8.8:53 | tagan.adlightning.com | udp |
| CZ | 65.9.95.22:443 | tagan.adlightning.com | tcp |
| CZ | 65.9.95.108:443 | apiru.ldmnq.com | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| BE | 64.233.184.84:443 | accounts.google.com | udp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| CZ | 65.9.98.75:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 84.184.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.98.9.65.in-addr.arpa | udp |
| NL | 95.142.206.3:443 | st6-23.vk.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| CZ | 65.9.95.29:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | prod.us-east-1.cxm-bcn.publisher-services.amazon.dev | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| GB | 104.78.175.230:443 | secure.cdn.fastclick.net | tcp |
| GB | 104.78.175.230:443 | secure.cdn.fastclick.net | tcp |
| US | 3.220.160.220:443 | prod.us-east-1.cxm-bcn.publisher-services.amazon.dev | tcp |
| US | 3.220.160.220:443 | prod.us-east-1.cxm-bcn.publisher-services.amazon.dev | tcp |
| US | 172.67.36.110:443 | cdn.hadronid.net | tcp |
| CZ | 65.9.95.74:443 | tags.crwdcntrl.net | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| CZ | 65.9.9.197:443 | aax.amazon-adsystem.com | tcp |
| CZ | 65.9.9.197:443 | aax.amazon-adsystem.com | tcp |
| CZ | 65.9.9.197:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 104.22.4.69:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| CZ | 65.9.95.84:80 | crt.rootg2.amazontrust.com | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| DE | 162.19.138.83:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | prebid-stag.setupad.net | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | adx.adform.net | udp |
| US | 8.8.8.8:53 | prebid-eu.creativecdn.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | proc.ad.cpe.dotomi.com | udp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| NL | 185.184.8.90:443 | prebid-eu.creativecdn.com | tcp |
| NL | 185.184.8.90:443 | prebid-eu.creativecdn.com | tcp |
| NL | 185.184.8.90:443 | prebid-eu.creativecdn.com | tcp |
| DK | 37.157.6.233:443 | adx.adform.net | tcp |
| DK | 37.157.6.233:443 | adx.adform.net | tcp |
| DK | 37.157.6.233:443 | adx.adform.net | tcp |
| US | 172.67.68.162:443 | prebid-stag.setupad.net | tcp |
| US | 172.67.68.162:443 | prebid-stag.setupad.net | tcp |
| US | 172.67.68.162:443 | prebid-stag.setupad.net | tcp |
| US | 172.67.68.162:443 | prebid-stag.setupad.net | tcp |
| US | 172.67.68.162:443 | prebid-stag.setupad.net | tcp |
| US | 172.67.68.162:443 | prebid-stag.setupad.net | tcp |
| NL | 89.149.193.80:443 | prg.smartadserver.com | tcp |
| NL | 89.149.193.80:443 | prg.smartadserver.com | tcp |
| NL | 89.149.193.80:443 | prg.smartadserver.com | tcp |
| FR | 163.5.194.35:443 | prebid.a-mo.net | tcp |
| FR | 163.5.194.35:443 | prebid.a-mo.net | tcp |
| FR | 163.5.194.35:443 | prebid.a-mo.net | tcp |
| NL | 89.207.16.146:443 | proc.ad.cpe.dotomi.com | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 104.22.4.69:443 | a.ad.gt | tcp |
| DE | 141.95.98.64:443 | lb.eu-1-id5-sync.com | tcp |
| IE | 54.76.113.237:443 | bcp.crwdcntrl.net | tcp |
| IE | 54.76.113.237:443 | bcp.crwdcntrl.net | tcp |
| IE | 54.76.113.237:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 29.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.175.78.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.9.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 220.160.220.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.4.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.253.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.68.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.36.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | 84.95.9.65.in-addr.arpa | udp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 34.98.64.218:443 | u.openx.net | tcp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| US | 34.98.64.218:443 | u.openx.net | udp |
| DK | 37.157.5.133:443 | cm.adform.net | tcp |
| US | 8.8.8.8:53 | e52888b7677bbe361589ccda894f2064.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| GB | 172.217.169.2:443 | securepubads.g.doubleclick.net | udp |
| NL | 89.149.192.196:443 | ssbsync-global.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 1d3746f5a3c1f6102c22c176e63b5c96.safeframe.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 80.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.98.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.113.76.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.5.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.192.149.89.in-addr.arpa | udp |
| CZ | 65.9.95.108:443 | apiru.ldmnq.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | setupad-tagan.adlightning.com | udp |
| US | 8.8.8.8:53 | node.setupad.com | udp |
| CZ | 65.9.95.96:443 | setupad-tagan.adlightning.com | tcp |
| CZ | 65.9.95.96:443 | setupad-tagan.adlightning.com | tcp |
| CZ | 65.9.95.96:443 | setupad-tagan.adlightning.com | tcp |
| CZ | 65.9.95.96:443 | setupad-tagan.adlightning.com | tcp |
| CZ | 65.9.95.96:443 | setupad-tagan.adlightning.com | tcp |
| CZ | 65.9.95.96:443 | setupad-tagan.adlightning.com | tcp |
| DE | 159.89.25.223:443 | node.setupad.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 918b175f876a466a803d8d1ce55de632.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 96.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.25.89.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr4---sn-aigl6nzl.googlevideo.com | udp |
| GB | 74.125.168.169:443 | rr4---sn-aigl6nzl.googlevideo.com | tcp |
| GB | 74.125.168.169:443 | rr4---sn-aigl6nzl.googlevideo.com | tcp |
| GB | 142.250.178.22:443 | i.ytimg.com | udp |
| GB | 74.125.168.169:443 | rr4---sn-aigl6nzl.googlevideo.com | udp |
| GB | 142.250.187.193:443 | 918b175f876a466a803d8d1ce55de632.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| US | 8.8.8.8:53 | setupad-d.openx.net | udp |
| US | 8.8.8.8:53 | 169.168.125.74.in-addr.arpa | udp |
| FR | 163.5.194.32:443 | sync.a-mo.net | tcp |
| FR | 163.5.194.32:443 | sync.a-mo.net | tcp |
| US | 8.8.8.8:53 | assets.a-mo.net | udp |
| US | 104.19.158.19:443 | assets.a-mo.net | tcp |
| US | 8.8.8.8:53 | 32.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.158.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | trace-eu.mediago.io | udp |
| US | 8.8.8.8:53 | cdn.mediago.io | udp |
| US | 8.8.8.8:53 | images.mediago.io | udp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| US | 34.111.60.239:443 | images.mediago.io | tcp |
| US | 34.111.60.239:443 | images.mediago.io | tcp |
| CZ | 65.9.95.65:443 | cdn.mediago.io | tcp |
| CZ | 65.9.95.65:443 | cdn.mediago.io | tcp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | udp |
| CZ | 65.9.95.65:443 | cdn.mediago.io | tcp |
| US | 8.8.8.8:53 | gtrace.mediago.io | udp |
| US | 8.8.8.8:53 | 80.168.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.60.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.95.9.65.in-addr.arpa | udp |
| NL | 35.214.168.80:443 | gtrace.mediago.io | udp |
| US | 8.8.8.8:53 | ads.vk.com | udp |
| RU | 5.61.238.3:443 | ads.vk.com | tcp |
| US | 8.8.8.8:53 | 3.238.61.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tns-counter.ru | udp |
| RU | 194.226.130.227:443 | tns-counter.ru | tcp |
| US | 8.8.8.8:53 | top-fwz1.mail.ru | udp |
| US | 8.8.8.8:53 | stats.vk-portal.net | udp |
| RU | 95.163.52.67:443 | top-fwz1.mail.ru | tcp |
| RU | 87.240.129.132:443 | stats.vk-portal.net | tcp |
| US | 8.8.8.8:53 | sun6-21.userapi.com | udp |
| NL | 95.142.206.1:443 | sun6-21.userapi.com | tcp |
| US | 8.8.8.8:53 | 227.130.226.194.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.129.240.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.206.142.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.52.163.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sun6-23.userapi.com | udp |
| US | 8.8.8.8:53 | sun6-20.userapi.com | udp |
| NL | 95.142.206.0:443 | sun6-20.userapi.com | tcp |
| NL | 95.142.206.3:443 | sun6-23.userapi.com | tcp |
| US | 8.8.8.8:53 | 0.206.142.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sun9-70.userapi.com | udp |
| RU | 87.240.185.169:443 | sun9-70.userapi.com | tcp |
| US | 8.8.8.8:53 | sun6-22.userapi.com | udp |
| NL | 95.142.206.2:443 | sun6-22.userapi.com | tcp |
| NL | 95.142.206.2:443 | sun6-22.userapi.com | tcp |
| US | 8.8.8.8:53 | 169.185.240.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.206.142.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sun9-48.userapi.com | udp |
| RU | 87.240.185.151:443 | sun9-48.userapi.com | tcp |
| US | 8.8.8.8:53 | sun9-57.userapi.com | udp |
| RU | 93.186.227.152:443 | sun9-57.userapi.com | tcp |
| RU | 93.186.227.152:443 | sun9-57.userapi.com | tcp |
| RU | 93.186.227.152:443 | sun9-57.userapi.com | tcp |
| US | 8.8.8.8:53 | 151.185.240.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.227.186.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sun9-54.userapi.com | udp |
| RU | 87.240.185.157:443 | sun9-54.userapi.com | tcp |
| US | 8.8.8.8:53 | sun9-41.userapi.com | udp |
| RU | 93.186.227.148:443 | sun9-41.userapi.com | tcp |
| RU | 93.186.227.148:443 | sun9-41.userapi.com | tcp |
| US | 8.8.8.8:53 | sun9-72.userapi.com | udp |
| RU | 87.240.185.171:443 | sun9-72.userapi.com | tcp |
| US | 8.8.8.8:53 | 148.227.186.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.185.240.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.185.240.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sun9-37.userapi.com | udp |
| RU | 87.240.185.144:443 | sun9-37.userapi.com | tcp |
| US | 8.8.8.8:53 | www.tns-counter.ru | udp |
| RU | 194.226.130.227:443 | www.tns-counter.ru | tcp |
| US | 8.8.8.8:53 | 144.185.240.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | privacy-cs.mail.ru | udp |
| RU | 95.163.52.89:443 | privacy-cs.mail.ru | tcp |
| US | 8.8.8.8:53 | 89.52.163.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | stun4.l.google.com | udp |
| US | 8.8.8.8:53 | stun3.l.google.com | udp |
| US | 74.125.250.129:19302 | stun3.l.google.com | udp |
| US | 74.125.250.129:19302 | stun3.l.google.com | udp |
| US | 74.125.250.129:19302 | stun3.l.google.com | udp |
| US | 8.8.8.8:53 | 129.250.125.74.in-addr.arpa | udp |
| NL | 89.149.193.80:443 | prg.smartadserver.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| US | 104.18.30.49:443 | stpd.cloud | tcp |
| GB | 142.250.178.22:443 | i.ytimg.com | udp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | udp |
| NL | 89.149.193.80:443 | prg.smartadserver.com | tcp |
| NL | 89.149.193.80:443 | prg.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 16e2f96f4a7a774f4bd760478816bbf1.safeframe.googlesyndication.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 95b6ec52d393c18e11a594b47ce90826.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | e7e085ac2fe56253f10a0e3798bb6d45.safeframe.googlesyndication.com | udp |
Files
C:\Users\Admin\AppData\Local\Temp\Setup\ds.dll
| MD5 | f45a92aba92be451667f7771edecdd32 |
| SHA1 | bb8496d04363a8ae818a9b3efc0fbcc1ba893f78 |
| SHA256 | 22e95eb59a7cb402fadc1783c7f3c613aa18ebd09480e30f4a6557df8d066b26 |
| SHA512 | a6d734db225021487df46b2f62fb7a71883e2aa8837eb0097082510d8f01b519842cd26700ce84f2e2fd9012cb396ea894123d31a0e3e22636ecb859f68010af |
memory/2728-12-0x0000000006D60000-0x0000000006D70000-memory.dmp
memory/2728-13-0x0000000072B0E000-0x0000000072B0F000-memory.dmp
memory/2728-18-0x00000000733B0000-0x00000000733C4000-memory.dmp
memory/2728-17-0x0000000007320000-0x0000000007334000-memory.dmp
memory/2728-19-0x0000000009A60000-0x000000000A004000-memory.dmp
memory/2728-20-0x0000000005240000-0x00000000052D2000-memory.dmp
memory/2728-21-0x0000000007080000-0x00000000070C4000-memory.dmp
memory/2728-22-0x000000000A4F0000-0x000000000A58C000-memory.dmp
memory/2728-23-0x00000000099E0000-0x0000000009A46000-memory.dmp
memory/2728-24-0x000000000AAC0000-0x000000000AFEC000-memory.dmp
memory/2728-30-0x0000000006D60000-0x0000000006D70000-memory.dmp
memory/2728-31-0x0000000072B0E000-0x0000000072B0F000-memory.dmp
memory/2728-32-0x000000000B320000-0x000000000B32A000-memory.dmp
memory/2728-33-0x000000000C050000-0x000000000C0A0000-memory.dmp
memory/2728-34-0x000000000C240000-0x000000000C2F2000-memory.dmp
memory/2728-35-0x000000000C1E0000-0x000000000C1FA000-memory.dmp
memory/2728-36-0x000000000C340000-0x000000000C352000-memory.dmp
memory/2728-37-0x000000000C3B0000-0x000000000C3D0000-memory.dmp
memory/2728-38-0x000000000C410000-0x000000000C442000-memory.dmp
memory/2728-39-0x000000000C4C0000-0x000000000C526000-memory.dmp
memory/2728-40-0x000000000C450000-0x000000000C46E000-memory.dmp
memory/2728-41-0x000000000C490000-0x000000000C4AA000-memory.dmp
memory/2728-42-0x0000000072B00000-0x00000000732B0000-memory.dmp
memory/2728-43-0x0000000072B00000-0x00000000732B0000-memory.dmp
memory/2728-44-0x0000000072B00000-0x00000000732B0000-memory.dmp
memory/2564-61-0x000002B52E340000-0x000002B52E350000-memory.dmp
memory/2564-79-0x000002B5366A0000-0x000002B5366A1000-memory.dmp
memory/2564-77-0x000002B536670000-0x000002B536671000-memory.dmp
memory/2564-81-0x000002B5367B0000-0x000002B5367B1000-memory.dmp
memory/2564-80-0x000002B5366A0000-0x000002B5366A1000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe
| MD5 | 143255618462a577de27286a272584e1 |
| SHA1 | efc032a6822bc57bcd0c9662a6a062be45f11acb |
| SHA256 | f5aa950381fbcea7d730aa794974ca9e3310384a95d6cf4d015fbdbd9797b3e4 |
| SHA512 | c0a084d5c0b645e6a6479b234fa73c405f56310119dd7c8b061334544c47622fdd5139db9781b339bb3d3e17ac59fddb7d7860834ecfe8aad6d2ae8c869e1cb9 |
C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini
| MD5 | bfd50bb734c4b477a1d670260848d64b |
| SHA1 | 4f88b455ad5dedffea6e61ef61c081b41d6228b7 |
| SHA256 | 05643c89d3c954f331f7fb89a52c28376e5731f752b625d956df2a2d0c185b3f |
| SHA512 | 8603eb571c22297340a740e58ae8b6fca5fabdb34624b0faccb9c89c96fb9d677a778ff227e7208cbc87f88cdd919cca36a6f3f240520b1fc32ceaf525660537 |
C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini.lock
| MD5 | 88aa9220a94361a183dd34f905a0362c |
| SHA1 | 532cb852ba72220c1ab2eb92d717b3ee380480c1 |
| SHA256 | abe5ac8065597db5b1a497cf3112cda8a2b6d2bf02b5fe9e66aa9fbf5f2211f9 |
| SHA512 | f0a1326497fee28ccb787d09921071f7ceacc53f86a8eecc647df25f2c66373f8fabe347f0189973110171d9dd526704ffb4b44999a97a81be07e233f19f4f66 |
memory/4860-135-0x00007FF898830000-0x00007FF898864000-memory.dmp
memory/4860-134-0x00007FF63AF10000-0x00007FF63B008000-memory.dmp
memory/4860-136-0x00007FF894FB0000-0x00007FF895266000-memory.dmp
memory/4860-137-0x00007FF8931B0000-0x00007FF894260000-memory.dmp
C:\LDPlayer\LDPlayer9\dnrepairer.exe
| MD5 | cee286a3b75e2e3b92359a54a129a8cf |
| SHA1 | d9708dc4a44c32a25d31eb93b7e0627155c5a871 |
| SHA256 | d6f0c9d7efe02de528a908285a989cc41903bc34b3448e5638af551ef12f77a5 |
| SHA512 | daf84e165437170d2ae029f2092ea9dbde03d6a34d85ac710e679e560333f8c17c6a2fc16ad69adad36ccf29c462f9c92346ca42e163e7a8c4069253456f06c1 |
C:\LDPlayer\LDPlayer9\msvcr120.dll
| MD5 | 50097ec217ce0ebb9b4caa09cd2cd73a |
| SHA1 | 8cd3018c4170072464fbcd7cba563df1fc2b884c |
| SHA256 | 2a2ff2c61977079205c503e0bcfb96bf7aa4d5c9a0d1b1b62d3a49a9aa988112 |
| SHA512 | ac2d02e9bfc2be4c3cb1c2fff41a2dafcb7ce1123998bbf3eb5b4dc6410c308f506451de9564f7f28eb684d8119fb6afe459ab87237df7956f4256892bbab058 |
C:\LDPlayer\LDPlayer9\msvcp120.dll
| MD5 | 50260b0f19aaa7e37c4082fecef8ff41 |
| SHA1 | ce672489b29baa7119881497ed5044b21ad8fe30 |
| SHA256 | 891603d569fc6f1afed7c7d935b0a3c7363c35a0eb4a76c9e57ef083955bc2c9 |
| SHA512 | 6f99d39bfe9d4126417ff65571c78c279d75fc9547ee767a594620c0c6f45f4bb42fd0c5173d9bc91a68a0636205a637d5d1c7847bd5f8ce57e120d210b0c57d |
C:\LDPlayer\LDPlayer9\phones.data
| MD5 | fdee6e3ccf8b61db774884ccb810c66f |
| SHA1 | 7a6b13a61cd3ad252387d110d9c25ced9897994d |
| SHA256 | 657fec32d9ce7b96986513645a48ddd047a5968d897c589fbc0fc9adb8c670f4 |
| SHA512 | f773f6fc22adadf048b9bfb03e4d6e119e8876412beb8517d999f4ed6a219e2ba50eded5308d361b6780792af9f699644e3a8b581a17d5a312f759d981f64512 |
C:\LDPlayer\LDPlayer9\dnresource.rcc
| MD5 | be5eb5347c30bc6feba94d103528050a |
| SHA1 | 862ff5fd84b1caa34a6298969799a802f1cb3df6 |
| SHA256 | 5fda5ba5047c9b6c542eb4643fd42e664838702534a3d1a53ccb0c1af1490965 |
| SHA512 | 15994a163acacbdd5811e21c01a0993c16dcf078cad37b74c95e488cf6c6944c288550a60d1da8e049c24657896370332bf8c0431a7b037614552b43c47a630d |
C:\LDPlayer\LDPlayer9\crashreport.dll
| MD5 | cb1f1554bd438600eba5a55feda2c653 |
| SHA1 | 893dcdd3d21568c6d0586fa3590be7c9dcbfa42e |
| SHA256 | 27bb89fa0800e7fdf643126551dda3eaa834b1171346010b93fb904076e90f4f |
| SHA512 | 65b064ce0496680408f76e7fe3a9946155384864099c1913acb1f88db182277d5d09d4e9cfdff8a8ae821f0037af93ce97bbc76e656831a52714abcdc0da6412 |
C:\LDPlayer\LDPlayer9\vms\config\leidian0.config
| MD5 | e4fe8383e55c8a9da0aa9bdce372696b |
| SHA1 | 5e201f47dc84b3d0591566d3c7169e232b90854b |
| SHA256 | 9f7e6ad12227c28abde86163925306040a13c50132db6b3204097e8512143ec2 |
| SHA512 | bb6b32f74fad774f0c715c128e4ad9f83d3350b69b441a6b1e3766b2bc7390aa01a84a256d94cbbaea1b4322fd86568ab187d686d9e7657b89214e2d011eb486 |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\DismHost.exe
| MD5 | e5d5e9c1f65b8ec7aa5b7f1b1acdd731 |
| SHA1 | dbb14dcda6502ab1d23a7c77d405dafbcbeb439e |
| SHA256 | e30508e2088bc16b2a84233ced64995f738deaef2366ac6c86b35c93bbcd9d80 |
| SHA512 | 7cf80d4a16c5dbbf61fcb22ebe30cf78ca42a030b7d7b4ad017f28fba2c9b111e8cf5b3064621453a44869bbaed124d6fb1e8d2c8fe8202f1e47579d874fa4bc |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\DismCorePS.dll
| MD5 | a033f16836d6f8acbe3b27b614b51453 |
| SHA1 | 716297072897aea3ec985640793d2cdcbf996cf9 |
| SHA256 | e3b3a4c9c6403cb8b0aa12d34915b67e4eaa5bb911e102cf77033aa315d66a1e |
| SHA512 | ad5b641d93ad35b3c7a3b56cdf576750d1ad4c63e2a16006739888f0702280cad57dd0a6553ef426111c04ceafd6d1e87f6e7486a171fff77f243311aee83871 |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\DismProv.dll
| MD5 | 490be3119ea17fa29329e77b7e416e80 |
| SHA1 | c71191c3415c98b7d9c9bbcf1005ce6a813221da |
| SHA256 | ef1e263e1bcc05d9538cb9469dd7dba5093956aa325479c3d2607168cc1c000a |
| SHA512 | 6339b030008b7d009d36abf0f9595da9b793264ebdce156d4a330d095a5d7602ba074075ea05fef3dde474fc1d8e778480429de308c121df0bf3075177f26f13 |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\OSProvider.dll
| MD5 | db4c3a07a1d3a45af53a4cf44ed550ad |
| SHA1 | 5dea737faadf0422c94f8f50e9588033d53d13b3 |
| SHA256 | 2165d567aa47264abe2a866bb1bcb01a1455a75a6ea530b1b9a4dda54d08f758 |
| SHA512 | 5182b80459447f3c1fb63b70ad0370e1da26828a7f73083bec0af875b37888dd12ec5a6d9dc84157fc5b535f473ad7019eb6a53b9a47a2e64e6a8b7fae4cddde |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\LogProvider.dll
| MD5 | 815a4e7a7342224a239232f2c788d7c0 |
| SHA1 | 430b7526d864cfbd727b75738197230d148de21a |
| SHA256 | a9c8787c79a952779eca82e7389cf5bbde7556e4491b8bfcfd6617740ac7d8a2 |
| SHA512 | 0c19d1e388ed0855a660135dec7a5e6b72ecbb7eb67ff94000f2399bd07df431be538055a61cfb2937319a0ce060898bb9b6996765117b5acda8fc0bad47a349 |
C:\Windows\Logs\DISM\dism.log
| MD5 | f8c49cb756cf2518b609665e610e5fea |
| SHA1 | 2c04f6aeb44d501f0c5d260b7d0c4e4656f6711a |
| SHA256 | 338894da6c9c07409ef9a9de513257ca112772fd389e14e41408508d068a8710 |
| SHA512 | 1050e70474a59a5163eb93d03d84ace16f5816610b0b5089eb5e4439cf9a02b24451c726b19e81a7ea8ea38ee9b186ac52d66db04cc21eeafaa40bff342aec42 |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\IBSProvider.dll
| MD5 | 120f0a2022f423fc9aadb630250f52c4 |
| SHA1 | 826df2b752c4f1bba60a77e2b2cf908dd01d3cf7 |
| SHA256 | 5425382aaa32ffc133adb6458ff516db0e2ad60fac52dd595d53c370f4ba6fa0 |
| SHA512 | 23e50735c06cef93d11873fc8e5e29fc63dcf3f01dc56822a17c11ca57bbfb10d46fac6351f84ba30050a16d6bd0744a08a4042a9743a6df87ac8a12e81e2764 |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\en-US\OSProvider.dll.mui
| MD5 | 0633e0fccd477d9b22de4dd5a84abe53 |
| SHA1 | e04fb5c3acb35d128c1ea6ee6fb0e9b3fe90d5a9 |
| SHA256 | b6758aba17f6cd74923ca0976dd580222851ef6435cd16b3b2b04e85280ce706 |
| SHA512 | e95ed1d8069d6f200f0a2ea8dd7688404af9db9ce5e229afcb625a1f9eb46ac9e7a1c2c4c5ce156b190514415679e82e213732e8e890ed1a89af9026e4e73fe3 |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\en-US\OfflineSetupProvider.dll.mui
| MD5 | 015271d46ab128a854a4e9d214ab8a43 |
| SHA1 | 2569deff96fb5ad6db924cee2e08a998ddc80b2a |
| SHA256 | 692744ce4bba1e82ad1a91ab97eec2bac7146bc995e8e8ed59bc2c7d366af7ec |
| SHA512 | 6ba678da0475a6b1872c2e2c151b395a4d97390bed4671d3f918aab5e69cbc9ceafe72c3100ba060ac6586fd37682499fdeef7d7b1ab10f5ec2411c1438ed438 |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\OfflineSetupProvider.dll
| MD5 | 9cd7292cca75d278387d2bdfb940003c |
| SHA1 | bab579889ed3ac9cb0f124842c3e495cb2ec92ac |
| SHA256 | b38d322af8e614cc54299effd2164247c75bd7e68e0eb1a428376fcedaca9a6f |
| SHA512 | ebf96839e47bef9e240836b1d02065c703547a2424e05074467fe70f83c1ebf3db6cb71bf0d38848ec25e2e81b4cbb506ced7973b85e2ab2d8e4273de720779d |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\en-US\MsiProvider.dll.mui
| MD5 | c5e60ee2d8534f57fddb81ffce297763 |
| SHA1 | 78e6b0e03c8bf5802b3ef429b105d7ae3092a8f2 |
| SHA256 | 1ec7b04a8c25812db99abec82c7b7bf915ae3f7594c5d071231cafab9c1fa145 |
| SHA512 | ce654295e8b16da7bd004453ae4a422fe8296a8c2343e56d819883b835c391a02537ecf4d155a281a9d38f2291ee0004506b7fd48a99c0f8881ff1e38ae8ebcc |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\MsiProvider.dll
| MD5 | 9a760ddc9fdca758501faf7e6d9ec368 |
| SHA1 | 5d395ad119ceb41b776690f9085f508eaaddb263 |
| SHA256 | 7ff3939e1ef015da8c9577af4edfdd46f0029a2cfe4e3dac574d3175516e095f |
| SHA512 | 59d095246b62a7777e7d2d50c2474f4b633a1ae96056e4a4cb5265ccf7432fed0ea5df9b350f44d70b55a726241da10f228d8b5cbee9b0890c0b9dc9e810b139 |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\en-US\LogProvider.dll.mui
| MD5 | 8933c8d708e5acf5a458824b19fd97da |
| SHA1 | de55756ddbeebc5ad9d3ce950acba5d2fb312331 |
| SHA256 | 6e51af7cfda6be5419f89d6705c44587556a4abffd388020d7f19e007e122cd6 |
| SHA512 | ead5017d9d024a1d7c53634ae725438ea3a34eed8c9056ebbc4ebe5aab2055c0e67687ce7608724e4f66f55aa486a63024967b76a5638cde3dd88b3d3432ca1f |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\en-US\IntlProvider.dll.mui
| MD5 | 2eb303db5753eb7a6bb3ab773eeabdcb |
| SHA1 | 44c6c38e6ae5f9ce9d7ca9d45a3cc3020b1353e4 |
| SHA256 | aa43b64db4fdcd89e56ba5309f3ba2ffac2663ba30514e87c160687f4314221f |
| SHA512 | df1c8cefed4b5ef5a47f9bc0c42776611b3af709938a0900db79c6c9f4fae21acbbb6c4b1cad3c5a2051b622fe7e6e01486d34622742a981623fed933f1b1427 |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\IntlProvider.dll
| MD5 | 510e132215cef8d09be40402f355879b |
| SHA1 | cae8659f2d3fd54eb321a8f690267ba93d56c6f1 |
| SHA256 | 1bb39f3389aa4258a923fa265afa2279688e6cdb14ff771f1621a56b03ddcf52 |
| SHA512 | 2f7b2ec0e94738838f755759cd35e20ab2138b8eca023ee6ef630ab83a3de1bc0792f12ea0d722abe9a6953626cbddf8ba55ea32fc794d2df677a0625e498ab0 |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\en-US\ImagingProvider.dll.mui
| MD5 | f2e2ba029f26341158420f3c4db9a68f |
| SHA1 | 1dee9d3dddb41460995ad8913ad701546be1e59d |
| SHA256 | 32d8c8fb9a746be209db5c3bdad14f361cf2bef8144c32e5af419c28efd35da3 |
| SHA512 | 3d45d7bcf21d5df56b516fc18f7dc1bf80e44258b0c810b199a7bc06047a547060956c9d79575b82d9b6992fb5fe64f5b0ef1e408363887ae81a64b6ff9fa03e |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\ImagingProvider.dll
| MD5 | 35e989a1df828378baa340f4e0b2dfcb |
| SHA1 | 59ecc73a0b3f55e43dace3b05ff339f24ec2c406 |
| SHA256 | 874137ee906f91285b9a018735683a0dd21bdeaf2e340cbc54296551ccf8be2d |
| SHA512 | c8d69e37c918881786a8fdab2a2c5d1632411b1f75082aeb3eb24a8ba5f93dcb39b3f4000e651f95452263525d98fd1d3cb834de93bed16fa6f92ef271c3a92a |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\en-US\IBSProvider.dll.mui
| MD5 | d4b67a347900e29392613b5d86fe4ac2 |
| SHA1 | fb84756d11bfd638c4b49268b96d0007b26ba2fb |
| SHA256 | 4ccfe7883bce7785b1387ad3872230159899a5337d30a2f81a937b74bcbc4ce5 |
| SHA512 | af0a2a3f813e1adfff972285c9655f50ce6916caaeff5cb82f6c7d76491ffc9b365a47f19750fc02d7122182bf65aae79ed167886c33f202d5a781ab83d75662 |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\en-US\GenericProvider.dll.mui
| MD5 | d6b02daf9583f640269b4d8b8496a5dd |
| SHA1 | e3bc2acd8e6a73b6530bc201902ab714e34b3182 |
| SHA256 | 9102fa05ed98d902bf6e95b74fdbb745399d4ce4536a29607b2156a0edfeddf0 |
| SHA512 | 189e87fcc2902e2a8e59773783d80a7d4dd5d2991bd291b0976cbd304f78bd225b353703735b84de41b5f59c37402db634c4acc805d73176cde75ca662efff50 |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\GenericProvider.dll
| MD5 | ef7e2760c0a24453fc78359aea3d7869 |
| SHA1 | 0ea67f1fd29df2615da43e023e86046e8e46e2e1 |
| SHA256 | d39f38402a9309ddd1cba67be470ede348f2bc1bab2f8d565e8f15510761087a |
| SHA512 | be785ba6b564cc4e755b4044ae27f916c009b7d942fcd092aed2ae630b1704e8a2f8b4692648eed481a5eb5355fd2e1ef7f94f6fb519b7e1ff6fc3c5f1aaa06f |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\en-US\FolderProvider.dll.mui
| MD5 | 22b4a3a1ec3b6d7aa3bc61d0812dc85f |
| SHA1 | 97ae3504a29eb555632d124022d8406fc5b6f662 |
| SHA256 | c81a992ecebd9260ff34e41383aaca1c64a9fa4706a4744ac814f0f5daa1e105 |
| SHA512 | 9329b60a60c45b2486000ed0aff8d260fdac3d0a8789823eaa015eab1a6d577012f9d12502f81bad9902e41545c3c3e77f434bc1a753b4f8430d01db2cdbe26c |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\FolderProvider.dll
| MD5 | 4f3250ecb7a170a5eb18295aa768702d |
| SHA1 | 70eb14976ddab023f85bc778621ade1d4b5f4d9d |
| SHA256 | a235317ab7ed89e6530844a78b933d50f6f48ea5df481de158eb99dd8c4ba461 |
| SHA512 | e9ce6cced5029d931d82e78e7e609a892bfe239096b55062b78e8ff38cce34ce6dd4e91efb41c4cd6ecf6017d098e4c9b13d6cb4408d761051468ee7f74bc569 |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\en-US\FfuProvider.dll.mui
| MD5 | dc826a9cb121e2142b670d0b10022e22 |
| SHA1 | b2fe459ede8ba99602ae6ea5fa24f0133cca2bc9 |
| SHA256 | ba6695148f96a5d45224324006ae29becfd2a6aa1de947e27371a4eb84e7451a |
| SHA512 | 038e9abff445848c882a71836574df0394e73690bc72642c2aa949c1ad820c5cbb4dedc4ee7b5b75fd5ac8a43813d416f23d28973de7a7f0e5c3f7112da6fe1b |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\FfuProvider.dll
| MD5 | df785c5e4aacaee3bd16642d91492815 |
| SHA1 | 286330d2ab07512e1f636b90613afcd6529ada1e |
| SHA256 | 56cc8d139be12e969fff3bbf47b1f5c62c3db887e3fb97c79cf7d285076f9271 |
| SHA512 | 3566de60fe76b63940cff3579da94f404c0bc713f2476ba00b9de12dc47973c7c22d5eed1fd667d20cea29b3c3c4fa648e5f44667e8369c192a4b69046e6f745 |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\en-US\DmiProvider.dll.mui
| MD5 | b7252234aa43b7295bb62336adc1b85c |
| SHA1 | b2c42a5af79530e7cf9bcf54fd76ae9d5f234d7f |
| SHA256 | 73709c25dc5300a435e53df97fc01a7dc184b56796cae48ee728d54d26076d6c |
| SHA512 | 88241009b342eb1205b10f7725a7cb1ec2c7135606459d038c4b8847efd9d5e0ad4749621f8df93746dd3ba8ab92d1b0f513ed10e2ba712a7991716f4c062358 |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\DmiProvider.dll
| MD5 | ea8488990b95ce4ef6b4e210e0d963b2 |
| SHA1 | cd8bf723aa9690b8ca9a0215321e8148626a27d1 |
| SHA256 | 04f851b9d5e58ed002ad768bdcc475f22905fb1dab8341e9b3128df6eaa25b98 |
| SHA512 | 56562131cbe5f0ea5a2508f5bfed88f21413526f1539fe4864ece5b0e03a18513f3db33c07e7abd7b8aaffc34a7587952b96bb9990d9f4efa886f613d95a5b1b |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\en-US\dismprov.dll.mui
| MD5 | 7d06108999cc83eb3a23eadcebb547a5 |
| SHA1 | 200866d87a490d17f6f8b17b26225afeb6d39446 |
| SHA256 | cf8cc85cdd12cf4a02df5274f8d0cdc625c6409fe80866b3052b7d5a862ac311 |
| SHA512 | 9f024aa89392fbbbabe62a58857e5ad5250e05f23d7f78fc9a09f535463446796dd6e37aab5e38dfc0bf5b15533844f63b3bddcb5cb9335901e099f65f9d8002 |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\en-US\DismCore.dll.mui
| MD5 | 7a15f6e845f0679de593c5896fe171f9 |
| SHA1 | 0c923dfaffb56b56cba0c28a4eacb66b1b91a1f4 |
| SHA256 | f91e3c35b472f95d7b1ae3dc83f9d6bfde33515aa29e8b310f55d9fe66466419 |
| SHA512 | 5a0373f1fb076a0059cac8f30fe415e06ed880795f84283911bec75de0977baf52432b740b429496999cedf5cca45efd6ef010700e2d9a1887438056c8c573ca |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\DismCore.dll
| MD5 | b1f793773dc727b4af1648d6d61f5602 |
| SHA1 | be7ed4e121c39989f2fb343558171ef8b5f7af68 |
| SHA256 | af7f342adf5b533ea6978b68064f39bfb1e4ad3b572ae1b7f2287f5533334d4e |
| SHA512 | 66a92bff5869a56a7931d7ed9881d79c22ba741c55fb42c11364f037e1ec99902db2679b67a7e60cbf760740d5b47dcf1a6dcfae5ad6711a0bd7f086cc054eed |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\en-US\CbsProvider.dll.mui
| MD5 | 6c51a3187d2464c48cc8550b141e25c5 |
| SHA1 | a42e5ae0a3090b5ab4376058e506b111405d5508 |
| SHA256 | d7a0253d6586e7bbfb0acb6facd9a326b32ba1642b458f5b5ed27feccb4fc199 |
| SHA512 | 87a9e997d55bc6dbd05af1291fb78cd02266641d018ccfeb6826cb0de205aaf8a57b49e587462dbb6df2b86b54f91c0c5d3f87e64d7dbb2aea75ef143c5447ba |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\en-US\AssocProvider.dll.mui
| MD5 | 8833761572f0964bdc1bea6e1667f458 |
| SHA1 | 166260a12c3399a9aa298932862569756b4ecc45 |
| SHA256 | b18c6ce1558c9ef6942a3bce246a46557c2a7d12aec6c4a07e4fa84dd5c422f5 |
| SHA512 | 2a907354ec9a1920b9d1d2aeb9ff7c7314854b36a27f7d88aca17825e74a87413dbe7d1c3fde6a2410b5934f8c80a76f8bb6b7f12e7cfc643ce6622ca516d9b8 |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\AssocProvider.dll
| MD5 | 94dc379aa020d365ea5a32c4fab7f6a3 |
| SHA1 | 7270573fd7df3f3c996a772f85915e5982ad30a1 |
| SHA256 | dc6a5930c2b9a11204d2e22a3e8d14c28e5bdac548548e256ba7ffa79bd8c907 |
| SHA512 | 998fd10a1f43024a2398491e3764748c0b990b37d8b3c820d281296f8da8f1a2f97073f4fd83543994a6e326fa7e299cb5f59e609358cd77af996175782eeaca |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\en-US\AppxProvider.dll.mui
| MD5 | bd0dd9c5a602cb0ad7eabc16b3c1abfc |
| SHA1 | cede6e6a55d972c22da4bc9e0389759690e6b37f |
| SHA256 | 8af0073f8a023f55866e48bf3b902dfa7f41c51b0e8b0fe06f8c496d41f9a7b3 |
| SHA512 | 86351dc31118fc5a12fad6f549aa60c45ebe92b3ce5b90376e41f60d6d168a8a9f6c35320fc2cdcc750e67a5751651657fe64cf42690943500afd0d1dae2cd0c |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\AppxProvider.dll
| MD5 | a7927846f2bd5e6ab6159fbe762990b1 |
| SHA1 | 8e3b40c0783cc88765bbc02ccc781960e4592f3f |
| SHA256 | 913f97dd219eeb7d5f7534361037fe1ecc3a637eb48d67b1c8afa8b5f951ba2f |
| SHA512 | 1eafece2f6aa881193e6374b81d7a7c8555346756ed53b11ca1678f1f3ffb70ae3dea0a30c5a0aab8be45db9c31d78f30f026bb22a7519a0930483d50507243f |
C:\Users\Admin\AppData\Local\Temp\2D2F33F2-4C9E-413A-A211-90F464D4309A\CbsProvider.dll
| MD5 | 6ad0376a375e747e66f29fb7877da7d0 |
| SHA1 | a0de5966453ff2c899f00f165bbff50214b5ea39 |
| SHA256 | 4c9a4ab6596626482dd2190034fcb3fafebe88a961423962ad577e873ef5008f |
| SHA512 | 8a97b2cc96ec975188e53e428d0fc2c562f4c3493d3c354e316c7f89a0bd25c84246807c9977f0afdda3291b8c23d518a36fd967d8f9d4d2ce7b0af11b96eb18 |
C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\installer.exe
| MD5 | 46c50dc50d9be92829b9d6fd4678c11d |
| SHA1 | 3c0b0493b9e6269a1a00c48720c7fd97c04ddd4f |
| SHA256 | d9c15d4a7e2b1a320154a5c61af012242e3408a5c5519cbb4e93a7843692cf50 |
| SHA512 | 340fdbc7618e86ef4178142aa9012ab9317869b85ac148fcd31c0c2fff007114eaccbf60ee829be99890d36b7d5e1a78c4617e40a538735a8b01002d4d5e41e9 |
memory/2456-786-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-785-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-784-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-783-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-787-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-782-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-788-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-790-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-793-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-792-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-791-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-789-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-794-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-795-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-796-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-804-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-803-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-802-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-801-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-800-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-799-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-798-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-797-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
memory/2456-805-0x00007FF7DEDF0000-0x00007FF7DEE00000-memory.dmp
C:\ProgramData\McAfee\WebAdvisor\TaskManager.dll\log_00200057003F001D0006.txt
| MD5 | b26a43adc13d6fb414c39e939de2254b |
| SHA1 | e657b3dd38255e95dc44e2166f34c2de2f7ce6a3 |
| SHA256 | ba8543689dcc05ef64c79e4c82ba595942134d38e4abf65c65f737ef2ecaf3d9 |
| SHA512 | 1e122f8251aeca8213a57a204c3358203e14fcaa63b60c26a52b621f1f912a3190250320378c0bd756a837c6e7835c8d503931047c45b0fda3712381765cf53c |
C:\ProgramData\McAfee\WebAdvisor\TaskManager.dll\log_00200057003F001D0006.txt
| MD5 | 967bcf7144ee944a85904ff262eccedb |
| SHA1 | 6b4f74c936fc2d38319e395c2c79ac094db5a387 |
| SHA256 | 3f5aed9dafd356c4c09fb0aff5808c3722be4611ecaba28226495fd2854b6ec8 |
| SHA512 | b29ba0c64df396e526960843487513d7a1721a4dfbc412045589fd37334c37bea79e13bec68e63bf454b1e179ad01379612c5b0d43e11b936fb60adcc2582716 |
C:\ProgramData\McAfee\WebAdvisor\TaskManager.dll\log_00200057003F001D0006.txt
| MD5 | c2c7cbd6f4662585cad339a6e09aee5f |
| SHA1 | 734208aae6dc38ab90c6e58fb8f90b750bb2834b |
| SHA256 | 1dd5a84815cefa3029d70398efa53196128ee63834f87bb63d4beb7e880dc07b |
| SHA512 | 1854c842b362985fc430883f0bd42903c730a85e224721b664bc5a8f7f928741ded85249079f629481eb57de34cfdf3c4087aefa91cbe11b90a7e594635ac49d |
C:\ProgramData\McAfee\WebAdvisor\TaskManager.dll\log_00200057003F001D0006.txt
| MD5 | 0d27372262829bcd47532237c465d223 |
| SHA1 | 452e4a2a8dfe4605c018b17009309b509461f3c4 |
| SHA256 | 4c33e4562850e64fa8d46357f8ecc290d4c979746fb1ad04271fc593aa52f870 |
| SHA512 | 3960a5bf390b21f53a502c33f3b05c27f0fc92cada95fb103349961303176c8faff6145b973cfff03cf50821b9c02771a5734618377a14a44f59dca1ce875289 |
C:\ProgramData\McAfee\WebAdvisor\TaskManager.dll\log_00200057003F001D0006.txt
| MD5 | fe27643c7fac8f2e15155a24d1aad0d7 |
| SHA1 | bf77e5a0ca36cd1c1e38301dc8ea605a5cc6e632 |
| SHA256 | d2f076a469015083db3b77e3992936be891793c5fa5a1a587e9236d486787872 |
| SHA512 | 1af762d12135fa298070e0883215bdf177bbcb1befad5a35e023eadd962a0b0d709aa715065f603fe8f67d8f0b589c0f3820ea1f624739cdb19b517a4eb3cf5e |
C:\ProgramData\McAfee\WebAdvisor\LogicModule.dll\log_00200057003F001D0006.txt
| MD5 | 3ecc76b3bd9c72ae52471c6450d3e5a9 |
| SHA1 | e13613a897e9c7d242b97df78fa79adb29c66cf2 |
| SHA256 | 3113e4ade65b8dc25fb215433ce01b720cb389abdec2ea1f4fefa721bb80bbca |
| SHA512 | bebb884ea679b69313fa40ba96fcd9166f6cd1d6f9844b77fb2caee7e317cd465d7c56f2843439b8687cf58a530645f4ecb2a3b5141b2f53066c47b4833f7507 |
C:\Program Files\McAfee\WebAdvisor\Analytics\dataConfig.cab
| MD5 | bd38ea5ccd891a08af20f1a1305deebb |
| SHA1 | 6237639c4b35f85fa7fda83babbf6530153a83ed |
| SHA256 | 3e902920a51e303c9e269366643542154b1d90d7b408f86251701a5b90304533 |
| SHA512 | fecc9c8984828918fcd6a6431d7695a8dfad854ba32cb49a546537cf96fb5b67912b870fae343c0487a9e7016806717d0be3cb40bd92db34c3e17e0bd98eb42a |
C:\Windows\Logs\DISM\dism.log
| MD5 | 4b7aa5a1b9f017b28e316aab90a67255 |
| SHA1 | 9bc8f9ffcfb7d445a91cb7a479ce76bbf988f574 |
| SHA256 | 752d97c58e6457d61edb954a675da991b45ba7c573f7142788aa107781a219ab |
| SHA512 | 74f3a9e4f1a90eae19f18db033de7a26548f28331d598ddab035846c7b862dfb99c431bc9b0ce88987bf937b48f43939a932e1cd75deda2626fc73d5e121aa9b |
memory/1688-2533-0x0000000002CB0000-0x0000000002CE6000-memory.dmp
memory/1688-2534-0x00000000058B0000-0x0000000005ED8000-memory.dmp
memory/1688-2535-0x0000000005710000-0x0000000005732000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_wln0xwrv.bsq.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/1688-2545-0x0000000005FC0000-0x0000000006314000-memory.dmp
memory/1688-2546-0x00000000065F0000-0x000000000660E000-memory.dmp
memory/1688-2547-0x0000000006680000-0x00000000066CC000-memory.dmp
memory/1688-2665-0x00000000077A0000-0x00000000077D2000-memory.dmp
memory/1688-2666-0x000000006E3C0000-0x000000006E40C000-memory.dmp
memory/1688-2676-0x0000000006BC0000-0x0000000006BDE000-memory.dmp
memory/1688-2677-0x00000000077E0000-0x0000000007883000-memory.dmp
memory/1688-2678-0x0000000007F50000-0x00000000085CA000-memory.dmp
memory/1688-2679-0x0000000007980000-0x000000000798A000-memory.dmp
memory/1688-2680-0x0000000007B90000-0x0000000007C26000-memory.dmp
memory/1688-2683-0x0000000007B10000-0x0000000007B21000-memory.dmp
memory/1688-2685-0x0000000007C30000-0x0000000007C4A000-memory.dmp
memory/1688-2684-0x0000000007B50000-0x0000000007B5E000-memory.dmp
memory/1916-2734-0x0000000006100000-0x0000000006454000-memory.dmp
memory/1916-2740-0x0000000006870000-0x00000000068BC000-memory.dmp
memory/1916-2743-0x000000006E3A0000-0x000000006E3EC000-memory.dmp
memory/1916-2753-0x0000000007A10000-0x0000000007AB3000-memory.dmp
memory/1916-2758-0x0000000007CF0000-0x0000000007D01000-memory.dmp
memory/2968-2819-0x000000006E3A0000-0x000000006E3EC000-memory.dmp
C:\LDPlayer\LDPlayer9\ldmutiplayer\cximagecrt.dll
| MD5 | 66df6f7b7a98ff750aade522c22d239a |
| SHA1 | f69464fe18ed03de597bb46482ae899f43c94617 |
| SHA256 | 91e3035a01437b54adda33d424060c57320504e7e6a0c85db2654815ba29c71f |
| SHA512 | 48d4513e09edd7f270614258b2750d5e98f0dbce671ba41a524994e96ed3df657fce67545153ca32d2bf7efcb35371cae12c4264df9053e4eb5e6b28014ed20e |
C:\LDPlayer\LDPlayer9\ldmutiplayer\7za.exe
| MD5 | ad9d7cbdb4b19fb65960d69126e3ff68 |
| SHA1 | dcdc0e609a4e9d5ff9d96918c30cb79c6602cb3d |
| SHA256 | a6c324f2925b3b3dbd2ad989e8d09c33ecc150496321ae5a1722ab097708f326 |
| SHA512 | f0196bee7ad8005a36eea86e31429d2c78e96d57b53ff4a64b3e529a54670fa042322a3c3a21557c96b0b3134bf81f238a9e35124b2d0ce80c61ed548a9791e7 |
C:\LDPlayer\LDPlayer9\fonts\Roboto-Regular.otf
| MD5 | 4acd5f0e312730f1d8b8805f3699c184 |
| SHA1 | 67c957e102bf2b2a86c5708257bc32f91c006739 |
| SHA256 | 72336333d602f1c3506e642e0d0393926c0ec91225bf2e4d216fcebd82bb6cb5 |
| SHA512 | 9982c1c53cee1b44fd0c3df6806b8cbf6b441d3ed97aeb466dba568adce1144373ce7833d8f44ac3fa58d01d8cdb7e8621b4bb125c4d02092c355444651a4837 |
C:\LDPlayer\LDPlayer9\ldmutiplayer\ssleay32.dll
| MD5 | 0054560df6c69d2067689433172088ef |
| SHA1 | a30042b77ebd7c704be0e986349030bcdb82857d |
| SHA256 | 72553b45a5a7d2b4be026d59ceb3efb389c686636c6da926ffb0ca653494e750 |
| SHA512 | 418190401b83de32a8ce752f399b00c091afad5e3b21357a53c134cce3b4199e660572ee71e18b5c2f364d3b2509b5365d7b569d6d9da5c79ae78c572c1d0ba0 |
C:\LDPlayer\LDPlayer9\ldmutiplayer\msvcr110.dll
| MD5 | 4ba25d2cbe1587a841dcfb8c8c4a6ea6 |
| SHA1 | 52693d4b5e0b55a929099b680348c3932f2c3c62 |
| SHA256 | b30160e759115e24425b9bcdf606ef6ebce4657487525ede7f1ac40b90ff7e49 |
| SHA512 | 82e86ec67a5c6cddf2230872f66560f4b0c3e4c1bb672507bbb8446a8d6f62512cbd0475fe23b619db3a67bb870f4f742761cf1f87d50db7f14076f54006f6c6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\LDPlayer\LDPlayer9\ldmutiplayer\msvcp110.dll
| MD5 | 3e29914113ec4b968ba5eb1f6d194a0a |
| SHA1 | 557b67e372e85eb39989cb53cffd3ef1adabb9fe |
| SHA256 | c8d5572ca8d7624871188f0acabc3ae60d4c5a4f6782d952b9038de3bc28b39a |
| SHA512 | 75078c9eaa5a7ae39408e5db1ce7dbce5a3180d1c644bcb5e481b0810b07cb7d001d68d1b4f462cd5355e98951716f041ef570fcc866d289a68ea19b3f500c43 |
C:\LDPlayer\LDPlayer9\ldmutiplayer\libssl-1_1.dll
| MD5 | e8fd6da54f056363b284608c3f6a832e |
| SHA1 | 32e88b82fd398568517ab03b33e9765b59c4946d |
| SHA256 | b681fd3c3b3f2d59f6a14be31e761d5929e104be06aa77c883ada9675ca6e9fd |
| SHA512 | 4f997deebf308de29a044e4ff2e8540235a41ea319268aa202e41a2be738b8d50f990ecc68f4a737a374f6d5f39ce8855edf0e2bb30ce274f75388e3ddd8c10b |
C:\LDPlayer\LDPlayer9\ldmutiplayer\libssh2.dll
| MD5 | 52c43baddd43be63fbfb398722f3b01d |
| SHA1 | be1b1064fdda4dde4b72ef523b8e02c050ccd820 |
| SHA256 | 8c91023203f3d360c0629ffd20c950061566fb6c780c83eaa52fb26abb6be86f |
| SHA512 | 04cc3d8e31bd7444068468dd32ffcc9092881ca4aaea7c92292e5f1b541f877bdec964774562cb7a531c3386220d88b005660a2b5a82957e28350a381bea1b28 |
C:\LDPlayer\LDPlayer9\ldmutiplayer\libeay32.dll
| MD5 | ba46e6e1c5861617b4d97de00149b905 |
| SHA1 | 4affc8aab49c7dc3ceeca81391c4f737d7672b32 |
| SHA256 | 2eac0a690be435dd72b7a269ee761340099bf444edb4f447fa0030023cbf8e1e |
| SHA512 | bf892b86477d63287f42385c0a944eee6354c7ae557b039516bf8932c7140ca8811b7ae7ac111805773495cf6854586e8a0e75e14dbb24eba56e4683029767b6 |
C:\LDPlayer\LDPlayer9\ldmutiplayer\libcurl.dll
| MD5 | 2d40f6c6a4f88c8c2685ee25b53ec00d |
| SHA1 | faf96bac1e7665aa07029d8f94e1ac84014a863b |
| SHA256 | 1d7037da4222de3d7ca0af6a54b2942d58589c264333ef814cb131d703b5c334 |
| SHA512 | 4e6d0dc0dc3fb7e57c6d7843074ee7c89c777e9005893e089939eb765d9b6fb12f0e774dc1814f6a34e75d1775e19e62782465731fd5605182e7984d798ba779 |
C:\LDPlayer\LDPlayer9\ldmutiplayer\libcrypto-1_1.dll
| MD5 | 01c4246df55a5fff93d086bb56110d2b |
| SHA1 | e2939375c4dd7b478913328b88eaa3c91913cfdc |
| SHA256 | c9501469ad2a2745509ab2d0db8b846f2bfb4ec019b98589d311a4bd7ac89889 |
| SHA512 | 39524d5b8fc7c9d0602bc6733776237522dcca5f51cc6ceebd5a5d2c4cbda904042cee2f611a9c9477cc7e08e8eadd8915bf41c7c78e097b5e50786143e98196 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
| MD5 | f942900ff0a10f251d338c612c456948 |
| SHA1 | 4a283d3c8f3dc491e43c430d97c3489ee7a3d320 |
| SHA256 | 38b76a54655aff71271a9ad376ac17f20187abd581bf5aced69ccde0fe6e2fd6 |
| SHA512 | 9b393ce73598ed1997d28ceeddb23491a4d986c337984878ebb0ae06019e30ea77448d375d3d6563c774856d6bc98ee3ca0e0ba88ea5769a451a5e814f6ddb41 |
C:\ProgramData\McAfee\WebAdvisor\UIManager.dll\log_00200057003F001D0006.txt
| MD5 | d45edb02f0515d6f6659681663827565 |
| SHA1 | 207bebd0ff31eeaedd20088699a3d9513ccc8304 |
| SHA256 | b613f028045d39b54e6b1270feff5bc5ee4bcc735d2cf851a55bb76826c0dd03 |
| SHA512 | 192bdea316b2e9f60c5ec5ab59bfd71fcaee17bbe5cd9670ba40acc7432fc6e7d37bc69aa4a24c62a2e188e80bf58dd782cce156e554f8363163798035cc0b77 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir1904_423865438\684c0d08-dc29-4938-993c-d6e313237a04.tmp
| MD5 | 470eddfc6be61d0294b49a93fbbd3097 |
| SHA1 | 032df0023d097b4db11870bb9c383bd3c99dea10 |
| SHA256 | fcbe9724ad70ea2c010ceee199a93629f740f2eb3a65bdb8e2566a49ab2939b8 |
| SHA512 | eb144c92400f07e5690bcc8c5a8ee83ce08cc50d83e531ad217f6ebc44f15cac35ea69ef6273c23a2c06373a5fdd8f86ac3b953078c7105d4edff617e426c1b3 |
C:\ProgramData\McAfee\WebAdvisor\updater.exe\log_00200057003F001D0006.txt
| MD5 | f157fe433ce9ede0edf89f123cb13d66 |
| SHA1 | 56a3db73ee15aaa7a084181a18d0b9e40c8468a2 |
| SHA256 | 473f2b4981ffbde4025bc37830f58bbaa18d7f0c8f63159fdf1ea11391827451 |
| SHA512 | 513603e5e12b49e54c9524066e218b5ad1915a5b82a8c93d15a20707edeed4266dd3bbbef8625b8cab1deb14c0fde2b5ceea8baccd099a72e3fbf41980fda622 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir1904_423865438\CRX_INSTALL\interactive_balloon.js
| MD5 | 8811c08dba69f3dd5c1be93169bd13ba |
| SHA1 | e00f8bebcffecdad1a0efd4cf297989b5424cb14 |
| SHA256 | 5a1312afd6924fa1ddd84e14e420c13cb94980886a3fee322647e29a3a7325fd |
| SHA512 | 872cd6836cf9d43c9a6e7b3cedf75fa3b81f907ce322f90b6d80f5b07c28ab6ed8b70d7ff6fc2a673535c499d695ae3f2d82ee9e144e15b66cec6b78074e3708 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir1904_423865438\CRX_INSTALL\foreground_sidebar_main.js
| MD5 | 43ceffcafd041daf7c35b211e12f17ae |
| SHA1 | 26715819501a643b58eb42de481ee2868a9ca16b |
| SHA256 | 074df0956661365088dab38ab58996e37c5ed65ab07c784ca496dca82edbaa0d |
| SHA512 | b44001dd7598c9f18c5484a4aa6551658860ddbd9d2a998f5c306ebfc2edf760eef9ffc3783ea787e6103aca707cae8a809faecf2a3eaf0c1623c84f45b4e5ce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 44ae974761506a85c53b31cbcf020b0f |
| SHA1 | 749365e712232ed56f57a8daaa72ce6ad290dd0a |
| SHA256 | 584397cedaea4216c3ea830f2a7525c88da39ae426a0c167504341b40bb00bbe |
| SHA512 | 33ee2be5ec9d1e084f7014442c40fefbc6cd4535ebeb5071e8f1b0f0f2122c71c017fffbc1de50969c612e1ea9338219605056c51c843642d2e3d25db8ca15fd |
C:\Users\Admin\AppData\Local\Temp\scoped_dir1904_423865438\CRX_INSTALL\about.js
| MD5 | 2fdfe23e0bdf0b0d9b7d9f79c1ddb806 |
| SHA1 | 427278389f92e127018ab6d3c990957d93a3a95e |
| SHA256 | ef8d6acf796f3c3051c5a86d1c4551e2748976be9869a1c7a4f9ea9b539a040d |
| SHA512 | cecdc80f93aa751613d6451a8b2cd7086b55be25979bda521fcf8d19cdf1cd275bbbce95c731024d68250be742ced20588ca70c80d3bc4379358e694386dd355 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir1904_423865438\CRX_INSTALL\scripts\content_mb_precheck_injection.js
| MD5 | 939e3feeadb38a710fd2a685daf6a25a |
| SHA1 | 66a775d78acfb857fef7e2c65e1f67212e7e4766 |
| SHA256 | b31305943cfee4a860bf5bb61843bbd4c726486044157bc830995041b12e3886 |
| SHA512 | 2b6765d989930b804ea8b6d95dfadac06b8ca50d2741312ef49304b1180bb6432d372a836cbcc6d18073a489ddb23ef987753cf67d48c37770978e47f65d6526 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir1904_423865438\CRX_INSTALL\scripts\content_mb_activate_banner.js
| MD5 | 72f681919fb53451642dad3d834d1824 |
| SHA1 | 8c168c97591260fa5e5193ca7097732eb26dcd1e |
| SHA256 | 812544f35ac9423932a55a777e448568d3c0839ae9bf64ff5f3bb40d9420d161 |
| SHA512 | 5a3dbe1fb4de71f64d414a366434903db124006c138e620990861ddcedfe437da127b67aa15ddfe073fc61c52b155dbd15f187901066d3ea85c605e566688630 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\scripts\content_aps_toast.js
| MD5 | 41e5370c014f412d9163a5df7aa7e91a |
| SHA1 | 192cf99c2305c29f370d68b8f1db4cce4e5592ef |
| SHA256 | 2890b55945eb4d2720b30b31a8ae70f05613921629735c9524c69aa9b5abe336 |
| SHA512 | bd48f01ae972130fed1bab412ae6b2568f2ab0c542f79cd9382b805ab03f4738a889cc718a4200759c6e5e01fcf7e9a093875c1fbb48e552dceb283226f70aff |
C:\Users\Admin\AppData\Local\Temp\scoped_dir1904_423865438\CRX_INSTALL\images\browser_action\green_20.png
| MD5 | d498609be39540e6b441da31c3de20af |
| SHA1 | 1780747374c57bf886b33e957d561ae2367ee09c |
| SHA256 | 8526ea04f38e5632fb77272d9b03c0ba6bc4baa7fa25fef8adae81769e87f078 |
| SHA512 | 74b567d12a49e3e984b2801eec23cd12c26383ffdaaba56b2971288e2e9d7da29fc94bc35eb12c8e00795d599ecc81154c606e9e5acac883f5e474e2fef7454e |
C:\Users\Admin\AppData\Local\Temp\scoped_dir1904_423865438\CRX_INSTALL\images\browser_action\green_32.png
| MD5 | a646de09c67221f0b5635b208852fa43 |
| SHA1 | 4dd709d378ec9e3b7b88d3400c7c0d159dd7a46e |
| SHA256 | 0337efdfd486d0877b3eae8a9c251e8c56c1e6787f48a412ad4b32504a46e1d5 |
| SHA512 | cced6b598b00ca4bb968234b8b08ad40fd2f8ea075a76ef6b14644f48b012ff7f95eda4317e1827bfd5517eb70cda95dcd40c0b110a28739a3e166d7ddbfcec8 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir1904_423865438\CRX_INSTALL\images\browser_action\green_40.png
| MD5 | 844950e5c560a509d18d08fde84cae1e |
| SHA1 | f6b9fe291596760c54ef3bda7e86539ed1bc174b |
| SHA256 | fb5b7a7cf4511a085f10c7892c30cd6e96bc1dfcfa77130187203012975c4b32 |
| SHA512 | b9e3b0efe15fe08dc36f715379f85e4152656bfa5cfcfb68ead4053c64c7c713c7c01cfc473147ccea64c2d210b49dd9078ca37b42c56353bc52939011a6c64b |
C:\Users\Admin\AppData\Local\Temp\scoped_dir1904_423865438\CRX_INSTALL\images\browser_action\green_16.png
| MD5 | 916575e87ca461fde65edc2dcccb0134 |
| SHA1 | bd0a7d65b1511b0124ad926b51dd2c98d47d1f5f |
| SHA256 | 073a0ce56d034c829b3c09102dbf50b4a9760118a3a49a5885fdb44abf36a58e |
| SHA512 | 99dab1542909ffd3c0fb81dc68f9563dc1be20bfa1e3fd1c96e63261ea2b40a5bc814281de42d17a5924f20de8d1ab97cf1c55eca676416e4cb5421229475efd |
C:\Users\Admin\AppData\Local\Temp\scoped_dir1904_423865438\CRX_INSTALL\css\ff_policy.css
| MD5 | feceb462e4133beda13a210ea234ee51 |
| SHA1 | e32e8ad6bc1d213a3b444c4f017583189c3c4e5d |
| SHA256 | 1f2923645b40e5ea60a00f29945e03144656603bc064bf10901cdad1b5491896 |
| SHA512 | 28aa3eb3fa94b508f838be2af0562b19d4146aa820e264f908e221904048d47cbea4bb66dd60c161e838fa511a6f9d7e96299dd20ad92590739cc0603afc307b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\site_status_block_page.css
| MD5 | 90a02c68cb9471c313487e296572223f |
| SHA1 | 937bfa77ae5ea12772daa5332f700af632e1e15c |
| SHA256 | ef6fcf6e424f02b5cbce437bd6fcfef2fadd11ed8188537264117fdc675372f4 |
| SHA512 | ebec11bcbd02d6dab852fa03a2fc0b6e424fab3d7d3e9238b1d8379751e8b2f38630d4cc180364acf411089b4c871cef5d1ab83f52dd007e5bc94e6bc8ee6821 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\settings.js
| MD5 | 311b9e0ae06392b9d0332c495fa1e613 |
| SHA1 | 18a5293786680bbac0277382152294bf035359c9 |
| SHA256 | 39aa50a7ce35b397a38c34f5a17b08d90ec42b4ffc0da4e1c2cace142ee8cc16 |
| SHA512 | 16d196ef1ffce2d54936c9c1aeee19083435c1cc8c765e27bcb060703ae7d2fd00602726085538ac0756a910d11389ab654f0a47c81d53aa0385a68382683de4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\scripts\content_aps_balloon.js
| MD5 | 0f18a6f2b5b77c1518e3f7b3fe3e6fbf |
| SHA1 | 2830d44077c36dd4dac84048ddf483ecfb10d87e |
| SHA256 | 0aee6955f7ddd91f96763de684f33cc45eedfaa20d75cad99bef0366a14703f7 |
| SHA512 | 87956c01bacacaf0351c6ca0b63671927ca08e6491170a955e9cf1c1bbb09e32af9890a63b0f2f3313e3f8b77ba39e7876501f3a8daa088bea8577f06b306d3d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\scripts\content_annotation.js
| MD5 | babaaf5877dcb58d1bc4e03fb3ad7d75 |
| SHA1 | 003f8b56bf6057e8a4dc83dd1acf16f07f30fbdd |
| SHA256 | db6a89e0a68d694b27af76726e0d1981297858399175c7f0c965f0f3157b90d0 |
| SHA512 | 22b9681ebf57d62f682eb21da8216194fc79c7de664906a7b7646acc4fc790e7c388e6af26545309fc35abb99d2482b21fb48757f7ff4850c5c9ddc6f236835e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\cs\messages.json
| MD5 | 8c5c6fd0ff5566b17891299e6ec912c6 |
| SHA1 | 1ac1fd6eab6652963f187cf038a3c3cdd41b3515 |
| SHA256 | 2f66acd9e90fe321372c9d81bfc8192b6c88d07179432f88218fbb522c49966e |
| SHA512 | f2efd6d802fa283a1a1c3373888db8bb4f0e872d4f15145311fb27958111ce839b748ba7ab226f6ea8debd8903a8b3f447e7282ba692c6467998d317cc74a296 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\da\messages.json
| MD5 | 64823d82253e95f7d072ff7d2ddf557d |
| SHA1 | 7d8a7ded1061ceceb7bf2f2e05818d4bf3a845eb |
| SHA256 | 55d7aa51e49c0ad85518c0325ef9cf8d20ab408f8e27ce70bfac41678696846d |
| SHA512 | e2c489e125573fb60699a7a698299818ba338d3c0dc3210558b633dd5d890c100943407e0ca86ac3a5fce5fc09b38cacd3348cf0c3eed0977cc63b23c8eb5c87 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\de\messages.json
| MD5 | b5e14d7aaff68f904ec70524d48de4cb |
| SHA1 | 33aece14c75c7945e5efcac84e5f3ca0ed2d9a8c |
| SHA256 | 7c5b5d309d44dea032097c915d522acb44c748b02a573d3d5782634b406b6705 |
| SHA512 | dd4a67e9b4a0c7ba57454884695a9e0bdfee5da5b03377547772c5c3022a44cd020e821c2b738f96af99c1ce0945f33aa587ea890f244c8c35c82b3ccbbdaea7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\el\messages.json
| MD5 | b97e385a1fdb8f2dfe3026b128348d42 |
| SHA1 | 729ac5da03cb8e3ba18ae46dd8721604dfb328b5 |
| SHA256 | 7baaeec52068bfd9672ca378a29d22898aba080a46eb649fd6101f86461f919c |
| SHA512 | 464e2767d71d2176b0989adae313a0c5cbd826ccf089f6deea7180fdfdf1c1bbd3b956b068dc6d52512a2a5b2408f2675bde3712c70728767535d316efe57c83 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\en\messages.json
| MD5 | bb2f9c26a7e2012c6b86d707d155aa26 |
| SHA1 | 82492a98ba005e3c92d7d6b6eeab04e3f0d3e3a1 |
| SHA256 | 01aa1c87c1b8b659a5cff110b11f432c3dca45c320d0c8bf0ee4942cd936b906 |
| SHA512 | 67b2744a1bf5e8a3d551f11c9a09a167a580a1b5ad680dcdc288aa16af6ed180a0414ebeb5bfccf74c78457688d6a09c73f29f43b0a97a595b3f54f11be5024d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\es\messages.json
| MD5 | e784323ec9c9690491f2d62141836c2f |
| SHA1 | 3ccc50fced47b08183671a460006a32c5b4513ac |
| SHA256 | 87a0a5aa4b27e12a1fde8263017e929668a1f0880b54f456d99a5559806aa1e7 |
| SHA512 | b42a4fbbb9d90a4f97c6fa4e658f1d8c5920750c3d0aba91c78820d318da121ef0e5741aacc83988d06fd4500c237fe873eed2cce2fe8e1de93f1114986049d3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\es_419\messages.json
| MD5 | 3b5e05ec5d73c1e55624a6c7f51af10c |
| SHA1 | 296c5c266295cc47ce1d13fff9f0dcddbc715df9 |
| SHA256 | 9fafa0c86ca1c5ac3bf1f23a30212f2069fb67b042c6975084b40503807f3b02 |
| SHA512 | 5a0ddc285ea459f319da866a1566319ea95efbab52e106415b3dff776df1a7f8c3ed66ffbfe3cf0d1376e1979b729bb99e07e3086e734889bc7fb847e03dadf2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\fi\messages.json
| MD5 | 53ff5c711f362dd30205cf93f1f51f86 |
| SHA1 | 611b9937413ce70d10be0ac606f004d9bb716dbd |
| SHA256 | f5e0794e60dd0fe149f34916518802bbd528bf4cdad9388e70eef13946995f07 |
| SHA512 | 4dec49f2026466b4c2108b68f645a6aba7ecbf30ed696a731e96962f966b18534c58e9196383d9c34c52f86dcd6723731245281f9e80d3b2abad2af98d584f74 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\fr\messages.json
| MD5 | 0d0edd8e008c87577b52783d8e9a1646 |
| SHA1 | f4855dd21f9cb1324488958f3519fdb0ee9f9fe3 |
| SHA256 | 4f30803138ff93735d812cbd3a1e8c1fa0cd5d3384089aa1bc20d27786439ac1 |
| SHA512 | 489d38d4c291159e8d6c15fde89fdad4c92d56797d720e91485478d018eafefb7ba0b08f8f31c93bc23979bd63de7da143ac938011583dbcfa87eb8053327b4b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\fr_CA\messages.json
| MD5 | 5c5db79d5444a9d7f6fd800bcc23fdb8 |
| SHA1 | 48bc08c2fe2c71d0593cb600e9ea6d68df992346 |
| SHA256 | bee534eb4364a49fcc7bdc07b3ce9eb537e95edf0fe254b7ff870fa185cc3e51 |
| SHA512 | 00a0435104a0e0601dc1d5033dead78b80840bd2b5694aea2e9debd8354819f89139d74826450aa8107d7a70c5455a836f452b4a1335a33f82ba5938b8cb7288 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\hr\messages.json
| MD5 | 0a79ba9ff40da35fbb8e48b11c0f2b14 |
| SHA1 | 8995930877aafd26615642e1dbf1737a90ddbe68 |
| SHA256 | 2f3e9c8f641430e8f53db65080a9460c80f43c0d0833db17269570905de2afdf |
| SHA512 | 764e0f962ee424c6015eed694dcbba16cb82f62f14a72e250e0f26abcdd127de5bdfa037d7d24612fc2df710fb6171654b9cebbaff1427f2a70ead97dc9f38df |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\hu\messages.json
| MD5 | c4b6fb1715907c06d905e05eb99ad256 |
| SHA1 | ae993d7f4b9da0e7bd774ef2063e211841bf46c9 |
| SHA256 | c0a65a9c1ef5230359ab6c2d74d9bb69a658d38c5949ecc322b896e8b95ba1c7 |
| SHA512 | fe2a7beecddf0976181343efce0d15f0ce5e2087fb3a8941452dce718e92f2c9d7f56e42804e25bfcda5f53a07170df828cec949cdaa0bc9d42ea3ee96fd0dde |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\it\messages.json
| MD5 | bc20290b3c8d90a8bb7da36d970946ad |
| SHA1 | c510948167c51e4a2919fcfae50e84ab3cdaa456 |
| SHA256 | 33643d3986e8ed6ad656c10cae4662c92a95903a00233e56b2ba43a094a38b48 |
| SHA512 | 850319e579f49242a2f775c672daf882df116b0d38ea9cac6d6288359811e64e5423a0d0c3611e10a7f64e9569417146c7c9f69c21eb56eb4b82c4216218d72f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\ja\messages.json
| MD5 | e276fade2b07dffcd458e0f2fe31022d |
| SHA1 | a94e31ea67e1d1f9dfa12fc0da3d5abdfe4b25ad |
| SHA256 | 9562fefeec3e975b8da43a82746581fb4d4fdf2f61d37f5afc8af3c23e12057c |
| SHA512 | b337c02ba6dd27fe5ee0d8c3eb2c3d67ffbd6a6e36ebf09f3674e42308f2c99a4dc977334295a4f435cc7ee64c6f27a74dff48e74493fdc1dc4f64def6163a87 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\ko\messages.json
| MD5 | ffabe1cf4dde5600bc747c44ba4983ab |
| SHA1 | 8137e8f8681e13c607bbd150282360c4f6e79092 |
| SHA256 | de486faa3fb52b712e8b3befd0c47a5a6706abe255ada23361277580fc732143 |
| SHA512 | f0299dcaf275fdf4e1c0d403ef11f4556636a72cf6d086ae3f8c4b09ee2a7d4ebb4e028b8f69e1a8797baa80c0826b6ec73478d107bfc63643df8da7747b9e66 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\nb\messages.json
| MD5 | 6a65cc4806bf067b9a2ee7e3c4c14e61 |
| SHA1 | 79827a4756d6cf45aa638879d00c5dd50b2e15fc |
| SHA256 | d191db06a165cff18fca6d2f73ffb58f3ba5b10c52ff77d089c97a5e4892a5e6 |
| SHA512 | 549885e78b0d28cf39bf8763c8a044780a63ae681c1297c0387d6e4f1dbd4ac3335081453f89863afe33c628e317f8eabae81d31ea5f19bcc55fc21e5a8cd6f3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\nl\messages.json
| MD5 | bb11132a94d08b0388ee4fe7f28f532e |
| SHA1 | 904a70c5d035d4455e63aa063cf9fe1e0a30d012 |
| SHA256 | 5df5b5b278eafc00ec19e349a8f2c68cdd6c43f914209b14c8f59e816ecc98fb |
| SHA512 | afa94fe7a8cbdb848d24c5c1f0efe296d3892988ae9b00d4bcbf72a45225e459a419c0015aff1f7683dd5465915b17439b406095763776ed27cebc44ebaac290 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\pl\messages.json
| MD5 | 88eda8badc680d9bb6b11f0c1bf36d82 |
| SHA1 | 669da6e8c49b1e5769d932ac00b98fe33331208a |
| SHA256 | 936695715f05e73c3242c79f9c9a87676edefcfa1ade03d319eb375952c9c205 |
| SHA512 | 55834e310ed3bab2e7c7c3f1aa07145b27c14978dc2d8457a456937b69cefcb3882e63b748d2e760b0ab1b97f6012b3c2686259c442a9394e9bd34202617d729 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\pt_BR\messages.json
| MD5 | 70e55405dcebe4772576aa0e10e20d32 |
| SHA1 | a5dd3f96b70a98c2f19ef37868daa941de37d68b |
| SHA256 | fd4baaa95740ffbde28626cfa708b913b3c5b801a17e098046e18e68bd594b72 |
| SHA512 | 1f1effe153ee666463ac3a905b6576881d50f1e0dbd6e54d42fbed6954d3db5186a1ccfb28d071531099cc1c457a9033e22c8078ed3b65e757483f8b844d45eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\pt_PT\messages.json
| MD5 | 3956cec584afd7416af5de4c4ef33d88 |
| SHA1 | faf5f955eaa6018b612dee42cc538958415f60cd |
| SHA256 | c3a77e80afe5b186c8052eee82c200cea780e0b3e3704c2659935193eb55ee3a |
| SHA512 | b97afb03f3f04ec29a581b1fef7e96038c4e7c6d16d919fc123e1641e2bf58fc91fde1e92f7ecd7f5ab99b7027ba2f1bf6024e6ecc0973f8080cbef6ef25d906 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\ru\messages.json
| MD5 | c80006a22bf2c0969546281f72fbf243 |
| SHA1 | 67a66fd234f7e79699b521b66474d788aa83b8cb |
| SHA256 | 71a4050b25eb9edbf9e487cd53decc23093770c135cd2b0d14853700545520fc |
| SHA512 | a5ce4399ab585ebfd34828b283f07f23ae7722e47709b0cde015eb2c46e676a19a13fc2249e28572fdea891fa30cd5d58bbd58316b801b3c91c4d8e6910e483e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\sk\messages.json
| MD5 | 8f2c18e2a051a53e7185b55b2247bb86 |
| SHA1 | af7ff3772426836599a94f75e62338fdfd6ae316 |
| SHA256 | 7ab379d665ca2a312d6239d4dac708795fc5908ab91f11f6e019f6cc1da079f3 |
| SHA512 | 105db86e37bd08dc12a565673e9c8c0fcf52b29d883146e8a9e64c62e23f7a1ecb3df58ce4c76abfff1af8780dfb11062e0c81b4529f9e402f9a1261526384d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\sr\messages.json
| MD5 | 902339e3e08d9b51bda781c116919065 |
| SHA1 | 08edd441bb7a6fe243ef99f45dabb3f575da0c32 |
| SHA256 | 05d26726f205b6b1fb417377cb5a7ff9471195517c20bf382a73b45f03cf35b5 |
| SHA512 | 7d02fe8d91962a2cc5b1ceab18a7af2b36fbf7d107e89c0ebf0f102bd6baebc2f9b9582378b7f1f3fa79fbe6b0c00fb3598fb39b5efea5e820a5c7e9b52debb4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\sv\messages.json
| MD5 | 149e3da2a5ec6487a3a6100cf1fa0041 |
| SHA1 | 45a810f4b2993b855f75a7b0f635c4b34ab721d3 |
| SHA256 | 42e3e168c68faeda1ba10fc3ab190a6b1cbec93614c1e3053e6bf7dadae1c8ce |
| SHA512 | 029c0f7f8cfa94edbd5072d21544224edeb48fb3e6cd776ae4f466e35af55040d481929cb4c23cc8954a785f425429e10deb6ba4baf77001416dde51c6b22364 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\tr\messages.json
| MD5 | 85b89e76e757c91681de625e2e1e2143 |
| SHA1 | 170f735e8eba9768024d119e03aeaf0d9ebb8dad |
| SHA256 | babc4b4777477e6975eee6bd72bc208b01894e6d5ca789f2819c0d94255a6dfe |
| SHA512 | af8118e473e3fbbfbd21fad367209945b5cd2b7e63cb4c8f2ba3ab74a1705694d179b7a482d4bbeb87fbe3df0c6118fd90e1ef8ae9ae78f2f18f4c62a255fed8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\zh_CN\messages.json
| MD5 | 9fdf4828944199a682617fa7ff2ecd54 |
| SHA1 | 877e8023357ac49f165c33781bd36686944d13f8 |
| SHA256 | a784a41771a528b3f04ab1beb4aa64c9b3d26a540bbabdb8ebec4787e844742e |
| SHA512 | 33b0bcf6e3c2d7e1ca11b0d996667038a45861cd25d11bcd67ffc071ebfbd9f4f137cc8a284964d5c660eaa05dd2221f96fba55bcadf1df460a178e130fa9e53 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\web_advisor\info_icon.svg
| MD5 | 805d40b882a7ca79ad60df3d018b0e6f |
| SHA1 | e65a069d1bff4ab4b0eace108a6a47e039ece7ad |
| SHA256 | 5b036dfe0243742aeff3f5ef525ec9d0c4c25d30591a1f5b7b071c72332a6f84 |
| SHA512 | 3b250b00041ded9b0d87dd74eaf5f05843375ffbc1b3e4f45e76d29ff78e663abbd944b41d845f820bff541fa6c4a6aadce83e6619cc731b72079ed86fdc26b3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\no_native_toast\download_native.svg
| MD5 | c8ef16b50a70d00e82fb1b146827ed47 |
| SHA1 | 3610f8b0e9d5bf0819740f4a6dcc548bb804bb4a |
| SHA256 | 0674b07783bda3911a905cd35564a8d6cae9fcd76a1bd97648da8ea46f19189e |
| SHA512 | 158d1ae406add704cbd857d99424612e22349e3370d2ea0d74fe595686f5769f7e6c5f9e164ed43bea616e3d9a4429f5d6182441930c3f554e30e36dcadafa65 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\scripts\content_mb_page_banner.css
| MD5 | 2f27295c48076e3bcd646e42f194b4c6 |
| SHA1 | ca91e5a9c906a15db7f82dab2c5371aca901969b |
| SHA256 | 132bf0a1951bbd2acd31052906b1ff01e6957c522fb1b33dbdd6bd0534d0639e |
| SHA512 | 304bedb9dd390c8fbfa34cc194b1c52a25218ef956f0fdc3c6bb770cf67665ca66e7f59dc28777dc86ef5d037c463903d2d40a0ba81b49d19692af1fbe2fdf53 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\scripts\content_mb_activate_banner.css
| MD5 | 5c588686d5cc5001fcccb71bda1ffe52 |
| SHA1 | 72715498487763855bda33f5854be1415d80cd7b |
| SHA256 | d6ac22b80ee716c25b3628bdb0e2eae7b749e0bfaee8cebbfc8e3a6d24a58519 |
| SHA512 | cb087e3840197bbedf94e7f6eb277cfdfca80c3693b0c078c27b78f65b2e04d5024eba4de39fa8d5a43773458894a30baf5d296a695b62f8a4a90241ca1e5c83 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\topbar_iframe_block.css
| MD5 | db4682244b17ad95a607fc0fdc147c1b |
| SHA1 | 86debb7dc600df78230e790a4f43eb9289ca46de |
| SHA256 | 320e6dd481beb9edd0cace112f85ba879548541b1fce0faee2b61ea28099dfcc |
| SHA512 | 7a3302cf1128520b47014fc0003007ee7d92b118473de84db95fb0223559d7c91f68d8bb00aa10b9802d7d461ba8bc6429bd1ecd220729a7802638834aa7f399 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\sidebar_rat_detection.css
| MD5 | 96f2086625cd2c9e535a567b4c946f0d |
| SHA1 | ff3291bf60e9ce2c6264af89b54a092cf17db9db |
| SHA256 | ec7d7ea7f7c3ad197bc275c82816bb56ab77770689f2da67b995064b97a42495 |
| SHA512 | 73b857fb392c810e51007a17b5455b56571faa124dfb022b26c1de00780a8d7e38c9749c50d633d9d834eb0636d8fd1eb77a1620d147a41e11802367d22bbeeb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\sidebar_mb_faq.css
| MD5 | f356541c0bbcfb78a2a1443ad99626a1 |
| SHA1 | 8e9094fd208277b029e23ffb84ba99bbb895f054 |
| SHA256 | 6fe34c9a4514575d7eb22cc303f6d26c735ccec2f291a94d906aa3431007162d |
| SHA512 | 986d4897d51b03f9398d6bd5a49807c679521f9ed7ba58e7ca13ae442ac5036b2559d550192179db2c2d4194596c19f7f56596292d6c63b8c170136eac8031fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\sidebar_mb.css
| MD5 | d4d50e801f7fb2c69a7daa2792a0d8d0 |
| SHA1 | 06297cde5f99cb136097617f4d5898060aeebe6e |
| SHA256 | abe60fcd9537697be4223f14136eccc7ecf64e64ee0c7060362506f175042ace |
| SHA512 | 8478ebd6fb0440dfdd885ef7ce4b742f756c48f496002caa965030f159e4c221cd48cf3ebb8fb3a22fb7f19201ca7008431cd405dedad3e5aa820d0bb3f95b25 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\sidebar_main.css
| MD5 | c7d49f9190fa4a288d3002851683c8ba |
| SHA1 | 1325190d60b20d3205d34e05b0d44966c80e2218 |
| SHA256 | 4ecfd3263681555657ed907fb703d46485770e3fee2c99dc562e7b2ec4e8253c |
| SHA512 | 7a87ab3b9d4ebe6fc83a98d4a0dadc8534bbbfec59be100357854d057089712228e62fbf71bf745610ca4725464f9e2c299fb9f8b19fce32cacd6a90ee09d717 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\sidebar_home.css
| MD5 | 70878ffd25bbd9fb9026ae519c46d935 |
| SHA1 | f9be3c0663e5e6d710491fba8496b9a29527d3a1 |
| SHA256 | 49db8eeb3aca9a0af4d5cf2b17639f700ebadf72cf2f7521b7213b373b3f8380 |
| SHA512 | 141475629a7578687ba67cabf94f8cb3265eba7ee69c101480b1f243c5ecaa3d9b64ac251deedeadfafe733b27ea455a2a40116b437a9fcaab2494df1a10619a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\settings.css
| MD5 | 452891b049ed18805bbe7648d5456a92 |
| SHA1 | fbb6ace83f515f0fbb91cd54e123d1d59099ccdc |
| SHA256 | d7d44e5b9bf10f995167283f1b321fb98d7f4871c24a4d020539eb35e03812aa |
| SHA512 | ec56891290663136c8b2dcce88ec49712c6063dd435d2e6d91563595782203edb02d7a7d21e03de91d651eed0e9c733b515fdabad76d73519cc20d9725b02d7b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\score_meter.css
| MD5 | a00989118e2b2dd8e726b8125fc88b0f |
| SHA1 | d0a6f3306325bfd88d1abe0c61cbdcf1d8a5fbfa |
| SHA256 | 7583459d88181639e207e43c5280327cea90c1c79a03536e5cc35219802caa41 |
| SHA512 | ab16d8b672dfa52467e94b8ed9ed5bbd7a715ea727b73e69b690f24e593d4b80a4fbd96e92fa3daac24e159c6eeb5959f202a228b291255a0ffb7161e5f4be93 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\page_banner_mb.css
| MD5 | 02aef3bfb1b3cd2b3fd7bf9e7dc81731 |
| SHA1 | 7b8b18e7b0d802e4a2a15b098dbb0e254233c571 |
| SHA256 | ac100715d0037d785ad9a990641ce9725d4f9c6cb8b9312ce98b4f93bab43a21 |
| SHA512 | 944674040d6abbac2b038be69376b7d78b4bb86d165e41f151724ce90ea949e7f31df0f3346d9333ce3d88f5037f5728317988feb2dc2ad485aa381358fd7b3c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\no_native_toast.css
| MD5 | 3720957cf83594e60cc5aaccdbd546ff |
| SHA1 | e83d2d6a0468999b9c6bf3bd68e64efb26996488 |
| SHA256 | 70c7c9f5ee97a1e770d0e055a4b8a5205a32341e61038a4df7a5eaabaed09c8b |
| SHA512 | e9f95229112e92dfcb14aab397a5c43d872356344bc6bda1fc9bbce3cb62103d573b38c5197eab42ce6ea5c6d49d2f20e2522d4e18b14b2b07b0e488fb3be42e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\mb_page_banner.css
| MD5 | 60358f1b6015a6c6973f04b7ecc53889 |
| SHA1 | 6e8e3d904f518de6774926ebface74a18c3ba257 |
| SHA256 | 3db5071fcec085d6a5942dcd5feb7a476a0a7bca202469c4fd1685352b1cf27a |
| SHA512 | 562523696fa5e3c90a079d77e15e26e576fe9b88cdb67c7d865891f93bba442c996a7b14a9c1bd78656125afa53132db1e8ea1c9b5f41387c21616f508cc6bcb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\mb_activate_banner.css
| MD5 | a78334c874ae58b43d12dc923e2c4d91 |
| SHA1 | 963942179fd8f2bf76dcbd522853677f825a2297 |
| SHA256 | 8843b561ecf57f3bb4c02cf9286d1e391f77196251f74665fd1ea30d56cda41b |
| SHA512 | f505f2aef15c242d9a1566bfc57a8c350a8f36d8d23c6ce59c3605dccab082ad4ce111fe72c8d12328a17f79d08fdb198bb97f2a35f5eab1cb2c6a31d7f31c5a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\interactive_balloon.css
| MD5 | 62a449df10eea0586f61bef393297f24 |
| SHA1 | fd9b3c40201457de0badd1ed6bc893d62904a59a |
| SHA256 | c6bbf75bcc3148ea0467de755be65ecc1846c363a8a01d8072857e668464a6c0 |
| SHA512 | f991664c130e553dabd670f61368c78946aa531982a7fde98c82f65141e29c932ced2585684d3a687cc4ee0f0ceef5a8ca76b79c0fda04705ac5427d86d9c935 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\iframe_block_page.css
| MD5 | 966dcfa8fc4e421e548f64033b374a9d |
| SHA1 | b0c8c5a895c74f2f0461be8189073d7165cdb01b |
| SHA256 | d0a4d6d80768a79c6088d95827ea4914bbc78678fdd347fb64b9fa379e935f16 |
| SHA512 | c33f05267a0b8727c355612a77881713e7373cacf95821bdbb44d5ea418319375b5e683b8fa3d2bd7464843942e5a9ed355e64486e292caeaa8704ea452d6a86 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\how_it_works.css
| MD5 | 7c5f05a62cf1093ca46738ad9d8a24af |
| SHA1 | 7f0782cc644077af551e789cae9b1233b2ca2a8a |
| SHA256 | 060932fc76201b566cde5c14d59109d643f2f2a8e90b2510a10af7d6b33c4871 |
| SHA512 | 52f91f34bcefa82aa87f51eb229247c8d355deb9353cb317c27ae5665461f83e31052789d42e89ace9adac4024946ba57cdc95c75eabedb592b58efa9218244d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\foreground_sidebar_main.css
| MD5 | ba2246d636b696811ef21c0ccc0d640e |
| SHA1 | 69092b44de0fffac200ac1d0bea8c465a1146a05 |
| SHA256 | e6501107e8757f4747c5e71726fc05260ff8b21ac25be1c4c3bd47977e23cf5a |
| SHA512 | 4afc01fa1f7734b8b47d7db223b1c3911106b0202908767704a1a663876ba6614ed4e21c9a42d603dd997bc37bd9ec9f1afa85c623d6fe4fb01d832e9973da9e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\dws.css
| MD5 | fc74805c0a5d1d12c45e6f7a8e29f531 |
| SHA1 | 8fa36758e6501e4134177f860981affe11691d2d |
| SHA256 | d2b17716d9fcba12a5f07535a7495a3cdbd825e4496f168988e0bac8db6fcd0f |
| SHA512 | eb2d289d0863bf84a312ff5d252dbf8736567da2952a9295f7d04e24573348fa9879656fbff8adf030b2c60f6d82d0ff87a49d3eb09e809fe4a71882925836bc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\download_scan_popup.css
| MD5 | 57ef6c3e83aee7c42236c15897f58bf0 |
| SHA1 | f08239802d5b71e9e24247ffc7d6a208c1f32fa9 |
| SHA256 | fad7d1df11534d51102db7eaf4494eba51688e34cfe1842bb38aa5f25682d2b3 |
| SHA512 | 965704fe17a747cc9529a0d697a66431d1ca178ce4ad1d6ebd5bc99f4ac0c7dcc7496ca221709fdccc9220122f3f70eb4b44c63934316e42ba9914b1fef2fc0c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\advanced_protection_signal_toast.css
| MD5 | 0098e3712dea4501553cd35f14089c3a |
| SHA1 | 4b51dd6664fd38f412024c4169b20a2a94b67d02 |
| SHA256 | ac11f6fec6b713d433de92ac42cffce837ba6ae1876650ae8f1fc6bca854aa69 |
| SHA512 | e683eb82b5b8270e91bced5a1e1166d802ef7b94a9b752f92b579748762b6e8c66dd6da47aba6a886d47b2b78b9d83b37b68aa869d633ee9e80e479ad4785e2d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\advanced_protection_signal.css
| MD5 | 171033eb5306b468e5e4d8b3453d768f |
| SHA1 | bc521808df219b309f3f2621d209e8b4e27852e5 |
| SHA256 | 1663a2ee1f3befc83238e3572ef8429c1663cb67a07ad71bff4e8f323543e36c |
| SHA512 | 833081dc7846210523079c510d3f195de4de4219ed892d81ae4dc5abdc5937776eed1849551b46db4910a4f332029f51794571d1492503bf8b390b5ca7dce840 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\css\activate_banner_mb.css
| MD5 | d9898c262251412f9b5da03ff5a992cc |
| SHA1 | 5f2ef88bdb1f72cba3551cbfb3828d20379db8be |
| SHA256 | 1b570e10dee9335a16b939f28b290b5a1761ed09cb4128c323ea3c2b3a956a1f |
| SHA512 | 0a44d373fa709e00ace65fc35a44e0e21bb4a96f85f392ccbba9c35684bd3372708234ddba6e252b0f8f22a9ac9d7a64d0c06cc0a8b804c84f5817848b9cca57 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\fonts\Poppins-Regular.ttf
| MD5 | 8b6af8e5e8324edfd77af8b3b35d7f9c |
| SHA1 | 01d319c533f62ea29f03b5df8adfd4d93d2d2a38 |
| SHA256 | 78f127277756ae464f4eb665ce214cb6315746f6f4193e95b31f18f4b3e97527 |
| SHA512 | cbe58e542d1a0d61edc5d0fbcf70aae127c73d5354d6f566c7f1887076063cc85440e8cebb2a76272d7c15558482a9524c6ca5522de89c1e093a580f204ff945 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\fonts\OpenSans-Regular.ttf
| MD5 | d7d5d4588a9f50c99264bc12e4892a7c |
| SHA1 | 513966e260bb7610d47b2329dba194143831893e |
| SHA256 | 13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8 |
| SHA512 | ce9f98208cd818e486a12848b2d64bd14e12d42d84b2e47436a3c4420a242583eefc4a9b42401b51cc204146c6133645975682e4bb5d48527b3796770efa3397 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\balloon_message\no_native_toast.html
| MD5 | f4d8a4034627ef71e909b91c4f6ec3eb |
| SHA1 | d16a1c5894c979e8ad8a0cbeb2e6edcc5c0cd303 |
| SHA256 | 581c1eb7fb4ced4f1f38acf103dac1877916b19c88e5944995a29f4a125fcc60 |
| SHA512 | 7c01d7dfc99d602d6428c3506ebeb049e154ac86a5b29a84c7fe284421adabf827a5ae59350bf4ab9ca0f5942f76d52434223ea8a1b42680685e4469897d94c7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\balloon_message\dws.html
| MD5 | d04478fa6b77f6a24a4fd53e204f95d7 |
| SHA1 | 5f4507e7d1519fe8990971cc3b205de43fa4da69 |
| SHA256 | ab8c30846a98eae162a5018d92541b79d055d24b2b87bfec9d6a7a81db5cabeb |
| SHA512 | 5b9d98297153ef11075e764a0528bfdfdd69121e50551cb3b18f7895ff02ca1fb8ce4d8b667dde41c10c05e4ab7c677b0bfacd2a635e7c5dec1886fc960dc5a3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\balloon_message\download_scan_popup.html
| MD5 | 571c7ff2f447ff481a533d7b7da844f8 |
| SHA1 | a2d3f289dd9ee2adc11e26d58c2c746eeebe24c0 |
| SHA256 | ee278114755d401526f2546eb31938c59612ad0509854f48b58ba084f7872d37 |
| SHA512 | 5fb2e9f29a5f8f989a943e7a0d289bd73a675698144cb46ef68502f1214c782e575398775c84cad5974e70bb44032f42ac570bed0e47c28371fbfe5391cdb705 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\balloon_message\advanced_protection_signal_toast.html
| MD5 | 66fbf205033d6012ea53852489ad53f7 |
| SHA1 | 16635a0da98aba32cb90f461066229278b37eb1e |
| SHA256 | 3a5a37596f87fbbec98b526c78e532e7e35818a27ec054638c9b30c138075110 |
| SHA512 | c777b5ab4197ca3519c9f9d9abfc5a766426f52bfa4acc919844d2eefd29000d85220cad6ad89b751ab4a0c79adad408ca414014693e4fa10336a3ffedaab8fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\balloon_message\advanced_protection_signal.html
| MD5 | f48166ae870ae1235ae9524556fd3ad9 |
| SHA1 | 0add4427744c154e1c030b0c9191a08006273e37 |
| SHA256 | 742fa6ec8afc0936124dc3e642f1241cd5750729864d4bbb1ecd7a1e806d15e0 |
| SHA512 | 7b766c6994308d9a8fc3ccf5c64e611b5a763cb9424358cc8f03e7acc2dd693c1dfb3fbf2a4d34cc5a2250cf0ee5e70c990662548bdc3d1137bbe59d487fca78 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\sidebar\sidebar_main\sidebar_mb_faq.html
| MD5 | 2ba0afced290f475aa4601d563e421e2 |
| SHA1 | 6a3f4b868d0f94684895678e3a34acef505b8f62 |
| SHA256 | b53a2189cae66b87b9cb02442a0b4aa8f7aa9cac923e6f06e0a3efe67bcf1606 |
| SHA512 | 33302f6fa3705308bd57eda6cbfa5254e345e997eff6c84987e12cfd448c6fd7418b6e45e7774be3c89dd966443fea849dfaa499bcf3f89b31c2deac77678627 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\sidebar\sidebar_main\sidebar_mb.html
| MD5 | 3a504559c0607797b729685612ae6772 |
| SHA1 | e21dee9e80c5c8aa855abb2c5f71b46932b9547f |
| SHA256 | 0c663cca3ba08b8eede98f540c8f43a591c9dc67b453c61a3b7e88f2b30d76dc |
| SHA512 | 996f18d79a438a305d33d7db12a84790855a7576c4452d09739baad27545f875c111bbf635ea97331038dac2e2fbe6abd176691c3e20c1633cb403dbb712faa1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\sidebar\sidebar_main\sidebar_main.html
| MD5 | f20236509a4708c901ff95127bd1bb50 |
| SHA1 | a0f3b0cd16725416992d93f6ba4cb04d416eb95b |
| SHA256 | 06ce3b03cd35726f28b381119e10caa2de1a10d7582d4d0c39a8ecfb6b13490e |
| SHA512 | 667915517d4e659652c90e454e31eeddfb9a575680fa1f91382c445adc20544b59a4c9b6c6ced75e3dffaa62679bd407ff858c6029abbdc1f8e4903dbfa9bf1e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\sidebar\sidebar_main\sidebar_home.html
| MD5 | 968247b36307bdbac3b5ca80694aacbe |
| SHA1 | 31cf4bf1308dbc9fb64f039bef3e25e77f134b03 |
| SHA256 | 5ec7a38b032b6d66300bef4242beef38b56d625c2960dcd61ed4d69c5b70a045 |
| SHA512 | 63d970dbc68c8f4659ff92030b69c3a4003ada3d18d96534206e5c21cc5b98f57e98a7c354b2b2a7c13e07c2ea7efb8b1528ffb1b57295dff80539f462db1b3c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\sidebar\sidebar_rat_detection.html
| MD5 | 749a35a60dc0a330502d824155b6672a |
| SHA1 | 917c87525b5fbeb4265154f2cb4724dc11877f87 |
| SHA256 | 29fc536628520061f61637badbc1f46861f53dfb489aee29658e8c1a1b46fc6d |
| SHA512 | de8c4e7a16f51483db96518bb1b26d17d1ef9101d212e190c0e081661be8a44b8f3ad6a2ac13d2fd86f6c458d8f9e6792dc89cd30f1d32f8d40b835ae0df1faa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\topbar\topbar_iframe_block.html
| MD5 | 356afa7be11255b3b53600f868e2c6cc |
| SHA1 | d8eec6621b727f4ccb7602a6618ecefdfe9461d4 |
| SHA256 | 034a1b86c206346d71caa0f48c7504cc2629645160deeada1098aca5e9bd68f2 |
| SHA512 | 2f441de5fd81bc34f89313aeaf810955bc396219b8b4cad5d3b89d6beddc3b8c4f5e0139798fa3a505cb6bf033543a1f0124257e53f42fb136ac2f9767f5d575 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\whitelist.html
| MD5 | bac4d735fdabc6bee1d9353b4ad71b87 |
| SHA1 | b84c4256e556d8077113971db17c7a4575810637 |
| SHA256 | 5af01e6ee63a6feedc1c3c6b6cb995325ad428f76de2d7a0815414e07561b553 |
| SHA512 | 4b26e7308097546b1dcc34e99d4696efa7e510ada1bbec70f1fadecc7a8f8b2c225465256b15e69bda285a3565c7c3ffaca84764a38fb1494b0d4318d4b01def |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\statistics.html
| MD5 | 0fb8b621003b72f5048bf81893b3c903 |
| SHA1 | 527764d5b527e8c296cf8227ee0adda6b457de54 |
| SHA256 | e3c22394e39b89ff3ac4835ef3fa88e739f7fda118114c25898e64765f07b0f8 |
| SHA512 | cf2dc74c5d778a336c8ae25b27a33ef4f6fe806ae0694349941101b701a4c2b268942a4d4a0b665ce397e8846c5969330fcfc6cbc338b55defb95b626ef0deaf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\site_status_typosquatting.html
| MD5 | bd56f05050672aad218d979589a32887 |
| SHA1 | f0d3f2858fa531721dd84650ca08e5762a8db117 |
| SHA256 | 9c2d54d1485be028008959015cad7dd1d7f9a2ecd5adaac820059c1262c13351 |
| SHA512 | c95e3fd336765595a5031f04963591c2dd7c85eb49b6877e3707b507415ef3e5caac869f719c6de29339f6fc77d3a073cb01ff12be00caeffb7473e700ba88bf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\site_status_site_report.html
| MD5 | 25142cccfb7232f0395190c8bb18c6dc |
| SHA1 | 176c801b72c1ef7f5b0e54492ff9a49e16a0bbb0 |
| SHA256 | 574c5e03279ae4d5b842fa3fdb7324f77a95d23e76c7c06a7a12be53acb2ebcc |
| SHA512 | 3c085bdfcba35135748a7c296d3e8ef25ea5258f7738c58abc4815c61fc6119f932f68e385ebf63dc16e19edf13d58786e4d650156db3d5c10e430e003449ec6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\site_status_block_page.html
| MD5 | 2d7f6347bd2a528d0938bc4ef6312bb6 |
| SHA1 | 397f31e99ba0d3ea954d00bd9305369b30816e1c |
| SHA256 | dd513b8fe8e99a5d1f72a731613e7013096a9cceffeee7689b444b1d9baa9ea2 |
| SHA512 | e173c791b354eb6ef7b56f29c5e3cb0c0294e752dfcea88b0fc72266383ee97ddaf0ac7a8b60db5951567ee19e7f26f67344976128eb6b959852d80cbe95f020 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\settings.html
| MD5 | af3000f72fdcaeaffc087902501caeec |
| SHA1 | 9034bfd6f177de5a372332d9a2fe07330573388e |
| SHA256 | 6477002e391108ee21a11b9612d5fbec5a4e2b18420de6f44331037f62679a4e |
| SHA512 | 79114a64bf5359cc48606b6a1126620d264c7101375d6e7ef2daf8284a25be0cc222f37442cd75081760c74d8e34f16e5225b425c1ec9e2f82be39d44ba455aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\preference.html
| MD5 | eabc0d18d4c835cb5aab383a7d0644d4 |
| SHA1 | 1910eff32b81f64c136dc269b562015c289df74b |
| SHA256 | 276ec48998dbbeafe87ff11b751505a95fe42970275602a5ed849e75f6ac6433 |
| SHA512 | dd6cbcc98f9c722fec2367491764086861d3a1c6b1a8463cc508395d60e1eac56c8af994dd4b7b86e750e8422b670ef710934b2dd9a4d696f647694edf3823f9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\page_banner_mb.html
| MD5 | 3f535c526fdff25324911c8c111a4944 |
| SHA1 | 7b2b649566fe9fa80443effa2460ae84f3db06fc |
| SHA256 | ef7f999ef3981bd66f0fee1eab1d5e09587b7e43593e5d76c36f1ef34b71b3c5 |
| SHA512 | 5e7a38251cb991621ef419c8b09754da0a548c13451565cadd16ce0c1122abf968be100cb3120441acd7719c40f7cca26210f1931c3ee0eb9b773cfc6b8e1f6f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\iframe_block_page.html
| MD5 | 5f79955b3effeffc3bf27d356c1b460e |
| SHA1 | caa29518c909dbeb7728834ffa80f041413252d7 |
| SHA256 | d0e292e4c787a0855e6c6531746c77fb3b857634ede424e2d1da23cddf2adaba |
| SHA512 | 4ec2eb5ca65d0b89d412fd13abb1808d5e298c25d972060257e06313829ec61b3ccdfd68ab20b00f5ae0a889166954ec15e09592b4e9d0b18a7706ccf1315aca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\how_it_works.html
| MD5 | 9e9617698dff73216e7184bfe3cafe96 |
| SHA1 | 496ca94a4e4f3c0bfa49ccbd11650380f1097ab5 |
| SHA256 | fe6c08e33c0e4d400dacb865c9d78344f9b01a062287c4514142bda8470ca814 |
| SHA512 | 1fe17210e5fa49371e8cea64c8b10fc1379c9e98a546681eb0ef8bcff3b0fae6eeb8c60d4288859da9be4c3105ac31b3e2868dbe790c28bc9db340d3b60cb24d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\foreground_sidebar_main.html
| MD5 | 169795a357565de1bb66348c81ebdd98 |
| SHA1 | 9f0a33b3ec5c2fc05f67ae4da9361d1d776342a3 |
| SHA256 | b618545cb49087d585d37b5c0a92ad307d2f85238208f10cdfcf51204d2213cb |
| SHA512 | dd70caabdab07f8905b780c3982194e70a3ed221c01691b74dcfc7fd983a9794f067ed6f72e4c63d7c910c0ca77154cf1620df18d754045be26da9ce09e32028 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\ff_policy2.html
| MD5 | 5f77472567379524ca8a6063ac3bdcfc |
| SHA1 | 720281853b760245622e795a27b5bcad3da62f12 |
| SHA256 | 18e1698c83bcd8b4be11807703fa96154cdc94938b92a96ac6c098e2ffb84cbe |
| SHA512 | a7a17ed2f922022f3d9f879a4f1b182daa83ac383c930b5da8cf2b04ee661d94f7abf88d92bba54d1591bfd07ce5ed98a45ea9bde898d2b52e289f050d90981d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\ff_policy.html
| MD5 | 49f1b6807a50254e0c94706205df1ff0 |
| SHA1 | a6a3fb78cb22fb7c6220cd0db701699e324a09df |
| SHA256 | 29edb822f86f3e95b4164413c2472d779e9422fd0521aaa835e4d0d45830dd86 |
| SHA512 | b6194adf6574046c0cbb5c0e65b65bdfc96741938667c6be6de39e1a09de86776697a6afab91bcd2c5c8cb6fc64a89502a78cbb2782db54e3fdd92715e8a3739 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\activate_banner_mb.html
| MD5 | 7c3227b33e57425217171b45e90f4563 |
| SHA1 | a2efdd5165f90e3dbe1ed3dae663b1e20a74ef2e |
| SHA256 | bcc90f2b88157a851cea663f3165be33dd0efe3e286ce367ab63bdc8927651ff |
| SHA512 | c04fbb161ff8fe2b62043056a7b18ffbde323bb4eccf01a73756e7356d100c66bca9e43173ef14549997a8551d8844d5208a048f6d04f4df200e91c329f2da8f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\html\about.html
| MD5 | 0ddd77ea9aa491f607dee9617092762f |
| SHA1 | 1a9326b2b775251e86fe1f69e531b39ed8022d1f |
| SHA256 | a668ac28c0463b3976e155322986f21c4f434ced974610532a5748055a387af3 |
| SHA512 | ceacbf09e6e368a847c6038d16b8ede4da17622dd4e66c659cb436300e4791f219837891edb68fd4b7937dc035b31007ebfd989eadf6576fbcd2575d84d5f704 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\action_panel\x-icon.svg
| MD5 | 7301d2e8ceb505be25e2d20ce3c92466 |
| SHA1 | 46eb43711906065f56f8d97b38545b61c1b0a6fa |
| SHA256 | 40f3837b4464532b4a500380fd134826349a87c3c92b2f329b82da8bc3ce9246 |
| SHA512 | bf1de37f714e80b175b7f86be8f1607aee9bd67a3d42065f9e8e38a8c635be5e53263b86006b883e492198a1ebad668d91d0f849087307c2a3d126a3d96c9db4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\action_panel\info-circle-icon.svg
| MD5 | 16991d6d8d07165a6bf5921d48a33c4c |
| SHA1 | 107bd9d4dfbf3c50a080d7cf16325aff0bd4f7f3 |
| SHA256 | c1f809b57c384262f0289aa2049a8fb206f897361a0b62bfab8c8ce4fabb1b2f |
| SHA512 | 230d5eb8c61dd916bb74297853ca8ba75a9e837a823304f6ab194c1b4bbbe6379fb2799cc879e5eedc3947e445ff7ca37910ca87eef4bf168c73b05d271cf0a8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\action_panel\ap_jumbo_rat.svg
| MD5 | 7d7baf0b5707fd387853c8eaeb7b2fad |
| SHA1 | 86622c1a7a867226cc9023aa6f810214b5db2b71 |
| SHA256 | 3973725865c3ae769d586406ae0b8b2dce72f3e9ffc5c7d4ecd713fa4bf4807f |
| SHA512 | a07b6959e16baa67dfc1450c535124dae50236c6759f35e4180b7bb8619b3c52357557ae63be5a8ed97672fe28c2c55bca647f45d0ec934d41688f15efe68005 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\action_panel\ap-overlay-logo.svg
| MD5 | 444999a8e3a0f392e6f1cb935d89dd8d |
| SHA1 | 1c8a585bf725e32acb8ee8641a615638ce5ef33c |
| SHA256 | d852932ea3383467c93f17faf05f90848b124c245c088cf67b8f49c0ec929883 |
| SHA512 | 4247aa4e2f9dced3816fec128960f21e082e9dbee84b439b7311a07836698264860b9d47565add576b25a0ecb3e48fe904b12b24aca7a8948295c929b75b45ad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\advanced_protection_signals\scan_for_you.svg
| MD5 | a253e8273c7184e575f769d31b8ad010 |
| SHA1 | 7e6c1d0277aae08b2cf2a8f7af57a668adc60077 |
| SHA256 | 19227e7f909b6b97c5b9d0f9ff2331d676a5a639664a7b25b3498d7a53187be9 |
| SHA512 | 233c7de0592b1660559f952408560a6a37be46ecf438d207154af54adbc2faee1bfff0bfdfcd3dcbc99bb7c9a144e3b32898e6a742b6837b721aa60a3a2389d8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\advanced_protection_signals\question-mark.svg
| MD5 | c32451a00fadef2efa6686e01020243f |
| SHA1 | 266282c4ff4239eed6789b4643c589b85e040a50 |
| SHA256 | 0b2b264ca5fe4820ec901be1ef38703edea8ba8c971570efc6b8015808718751 |
| SHA512 | fe04b43ef03600103ea481cb9a46c20da6173ff27255baf463f694d7f7885787225e4c90fd30d66fc2d60c448f0f0b80d691d60e17096afee3f5c02a1478b3ea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\advanced_protection_signals\mcafee-logo.svg
| MD5 | d140f7d6a0eafe2262be880ae0ce776e |
| SHA1 | 3f0d58592bf919ab021ccf516ef8faec1ec8f23d |
| SHA256 | 5c6069dab14ef36a0903556cb9205f17c82eda2bce30653955a5132345f65602 |
| SHA512 | 2318e87f23e1e90c65072a427a0e5cb5234da9bde6d9c571597cf67f83fe5deaf941463404715eb220c0b038e6377bac502e2543f6f14376802e485344632ddc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\advanced_protection_signals\close-outline.svg
| MD5 | 1cb98cb5d4f511bdaefa90948f267841 |
| SHA1 | 7d6d9e297471536f1f3778dc2a10b67b3e7beee2 |
| SHA256 | 0f2927ecd197e38779e06c6bb46b748dcc7f3a3a317ac5e68c5c03881e32378c |
| SHA512 | 0ea99c682884848a35d329ea03363c92b2099077db7321397f2d6e26e23a362d39534eef820ff45781b9a0a875d2ab945f321122c07aa5d07a794718a90eaf85 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\advanced_protection_signals\checkmark_bullet.svg
| MD5 | 474522e4e9d5e6234dd620fcf9d0fe54 |
| SHA1 | e3ed75af7bf1ee444f6de9a55dcd6d83d29d89da |
| SHA256 | 2818f27403cfc7e148d6851ffc7e5eb483ec4cf1e435f0130d10ff9dea6457f0 |
| SHA512 | 8a2e6733e872ffb5eb8f287e1d0e51d9e816e89f75111c957bdc50c5511e46d52bec96859463b93f97fbb29b5bc8e82c517f0de198345d3470d0d4e0299f7896 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\advanced_protection_signals\checkmark_aps_signal.svg
| MD5 | 347fcc52fabe187dd2874ac17cc338c8 |
| SHA1 | 8dd274842efd21cd8aa8a74e0b9a9d8f84d7908a |
| SHA256 | 8c2964ed5a983edc6c61d53dbbbabef568f47585da92b1ba82157a3863e66244 |
| SHA512 | 10067023d68903d6ccb655e93525b81d4a11990ec3a7573bd649bf44d56daeb2bfe43359243b6e33cf88dddf6e9dd61c0bdbbe9277352bca4d087df125848ac2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\annotation\yellow_icon.svg
| MD5 | 2077bf5b959e912ec79cb5c860e5305e |
| SHA1 | d3f994e9b97aa55426262456a86f98e7a7b52b66 |
| SHA256 | 36c77c784525e41189abc95e8a7fa29849b3ebe0aff8581a57956e4a755d661e |
| SHA512 | 1035bbe8a7e4d614a018a275427edd45f018c8faa84aa9762bc0eff3590dd051f17a0bf04f083ebca90de3672b7cc8491e581ad1d661812c2618aa044af6ca34 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\annotation\red_icon.svg
| MD5 | 6874abe7a6d62d5e2c1861fa95c66b2f |
| SHA1 | bfdee904fc9aa92bfbb705d43356b66253826e4d |
| SHA256 | c3f07a1bea96756dae1182ef31bd63bf02fba89d6e49165c3068d4b51f75a53e |
| SHA512 | 1786572d3525093563f60b344641ac2b0ed81e45b82220501299d3f41d5bc9bc3a0db40709e173555047f55df5e92f977438942ae35f984e73187930018d4e33 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\annotation\grey_icon.svg
| MD5 | fecfc0c8d736d8ff1c122bc2365fe149 |
| SHA1 | 646e7a3bf5df61254e990af3f2c9bd5f69e87729 |
| SHA256 | 95064660d558235d12132eb7b9e5a13bfac9c41058310a0f6f0a8fabda426efc |
| SHA512 | dd77c12623ca8173fb5848671de026a75e704ab5b194ec5f80e4344f741502598702e74e5b00f089eee3703c789ff83285b0564bf8ac852f437c447510b96989 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\annotation\green_icon.svg
| MD5 | 444850203d1734f8e373f38848fe0b02 |
| SHA1 | 0550b5e0baea3a64e8aab94cfa0474ef2a9a5cbb |
| SHA256 | 354bb055e779ba141e877976285f98a2bef88b5920631980cc02b9bd282e479e |
| SHA512 | 43559833e5a54df05b6476c5b973b6a4851d09c5f3d00cc253ef1f1779b6118707b7e4abfc5b2c61de20d52df90d5dd4cde937b6bad86c96aed9dc3145d39bc7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\balloon\yellow_icon.svg
| MD5 | 7040e9073a835f3d857096fd5c6b42d2 |
| SHA1 | 2a578c98a38a417cba8697c43451c6d584f13687 |
| SHA256 | ac7937afc52cf9336e3459055ae1407617b6d7ae8a253c71e90b1fde6885fed1 |
| SHA512 | aeba788d17f3f083e893baf10a92d44d608b3efa2a433ba4d47278973ae869da9ad3df37d8d5edd5e84ca983893c2bbf27adabb71c604d43e4929b20b2956314 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\balloon\red_icon.svg
| MD5 | 9d8f6bb24f4b6a8ee3fcded82a37b161 |
| SHA1 | 82f9ed29cf85548888bdacf1137ec129aed43bc5 |
| SHA256 | 9b2288d7cfed9b567d6f6f1b9f3f7b1550fbc9157a519323d7ad4f1eaa84f5fa |
| SHA512 | d5bc008a85c17cc4fe30e2be7ddad9c046848cce1ba0e0446d1d5cc38559effac802ae5b5cc5ecfb7c2e95d2c0615d0af04742568bcc08db7cfc0997c3b9dd79 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\balloon\logo.png
| MD5 | b90992ca471a92779e6bfb4c3f19f354 |
| SHA1 | f50778c2068149ece08758601b157f24002e5e58 |
| SHA256 | 0712a74a294be497fa3c8776e26c12a1193c8621568405c0fc9a4859e065f396 |
| SHA512 | 2166109a4e68759d6515e4d893dd5d6a65187450a80fd47e4a8ea050e2ba5f0326c8ef9c54db443e1a81e8d8343c67795cd4e3ccb6965f23317c3f2348a84be7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\balloon\hackersafe_icon.png
| MD5 | 49bb82aa46e9383807dbf1fcb4c5038e |
| SHA1 | 79ef500c5bf345e0b4fd7c2b9ce591c855960df9 |
| SHA256 | c344e776f86f369d4ceb7e38250f0626ee52967943620fda157d156ff0941ec9 |
| SHA512 | ac151702aa332ab43d7ae867d8c70770a48d7d5514a992eb348b39b0514a3938a081ef5f4beb49d1ff4bb95a7c0f768453445ff720a05c1011ccef0ca54d0dfa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\balloon\grey_icon.svg
| MD5 | f17cbfe43840090fe3db39c1817cfc28 |
| SHA1 | 4644694faf769a48beba1a4c29dbda5c1bbacc4a |
| SHA256 | ee84a3ae6209694503a0e7b8c8a52af52c30adf0efb33e69d89e977d8ee6bdcc |
| SHA512 | fffdf486dfdfa7a68cf3cf15ce95a2d6872d9b5ab7af444e86826d46c7287bd4fcefb26e3a096e2893ff8f7f4ff317c636c08412338166f931c36f87551eca38 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\balloon\green_icon.svg
| MD5 | eb73f8788c1708065a7dcda2fe21dffe |
| SHA1 | c09f41ff45007c4f3cb208585a56fa9d4ff0b2fe |
| SHA256 | 31d5db151bc0274362b76935a80f1e18475a8766a1dfe6acdf5f7298b43f3a6b |
| SHA512 | 5984f95c9d6d5340c961ceab6e1d906f94c20021757913b83602b2f9e2db243ec4dfa90a26b76974bb1dd43bca46c62ac9ca33534964727f69d4c2c69e75d71e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\banner\mb_banner_close.svg
| MD5 | 90232aa36f6e52e814eccb4c2702e1a1 |
| SHA1 | 116b7ffa63d907bc8b929375d586a6105cd75e12 |
| SHA256 | 580ad10d7498531238915332142d9b5d9cf9ba285fc8ff78b4f1a1cc5526aab6 |
| SHA512 | edcff6e99e88c20d89faf3b422dc9914ee446e92ab0d2ce70961432e859cdd3c89be470275c1ab1582dd84d2e2c3c43d860b38579230c85dfd04c2f250c3251b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\banner\mb_activate_banner_img.svg
| MD5 | 81cbee177d786d0e951f5b0fcb5f9171 |
| SHA1 | eba1eb6c6dea23f204e25873b4999754e8ee633c |
| SHA256 | c16b528e995a031ef6c69908fb14ea8cf828d055dacb629261d68532cc218b8f |
| SHA512 | 090555fe1511b59c0e82bb7b03101313462ac0be97c3453de7b796431724a690177a78911020da0da34ab6cc6c7267841b36d531f4b25375b06ab72531b9dade |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\banner\mb_activated_checkmark.svg
| MD5 | 083b116dd8dc4da392723761c1fff525 |
| SHA1 | 107bbdc07513113301a4421ca6dd3db69ddcb365 |
| SHA256 | b191734a3b1d499d4e92beeb8aa8f568dc183963c7fcbe110eb5d6b57d01c3ed |
| SHA512 | 9f167e60000d9a64a74359586c22f275d69c671bab9083d66276c7a7de636e03431d1bc4eddccc8baba155329f6ca0f9b8607c908f0b09384a3be013fcbd24d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\banner\close_icon_white.svg
| MD5 | 50d1122c2820dd23bca8236a7dc961ed |
| SHA1 | d13c17cc035a4f753305688b468550b7cc16e921 |
| SHA256 | 7498cb98cfb650e2c409794e7a3eb378f83f401821fb90e062754a2ca2835fff |
| SHA512 | 7dddf76bb86161987c428edc782cc7f43fdd813a60ff58e1f37750aa7be5809b763654f731ed187098bdb1f82199f219abe9ddb31f3aef4f6429aeea845bb7f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\banner\close_icon_black.svg
| MD5 | d94fd7f63dada80edb405ea3eb056533 |
| SHA1 | d473fe5ab2c9dcfd5073fc746fcfc1bcf8c132b8 |
| SHA256 | 77f9f86eec6b539c8c6c7abfa8b0b58b7463c2eec86ff4d732fba451ebdc2f58 |
| SHA512 | 24d4bdd911475493cf1dc99162f68a4fc8c2b787c445277b3e8430d492f272445dc7952babefefc027b304a7f763ee3a9996d59351ce52625e40103081f39258 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\banner\close.png
| MD5 | c2b58e3a8a5af8b740a61e4c054a9e26 |
| SHA1 | 5bb475c29dbe19a78ca2135e5f477da375b5018f |
| SHA256 | 2df3fa9311562e80c73708e325b23a2538f2e9ce9c1315de4f459517272e0b9d |
| SHA512 | ea35f9f1f04d55d3b55cbe2df356e2faf9d4de7ee97976c53c06155e36481c962e155a6506e0dccbcb948ff04c1c803a27a02c05a0ef0e10d0c629b3a905f39d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\banner\ai_icon_white.svg
| MD5 | dcd70558f70e89f8eab07cfeed2bb36c |
| SHA1 | f283c66da3acf31f3cdbf42ea9816bea6618695a |
| SHA256 | cb6cdcc2f193ee9ef7c7f3c56ae492c701c62f35aa2e3c4b29aded7ef470de34 |
| SHA512 | 43585ca8d80fffdcb27ca56adf23aff365095fa86bc3340ec77b964c670ef9c961a62661fb788fec720cc8947678aeb9f83f542845de1ce6694f6c55c3361f69 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\banner\ai_icon_red.svg
| MD5 | 377eac25be11574c53645346896cab21 |
| SHA1 | 1e33caea728a51010fb71bb56e8ff2b673fa5b7c |
| SHA256 | d9b19dc5a92bb22df573b86ad5eaed45a261ec41554fea68a3e1ba62d63b6213 |
| SHA512 | d7cf01f98764a7e31773cf17f780327ccf20dd95656f2b584989e2ef6ceac98b720e97f1c8387d7dff95ca8c9ed0c54cac9043e52d4f1b523d867e19e1173999 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\browser_action\yellow_40.png
| MD5 | a0cdbcae4006b221911f15fabdf28896 |
| SHA1 | c70708f133c52629ce389191da78bd2fbe7cf692 |
| SHA256 | 1d9231710b2f4f3bb8c36ca93a02262ba8d2861672c79f95960dedf9a15879ba |
| SHA512 | 0bd400cbba5d6548604e9936d1db7a4fdba28c6333ab6f1b41ac728e0c37ff5c65af112bf8c3b600ccc6a411353b56294fdb03120c2f0a4dcf1a308343a16a75 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\browser_action\yellow_32.png
| MD5 | ccd1384dacb82fdd12fe34ad50479933 |
| SHA1 | 66b271d08046b637a79c2081ad3b28dd4ce9941f |
| SHA256 | 90a6f9e02fec898468fa32a9ddc51443fba828362cda8082e7089705318a6ab5 |
| SHA512 | 7ae0e187a42c8c892b10727f3c40c9ef2b1d8d8c4dbf83a9c2c2025a7ce7f9c4d8bfa566ee5d10abd6b21bdea46d3109ab6b256d15493f4a3ee9e1c91328d36a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\browser_action\yellow_20.png
| MD5 | 626fc8d00fb42160da3429671e641732 |
| SHA1 | e18c2363a7ed0f40d764b8759da5e3179caff3d2 |
| SHA256 | 836df926c2b31d262487bf03d7d39aac84b1e6016c6102d585f1590f8b3c7a83 |
| SHA512 | 7ceae166761a5a06ca46ba61e0473dbcd03c457037ed68d45d7800737dd0629b6fa281703a1307ce49f4fc73d123ae74f29e6fbe48aadc9f333175acb05614f7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\browser_action\yellow_16.png
| MD5 | 882f79f6dad6ce52dd41f3996e0b2c8c |
| SHA1 | ca9a262f6d8c45fcde2ccd174ecd21fdbff848a9 |
| SHA256 | 87603c2520b498e090eb1feb2253d5f982565c958f80106e16d58e9f6411622a |
| SHA512 | 54e521086012cc1f9e73ca3bb003e6bd22550e036c2bb5dcea6ada9052fe3b96d7f49decfb8fe7ba6c223c7d47aa09d3b905e8a3530fa26ef886fa064ba47f25 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\browser_action\red_40.png
| MD5 | ac9e077afb0a4c3a13d92992318904dd |
| SHA1 | 43c0a522abcb58349c4fa21a24a60fab6e581569 |
| SHA256 | de4fa77630c39914c178a24b44edc266c84c2c8eee14683a35b3bb083c83b3d7 |
| SHA512 | a0accac7a3c3ce3f50dbe22c57fc216a15cc72cc65ce56e1352f7d8061b3576dd1881bd78052ad1c75ceb28eddecedaa6b74d557895ba164be226314e99718ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\browser_action\red_32.png
| MD5 | 3fa1923cb874a4138b1b07d83ff989be |
| SHA1 | 7add70363058af580edc3395c62ce1eb9206ffeb |
| SHA256 | 0734a4e584b57ee2d712fd41c5c14e8e24803cd170bb47324de7411f608d53ac |
| SHA512 | 398c815399a42154ac1dec13f47898fa0d9a1bd466309dcda13ca3628812c154c217e2e7559e90e7a7306472c8b8c05459482410f5cf2547bcc7902cd443ef13 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\browser_action\red_20.png
| MD5 | 279a0be45f69e5c53f7424c704c825f1 |
| SHA1 | e3352d8356a4e4886e28bf3818719fe3a35f83ba |
| SHA256 | 5e3ff0bb95c60b49a9c1a91f473ba6084fd57a0cc8957eb54a2a0356d9601a1a |
| SHA512 | 8370b9392fdf45e19a5f547cc04d4868df235bd7af1b5e90452418216a7db8d377a25f00305625a7408fb14d2ea243686eb7f9613635639e4930d1ba56365d24 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\browser_action\red_16.png
| MD5 | f0df6f75d6f90b2de500837c6627db34 |
| SHA1 | 212b109b779a0885da08a0959e27c68de4aef043 |
| SHA256 | 9080fcc550cad54f1a7c5b559898ca69ab9b3d762f2ab0fce0a65f5c8ed943e8 |
| SHA512 | 995d28a813940b4362814670b9b94ea50bfac2eea20d26144e46e71e33796af19136c81c683fec9347856bd791f1ecf5baccf0c9bcfb9446eb0276ec16f1a83f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\browser_action\grey_40.png
| MD5 | bae59237da0bbbdabcce1497df6ea17e |
| SHA1 | 41af46bbedfef67ee4b78fd0a9c04f65bec08f0e |
| SHA256 | e1eb0be733c2f45a2ddece29908830c197622a130fc9ae6a1404e01a3d7c6238 |
| SHA512 | f7eaf0862a947ed712971976f492df813d5c389322aa500fa2a1c5e9af0dc8604674b31c98680bb42ea111451d06c6ed8e8a2f20fe49a79e913c12a866305289 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\browser_action\grey_32.png
| MD5 | 95436926367c0138f001ddc4361bfedf |
| SHA1 | 88c0e3b0525bdad6ca53a17d2b8a3c750dc9b61e |
| SHA256 | 8e8cab2fb80826fb45a9db3e1d48d05e3fdc208f02a35f68e8f26b1df841ac82 |
| SHA512 | 1d5d02112e38de9f81ddf9b13239082459814e16b81422c3872cbce3f4e51b9862e8a4b47bf53d15d4615f175fc1877c35617130e916a37376b81a05fe2ef007 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\browser_action\grey_20.png
| MD5 | 2443e421470af435608c99af44852157 |
| SHA1 | ce014d7d39e19f21b63acdb88d6778d3b4c643fb |
| SHA256 | 861af3cf0e4309b3e29b8cb71b6f031c1fb956faa2dac2a38e24b7c29d426c75 |
| SHA512 | 4e8482dd242f2fbf40d3d3913bfa39670d411b7da948807b76c4ff379228ec5252c297364b2c4f81fdfeaeb5d813426d48b51d02b5ba189875d04fd98aa142e3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\browser_action\grey_16.png
| MD5 | 9296be76cb5d33fd677e956eb01bd3d9 |
| SHA1 | 5a07cf95bc611cc7d6155175e2e1b3b94a44f25d |
| SHA256 | 876810fdfb23e4f010e10566b1cfdfee8a7e9d0f46f7b525f1a9d56948ac2394 |
| SHA512 | ee463e6c147d782776bca5e2667aaf3511eb9348f7cb4a4d461b624dd0917d27080f6c76fa11956b6ef37d40c3e56acdb222437f4f4e845b6a52cea42967bea8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\browser_action\disabled_40.png
| MD5 | b7c6e336b833c4ccbf5626ba167c9128 |
| SHA1 | b37808e3fb72ce2aa42750ea740f623b3c5c7455 |
| SHA256 | 56953173a2237381de9a454fb2609a3c1eae7636e2dcb86ac497b63600b2f661 |
| SHA512 | 9a059cd1b70415a0f38967cac5c70867d80561e962821511c4d1f15bee213674f646f6ef342b5c7085eb492b1443ba7809b4b062e9f35662c289c5edfd658a9c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\browser_action\disabled_32.png
| MD5 | 453db4da9e01eca0a7b8d2ca23bac936 |
| SHA1 | a2aa109281a38fde7551702cc4716b6e7b59e3c2 |
| SHA256 | c6e05c900b520ac923116c022cb2f524e3ec8295cf7e6d6b07b551eae90d8062 |
| SHA512 | 4b8f2749424eb278761bb33923d53d3fa4933eaadd8f0f0dcc020d28995a03543da78f99a433cb98b7d8e1dd972c3dca717bb70232e9134c6e697d013355cf0f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\browser_action\disabled_20.png
| MD5 | c4c8fa194823f8a6bdb4ad41b944110f |
| SHA1 | 064160fd6c5548c665f4183faddcd1277bf7b7c8 |
| SHA256 | 5eab6a9e0eb02d50c2af920ba4f3021975c6a296d000fdfaff04664d7119c9a8 |
| SHA512 | b310fd0390ce28d8bda018d279c2c2e5d09c0ac7b98ff2eadbf98875c17b9d96700c8c70195ccbc9183815ee36284da6cce95d439d697c1f4cd85e670cbcf228 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\browser_action\disabled_16.png
| MD5 | 3eccef0297c8839c8701d77db6f74e9d |
| SHA1 | 0dc8d9bb5a81f432d15d05520b611fb3a2eb328e |
| SHA256 | 1cae56ab357f8c9ca1a47d60d1f2b2e3a32c41b7d45af55b7867dc7b4342d0c4 |
| SHA512 | 8974e1258b06a28444aaa9557cc33a74e0adcebaeaabac7cc86e6aa110481e04fedcf58494e310164abdda265bccb25c975672dbc9f77171a2b6a58f3714317a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\download_scan\webadvisor.svg
| MD5 | aa94fe6f7192aac14be72ac6a98b437a |
| SHA1 | e996bfe46d56845febbf638514edb6fce8457c8a |
| SHA256 | a4279bff1bbaaaadb2f89b2dbb2c77be7daee304ebeb776885607bcb4d8613d3 |
| SHA512 | 4d0ca0371558326bb18d888721f923fa83f793dd9d53b7d98c2fe7972fcce0257bbfab150c284d26d10648b2df92e8dc4cdf89709c0d4c93bb336a0fbd9003b6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\download_scan\seperator_line.svg
| MD5 | 20de99f72eed4e646c823f6683f7efd2 |
| SHA1 | 98d0df7f2426563eec5584da4202216fa3d929d8 |
| SHA256 | 3cd89daf88eb5ccd1fa1054fd10a872d0c01e40491125d20ec26ecf96712c573 |
| SHA512 | e3433a4879789a787f9409a3736098ac6c181d33b22d7ce830a0edf49409858097ccef28d3bfac71ed26ae6adaaf82bb52557c2630a90baa63f7648955935a09 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\download_scan\mcafee_logo_white.svg
| MD5 | 7be675b6e967d8d55993ecc5d0685e03 |
| SHA1 | 1dbc9a3a299c6d88e5a51b7fea4225cc2dbd618e |
| SHA256 | 855cfdfcfca492037c9bf50e813f431594eb408750759a644c1ded9348c07559 |
| SHA512 | d28a32bfa95dfe4ab4cd42c970904b8f73f59af8f0ba1d7a2f257af2f5ab93207bb18a81f98a2025c0ac83535f32b7ba8501427cf2f2140b4cda11911b2e909b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\download_scan\mcafee_logo_red.svg
| MD5 | 23868054d056d5052692b09fe9e4e5e5 |
| SHA1 | b3e5caa5593e87f3306afd207ec765cdb5b6ae48 |
| SHA256 | 634cf5fbabb8573d98046d26efb66556a1d38a1ddd27da51e3187c785c07114a |
| SHA512 | 7cc1c3ac3b86d1bc690b1e4c86359de072cb5f62608b805ba6a3630a8f3cba78447f115974520eacf312b68be42423431cce695dc6f10ab763fbb5aaf77422ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\download_scan\download_scan_icon.svg
| MD5 | e152a06f544c2445e476f9245721cadf |
| SHA1 | fe537df1b8ab747e4f69fc7b90f6e65ee57cb7a0 |
| SHA256 | afb3cb99272b60d9ce409d2db3584f29db0de5e50776db99e9118f9fa18dc943 |
| SHA512 | d2424563faf06896cc63849cf8418423c6470e36fbe23db0549ca74a927f7618bde2ac605e795a3e553941471975006eeae1b2f4a5aee12cac7366a6ce3d9dc9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\download_scan\close-outline.svg
| MD5 | 854d9f4841f3fd6b71c8f0c216590549 |
| SHA1 | c5543d1eb7ecfb19e24e5e26d070e26d02efc3a2 |
| SHA256 | 9d14b866099d21c67b28a6c870f3a4a535f81b88bd97102c32edd346d2f15868 |
| SHA512 | 74278b6d68184c8e9d04fe25b4d40703d04e4d085df18a3baf0f03bcbcde20e4a1761a7d68abfe442d661ceafcd33bfe46a47cb22ecb614f8c60e1e28fba1129 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\dws\scan-email-logo.svg
| MD5 | ea6e8b4848adfeb2eaaa27de5962fc37 |
| SHA1 | 2a0edb8bedf9d57bf39e8e028233407ce424e538 |
| SHA256 | baf530440ab599a4db465a9e41d2da8ecda41f0218aca01e9aba98f3ba81e705 |
| SHA512 | 83f32fcd1e14eb840abd57ed5aa11eef415f1b3981f2efb227ec5b968388f07052d1c434f432ec0a0c337d257040928dd4efbb26aaff0d88c825c2a290049063 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\dws\external-link-logo.svg
| MD5 | 52acb8689812d4b46cb56a248eeb9f65 |
| SHA1 | dc2cf7c46cbb87a917fdad6904547ecca0871aaa |
| SHA256 | d3d5aac3a584ea056f6b372c2ed6e923e37c11aa5f7a529ccd0dc8ecfc2874d8 |
| SHA512 | af09ec04dabaededb5c40cd12f3849009e7d855874ddece241b1bc073324f9d6733419964c5de1fc5b7c82b41522edf3983100eabb5ee574575a085d28180dbc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\dws\error-fill.svg
| MD5 | 3cb989496c8ddc97be225c95cc37c439 |
| SHA1 | 508df201964be2d37feb6c6888c53cc639520117 |
| SHA256 | d19b7b0fe7a1344005a9fbb4c43e62067e4a7aaf648d91f6cc20bc8489870ffb |
| SHA512 | 0f2bb1e8c9438301b7167311baa2eadb55ef3c6a32e903f99e9b461150f4e5d4ca020e4ea92fc7623cf45f408a7e088f8fbdfa5b256eacde7566124cae382720 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\dws\confirmation-logo.svg
| MD5 | 69bf1ef2983de97f65c4aa42e7472f85 |
| SHA1 | b734db797e7b53014907831b6250573a2da5910e |
| SHA256 | 7f3512a5cf0022bac65b5d70b92b63e5e92066b748371be9ae293f8000a2be93 |
| SHA512 | cd2c4c803e702b15dbec84bd2cf1dac6c9debeb96ae9a9ac491777539f9290ed6eccdf9f9595e52bd154770fb0bd66c7558c185a300bd325ac668170b5d10579 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\ff_policy\warning_screen.png
| MD5 | 7aa3f70a85dc324c718aca5f5b7550fd |
| SHA1 | 5ea50652a9f1f03ef952b3bc8521265a9886ea6c |
| SHA256 | 82689d858aa23889913b86277a1ce2e93e61a2ef56513fa982029e18caf3ff44 |
| SHA512 | 94773f73fe61e8c5b44807ca918c47ce6c6761c849b781edc26c89dfa36f7baa477ae900dbabf1eb2279152cb7b1bf76d0e200e11b3b9e2adee3833d2ccf9403 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\ff_policy\happy_laptop.svg
| MD5 | db6809b78d2ce694866854df42cafe20 |
| SHA1 | f194c987b33c82fe59096a4855570301e275aa73 |
| SHA256 | a99affc0df5814b03a8992d86bf91de675ff5e8a15ef45d3a536fc55317af4e0 |
| SHA512 | 66f3f864bc924f7b3ba6e29fe02a783ed4e13b5c0fbec82c381b3f71919f7d9070fd2e912309192695669b929b298f0a1397ee906f703fbea1947f68999e3490 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\ff_policy\alert_screen.png
| MD5 | 12fca4c20c37942db74987c8a0fd01d7 |
| SHA1 | 52de7a95f2af5d4e529eb9eb5f62600118e43eef |
| SHA256 | 3b1a9b3aa7efbb556e23ca353cd0d05cc82384d411b4e47567f8c6968c69c3c2 |
| SHA512 | dc78ed1f6e0c23d8296c84680efa294c12b2076f7fb7cf4a8cf17860e6a110466bcaf6613e8f261e93fed3ddb3c1cf89b5b5003f4a5c5d1cfcbaa7bbc790e7d7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\how_it_works\youtube.svg
| MD5 | da42649358713f7d5fbf23c73791c09b |
| SHA1 | 0898292dd6f3ba291230c8f79ffe0f52524ae91f |
| SHA256 | 92bda42a1ec1032c7ccd17c8c8851583f6f1caa4927db744c4c022f69e1717a9 |
| SHA512 | de0d53ad1bb9df33cdcd0cbc2ddac12a5e0aa8631bb3e8c9d337df32367d2576c7a2e770e538e1e7dd912835e064db95d78c21767c6531f2eeb7ea906f325e76 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\how_it_works\urlhijacking.svg
| MD5 | bc2d8ea056bdbd741342cb93079e96c3 |
| SHA1 | 8caefb53af0b68f8be2328c2f4cd5c78535fcd14 |
| SHA256 | 00f6d507053a8747274debb069c02501642d102e597cd5a27c3daa56568e69e2 |
| SHA512 | df05ecdfec6549c0d1fd6d9d29a822be7b69f1fe11307d9cc257ed1b9f027f603c589dccfc810b3e05c5326b751dd70f7d0f5e07d8d4c39bd0dfdcd6e1fecb38 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\how_it_works\twitter.svg
| MD5 | 90870165c0eb49b66ff6b7a5854f2dd5 |
| SHA1 | 75324bc9579b0c3c15a82c7cdf070857a64fe99b |
| SHA256 | 78c333235dfd5ac6174fcb5e778e6a3b2d6a6f3fb1c2e62f272beaef95622fc6 |
| SHA512 | 5106df2f9b97e531acdcc2eb6a48e9a81d6a99baa4644ac1a41deda9ac14f9e5972d5c1c385c678094378f6c77029d0e585e69dbcf8da7112602bebd09a32f60 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\how_it_works\socialmedia.svg
| MD5 | ca93a52102d359a45dde07653df642d3 |
| SHA1 | dfc0f23bfb27a3594829e3b91c5ea2d504211fac |
| SHA256 | f0e67190ce067c30af0039bc1a62ba5e33701644777b329d29a2e6c2d00b00ca |
| SHA512 | 5f0c34d58d342d9358294b042a2325325e75dfd1d929d1ead9243a4b4750b46b3350140ab724ab849f2d722fa5dc2f691e6ddabad5b89ff30eaaa93de3331562 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\how_it_works\securityalerts.svg
| MD5 | 3102cea620263b4ec9550765f201361f |
| SHA1 | c7a6054dbbf5fd799ba4bb53a78fff8a4ae7d6be |
| SHA256 | 0446b3c4e074bb1a0b43ef9a655273f6b5033d84970ea1802a21804949d22c3d |
| SHA512 | 4965a6e37ad9f96fdf6074fcc27f0e1ba041b7a9753bfb5071fe807090bc654cb5aa29814a2b771845ec3efec560c0f9d823c8bc91d7cdca974c180142de5c64 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\how_it_works\saferdownloads.svg
| MD5 | 535cf3e3104ca11b733ecd85c288be4a |
| SHA1 | 6204d97f515832ed77cd522b25fa197e3714e098 |
| SHA256 | e25cee5930fac5d01e23bf80a9b2159dfce55d0b99e0f001a4f65433b9eace1e |
| SHA512 | cd6199728b48321e548366629c74a2956706a3e60c4f5e748a33b3d925449ef2b0df18ebfc4024b8d43072cd909a16cd9ecfaaee442090dcec62be58bcb7cd5b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\how_it_works\phishing.svg
| MD5 | d5ac8d0033d0e73693484d210a1927fe |
| SHA1 | ab5cc965daf2e715c9f95fda886cbe32bfe82fa9 |
| SHA256 | fc0d125482a0b5e7a003d92b693c636780e724c5a79db36c941a05c5d42835c9 |
| SHA512 | 2f0321266f137372e6fa49e8e87916a3d109bfc7556948ce745736810e27cd3e293e4bb131f7cd93746fb5591dc61333690a34447738d5982077c9694c22e291 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\how_it_works\facebook.svg
| MD5 | f2b7c996810fd9e7b0698fab23df1943 |
| SHA1 | 3bdd4cdae9379d8262fc5c9c3a58127f8b391635 |
| SHA256 | b90b8cb8fa98bad759d6868b3cccbb99ff3404e0fe5e4371e5b422caaf95602b |
| SHA512 | 5a7eb3a3cb94b3eb21e77c0bbedb23ff144dc110e3b72bea6e5cfb22b34761f2c155b4392491c903595e0b9870021a23b314622c717b6150f3d4432a81623a14 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\how_it_works\background-human.svg
| MD5 | 92b7e1ac77450e5eedce133729c54eda |
| SHA1 | 952f069f83093aef8eb2bb80fe76ee6c7828fd03 |
| SHA256 | 77fda79cadc42c3896cc9f8912cb0a4a31380944a8220aca7b51cacf33664b70 |
| SHA512 | 44350a425f2758f2c46aed2195c99ae0a32a4ad3da3d0ead6cfb42e194d4853c018f012dd690d377ec4b9960c54cc88effa5543f6e6004907d761391da1de1c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\how_it_works\background-bottom.svg
| MD5 | 3b1a1232507e6bd4cd280944a71f1471 |
| SHA1 | 171ae3970304d1911ddee40e47e5627b2d4fa197 |
| SHA256 | 31ca680330d42c3a21b02b0681f077a7d0b7c9530a8236708ad21b917a0a498b |
| SHA512 | baae280fe94e6726c879bbcf450f1c23e6a417b3d37a0e1dfee83980765b7ca7bfdc5c8145902c150384a465cc07e8618593c6019808586e9c7b4109c75f4a25 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\iframe\diagonal.gif
| MD5 | aeeca2f21a1eb806a8fb1b305cbd8490 |
| SHA1 | 1eb1534778af34c0aa2d6ddedc923e7dd4c9eede |
| SHA256 | ebe37863c45d88a32d3b15a220a6ba3c18ec46271e4c675ea6b6d2330a6eff21 |
| SHA512 | 68930ad82e8dd9ee3c5a0ca85d9b0e06df7f21ad36d33a8be516787049146b18239200f0f7600288ecefc182b12329bb1a44766f30f9767e7b03f710214c3d86 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\iframe\block.png
| MD5 | 64a5a282d53b093562d16c27d2fb0866 |
| SHA1 | 2b5d22bcf322629447d8bbf244a632918cb37e04 |
| SHA256 | b7533e7192c16c92e0efec5e38bb4c9479a487d6f6334ea1878df4b0287739cf |
| SHA512 | 84666e2811babad3cc30b9c2e068450a94fa92f0964db8668aaa85a8cb33f4f83a535d1755e90040dc97724b36283b9b00d5478bab0de14398ab4b36c383d78b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\mb_dropdown\ic_snooze_notifications.svg
| MD5 | 2060d707414c50bd334de5b9e874528d |
| SHA1 | f65cf8f27e6816f1a8e9ff60c0365d017cb4607f |
| SHA256 | 131ec1a59139e1993c30fd3058a900754c9d8f9dc9aad761909dbb697e121a97 |
| SHA512 | 0e505955ee66b0345a8683f40a2ecd42f3dffb8dccdf5e7f5f44e6c38a5037629948b4d111cc061f259e8d116f0cfd3bb9dd1ec2bf49a4ce58167278c33d326d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\mb_dropdown\ic_notifications.svg
| MD5 | 2b6d200b766f5a3ddfe4529a48797df7 |
| SHA1 | a38d8403d73a9d73a489b9b3af5e808bf6664004 |
| SHA256 | 5b141ce171183828dcd2c8b64a32329493161e231594436d97d290521ed123ed |
| SHA512 | 8935be25e1d2dc5078dadf08f39f4fdae19d16f426230eff4026058a975f1d74b8481d60ab954b5e6ce447319a0d57dc2e2b88411c8af000f9361256c16c2801 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\mb_dropdown\ic_close.svg
| MD5 | 3e13e2105b39165dcf85684398e8ca08 |
| SHA1 | 7cb84745208025e337f7d2d63bc7048568619b62 |
| SHA256 | a613f9a6f9bb09d76160c03ab2e59db5a854ac3aac61bfa3580df49c60e9ddee |
| SHA512 | b1380ffaddd05810735fcf1c67483ec48dba5a6a689c309b7770797cf7ec6c045e9746fd07156ab793453f15a1ad0769a7c86b576da41667912b883b7fb895f4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\mb_dropdown\ic_chevron_down.svg
| MD5 | 6dfc625c4dc5d74b20716bae8f2ba74d |
| SHA1 | 25fc7d2614e31d1f28749b7d854bb6785f470237 |
| SHA256 | 9c545289402f2802df4bed38fa936e4a849f4d23b87730142322cd56e8a26dc3 |
| SHA512 | ab488e905eb89971077f6b74d2082a39f8c193930ba7c33cebd5ad6027ac845ba39e67f39217bfc8f7d589e5faec403c6431a7ba00db129e70ba803bba77b9e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\no_native_toast\mcafee_landscape.svg
| MD5 | de2e3d1d3d340dd79149003f9604acaa |
| SHA1 | 91e26ec2db5f9895070565f12de70d034302788f |
| SHA256 | 3fcdcaa254e6b96313bad0f31acee9e09e3bffe596b6de855a25df4b45cc26c0 |
| SHA512 | 45f0bbf386cdfbf02ccacd3ff17fbbefa58f0240a0981d5246a7346b26947aafae960887a58ad4d444342cd242bb9dd41880a5f7911c0f579511d1bb45615854 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\no_native_toast\install_native.svg
| MD5 | ba62dbfb7b82197469739cd547828859 |
| SHA1 | 278833bb0c854412a066216200225cb708303099 |
| SHA256 | 7d525193664c518933def7afb44f2d8810d24aaf940e32dae5b1777d37c793cc |
| SHA512 | 99d919032bf019297612b0908a0ec9df2331fbe40b4837246047bd9297fb0c2b864808d34f7becb441583da9bb16c677cb18b4734b8f07d425a27837909a9606 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\no_native_toast\close_btn.svg
| MD5 | 2d597ec8fc3fd28cc675a767331d83a0 |
| SHA1 | 5c7e8782fd64f471d030f4d20ea35b4b58c5f993 |
| SHA256 | a821b14cdb81cabaede76ccffc6494748729f561d243dea9be8b08423c3c5611 |
| SHA512 | dde4dce5f6f932a392f19f390b32faa7702b6364d13f7f92998fbb28bb3ab050a1b7549d067a05d71901c122b1431a3b4c0685d9f42f112d804af6a8918c50ed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\overlay\arrow-up.svg
| MD5 | 4cf3a1b20964ae2b7150ffb77db9d094 |
| SHA1 | 99e0efb3195d3eac4b450a36ec334c1e14809a3d |
| SHA256 | 553e55b2d10285f54dd2faf204751af38f7f0da2a79060b5e82c8bfe2c2f7f31 |
| SHA512 | 10a30f15cdb8a99b5d5d06a18f856a2d8f1c4b749e2821517cd0c91f373872fc89e3b2606b38cdb71916fc1f162a1e2e9a337b65f594ce9d5e99bfcf8f5a8d9b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\settings\youtube.svg
| MD5 | 95ab7ba91f3f8d8e331bc046bb9a89b7 |
| SHA1 | 877b5ba3e36585db17043357cae76516df476458 |
| SHA256 | 72f99ed3d833dacb35530d45fb5be816f02a7cb19d93c19762981b4001a8ca68 |
| SHA512 | f1aa009a36a33add029c61a812a68fd415a4ceb438e7e4561c6ca9eddf3d2d8725b6cee173e4df0cb3c9273c16d42dc0003568554da1973160d6f12cf7082fc0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\settings\youtube-disabled.svg
| MD5 | 1da29c03897d34a49a2859ee7e5144d1 |
| SHA1 | 4305531e08c68d2b892d1e4eeb0e7495ab1b05ea |
| SHA256 | 59644e8db54b3d4a1fa8f71f15367fabb8d8715f8ed76b3f9c7b4a2b3e1eb565 |
| SHA512 | a559d95b5b1f6de463da0406a19e20c1ff9fe3ef42f6ec16d1217d86defe6ed454c7d85a0512e075c83f2628c520622e6c292c15a65ce230e77aece97ed2d76a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\settings\x-icon.svg
| MD5 | 3c501ad9f83b68417c35b0c6287d6b1a |
| SHA1 | 6e8c5f254609123e6b77e0b609746fce2208a51d |
| SHA256 | 993247a60eeb729732329d8a1c87683629195a55560c91c28bceb8ffc38482fa |
| SHA512 | c0a9388af7dacfa5b24d51ca987f539e383ee3d2503357f5453812458acc0102fb13d46fc552ff3fb057056f271a369456f3037e9b9c84e3528bfbf7bf6f6d65 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\settings\remove-white.png
| MD5 | b14973ab6e5372cba0d017b2555906d1 |
| SHA1 | f33f0f03cda1b3689722b6edc3b26a4447728350 |
| SHA256 | d0616a4d04f40964b1d64a6a4ce419f87fc16eaba8bb94156a66abe361935b92 |
| SHA512 | c04cff1f3353fa02940a8e56fac1c5b86a266211cecbc23f0703f0a16d30f9f4ba3e188e74bd11165bb6daae895a26c6d1df29651af9166d1fad1606ebec8cb0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\settings\remove-gray.png
| MD5 | 10a8b5a8a34affacae5ccd390b4cf437 |
| SHA1 | a5a7c0cab2e2531deeb0ee691fda0f4e0c0acc5e |
| SHA256 | 8a0ac48fa60727d3decba5b405df3acd05eedbefde23ecd750ef3d5bf45e754f |
| SHA512 | ccb9a2f1be0f1a29c9f5c1146f5b05e23bc972104ef35959e726f59e302e288a454b6876216e8ee09f96c0f0999cb2eb695aee6bfc5dca58e0e5e158377a07e7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\settings\reddit.svg
| MD5 | 8d9f86a9a69c4e2362376ad038e02b72 |
| SHA1 | c55cd50ef5cb7120b40e61562b26735c0956927a |
| SHA256 | ea22146ca6462024b2edf567ddb0b411e0f2da4838aec95771e375eedf7d12da |
| SHA512 | 0ad8c0981167746fa30640bf8dbf257cd1a5731a9de6667fced7e2e58735ba58d3ef62c460ab36be6974f7511e6582b6a4fbd13fbb71c0cf6beaa6040b921778 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\settings\reddit-disabled.svg
| MD5 | 8a54fb9d38e1072b28619e29b430cbcb |
| SHA1 | 7cfa6c000a324064289ceca1756886ed393e95d4 |
| SHA256 | 2c0d774c77336d1359467b9ae86bb69bf3200814268bf4984ada050fd5a51fb6 |
| SHA512 | 88d966c0a1f4ccff61897f1d14d5570322be7d7224add262c5965859c385203f46edc074a63f4c324e498ad1ddb828cc7310392b916f50daa0658faaf188425a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\settings\mcafee-shield-pattern.svg
| MD5 | 33a6b33703566cf94eb42b8af280aa67 |
| SHA1 | 5e35b60f7ecff1cbc9c97a23b3a6bc3c3c429207 |
| SHA256 | d9b86ec7a86abfbee38265d0fa5e4fe6b5c09e3e6a8301f51269f18b7a3d4712 |
| SHA512 | eb30e52ad6181081388c41a490d8864b87eba34745a7d0f9343f67f8dfb86b08cf351d68835a4c2788860fd0743985acfd4d3f02ae1377f8e554583f412223da |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\settings\linkedin.svg
| MD5 | 3fe661e5de95005a38824476ecc23e85 |
| SHA1 | d6282115581c0e282cb0fa3134ef52ec45f5c1b4 |
| SHA256 | db2b2d6edc31e2eac165d11fc30df2932186e79d53ffec004a43225501bfb4e8 |
| SHA512 | 449debfc95619b5bff6d8e3411e42918afe1269e7b23763e39b5f1205ae906b0e85aab3becc5719df016126a5d09e0ae6edaade1253625651f62e4f4aac6e962 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\settings\linkedin-disabled.svg
| MD5 | e03ba80f2fa98e92241d24d881391ff7 |
| SHA1 | 1d9c79c6878e022ca5aa08ed63760d87fbe4df40 |
| SHA256 | 725140d10f0836acd3ea352722ab08c56d45e9f69a20133ec5429035273513d7 |
| SHA512 | ca73ada6655facb3561e30a0f8f71f572b8f68f765a7450c18ec9b533dc41e7acedaeb21c905d035beb4646dcce999b456744cc0637dd77f1d30b7e0789a2883 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\settings\instagram.svg
| MD5 | 8f4c6e3f3a5a571f7f76de7beb1054ec |
| SHA1 | 336e4ea41ca48b13fbbbff115ef77c37f2978aff |
| SHA256 | 1428af01f67f406ece2d31831f7e25d65d8eeacec04e03de96a9659d49a133d5 |
| SHA512 | dba346b78fcdc694b7c17659aaec336920e6ce116006d6f7f5fe17242e00a140d6dd1101ebdb052770c56c38de4964120e5ad0f374191ffbbd3a1139143e82f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\settings\instagram-disabled.svg
| MD5 | 494be2e5f9239b8b4a08ed072d9d81f7 |
| SHA1 | 9396526589a12e18e914c66902e0a01aad911bfb |
| SHA256 | aeca7a435408051f8ac1be787fcc286bf422dd6d661a17155d00f2a5c1ea3953 |
| SHA512 | 36accea0088b0b3a26adbc390b233a7e1d859d52dea8a8922c79e0aa7ef1f0cd84b82bc75053b5b98d4f4ac3b521a9456b73a96170ac1ee8ac30d8f6e302f417 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\settings\facebook.svg
| MD5 | f569bfbf7409b40b64f3ece7dfe2582c |
| SHA1 | ad1fe2a23418896651e79422c031e96d331ee123 |
| SHA256 | 0f7450652e611e8aa86e8e6b3e89e00aff6f8757d7820828d94f9d7d04f449e5 |
| SHA512 | ccc663dd354e16a3b8b0d5a381d1e49f9bf4d315416e7d37be82dca722c76503166a2d226a0fcec82495dbc3ab42294c247c7f7fcb2195b968fde4d9f4d27751 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\settings\facebook-disabled.svg
| MD5 | fe2b7520a61092c32badff400f00d496 |
| SHA1 | 1735baeef0548ff304669d82ed537a9b6939131f |
| SHA256 | 2e6468409d66b796af3095010f94aa55e8d8c810947289ad376e4167d19afcc9 |
| SHA512 | 4757dd3c666c399003a660cf5bf53b2f6fbd0c06a50bcd48e784ffa8510a4d4c4b9629d1e279adacab4f77053b9d6866666c7a5fbdabad2d96b9e0dc8b6bb67f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\settings\checkmark.svg
| MD5 | 8252bfa40d72b6d1ed58fc100eac6e63 |
| SHA1 | a7408f4145588ee8a7b444ae6f222fba7deef5b2 |
| SHA256 | fe4a18ba692b3fbf4aefd5512cc3c9eb58b56561b3079c56b1e2b101a7023902 |
| SHA512 | 0ca4ab2ab92438344a6ec7eb00f71a2433b1e2fd88a1adc055edc392dddbdda4619f71305cda21a1169d7521360b9833a278a2f2c54f5dbcc9035143155689ad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\settings\checkmark-disabled.svg
| MD5 | 1d6686bfc594e62391c7d5c2b1b3cdb8 |
| SHA1 | a8b7d88d6f2e3add358ead563a022e90a8861a30 |
| SHA256 | 0e452d7cb43d92add3ae9631e2a1d32cfa042efd6a04cb71a29d0166d21cafc3 |
| SHA512 | 1bfe3117f6f9ba7f5597d960d63926daab167b2697d0f608d4074447583b617ef844ff2c2c467089b5ae0939654855cb1c5c76343bd53115c42d7ed828fb3d4c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\settings\add-white.png
| MD5 | 7fa9e475ab0f70f1715f97f458399b9f |
| SHA1 | 99b9f148d7dc68bbd28e410e8c50ad85c8206a5a |
| SHA256 | e9561a833692998f7179af1a4909b3d38c7423970b2a329ca26d7470cba4d90f |
| SHA512 | f5e4f38e18636f3581cd0b9f8f183e2e4fd6b34a473fc3fbd882c5c3371e0a5529950a40f45b854f388c19f302f2a011e1a7b7645c8a954d2e3c3397402acf33 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\settings\add-gray.png
| MD5 | 290866c95a92068264d23970c501e005 |
| SHA1 | 8c754920f13ef23c0fef5db8e66f871c0be3a655 |
| SHA256 | 7c7a7933f67fd514d67bb717333d31fc280d0c0fb46270bd45b85ce9d38e42b4 |
| SHA512 | e65639ba538c43baadd64eefc0eef0631ca14941c4ba81cfcd625bf39e40eb528e786f600a60d63c2ab0347b01a59c50684d799fb7dd29856d66de42db32f244 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\sidebar\social_x.svg
| MD5 | c5d67f046cde24f6b2653be12f8a0ef4 |
| SHA1 | 8ef015c184c1ef3203f081b92d7ee9eb0922ea62 |
| SHA256 | fe1353a68a7d89002e60f01899e9be72184d09d7f1e32501c8da62c260f8ce57 |
| SHA512 | 77bc416ac87792cd0c2eca5794a71ee80a454bb66c12ad59303cb98e5256a71755fd21dedae432d5b70b6a0dbc05d6bd072b64a4b4fe5dce29b9e05f9aec86ed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\sidebar\social_linkedin.svg
| MD5 | 244c302f18a26a287c13375c24d84c8e |
| SHA1 | 1e88b3a0a541948481eb709a5d591ac3562ec8df |
| SHA256 | 3e21583b1074d9a3b217184c295136e17872f3fe9ed6062b3d1175be5fa57bff |
| SHA512 | 56442ea4b2a730d934c010d648abeeb79672bfb21be47b6edbb6d25605ecae0bdb273d9e8833a1a4e7cf640469c75379932edd5ac70b35f9f9027bb14ae02974 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\sidebar\social_facebook.svg
| MD5 | 4624a2e4b9b2ddf885c9680860523c67 |
| SHA1 | 1404e5a0356f398fdce9cf3fb521f779800c0c85 |
| SHA256 | 7c2709426e7cb36894d4874b94bdfe39fa051b3fa77c09b3eafc972232155265 |
| SHA512 | 995e006208b6462f151a7658d78ec2a77276fbe25be1d1f6b13bc9dacd65f80c00af1d7c477671f98a2220c3b870faaf4df1b0e8f380c4c86d8e5429f2ed2ace |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\sidebar\sidebar_logo.svg
| MD5 | 3e58f3f4abc887f82e200934f8f2db4c |
| SHA1 | 59208d42abf2516413648488580ee82f5d84c609 |
| SHA256 | b9c985c56c09ccf318f5301c35a37d988bc717de9de21ae4c7dd817fa2252cab |
| SHA512 | 2488442b14baf25401bae9c3bb27bd5742a538f15ac4fd0cfb5e9eb20840651118b99d1afa9553ed4acf927352d63a5a11ded840e6a2772e6c0a19a0670da508 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\sidebar\popup-logo.svg
| MD5 | 650d3a2956d151d8cbb9b84b76f74ac5 |
| SHA1 | 14b1fa01a91b5f47bf9b33c949c09d46fca877c1 |
| SHA256 | 6ba2ccc2dd26ea71b6ef652fab7d3994c2641dd74c0228308c0ad6935b9f3249 |
| SHA512 | 5557e53f9cd2d10fe05fe7610de5939a8075e929394a025d4c9efbc0725e56e3cef020f71306aee248eb599299f23896e432a8d906028dd2bd3b0bd94cc98574 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\sidebar\ic_settings.svg
| MD5 | 1dab673817e0fc5c863efb0793d7b1b1 |
| SHA1 | fe2dcdb5155c5db9754e4193298afc1b1dfc1801 |
| SHA256 | 2552afc14c0d44d5ed40a49ce2e3c2ee067d88298cf17bde665b021fd16613cb |
| SHA512 | ed02f8275776df1be8aa634a280a23053ba5afccf11781d957367310dd675605d0377c73ab50f254f1c24ab7fccf00e524d62d14336c724962d340c85c44ba7a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\sidebar\ic_search.svg
| MD5 | 712dc1e4820e4b66d1197182ae159f99 |
| SHA1 | 639391d0ce8b0f7bab4bb26ce8216c40f7d0f3d9 |
| SHA256 | f48d9e4eb136bb945a50085e7cf9405c188a5b3b27973542aa7f23e699d79da0 |
| SHA512 | 43caa1bf725ff029455b4e184da5251f9c2c49a9a0bf7a7da84223542185557215e06c574594832195f7b455bbcdf764af72f6283470e44e662cdbcdbf44ee69 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\sidebar\ic_info.svg
| MD5 | 77df97dd24db39a6ad87eab57dfce8c9 |
| SHA1 | e1ba714b7e572fd5e7fff01dcc2409c3993d5755 |
| SHA256 | b91800791ed8fac522c1087c0f3b3bcfc09935415bf2407d1d56a32bfb867b65 |
| SHA512 | ef898580e727b4935ae8806719b1dfccd3ff43b3e790d0999d883e9f5214a56cd3d662f5fd842870da309a46b1eb6328cd1b530ffabe7f62e3aef83a429b17a8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\sidebar\ic_ereader.svg
| MD5 | c3a8d05c5f318caa9ae7669d77a39a4b |
| SHA1 | 65c3a56a6336aee4f618cbb0c5631771adc88fa9 |
| SHA256 | 20bb95b2d1d0912a4c1f0981fa32cbc0e4306b2d4c7440278c44904935c7f4e2 |
| SHA512 | 62552debd41c6eb1d8d97feb0eefa47d0a652c660c5c165344f4473b6e35a1f081ac2349d5f9ae04d47bd48e7360b7c958ba77d05c1d8ba25fb9424a944fdaf1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\sidebar\ic_chevron_small_right.svg
| MD5 | 42540256abb194eb88e97dd56de85dcc |
| SHA1 | d712b984b1abe588cd71535adf19e139497a02e8 |
| SHA256 | 0dfb82df7409da4b63c196f8937bf1490dd728ace092414fd82505f44b25a3b6 |
| SHA512 | 6f2643941804f8a2051ea4badad4832ef5fea751585c8a250bd17a0df88234fc184938c52426080b0bf578dfe6ebd1933bd0e301d49dceb62430670eccd95667 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\sidebar\ic_chevron_small_left.svg
| MD5 | e8b741dc79b08ad9c15e9ceb0aec6458 |
| SHA1 | b0c45ae87d161d849dadcb24ad4f5fc7030cbffd |
| SHA256 | 1d35dbda1d0ae0ca61bb46974ee322b41461f9708cf9afd4fd8e8b4a156adbd7 |
| SHA512 | 2a4a481cbcf15be6cb23daeda6362d4fb0a2f53a0dce22721bbb7705f148bda8cb25f89ff46005543b862901e7c899b2b800ee6bae215157af0d7c13afc26cf0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\sidebar\ic_browser_security.svg
| MD5 | 4acfdde68ac89ada9f7b57e11f16ffa7 |
| SHA1 | 83accdd30f050ba5aeb3eca943eccaf20c8c496b |
| SHA256 | 72a5529f5d2435cb99ca5fea0a343cb64ba17536bda43163af9cde90f20468ec |
| SHA512 | e08e7808bcb9b4448305f7d2015f88edcf2d1759ed517ca5c9e132e8d8f57e5886ce1855ac6887194adbbd4d14bd35ff8644793601cb1e9cab6df851979bec1e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\sidebar\ic_browser_history.svg
| MD5 | d293c1d1191875ddc377b994ab1041c7 |
| SHA1 | 6a5dc1d7c8f518b47dba965467d44d7268d015db |
| SHA256 | b6104d80df687b685b290ec033683f2ced3d016997d30efe302f5bf1e68670c8 |
| SHA512 | bcf62649933db50efa0de2c67fb9ee17257193e1ded73227e8d889833af96311cf9694257cb0aee5433d0b58b2e9bcf84cb7dbb05ff966bba065dbdfd44544e4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\sidebar\ic_ai_detection_white.svg
| MD5 | 6a40d677a200d395cc7498a5cc671cba |
| SHA1 | c32aeb5acbd6194fa8f8c9bc28d3460e80de9ccb |
| SHA256 | 89d19cabe3ad5227f029745710504b714719a5fb9e7f1f30c8487328cdbb7746 |
| SHA512 | 4a97ccf2ac94edeb63da3ba4225dd36c3c220163f6ec82e653e1e43a806cdfc5d7dd0f5229fa5ee1e877da9671d5e17ab79b6fcf295a8fd2ba45476324eaedbb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\sidebar\ic_ai_detection.svg
| MD5 | 7078ef55fd90f1aac13affc6c243436b |
| SHA1 | 5b6dcd0b4b4b936054e600482eb7d60b3272ff59 |
| SHA256 | ee90e35a72b87c81550b24f6358f6c3c786128e87da22f2eeb7ca7de1f671ba5 |
| SHA512 | 7905de40ba0e255eb157b78ca58ad5065263080804a6e758f7da4130daf4cf3acbae150232034c4a04a0febc1475a16e4eb1b2d93caa2c31a4a74f7eb866a8ec |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\sidebar\home.svg
| MD5 | d0ecdff375c24f74221f68225039b36c |
| SHA1 | bbfd3c9315144f38d6097d9bd21a0c6da795000c |
| SHA256 | f9598b5b10ea88a26757dcfd8ee2e2022dd7e1170980418505b98e837015f023 |
| SHA512 | 06a21fb271c3d2a1f9bead6d0ea6f77bcf18033ab25c039ec2303b959d103277671dae386ef1905c9b68d1e710f42a499a2234b548995ca531f67711a05d4aa7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\sidebar\graph_red_icon.svg
| MD5 | 8fd03463adb60d452df47e352f2ce4c7 |
| SHA1 | 640d6e9ecad8ce1557267b76cfd6161cca28f2d5 |
| SHA256 | 2ed8d54b805c65f0108c73a30cc3fa627fc79446b1f964ebe69042f89fa84e28 |
| SHA512 | 06dd67654c2c8f78338e371d8375c9ff36df9225ab67f8a55324ee1214ced6b3373c9928bab716bb873e64cad72072df405a4bdbe234df296087b0f5bcc7eacd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\sidebar\arrow_forward.svg
| MD5 | f995441602bbfa894146b13db27a6d7e |
| SHA1 | 768243ae3d0737067883b7e21010fbaf141e13cc |
| SHA256 | 568f058d7e8ac2211d2226d2e422a3f6a9bd2fff80f870a26bed4215317a694a |
| SHA512 | 9ece1aa3bb3c4a439ed530c0015300a0dafa99602087d7e8359ede529c41a10a210a239326a4823637822d37f6d79081d388f25d1094a9f0e835ae6cf2ff9d2a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\site_status\wave_yellow.svg
| MD5 | 11d1f40a53bbd6eb84c41caa4f18c989 |
| SHA1 | 214154b9ea931c8f23e84e549fbf6de4b156da23 |
| SHA256 | e339489ec7cfc3142d62cd46c14185cc990f2a66d2833f94aaf1543bf23a9bc6 |
| SHA512 | c7e7f6ef317f874b38da86a0e29d280f77f782b6c4cf3fc8a7dd02ace2d62578fea7ed692641f9665debd9d1e9074fcafbc637411684e0b3199ae43ac0162531 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\site_status\wave_unknown.svg
| MD5 | 59d0ed068bcdf2d9d046765ba93418ba |
| SHA1 | ff16c32872df7cde003cd2946b0f809d8aac3056 |
| SHA256 | 44aef871c7ba47dba8e8c79b921442339e1a954bde7ee52da857d11f723e76e9 |
| SHA512 | cb2463b93be53fd85c67ff6a48aff9275c5e8e4e5a04e2028d26ff1318b7b7d5e9cf5fd0993431f687900260e3a5346217701dd969907f5a158bbac7d8dc852b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\site_status\wave_red.svg
| MD5 | 11e63557a03e92aafaf2a9e3ec1a6f10 |
| SHA1 | 4963df7c26135be1d1aeeabde78efdb00e6af988 |
| SHA256 | a1dcbd3bf0eec977abc532cd32ca1ea81b3832cdc353a800413ea2b1785d8261 |
| SHA512 | 639cf73e43017f5cceff9789bc26f40ecd0eb07f2a5ef79474e220f1929f1191dff98acae3a0ee6c824e8873e1daeed41d601f44305d0756fe1c938b5ce05f8c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\site_status\wave_green.svg
| MD5 | 4c5d32afdab60c45a088141dbce107fa |
| SHA1 | 964a81b73f599aa0301d9430ce006f01d4dc8917 |
| SHA256 | dc63328dd136cc3582f7dadeb580e9c00b62f937ea05d0fcc75808f1b0fc057a |
| SHA512 | 38ae34c068b538def1b742109b00bfd6524483289d62e73a854c3418572f23fb7f0ecd9aadc6028a80c9934dac9ef0424f6d25a684da3492532e3056a592ce6e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\site_status\warning_yellow.svg
| MD5 | c6c7c219d1f7f74addcec8ce48f193a5 |
| SHA1 | 0ecc4ae1f29027928f9bbad299942fc6bcb11c60 |
| SHA256 | 02584615a227a5bcffec51320549404a772df8f2d78f6e13779ec91f6da70ed3 |
| SHA512 | 5410ef0cb7efe69a8dbe54d7a9c79b4233f719c893cff15b8d55a886d0ec88362be4fc707c4754aadfef9bdfee0f50facccca2ce3eea12eed83fde6d3f528a4e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\site_status\warning_unknown.svg
| MD5 | 9b1966801500c78203a89885aaa1a528 |
| SHA1 | a3f59595c710d16a88b111ea4b87d7ae5b670bab |
| SHA256 | 298e1d2b8ea48987a2df6c4ccf0a3aa0a3feeec429ce68b66d4cac617b45f4f3 |
| SHA512 | e9b328aa214bdce039694b6936b2f55b926d0379fe01d757d870b2d303727c6349a3a0e6074d76694c6470fb95e4a3df4204863121f9531d5fe245f9eb747ec8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\site_status\warning_red.svg
| MD5 | c5fb6e2c21002496cf142f66ac2c5e2b |
| SHA1 | 13fa6674097eff4a7730746c5862e0067f77a1b1 |
| SHA256 | c301ddee10d154d56eed3e8e1b0d84ec685b55f1bfe0f9e12e5ef46f6589b0c6 |
| SHA512 | e1d12242e5ff6ffb8ae262fc146f8e60a6ed11117ff6e23228bb836e9c705b9c6321830aa171d77001393639bf342a4726bb25590f7c30d48f5fb6edfb388f51 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\site_status\warning_green.svg
| MD5 | 3d867c84e1e6d2fd30e61072133eeda8 |
| SHA1 | 61b9740db47dea7ddc7c8929d03b9c927067d77c |
| SHA256 | 5068c87fdf7e527035dbf48e28c16e97a64e4d2e71dc869cb798b9b6cb926fdd |
| SHA512 | 96b77b9b89067a00867074dbdbbc42c84e9c529a7c0d3a70a53b8918ad76babaa953c84d98881a57be61203f44b8dda606329f41d205cb6236d15edb7c79e12c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\site_status\thanks_feedback_icon.svg
| MD5 | 398983b7e7c9ff221847cc8916f6b0ef |
| SHA1 | f1fc6d77f305dfbbc9c3bc1cabf254c886effb6a |
| SHA256 | 0dd21dfeb6ae5368a599f2ff0828e04a4f095394464c244a89376b854055cc9c |
| SHA512 | 3d0eaaa67f99e4beb24f15fa2f5ef86d193278774a0ad8db256e2b223dab2db9e0fc2615bc2df631df2c29bd7a9f95e131f83d36a95a3317b84da413995b23a5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\site_status\smile_face.svg
| MD5 | f01e50bab229fa30c2780904ad2d89aa |
| SHA1 | 8de1d01e2746419a20c59adba80b7552b19f97f1 |
| SHA256 | 3f0f3fd76158e1e010f4a8de042b0bd57f9aa1ab0a6ca7e076eedbfe44dc3698 |
| SHA512 | af98663da6f17a8fb47853063e36cecf992c0ae1e0777517c656a23fa161a08ae5e9e346979e5f85e1a427a38cf915bea88e55fdefe0954ae70c3637413afee7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\site_status\side_logo_yellow.svg
| MD5 | e16190dcf46d5a978b83fa873cf5c6d0 |
| SHA1 | a757fd5648ebce07f8c1271a58f648e7aa45ac35 |
| SHA256 | cf0f2ed2ecabe6894cf40093bdd82fac51a26ef754c3a597f6dd9f215647c454 |
| SHA512 | 3984563f0d5a22e6c1bf0212e2bb46f2ad43694b5379eb44bf7dce6a701e02cb51c96350c686c65a6800561db739cd216c75b81ac73deb914ed7c6d10d0bc4ec |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\site_status\side_logo_unknown.svg
| MD5 | eef13b8c98033b4d6e7bf020fd0c7a72 |
| SHA1 | 612dc1cca9b3f3e037f771efa920a74615172591 |
| SHA256 | 56509f804340038f1abe9b56deca61d110a3f9020805fe31621492ac7b87fd6e |
| SHA512 | b73e6b0fc19e688fccf5932113abe257a7bc5022fec66d596954626272a81a297070016c9d580256cd01b193354f48085a2b6c07a46ce6062ec3a1ba1a356919 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\site_status\side_logo_red.svg
| MD5 | f14e3d0982634c59cdf07afceaa4f5e1 |
| SHA1 | 09937c430395dc2b26b22354d9c49cfd29bf912e |
| SHA256 | c16eedb1e76ef8d8ec21fd9080e0d1bcd529c05a6565c6fb9838728194bbb16b |
| SHA512 | 48311c5740f6481987bd1c2af33fde8b4a1adc98521642f5e36c50d8e6df2e637052d0b940255fcdb2da376dce5072303fbe94719c2cc81ce31cdd7f674312ae |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\site_status\side_logo_green.svg
| MD5 | c497ec5bd201ed39d481d45806966867 |
| SHA1 | 9b83d45664af236386322d3df77ac826475e19d4 |
| SHA256 | 3665a2cbffd36668b06f473c2924180bdffdb97774ee62c6764c83878fb6a7e0 |
| SHA512 | a08a1b3ece19973ffe484f087c276ecb9171cc8a9d7664f880bf8637a7f5d54976053cb933fad344402d5e21f7ea4a0544d89c1546c5279a23b76aa8dcf5bad0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\site_status\search_icon.svg
| MD5 | 60b2f7207496a45ff9d0c56d3196477d |
| SHA1 | 296727c74f6cec5223e77a1d4ed95bcb4561dbfb |
| SHA256 | c145b6ddd558318f0cc8eeb11f6ea474c690769cde2271677e1005a0fb00f532 |
| SHA512 | 7f8d46b0e52efbd7853ad50e4a0b733d155e82264664633affeafb374c906a69a8364c002eb1ab111330787b4c975403e0708ba2b9dd5f8f0b05188c7d0c4ed2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\site_status\sad_face.svg
| MD5 | 7cb45d712d0d3da14b000209bba4dfd6 |
| SHA1 | 6ba4472c9fcf1e1ff4d6b782d743493e8cdf5cfa |
| SHA256 | c19d804fab52bc557024db7c4c0034e01fdf45cab1ba34eefc5bbca37e987d1b |
| SHA512 | a78e8df9728b826550d986bfd1804edd7cd36da826be188f7776336197bc72a217986354fe510cc5aa9391ddf6aaf2c6395aad71f44d0161e44d04c156b26948 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\site_status\logo.svg
| MD5 | ed708c571abb2920ea9e8777d072d33d |
| SHA1 | cb224b6794e7cbc6b092b874e45d057b466145ff |
| SHA256 | c7b585a3f5d3f0fcc6d99d09b2a03ab0a47cfdf40702a5a9b0899ec2e422d95e |
| SHA512 | 942807a857b82ae22e1dc4a7205713e4365f703a07a8388ff1ac843868b2a17bc5f12ce306cc07ddc9e7a96ee4140d02b46eed334aeb229da0d2e6491ddd542e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\site_status\close_icon.svg
| MD5 | 097943f80730cca1a88700e0d73250b6 |
| SHA1 | df6296484e33a1ccab52f477e9e3f28a53869536 |
| SHA256 | 9ce40ec068ef3eb9bc375a51d80d2d10aca5fda5ba839e83e1a1b8f2eaf02b92 |
| SHA512 | 6c2b23dc013fa6ab92aed6a8a8f970ef04b5c2e98623b2d1e6ce0919a94bddfafd484a44eadc909cf03d6782aa1c1d6d38872aa9da907094936d5eb9ae730aba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\socialmedia\youtube.svg
| MD5 | f3c95f1ee512e5b481fa664db72a0072 |
| SHA1 | 517c78a4a90c91d7057fbc80bfbd1da11cd712a0 |
| SHA256 | b58a353116e1fda690fc595ad5a43c8f389edc10fe5bca49bb4375222fc72455 |
| SHA512 | a08870bee50f39df2f3517b5b6f6f11f7ce899821fa0b5761742b690fc588716b0085dbc6cb08503ca45ceb49b7b1f1900afab7ca4ae4423f2651ae94467dea1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\socialmedia\youtube-unchecked.svg
| MD5 | 649374ed8f7b7d6f7077b08fc33361b6 |
| SHA1 | 89781fe4150a9f295e56ffb1496ae8248022849d |
| SHA256 | bfbfe1db8f3a86a17ffba3a316b31860dfac33ccbbff7da850f986bc2455a1b1 |
| SHA512 | 1e7f5cfe0375116d4594ede7a239d85deb3df2cbeb323a258fb557df053948001ddd55e7f40ac75898330fd8e6c7a46fdaada6ae58c8ac2de6aebf0363888f28 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\socialmedia\youtube-disabled.svg
| MD5 | 79dbc4016cfa7af54854fd87f17b9fe1 |
| SHA1 | f3a8dc59c9f49fed2e8ea8bf8b545dee717b99d7 |
| SHA256 | 48a0372476a73e3802ccc5c923c1f59cdead04df96a9b8a3e601e97e5bff74d9 |
| SHA512 | d1f82c7074008dd519af186ece466d29764c2d0a6f514fdf37dd0d803b1750e82d7ab5aeef62d59b50f399ff9a14ac117dd4dd1d0970aa00ed7b7ad8bd7653b3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\socialmedia\twitter.svg
| MD5 | 3b61fb4e8abd2a4b48beb4e992344dc1 |
| SHA1 | 99f51f7613479683b0d66299f65bdb9d94cc2f31 |
| SHA256 | 61cc9bf74aa7fbefe2386868a799da9d132e826f09f17ea082b2029fb193b6e2 |
| SHA512 | a7dbdfa9218231d74a80e62968472643b38c8a35d7eb533c623aeaf9f7e865418dcbc486168463fa60bf1205adc9b83197aa2ea0d6e001ae79613ea4d2d4c609 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\socialmedia\twitter-unchecked.svg
| MD5 | 49c4d32f0e66654208381ea6b518c921 |
| SHA1 | 1867abaebb561c02316b71425ddc74cec57f6f13 |
| SHA256 | 59c28fa052c96d215cc420ce2ac9fe572381206bb25a38749705595f7bb473a3 |
| SHA512 | 0a4b24d9e058f78542d4b4273cdab0cb3e410463a3e827e44bf98acfedf8d6d0b84b4148e8bd5ae03d5a3e3641403f5a21ccbb727467559d25dbfef2d18166e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\socialmedia\twitter-disabled.svg
| MD5 | 7d822b99ca9e51042ffdaede8a5a254f |
| SHA1 | dbdccfa7ade6f0a3eb56cd7317ac407abdf0bbf6 |
| SHA256 | 6f8318d5de526eb76530b42e9ce055f59cd4e47cd419c571309d215a2f65a252 |
| SHA512 | a9d33fef6183ed28e6b8f22e19fa70084bddf3ab95b6b05fcc4349c45bb86ac7e30b7743afb82218d0a8c049d1ac5ccca3290f34c81038759cc5fe07de086b45 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\socialmedia\reddit.svg
| MD5 | fe709438d1fbb05fa19700835f27c170 |
| SHA1 | 873889e53db11489adad0831d7eec2da09396d39 |
| SHA256 | 1e683942e2ab6bf905719f7f5ccaab451caf8b978b63666014df66ffd25c1b46 |
| SHA512 | b14a991c57d2a627f06c2dad7fefc9d32ae6c4134c1c95649bdf02a21a3ee11d6cb4eb7c37a3025ddf35b73454082da297ba64f179bfbd51800f23c680bbd21d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\socialmedia\reddit-unchecked.svg
| MD5 | 2e1a647ad3777312e5d7b84f70230501 |
| SHA1 | 75d5e0ac26aceb125d3acb20ce668f11cb121cff |
| SHA256 | 95f3634e5c1798fb16f6b7a6b56e9b3374d4357506b48fea1999d53e97f9dafd |
| SHA512 | aed533953cf36e99bfe551ac5759670f365cf3616b7fad36197312d9d7aeafc7c5789c6260d1427a9c7aa4330679088d98ae0ba4d17e40e99daaa07d88a5c5a1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\socialmedia\reddit-disabled.svg
| MD5 | 0a940b4fce5870418e3a07f68a205365 |
| SHA1 | a2f1adc4c0872ae151d95427ea7963042eedcd79 |
| SHA256 | 9fda50b768261bb956594e4ff9aec0bdbb6c6156d530bd4ac5ad095848bc3f6d |
| SHA512 | ebb2ebcd9eb4350d7df5e4d5e4662da49e51f1f45361963404f1ef1265c09d9a69461ef129e74af932354362cd13c89ef3e850c030add750670d2f99da4fa4f7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\socialmedia\linkedin.svg
| MD5 | 39bd4cde50ab7548ef22496b60ac253c |
| SHA1 | b83bcddedf49f70205f3784ee311ee0288e64475 |
| SHA256 | 84dd4440b78f9f27a4e3324ca111b7dae3d3d61395f3b15f77aad6eb90f9a970 |
| SHA512 | 6f8e35866e0dd9c071d59cddf995421ab974e7281ef0ab1f874e8ff125c6eb94414e944da83cc702e6ec50c01702fadcbb47739ede8bf93a43f35a8b5516a2ba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\socialmedia\linkedin-unchecked.svg
| MD5 | 1fa339c46439b60bf6add8b64c4a0b66 |
| SHA1 | 850e2f99d80107e5ed111da44424717cd97cfc86 |
| SHA256 | bad9131c52180e0c04e7422aa0c1ca4e74591eca508d282ff13ea1482d8ebba0 |
| SHA512 | 3362e659863743e6a75f02c53c80d62cc781268f04295f77a72e4031a82b07e3f89c1719e6568c2ee11fae9ac4fa70360a4ed4208a01fa8bd850c29e975f4c66 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\socialmedia\linkedin-disabled.svg
| MD5 | bedece397325b64371952b71ac9c71eb |
| SHA1 | c18a90a282a4c972e35aa8fde8b3415a283193ac |
| SHA256 | 39835ca910e695adf4bbe6757db12aa12c7a0092dc7747f9cdbe17b100ce4642 |
| SHA512 | 6c222832120a822d637631ecb58aee47d5c9e3b566562fdc7fb86e5d9e6ed615533e9d23485fee0b030a476ff98ec5f02af29cbe9701b4c8f6d661c646ab7afc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\socialmedia\instagram.svg
| MD5 | b7e5ead698b9cf7cf78845c94e7173d6 |
| SHA1 | 2f3c3e38b0941c2cf1106bd96d53b06fd6e4c127 |
| SHA256 | e6912780b400cd01f5d9f9c2e99a8f5720c45c772ebfbd4417cad15d5d481f9f |
| SHA512 | f2effc116ba13c21d5cf5100ee00269127c490c84cfcae1221b08ab11c9fbf62a59831c10a78735d12bdd42547e55bfb0827545820752ecb134aedb229c75b98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\socialmedia\instagram-unchecked.svg
| MD5 | ecf3516cf67f667176040cc186fdcd2a |
| SHA1 | 581c0905c382039489bf98f8f9386ef73076ad79 |
| SHA256 | b3bb02e9a212d25fb481f46ba2f3255aa59d5f954ae71d52c6fb8babc5122d4c |
| SHA512 | a77cdac57c711bba2e570535ca8bba5b94285989eaa462b62fe7feff7f26244a1e92d39ff028ec900d3d54d4a57041ba24423e5133c72794115e3acda874b706 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\socialmedia\instagram-disabled.svg
| MD5 | 600c76c70ca6b17faaac5ccfdec7c478 |
| SHA1 | 23a1ef44bbab865f4dbc343178a66a2f8cead620 |
| SHA256 | 054bf6ef7441312c83965511cad648c27bdeda82bcec365ff7a3343f4c374450 |
| SHA512 | 8a5515343736da079db4ea0bec0d5bb6d0272be6c4f04ff5ca41286b76fa29fbba7d7b9c59b4e0d11b5be4fba1589b30da8bb5c726c7c8f74880e6939ecf1e19 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\socialmedia\facebook.svg
| MD5 | 763803444f3005e0faf8f4aa76bdca80 |
| SHA1 | 352a65debde91eecdad9040c7000bede3c102403 |
| SHA256 | bb7dc0e71bc5cc7f5d979b00837855653aa0582b7d8d2bf3866246123ff44ee4 |
| SHA512 | 4120b60be1f40acf8d64ee7a9528ea8a147820dc069a4cc3376b4272e76cc494e6c1a5a32d697cc03074fc8461139a1f107498eb58e4a439bbf9e3d42d99d55d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\socialmedia\facebook-unchecked.svg
| MD5 | c37f963fd30c8fd6c1bb752364107183 |
| SHA1 | cbd1aef0c5b99a158f7befdbfb2d8999b441995b |
| SHA256 | b0e118aa819ff4db65b841b3b205bd90e90348a05ce6bb350a1b7548a2c9251b |
| SHA512 | 78253ebee64fb79405c207614fc4c0d4eecae7f73b748a084f9c15ac6857b9fae7e7ae9e9e339c007ce25ebdc6d7bba7bdfdf7d2638d79b4706d3dc658164fd2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\socialmedia\facebook-disabled.svg
| MD5 | 814d8b8c7e574e45f5d52f19f80b75e3 |
| SHA1 | 97a5a7e4dd6db4c4a9cb578a721deb653e18f21d |
| SHA256 | 64ee3637e6c7aef16e327ec6934b90466170d35d5c607076eea93cc7ebf9325c |
| SHA512 | b102e8c6472cb5821d7b5a9c8b3304bf104ea62858de090e12113c48956fb6d32690e1cb686269de4a0bba1f78b3414a3d25da9ab30a843d210d87fd453b109b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\statistics\pages-scanned-icon.svg
| MD5 | 9f74e34b99cfe1c362f09f5142836939 |
| SHA1 | 44c714a4441f0a7a130e6cab0e75cc811545a66f |
| SHA256 | 05c700272b683ca1670a5e039cfe5098b58b4a33b64e19e639e68e9f61f47b8d |
| SHA512 | 91b80315a53e0809b801067eab17c5eb38e44d7214be778cd2522d5a198d2b63b2cf3db2552d02e779dbe3ab70313da8dade61dce096105f9bfd20647c1b9bc0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\statistics\pages-blocked-icon.svg
| MD5 | 711a2cf02bec3f69dfe89909861a62e4 |
| SHA1 | 6ad9f51a9f2713d17bd93f78083702c9a5c9cf7b |
| SHA256 | 31bfdd4098f6606a017d6c598a638ac5191186c0c7ea491bf38e59dff249d97e |
| SHA512 | 387aa3ccce05b92b21c455ecfe725411e1258617e610b00f53327a53c63be3ec7c016b5f03a631287183c94d6eabc2c20a7e8382f78592f1132dedc00ff237d7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\statistics\downloads-scanned-icon.svg
| MD5 | 6ea0c55b5563cd9feb4cc13c8e5bad8f |
| SHA1 | b21a5cf2dd61bb95b156b24c56e6a311458dde35 |
| SHA256 | 3e6482187200fe72e4b063d0f25a5f14b4492047f90aba44fec9be64ab68772e |
| SHA512 | 899a6054aac2a06f285a553ce6c76a22b8653c4b8b8ded429b1f5a2be002176574c3c63b8aa21b2c2dc8c02c4f778cff6f8ced027cf13105c9b25a8443c0219a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\statistics\downloads-blocked-icon.svg
| MD5 | 160550c817acbf5cabbdd3b20e903e37 |
| SHA1 | 1c771f935ae29004400dcd83dfa8db1adeeed9d3 |
| SHA256 | f330184ef8b79ada42f82c0b0bf77a24046c6b74a69fec0fc2605224a12dd062 |
| SHA512 | b8d746e3a3dcea7685eca1f9cbbb44dd8b18343612ac0ce4aaa4a2d19ce318af3fbd6a746ca23d5fe1d2b2bbf1bb36f9345037cac84a2352a1b27efc8d368be6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\web_advisor\x-icon.svg
| MD5 | 15c44de5bf34f917db329b931143b02d |
| SHA1 | 73e7f9fcbf7d139a6e701ac0c1c8971d29ffc72f |
| SHA256 | d04bc6cda16e1e3d292bfb19148d7f0cad21cb96bfebe0ed9e2a0341d3750953 |
| SHA512 | e42e9725a5a3c80eacc070f6b8e1c4d304b136c4ba55353d36e6e8af8ece534f7325b1e835ce3ae844584f346247070b6180dc35728cdef7b97336059e3970af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\web_advisor\white_mcafee_icon.svg
| MD5 | 7c7f3d088209c673b10b2825c943233e |
| SHA1 | a844ffb567f9d730814df4cad20b3aef7643829a |
| SHA256 | 50229fc494498f88523c723063e67490dc1e4776b6d3b0876fd7931c1e1b5c75 |
| SHA512 | 9da0e3ba21bf441b7a07a0b6f66f550e00cf686099cb00ec9e4684370cfee3669951793af4aff0bca5b2595f0932852027bf56e6fc4e3d6f7f71c530e53e27aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\web_advisor\search_icon.svg
| MD5 | 51a47620b1c48b4c432921d35d02d123 |
| SHA1 | 14297a9827ce5ba874e4097ff8840f06b109ba44 |
| SHA256 | ff1a4e5ad768282559f2c0575c36a49e3c5c846bc5717ee07853e34fc7494235 |
| SHA512 | 35a9fb65204eb66ea548f6aba6bd468d8d24f6fcef9633211dfb88bcd81084a799c5bcd26b73cf74245b11117c0fa74b980065f0927a291c2724cda64d81b711 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\web_advisor\mcafee_webadvisor_logo.svg
| MD5 | 602508266d365ad23c2c9bf5e352054f |
| SHA1 | 1dc20de9ca11a5ec24017b3cc6aa077cf85cfe77 |
| SHA256 | f09f1b00347486afacaec4e9cf7755986b8bbd6ffefe1e464fd7bb9928f16b2c |
| SHA512 | b20c2ee4c40d1e611bd9cade5e2b29a04787289e70336044240c88824e454f46379c4e5bcd94169a53fdc4782f7cb2d9af31ea07ab59507f0c1db15b8c189696 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\web_advisor\mcafee_slogan_white.svg
| MD5 | 10f404e036b0309e755d77e4e0348d5d |
| SHA1 | 820ec8420fbf5de31ace37d22c61d23fca73d3b2 |
| SHA256 | c4f3ebf83f24aba4843a588d064fadfe68e4cfadc925833e16c1aa0e30b9eecf |
| SHA512 | d70de232e46f3c44bc544c65a6f46e46fc465243f3061e0a450f04a53f9309f5910f67bdd736c6322901ff2fea6fb6727963f6407161125a6fc585ad7a97a2d2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\web_advisor\mcafee_logo.svg
| MD5 | 9bcc6f675f54cde7cafb533091009f32 |
| SHA1 | 3cf028339a1627fec086a438ca4e7718d890fc91 |
| SHA256 | fad79478bad5e3484804e956f3678b2065525f26e032939a4e03af0e274553f6 |
| SHA512 | a80072b5a697b81aa6019ced2c501584e2330c8d4f4fa8675133f161dd1e181507ea8a6b375871c28cdcfef1166e5cab92b7906baeeac9f30c218824d651fc97 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\web_advisor\mcafee_dfd_logo.svg
| MD5 | 68db76b7e24191b66129255027f82c94 |
| SHA1 | e83f02c658d6d71507fd9fa40cb2eb7135e16b3f |
| SHA256 | 0109dce78b7f1722f3afef6b68ca982c6b5eb7473b2561b67bf62e91bb7c1ec1 |
| SHA512 | 65ffb879ed6093d8f001243abdd99d34c52a8ccc8b08e2160395ea8fa68799cb2010b46d12ea8af0f23186af8bc559dcec53a24ee85b31d0dfdedfb5de32279d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\web_advisor\mcafee_brand.svg
| MD5 | 16405c6c43a4537a23405324de6ec0b3 |
| SHA1 | b5995e25af58e19deb9fd85b739d10fd8cfbdca3 |
| SHA256 | db412f891da3f9e41bea3a05dbe5d013cdcb21bd3091b7f4780d1c51b1ec44bb |
| SHA512 | 66bdc7349964f5a08d52a437a22ab2c806dc86f62bc06e1cfa6b863ff7de0000cdfaa340fa1d6b17f26c5a72f0e7c49993b0109eb82c86570ba9b1d88a94153f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\web_advisor\danger_icon.svg
| MD5 | d25c35fbd95038c5c82f2372980faf48 |
| SHA1 | 76d0c8c5c5c3cf89a17a5d2cf04c7948230d1dc2 |
| SHA256 | 9c5f1eca9c4e95c817a9fe4f581c607318150d611f08107f612b7adc366ae7c4 |
| SHA512 | 0f7d90cd13c38fb2bb1eaea574e7a6887ad8221596818612a3405971bfed169c951614946f1500cd98f439efbad34bdddc3bdaa3e8dc612248dd64a6b99531e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\images\webadvisor.png
| MD5 | 5d71c98e5628a398c359918a39698ab7 |
| SHA1 | d552c8967cc38c42c316fe3cdce197d1529b2853 |
| SHA256 | 9e41e1234b3dc6430bf77d8b3806bfe54de2b52bac007b82acacb34e767959fc |
| SHA512 | a87a57c4f88b18e7b7d5c44885cfbc82a1145ca16a27c0b6963431e8235f801db18a9c005bb01316008801701214019a7686a2de448057fa28a7d5ca560ee36a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\json\engines.json
| MD5 | 58d6a17772d80d45cf419d6142bf0fa5 |
| SHA1 | 9137a8a4e4d650e7279ba733fd4d7c28c9a295c9 |
| SHA256 | f431d76c4516f0e327ce73e748c0c611952646672fbf6891c240a7d96aa5be90 |
| SHA512 | 2b0665c37ebda73379d18e8cd63b33ad48cb0e2f081e1a8a71f9182e8ff209bd7a9e731233a7e5824359558c93a8e7a7bbb76eaf6fae93111f272975ab7b952c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\MockingBird-Package\scripts\worklet_processor.js
| MD5 | 86907ea981517823e04161f266aaf02d |
| SHA1 | d68fcca8c05491d4baa14cbecd4b12dc12914cf8 |
| SHA256 | 587ff5586f90a9a887846fff22accefee4e02eaa59746e96e11a2ffac242c668 |
| SHA512 | cd78e5d7f29d02dc7d400d515cc1b5b7e8fb6b7d8322a06c2ee4a566e5ef63ae0125f97357206e593eeba08d866a2fed63594883801a31a37cb70ba270d25823 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\MockingBird-Package\scripts\mockingbird_content_main.js
| MD5 | f58c820f1a27893f841b26d5b9e9a43c |
| SHA1 | e277212e0a9399835b4f9d972563e4c71405661b |
| SHA256 | e13efbe608480bb7ebbde2a22dc56c8870981aee037f5b50ad521a2cf458457a |
| SHA512 | 84aeaf3c02d8b32c592acd788afba699e4c33d159b468733ab720705e0d6c0693bc6e62f27bf1f9233e549079f698862318718d2594452ad3f0ec2b22c158238 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\scripts\Sailer-Package\feature_collector.js
| MD5 | 78d57885e5e4d3f8aea5b2ec1635e965 |
| SHA1 | abba46a8d2ed14d38dd004d866f472da80b6b79d |
| SHA256 | d29f575650cf543ce89dcd43e657c1a97f6dc8c0af8f85248cac4b3ad4f36954 |
| SHA512 | 18f1c3880c5415872b2f443431f55a632e3d8f3952d3b8eba3d72e367ef16dec803ea1404d598c503a97931c0e7242cfb53124699a839e248374259b128b63b3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\scripts\iframe_form_detection.js
| MD5 | 21ea0dee1965a65a3e7ee4f38aa43f3a |
| SHA1 | ab5c69c3f19b5bd7fabe4aafdc01c9d6a4ebc1de |
| SHA256 | 5c3bdbf37d19394cae5f4b028fcf8d2b73ae8769323e5e271154f3cddebfed7b |
| SHA512 | 980169632d0b75e6d5b677e74172a9c805ead69b63f858e881dbee3c76e8c02c54a7b8f245515c9fb8b4baf03c1e855cb7c237e4367035a411b299ca0077868f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\scripts\iframe_form_check.js
| MD5 | fc3b3f629a8f1199f723e1e2552f940b |
| SHA1 | 4fa3cab26f83389fb32c4bedd99ff0e5f083801e |
| SHA256 | f9d36ee52bbd4e32137b761f0e7b4082845ea1c90c2b752541306369d4b0f307 |
| SHA512 | a7f015ecf4147981431f4c26e3948f7f5af6fe9ed1224184f30d28c9d7fe838b428292e6eb20681d8f735846ea9784b3a44b262bb09e42caa3179f802cac47f1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\scripts\iframe_block.js
| MD5 | e2037ee87f0335bf031037010f5d76c8 |
| SHA1 | 8c47c7945f6ae7efa8268e72a3f7f9938cb78c63 |
| SHA256 | 6b1d5b5b9836686be47b5480811a4c1ac57776ba7a512b994f5cefcafc2b59c7 |
| SHA512 | e8fb1fea7de5fde249d0263e1e1e8e4a3b2bcaab9647b82484c12b45ab44483f3dd90ad5c33e14b09bee2d3ebd9c95bd7e9d16f9ba4fef1d9fd14c4c0afada54 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\scripts\content_site_listener.js
| MD5 | 4cd97b0e78c090521cce946ed9e7ecfa |
| SHA1 | 44a08dbdcc2164cf26d295b1abcfa8a92038efda |
| SHA256 | 3e71aec33cd1c07998785b5ae9a62b38b7bac40d810711ac659c6bb8e31c2070 |
| SHA512 | d2aade7a04592fa093ea700d7f9020c1a1a04ee89f8c79f0497c2ba19a4406fd8b04b190e3c6b7b393bd1fb6f829017a61e679ab3176040bdae02570891c8ad1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\scripts\content_rat_detection.js
| MD5 | 10e759e58e9301f87f83cb906abc35bf |
| SHA1 | 713021631c012d4d700730a89bbc22e2641f8a00 |
| SHA256 | 4ebcc445c38d93787409be0ddb0ca9bfb699387f97b46105c72a961579a35a30 |
| SHA512 | 38c7acd6f4fbc718cfd7c15393f11446fa4657adb2a8ba1689f337ab7cf5f81bb19931d46db5e257332b4ba963c54fe34543ad7ce23f478b7d3cae0d33b1dcd2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\scripts\content_no_native_toast.js
| MD5 | 5ea6210a5c099ee50f592dc1555592a1 |
| SHA1 | 74282b8bd75b6e8edc4a0d955c8b5619e729a36b |
| SHA256 | d20d1bb7f02e9aa966026866fbd3ea7ade93345584937b620223f775a1473c2f |
| SHA512 | 23edd23b25a5b39aa6150a2e22b1194642d5570a04110e52cbcf2fda9ce7facfbc4d178db259cd591166c7d7d41d2c2a44ecbe18b74b21ad1c97a31d93301122 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\scripts\content_mb_video_check.js
| MD5 | b57fb5c7ddad757dafe13a363c443fc2 |
| SHA1 | 4f182b158ca0ac297521e52e81fbb1a30d9fe3fe |
| SHA256 | 89db7b95d9245182bb12f88dda0e2752b7de6bc60ee786243c7fabddecb66b72 |
| SHA512 | 0274512d74b5d3d04199ea2cb854bedd89efb8ed3e81f68fc008215397616d84f8ebc76cbef8ce7a7783830f3033f193ef13fedde477efdc60cb4e344971fce8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\scripts\content_mb_banner.js
| MD5 | 20c1b1cbe96fa57f70f9b279f286d6ec |
| SHA1 | eecec9811e6949a51c14b81b68db565e0f9473dd |
| SHA256 | d5229059bd611691dd4f42bf2a515acfdd737c5776d39363d9140575e2093584 |
| SHA512 | 162abfdb6a9a6cb57805301784f9585e57860125f64f3dc67da3cd3787f8faaa4ec64e13cce9fc95f1264213a10c9e3ee380e3aca7e4dc3a09ce85e569b15291 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\scripts\content_injection_check.js
| MD5 | 9ddf0288b1c8668ff55fdb38f3072c02 |
| SHA1 | e76add5f884b7e370bb2dc7005b8a63297151348 |
| SHA256 | 9350dd08e265186007bcea995ddacb0b2afb603ea042a9da2c6f256a0e5a47a6 |
| SHA512 | df4057cbfde2f4cbfa7dd5353011e1b870abe1088a5b96bc8797491d5af5d49953353b05138153497230dc2f6085525c1b358793de7424adf1a14112e8437903 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\scripts\content_iframe_helper.js
| MD5 | f8c6ec2725d24817a278cfa11caa9199 |
| SHA1 | 3dea0b4661500e102d4bd8322e9e43b53cf46f46 |
| SHA256 | 899315e4ad060efe29dc008d444616cfb83a59527d93a778080b99d8bb2d598f |
| SHA512 | 796ac1ce975dbde7e8be511dba86aa766a615c679933c6435bc481c546e008c30262a995f607fa103db9e248405b0bc3ac7416d2b11c95b2ddc396a9d0f88dbf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\scripts\content_iframe_banner.js
| MD5 | d81303724065e2836926112c9193fb18 |
| SHA1 | 0eb3ff8becae36c0d83ff8c7e38ddb093d84d95f |
| SHA256 | f41915972e8449c2af64e83ff8c1ec88297ab69eaba3c67f3be2655e25df7754 |
| SHA512 | 19f500a92fdb14ea1efd3b7ae1886c106c119602be92e0d719df63ec977e461c2203f12ff2a3e81c6f053bcd1466970da58e041ca9db16939f31c7ecce652263 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\scripts\content_autoplay_detection.js
| MD5 | 783dd0d66998c5f5f9ae20234260e7ee |
| SHA1 | 77710158f087d73504157891e1262379577f6cd0 |
| SHA256 | a2cab713db49f36b7ebc2d37188dc347bcf57ad799d24b7a35c7c73ec33b3714 |
| SHA512 | 03a2884cdb06d2150eb331178ab045e9f681dc92bb268483bc8bee4fe69cec3669347a83ca753b09d0e6dfce5edeee70fa2cf99e35ca6a2218dd5df3174ca33a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\scripts\content_aps_observer.js
| MD5 | 69b2f7f3dcbd0ca393f8704c8905b518 |
| SHA1 | 948bb6ab65ca71ed9d95d59a123f77710cc780dd |
| SHA256 | 8448c0a0df8b7d613ce2e4f380595b18fd3f9ec2f27d04c838798452a9ca2058 |
| SHA512 | 1e915ee38e039511dc27a861400e3d0c4f25013036c424e201a44e9e3f948dee33458b83ffad0c3af4d85a796be7307e5a51fd83f70f05407a164fc46c8ccc6a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_locales\zh_TW\messages.json
| MD5 | 5d7b067e7a48e210eb1cdd3ea4b29fe4 |
| SHA1 | 64df2081c292726ca28a55627891c2560210858a |
| SHA256 | 4b420cc80affe21d22495fd8ac53272009c0a040d6b298c15b750213cf92d058 |
| SHA512 | a0f0f7ca7f0c464c51e520dfdd52d25a8f154d7a5294770d851e33c477e78426af831aeebfce3085bfd030802ec2bf9889fa05ddb5832ad6ec5e88b135847f17 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\_metadata\verified_contents.json
| MD5 | 3430dfca4124d287fc8e283161dad819 |
| SHA1 | eab3007329d0330df48586aac8d4294a55edcd6e |
| SHA256 | 1844facb956ac5369203ebd48432148934c59ddfc75ed92b781700a47827f7d6 |
| SHA512 | 9b3748928ce458f81ef5f54b82d4a7db2abd0f01fd310037d4288e391b1fdea615d9a13b5f22a9bae55fbb7329ee80d0e56cd40e194aa5e83145164af7141e27 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\wasm_lib.wasm
| MD5 | 5595ceabf201e0999eb1c75161b0ffff |
| SHA1 | 70866b4688de794e5bd46e5724752822d4dc2ce8 |
| SHA256 | bb1433393d0650869ffc6e63cb733eb6e179d83c9bc311bf8f86da0f85b070f3 |
| SHA512 | 053e24a8569355c0c1e930bc8eef154d27ca81a0137cbde537211de5fb8ceeffbb1286a3195c2e57d6ff02d04cbbe88519a722fe41a8c7d29df42414f91b994a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\wasm_feature.wasm
| MD5 | 7b3c4f728ad69b286da8074a9ac18d48 |
| SHA1 | 3cf9ad45f2ba38479d2dbcf0e534798c0f7be5ab |
| SHA256 | 13946aecf894abf712069e5ff9f3f00433a446f781a3219ff7d92c18dc334c45 |
| SHA512 | 820eb8e17634553ee9e2e03760a71d33588d83c8c162cddc1176113f21e0c6220dae9798fe80004c03d0698737256070dc3c7047a0ca72e2422c7be4873b6b0d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\site_status_typosquatting.js
| MD5 | 82819edf93be39ae6e76992ff278ec23 |
| SHA1 | 5bf4a9c23e8a9ec6c4ee2fb39e8431c3f08be98f |
| SHA256 | f17b44c7e361582cbad2861f5140c5bf8c77065cc924f0c11c54aa6a4f2fae61 |
| SHA512 | 687941f8d65eead8ce1c6b023da27cf09a07241b5a5a3847f5341131ffc6825995fb458aa8fd950f66e502bf2f63491ea15f093046bb91e1033caa1f42818cf9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\site_status_site_report.js
| MD5 | 32800181fbc8d6df04fc92a6266cef95 |
| SHA1 | e92909d2596ffa7d864ebc0ebfa6fee1593e2b89 |
| SHA256 | eee999705e8e71cbe20239ef4369f677e776cc3d718b438ffa7352d879ba14b9 |
| SHA512 | 73049b8542842ef6ba5c6e38a57e875a90290651dfd1349d6efb8ce56fb8eecd31bd70970f8719fda27e97f0665329d3033ee7bf7624cf9adb9677ad46d228da |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\site_status_block_page.js
| MD5 | 175f719c91719579f2719253f497e244 |
| SHA1 | 142c83a97fe8b8d866260f0b1771ebc177d22628 |
| SHA256 | 855fad1942305abd7efb9dbfabf0d838070d0821c88e634f4a7534463447f2c0 |
| SHA512 | b19fc301c3b770b1c4acd40fd60a78dd06a0a5a6554b4d868f6a17573b0e56317343a9faecb41cdd1994bf3372dd9de3b8aa02b0b62fdb1bb8860ca0e69a7c8b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\page_banner_mb.js
| MD5 | 942d5dae15b0de7ce72f6445a91b9505 |
| SHA1 | d141d736c5b8e7e56648ce0f8e6deb8a1564dd97 |
| SHA256 | 0956b47d9666f2b1ec41781e62b323996cff229f0817692dbcbb705a9285e901 |
| SHA512 | df43e178fe876b192cff838d1dbca094e85d2bbc1b0070d09998f181fb86bdc98c542f274c1b32115274d8bd415ed00981134f60be657610c2b8c829c2f40f3c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\manifest.json
| MD5 | 7bd34bf258436c77e09ece97140db53a |
| SHA1 | 748d9b18c8ff3853a5e20a9163c497b2bf6b1594 |
| SHA256 | c295a9a03a3a37492de9198b06d6394d4074b4600135ab295ec70756688045a0 |
| SHA512 | 6f2236fc0eb4049659de83dc6235974faa1ebe461a0039222d84a221154a4906a01d90b90c6937c1935e3e2ae550b6ed5a5677c89598179c5c95ccc386d5ffc5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\iframe_block_page.js
| MD5 | caa59401fd4cf428f16cca0734ea567b |
| SHA1 | c1dacece2b62b40cbfe9be213858924f0515a44b |
| SHA256 | 005f69129394c010facbe81ebfa59598f7e844d2f7e173965a7f99c31d29a79c |
| SHA512 | 731f8b89b651bb0a7257fdf45106b0e9ae6bb5bede0e65bc42f641de1d76a509f1a5945009c7e0f4c4163f6b2367366c1712c64b8a4dfb8fd9a5a0314bbbb05f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\how_it_works.js
| MD5 | dc04e05ec7ec2cb375a2300f3125408a |
| SHA1 | a12e12e024030cb166351c2ec511d6941660debb |
| SHA256 | 0c4b22d571ffb9e21c5aa3e6a41f13c1c4c05410419f997af70d8774c95c252b |
| SHA512 | 9bd13f1de9dba2aca795ea737c0678925f471f99a4d378f005099827d6f5e1e45f78bf3cc468fd6875199c151532523ccf6cbb309bc2cacd93ada99261b04378 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\ff_policy2.js
| MD5 | 6dce799d72489c6f08b8367911fb7581 |
| SHA1 | 023716aae6d3633e259aa0fed2d640f038850a3b |
| SHA256 | 18f5bcd5ec8a9f195b521b5da17ba972ef7599ab7f21d0ddb16a3c5bc5127a3b |
| SHA512 | eee4e56794d05e19b356708c37bed2a43655086ef255b01c478435765354c4846be69abb2e2c5a4a79b39baa2dc8ab018f4a3354d496507dc2b34ceda0097330 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\ff_policy.js
| MD5 | b9aca3cdaae13b1ce58e094eeacc631d |
| SHA1 | 560b8e70b594c35e8f4cc3a76a6b0bd575cca88a |
| SHA256 | 344b1d91d803f724876144978f90c434070effd12ae266edd811eb6c438062ef |
| SHA512 | a22aa746bb5837610a16e75b88c934a15e395d3c2f0ad0d571b254e66c8b8d66661b7e7f38ab4c4479a9a3c98ac4e741c5852d0523150ce37732541321996fb5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\background.js
| MD5 | 20bdb652d04d3d02aa857c9bced68e9e |
| SHA1 | 43cbfc99ad669aaaf5b04f9bd4cd5cc747967d46 |
| SHA256 | 3f37bb726942d278807f77e8096af34ab97dc977aa708793c1c5ef5eb52cb934 |
| SHA512 | a72cf8b791b5789c7ca49a100f5bc021ce1c2bac172bb6da43bd93116649730e28c9e2701ffda310c9c75b841c20c3323918c97e5ec1a9768c47c64d5754780d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir1904_341303031\CRX_INSTALL\activate_banner_mb.js
| MD5 | 971817a50e045e716a5ee07fc14bb2c8 |
| SHA1 | e8ba1ddf58a64192ed4e8c3bc864fbf84fb47ab8 |
| SHA256 | 43b4b6ff00eae1fa9e1959e81bb6471d81ce7d0085dcb706acda738bc12a78c3 |
| SHA512 | dfc02597ac688161b892f4d2b637f7e2b1707a4112a8815e18f16af8187abcc2a9af927a8437b13f127f3c507b1ba5e3ef158ee23a8eade171db306758e0ff2c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 869f3a261a35f882a656b7e49def0abd |
| SHA1 | 179a151f960312d13728d9d26ca6a4e0b6c92c6b |
| SHA256 | ffc0f8dd776f22e73866714d5fbfa39201ef3ef838e0283f5a0ece89863aa8e6 |
| SHA512 | 4d091b13f9cc4d705330848fcd15cb2090aeb3968637e01d03d237867f61aa83b371490bd16037e54618c0f1d0d00a2f49e7546b68649c294251729fa8ddd902 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 513a1c974c5fcb70ab699592ff9abd37 |
| SHA1 | 4791106bd92f2d6435ac3b6f777334d63c044193 |
| SHA256 | d0ebfd3910a40c5e091f6953bc92efa5f8eaf9e0405e398d8790ac97802c3d15 |
| SHA512 | e618766dd8539ea5a13918d77087b7af75d2faffafc2c973c440a5b9fd0dc071ed16a9ea6ad70224a6a0927b584afb18203c26f5251799decc620d954cd31168 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 29cbb15cdb5213cc18ae52883b7d80eb |
| SHA1 | db33d785bc83cf16bbc855d6ad9f67e1684a82d4 |
| SHA256 | 793afe8bc025906d44d3584d3e915584762bd3d317355d2d44b3bf7bc5137196 |
| SHA512 | eebed669f3a99557d6f62f9414a9d0c2f53eaf285f28383af84f4bfb2e5836842f58b2e25de42a612bcc254f6dd04721ecb734a49f4c59ccc526b43a97b534b0 |
C:\ProgramData\McAfee\WebAdvisor\UIManager.dll\log_00200057003F001D0006.txt
| MD5 | c512b24d5ea45552ba9581d00068d209 |
| SHA1 | 9c5a38680adc0bd1e09e2edcae3dec58883b0157 |
| SHA256 | a704a5ce1bfd91f4a277070b8c481fc7c0b28ddca477ef09ed8a8137c3f1d493 |
| SHA512 | aae2ff38ae9e3b3cb819ef352a208e4cd7a482217b38983e4dc78b7dd778aa1b257094f25cb1eeddbced0fc9d7237b3296dbf5c41270c066fccacb5a7d8f35f7 |
C:\ProgramData\McAfee\WebAdvisor\LogicModule.dll\log_00200057003F001D0006.txt
| MD5 | d9c135a0d2d33052a038445fcec0c20b |
| SHA1 | 975f3ffc05b907742efb8e6345a9d8ce86f9f884 |
| SHA256 | cdd0a6224c82569c33c70810ec62c4ba8b227c448406cf2ebb32bf86dec69586 |
| SHA512 | 6c610bba1e7ee07e3e223637160c7189c1a59fb7de0138c0eecbffd5499c1b76c6f6bfa88e7106eba9d8f53971389bfbf7c47fba4450457a644ef16ced57046d |
C:\ProgramData\McAfee\WebAdvisor\LogicModule.dll\log_00200057003F001D0006.txt
| MD5 | d1c467294a5881327d3f473e6ce2364a |
| SHA1 | d118b6e035de8d179481c02f0526ff58cc739adf |
| SHA256 | 7afeeb2fed1cebd6edff23b0bd00f1cf0c6ceff06d6ecf731dbb7a2f8eaa74ea |
| SHA512 | 458ea32a7c7a0d9b9986ed151410eea7d13d2c5a48350dd5ad0f109044a5cc22e34cd8740da8750a5d652fc9d87c3df7c6ff84380a8c476fc2a733713ee55731 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7503bf28fda296c51833e27dc309ec2e |
| SHA1 | 1531ce1e04658a9253ab02b437d6ae7ff1024724 |
| SHA256 | d0729865243a1b98f852c72570ac76ccaf4cc8f78a4c32e1d639036557ee5095 |
| SHA512 | b04879e883d92ac482eef4ab0fbb89ce82c7e0c26bff08bc71ad288476f16dcb3beede6c84375cd4f2d82fd8219d61d165852662fc39fad5cfbcac19db58956e |
C:\ProgramData\McAfee\WebAdvisor\ServiceHost.exe\log_00200057003F001D0006.txt
| MD5 | 61cde744a0a5cb71958e9938865c77a7 |
| SHA1 | b4ee4707e5021212a76abad6d931ff09eedfe702 |
| SHA256 | e8ab9e0caefd290b86836d5838a1b14e740e21cc2fdacc37d852c1d5768bbaa1 |
| SHA512 | b504e0186d4a5d57cdfe936da8f328fc9ddf6c2b0ce6257dcf70ed4caad9f715a2eeba10d009163cd8baf86f26627ab2b38f282d0d9089ac2f084ce70fe6feab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 36372de49a245cfbe48bff65b62e422c |
| SHA1 | 57a127cf5f98365d039e59a80af31c071e8fae4a |
| SHA256 | 3a125dbf75790aeee78b5c9328c27c173d836b85fc41ee2e70df38da2176cc69 |
| SHA512 | 74b113bfd9a1beb7cd3c4b6dd89ae669a004ccd3c387cee5fbbe1aa4d2eb3c16ee660da7a67fed1fda43ab3565cb4b830ae3ffcf3e81f5eb7bc940910117314a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e818bc9db6902a654373e5bf708646d5 |
| SHA1 | bec0f2dd87d48a9e3355bdc40f7c8a89f6932280 |
| SHA256 | 01b9d3f5d7afb49335dc10f244103716c06cf829d00ddf02b25be9f68fd7c546 |
| SHA512 | 04b3208be7b23dbe76ea6ba7d0d8cea26775fba280b97ed7deaf78dbf35b05635ec058329289ec7e069211eb992cd12f4b621cb3c71814ae8a5caf903a8e1922 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 51973ff09f10d846d350f912f9bde75b |
| SHA1 | 274086ba78052d88cbfae4ce666ae86ba64759e8 |
| SHA256 | 8529d2f3a7c3e8c6ea7dd9ad7006538c1f9ce0a61299261cd18060a91a4ac7d9 |
| SHA512 | 093f4c0d92fe097dbbdc4be7b447db23d4a97d769a2a63c945ebf9c44d055bf31ca02b174672b58ea8479292069bf84900a03f75f67e48cf84ac06b2709e1694 |
C:\LDPlayer\LDPlayer9\dnplayer.exe
| MD5 | fa2c08e402cc1c1fca849ba2e4eb56aa |
| SHA1 | 133dbe827d469e8dcfb792734f1fced97690efca |
| SHA256 | bd6ed960624c4ffb99ce82611f23365733df329b1ff3216590292ee8034a4421 |
| SHA512 | d96f84f06784f6d2c2182301ae4437303f5f3ab8936e6e3512606c28cc99de268bd186a4eb73b092c1e54995fa849c38080a26fe6dc2b8c1e7171781677d3eb6 |
C:\LDPlayer\LDPlayer9\dnmultiplayer.exe
| MD5 | 38f88ca4211fb378c41412c23af886e2 |
| SHA1 | 7c904c5fdf84d13ffd47703be39380861b5a6a7f |
| SHA256 | 6b149b8b72bf3631111f0e7b95b4dbe2646b786a3de1b414110438927d3f9c38 |
| SHA512 | 6ff289ee872bb96de9de4a3ef82d043f93542545f1555885bd4b6aa008892a8e3fd5f59eb4ed76a402aaa884989725168206aaec6582ea37bd556e7f642d681b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 61cef8e38cd95bf003f5fdd1dc37dae1 |
| SHA1 | 11f2f79ecb349344c143eea9a0fed41891a3467f |
| SHA256 | ae671613623b4477fbd5daf1fd2d148ae2a09ddcc3804b2b6d4ffcb60b317e3e |
| SHA512 | 6fb9b333fe0e8fde19fdd0bd01a1990a4e60a87c0a02bc8297da1206e42f8690d06b030308e58c862e9e77714a585eed7cc1627590d99a10aeb77fc0dd3d864d |
C:\Users\Admin\AppData\Roaming\XuanZhi9\ldopengl32x.dll
| MD5 | 395970be72d1bcc7755f95a04b3b303d |
| SHA1 | f4019b43fd95f1748e2392d5cb1aa4486aadbc13 |
| SHA256 | 5fa3f4cb4f4f603bd8b9a538b54658ebbcf9198d99f2b0e1ce447322b22fb312 |
| SHA512 | 2f4968b8564bd3bbc624a6838ec33de22413afb8711e08cc36b082863f4e146212c1b6173921ea110c65a0dc20b97c9e187a8ef006005711efcf4237db0bcd1e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\21a0b771-6a43-4ed1-be59-caa5eb20d78f.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0a9dc42e4013fc47438e96d24beb8eff |
| SHA1 | 806ab26d7eae031a58484188a7eb1adab06457fc |
| SHA256 | 58d66151799526b3fa372552cd99b385415d9e9a119302b99aadc34dd51dd151 |
| SHA512 | 868d6b421ae2501a519595d0c34ddef25b2a98b082c5203da8349035f1f6764ddf183197f1054e7e86a752c71eccbc0649e515b63c55bc18cf5f0592397e258f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c64e54106f648b87998958247c64325f |
| SHA1 | 1e4ab025d004570dc6576b35d76c32467b3c7a91 |
| SHA256 | 99ead9f7030c2d1398ef7d6a4ec9384db476d5022e5fced2b33a53de3ba96aec |
| SHA512 | 4289ba597bb15664419226c8dd57c19bc98fa0d5774fc6c7c49e8f55ec0d384cccfc3ea292f23e792a1f9dc25e050d3c21c09a7240d91de6fa38a13fe93c6d5e |
memory/2728-6442-0x0000000072B00000-0x00000000732B0000-memory.dmp
C:\LDPlayer\LDPlayer9\vms\leidian0\sdcard.vmdk
| MD5 | 4d592fd525e977bf3d832cdb1482faa0 |
| SHA1 | 131c31bcff32d11b6eda41c9f1e2e26cc5fbc0ef |
| SHA256 | f90ace0994c8cae3a6a95e8c68ca460e68f1662a78a77a2b38eba13cc8e487b6 |
| SHA512 | afa31b31e1d137a559190528998085c52602d79a618d930e8c425001fdfbd2437f732beda3d53f2d0e1fc770187184c3fb407828ac39f00967bf4ae015c6ba77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000042
| MD5 | 5e4d862db5dc93933bb5c3553bf45fcd |
| SHA1 | 4f9e50a695f7f0ffca84a5d50557fa7f64155b4f |
| SHA256 | 731ba8c387cb151249f198825d103cdc333fa47c190a06e45b7bf04b47d518c2 |
| SHA512 | 74ae931de0cbf945e04f3a87565e212e03096add5b9cfc3da96f5ffe4a7da91dc32eb5854809b79f7e9fa605d52ef6cb625e1293b0d9218770f522b54ee6d81b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b23930cb5cdcfc9f5cab6c9fdbb151a3 |
| SHA1 | c345a43c20b1040d205713161484bd1ddc48dab9 |
| SHA256 | d0ddcd5e41bfce95b11d0b3b296ea8f9c26808b3ceca335b2a5d987b1fc1e02d |
| SHA512 | f549961abddb505455f3d0a1b96e83c4b40031d1dba6b9f195b930f6913eefea20b61f3c142cfea134333feac9bb86adda49ee64f5296754a133194e6e66381f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 80a6eeaaaa22117b9c62417f11fec834 |
| SHA1 | 555a8ff31c9349eedbc67313a422a8a9ae4677f2 |
| SHA256 | fb88669d7b5856320f37f4f7b9f28810c6d5142b2c0cf5692eb899e841960e49 |
| SHA512 | 8f8599d7658405774e8ca266ccb5cc6379ca43e28b6c87ca96c69d6f0fc672abd2760334c8cd0a81bae3fd5096062bb6ddae73c689751459ec22f27b60986d45 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6b0a3a5a75de1bcdad66b17c4e55eef3 |
| SHA1 | 24ede711204a324c88cb50d8bfe8fb0b31e0432d |
| SHA256 | e108bf38b055faa76fce4305b5d83e0ebb7e76610273e6ff61f6351b08c4b95d |
| SHA512 | 4bac57488d29c0b417ed0dac2eb70b8b6a23457f6bf3c5c2f83e6f23f22b5821030c271370fd20fb5938f15553f7819215e879c14254b173da21baf00bd35ca7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049
| MD5 | 05e9679509b61424a07cc4d4efb7247f |
| SHA1 | db4fcfac1d89c7e4f0bdbea9023034b64a9dbd81 |
| SHA256 | 31798b2630a882be758010dfa51b12026c8fd81f0e4068b38fd739cac78cba0b |
| SHA512 | 1cbe7343e19b41f3f116a93d598d7b67779d29c6bc0a7b086d112dfcc76fee60811290b67b5d2561751700be483f6cd460b9b4c8325397813314ba064e4c2208 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006e
| MD5 | 8aeebb3355b86f314e4ae0938d997565 |
| SHA1 | 2a8d8bc05c112fb6130457e84d126bc467f8dd4c |
| SHA256 | 1fcf73d2a385a8533580ca82e1914dbd8cc7bfc470202ea77f7bda24988eba41 |
| SHA512 | 5dfc9b3eea87dd23b83bfd0a37cf399bfc98aa90cb2079a905d2f9d77254aaf7b7ab5b69ab184d9bf29b7a7947a8a66d1ae55aef37d9e8bf59469d9d387582d6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f2d82a2f964d15b669a6f133b48be9be |
| SHA1 | 1d1004986e1ff17c9a9529e3be3ef4ba2b03b8c7 |
| SHA256 | b1731844260cf967219a840f8bf52613187b7eb4204758013df8e8a13a0f097c |
| SHA512 | eba7d658a48b9fd6bb6ded10ad2beeda61fbb43ed6d92fea0ab58dcc050ff53e14783148c35ac98bd3a3ef2310fd0a85c06657555706eb9efa75e7fe08255df3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000043
| MD5 | 24e2a32e7e8a190a08af9d386f5b59b3 |
| SHA1 | 4a609894398d5e85d07af10af19f85edfedb7f17 |
| SHA256 | a99e8f750e7601902e9fd11052906362b1031381f9f6fe63ffe2c4cd2b8a6d05 |
| SHA512 | 901e49d54709d2232b1dc521a1f91098d38efa173d1a40247019dbe74cbf624fb2c546f4f643e24056137b08c3365cc2cd67841ec522fdcd5cf77ee9d613f8f6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000047
| MD5 | 9b1b6df6ffec0d1308e172782f36f290 |
| SHA1 | 54f97c1680948a7f4efd2d3ffd789145d7b99b2a |
| SHA256 | f568178c636cb488de354cac12394939e3840c438dfdd8fc6803cad89892cae6 |
| SHA512 | 41b015c2e2548d8db403291c56902b0f6f5180272399264d1ef8c8b8080e08a73a9fc66ce7abe6e45bdc66871e69ce4659316892466331ffe61c604569c2daa9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\689471a49c9589a5_0
| MD5 | 9ad8a86a7ab81fc575ef9fa07d291fb1 |
| SHA1 | 1e01a05ab15f6ccbfcbf6de23d62109ed4021c67 |
| SHA256 | 78417d407655741ea121531dcad1f3d49abfee808d4407383ab1e473855a9fe3 |
| SHA512 | 00246ab331f7fa7b2b4943dbd91069c2a86f54ede72e2c619675d47efb052c19d4edad970ccfa297315c8dacba8e27c1e58d07e8f1c7a5fc89faa48c1b7c8b01 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004a
| MD5 | 91808c5070f5b15f6f48940a47c8ab6b |
| SHA1 | af6794f6a411dd2c5104197af4e980d563c6c086 |
| SHA256 | d6f30167028d4143724385adda7f76ff7c6953d941f08720340aaa7c891f1482 |
| SHA512 | b41e10fe94abf3718716dd7df42e870c74fa7f3af0f40e3467bfbfc3b678a021c8e8fbde10615ac56f4a277ba3d2b0fdbf11ac59dfdcc23f18f780ecefc9a84b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004b
| MD5 | a2aeb8da6803e505bc5f5ad10027df75 |
| SHA1 | 4639d4f05fde601dd67e3667d5d905b60e5d5723 |
| SHA256 | 492f8fb5210812fec657c64720ebc406fcdf270f31f17dabe446ea5f61ced6df |
| SHA512 | a98bb2f179fc91f363a1f024dbe0ee5ab32596942c0472a52ca28ce41054fd2720de0e050b6c75b6314ddef231eae74c375255d224afb4615661936d466ba13f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 75b43d50888d676182f92f4a0b4c8bfc |
| SHA1 | d175b43d3c3551ca5f8cd9022953403a42821d09 |
| SHA256 | ee3feaf8b654eee805956a1aeb830b84ae163512acaa102c1a3eaf728cf10195 |
| SHA512 | 018c0026e386cd5ceda6f2e271ad74208c357c28968ca28c79c52f38ac6b8337ac3f5139280be009f3b56796446a6afd691f5d29485fba0a3dd982e23dcf85d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53b92fbc4d68952f_0
| MD5 | 0eb0222d787d6a0167a9acefcdf67dbb |
| SHA1 | 7271b9712cdbe9f9889ffdf57a9743f27d581c29 |
| SHA256 | b0bbb914a0efd6e1b83107beda7c07a1d66f4441077bf78f49f47375b87244a6 |
| SHA512 | 1b0399af4a0cfe73daa12bc46efdfd8c1cf19189f1af0c60a8e6699170be9654a03d0c8a06c8e447e75ec9da561d2c5011cb77ad42aa5f0537f0eb8e718eeb6b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000050
| MD5 | 89a574ff00e6b0ec61d995d059ce6e65 |
| SHA1 | aea09e96808ab77165ffa712eaa58b8f056d0bb6 |
| SHA256 | e5c29c139842fd487473d0824f2c01b374680fb35d22fa929686d17896602a44 |
| SHA512 | 30d0d40bd680e61968273155b740901cdfa66670fc2af6f23e44c6b998b67cc1fcd0b51bd5f9470f209f188e75d071355e592b2a7c97f4bfd15d07d455e0909d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000051
| MD5 | d155610d38d34dccd977ac213ab42e1d |
| SHA1 | a343e08abb19f7d4110c64de08aee504cac318d3 |
| SHA256 | 6ec5dee6a9dfb42ef97cd410c2e3387f53d2eff7d1fcf159f96b5ab129036ab5 |
| SHA512 | eb735bd87238215d54613f6065e61d48e1578908117af2a215b88dbdc3c4d155cd2b60e035ff2cde17605445bd89129de07aceb74ce8c16dcd355e4214986c8c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\92063f2bbd648a4f_0
| MD5 | 876db2381c85bdea347519adf4a21511 |
| SHA1 | 9e860f04d65b8898cf25871870ead4bee8f63568 |
| SHA256 | 88b3106082ce91860e4f553c2e1b021af494e48c798b99e3bf115592261268dd |
| SHA512 | 324dcb688e8335ec404e6ec4b5d310a6836cf73fbafda091a06cea736b1b3a373180fae736eddde6dde96ed5de1b2122ed3a22539749ab72bd759e453ae3266e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000054
| MD5 | 8a42ba5472aa4afa3d3ac12f31d47408 |
| SHA1 | 2add574424ac47c1e83b0b7fae5d040c46ac38a7 |
| SHA256 | 759bfec59bce5ddea7751b7f93408074a8c27cb2c387b08b6b9f4aa111266ec4 |
| SHA512 | 3e1081a6e1c29f6dae28ab997c551a6d107d4f4b7e0981a19ba81a30a4e420dee1791321dca8f4b500c9e7e4a41c5e5c75013a72e5a5cde3f7e6c50393eb10b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6c644062b95acf88_0
| MD5 | c56a4928e74f015ce2e08be828296d05 |
| SHA1 | f94d448c4067fde1abcdbbcf26cdcb61a603400e |
| SHA256 | 01006272cb832a3ce1dce5388835b386437082bfa67cfa71048b87eaa91d5532 |
| SHA512 | 618ed9087fa4fd34a7a48e93064570b15ae1ef91e374d5ac78c97644062c597bdf30ccd3519db90421fa3cd645ce4d0013675ff4fc19fb0893c917b831b0ed8d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e3e0a0a253744c25b09a58cc91b172ee |
| SHA1 | 4ba6710ba34349bd31657a051366f153e05be85e |
| SHA256 | 56a3e13fdec76edfb6527f2ea0e86ac0e6fad0272d6b68770af023e923efa23b |
| SHA512 | 744a6829bb27c13963a78611528edf3ab9591d05d8bc103cf788bcc413673653fb423b1f8250f8de07b3bf5d6722d4b6128f65e0c039061462879e0fbbfce936 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5ae149.TMP
| MD5 | f9ca65e4dc0375e315a4433d205aa312 |
| SHA1 | 0cc68f7133dbf5d920500a84a911388654eeb8b2 |
| SHA256 | abc26c0338fb15a2ce4f6b459b3997b726061f6d280377ceda3262e7b37166c2 |
| SHA512 | e24386e78e24c04fcd678bfd1435cbf364a3b610d15afd6412870f6fcfdc921d788b922eba5e8bcfdeb26bbb4761d2ff9a400cb5a6c670cbc1b90b839f53d7f4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6a874ce69cb8caec075e672a0a0ecb5c |
| SHA1 | fb7a6390605910f02450595736917337a1fd4a48 |
| SHA256 | 1aef2e4e44c75ede35284b54433e8f70906219cd8738ee166045957a4a826ffb |
| SHA512 | aa3461ae50b5ad890530196c905986c165a81a38a45e00209d29087cfdfa1a6ff5650cbec6d43c0ccc814bf108235dbf69d72b8351690506529de6ab54a38799 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | b44947d87b5c13fa1b4b62c136185d27 |
| SHA1 | 42dd44ec72535258f09303900252b39d5eeb6d19 |
| SHA256 | a5cb11b58a26c5abd02ff6e0e7e3ee6313f4c9ddc9b6b3866ec7a394bbd506dd |
| SHA512 | 2e9cb93314aa6878f9718ba461128a898198579f86279d6c545e03be70ab276c4d81cb6b6700ba2929a9df396e7990e69c55f9e453bb0bbef59ff0bb5f97e350 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 333f0df4a562866c167ea9e7efbc6715 |
| SHA1 | 8be93460fd1d789fe047c846863985262295ace0 |
| SHA256 | e9dddd82d683ab210e8f30c1abd62bfe98a51d429cc8ceeda9f083dc279518ef |
| SHA512 | 4b14b9258665369a68748164a77974e7abb008182265b1b4cd6d85a1588f420c81f89272dbd087b6064d8a432d9615e8508ced208f67d6825245b6424bf2d11d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b0
| MD5 | 422b4a0f0c4825e60d97d6438f25f042 |
| SHA1 | 86d944a4a31fcc0ed9b5c8b002ed9348fcd6660e |
| SHA256 | 3920a23abe367d920a24b52116beddd032943f9806556f4ff878fb8b7bfd5f06 |
| SHA512 | 309ba90241e6450e276eb42e2f919a3b2eda12e20b2190e2337390d69cc781f3e3603a369e249bd4bfb4ac2a63ec9fea0ce27d231b78820c646d651500990190 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 35de428bcdecf9293cd21b8841e066a0 |
| SHA1 | 866d7882035d6b56eed565c4095b7c825534918a |
| SHA256 | 22d42a9354acb1607394a86eff4f6e9f23fc5c984400d4f972a55852c0098b81 |
| SHA512 | 8dfd1888da88a4691ecd2e75551b6e57bc6f529d6658aa334013716bc7a10dbb952fc346f350d89d25005f5e07f205cae07969346470ba5228a835a6761d8f7d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1e66d8ca039cfaeca559f03c49596823 |
| SHA1 | 5ba92538a1297a81b1128205ffd92a3dfe3c4e04 |
| SHA256 | 306f8caef715cd8390ffa6dd427bba2e45b8c331a45b94efe2fb95cdc372aa94 |
| SHA512 | 69e6e13e51792830623419c9697d9bfa72bd8e533f9861c56e53ac22b3525410a5ce073407021deb94fc823630283aee1de793390d7fc9b2e9d1a3d04d6e69db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | 948f15ca16830ed2bee6619df537be9f |
| SHA1 | ec28e7403ceb608b8dcc5541f0be4f7b913699d3 |
| SHA256 | 5d2fd66457170ba3278adeb631945e35d4b9ea04a781120e98eec463d48d3cd8 |
| SHA512 | 1b8d6a9ed30f48a31d4e50069ebfb1303f7a5c4de17ce290152d2a8997dfb2ab648a708263d359918e1cc3669b6d324dc373c1515e94a68fd8106d9c22366e97 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a2bcb671cc87330366d5608ec5891f34 |
| SHA1 | c5f932d9b41559d4dca31736d7b7e26f6045cf94 |
| SHA256 | 6ef0ea1d2a4df41928435008e309ef05959be1d07ab62f31382c83543e02c496 |
| SHA512 | 86f9ced785766b6a7adcc1d7dba130be18c2e8d244ce398698e2d599589fe9bf81fca51335d3477cf569a0d38feaeaa17a3b6ba94cc4e6ce0fe708be735633a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e
| MD5 | 72f7172a1a7ae03b9c68c41f73866eab |
| SHA1 | 741b72ab79366b250512ec7b0959ccc12dbf0d49 |
| SHA256 | a141870d293d4e47043e6cc748897915f3cd42a6edf0ddc2ff9275756b145e90 |
| SHA512 | 5b1e8d27b5c310adc2bdb658a9391d6aa1286774fad1f09bf2c42e8be071727198c23c16a417369222275aa89cb38af34b8c7bafc19ba52ef46473b73018dd22 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
| MD5 | a7f18ced0b7ae5afc8646ad46af39dc1 |
| SHA1 | 25b7bd51226f7684762b2ae2edea768086651cce |
| SHA256 | d4f3edb3b631a952d95ee8135111be8de4b969581bffc465d1bdf7d92eecc38e |
| SHA512 | cd03e35b0d75fd39343607ab487cf86420abad0c91ca6d9d4803ee942eccb3a5a6983a5f1bd7b0bd5f7921c61c05c18dd4ee6fe8621fc5f03fcdac9c53531dbc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
| MD5 | b093a97cc0320dbfc47a8ebd5afc03d2 |
| SHA1 | 7d3d0d78fc1dcdf2427b0f3111a78bdd9f3b01fd |
| SHA256 | 4fddd93b3d903de9c3646243a29d57b07b3a4dec2353d8707f3b4dc873cbb495 |
| SHA512 | edec8e02fbc8c6a661d401eb62f95d7b92593cd1a754aaaacdbd5ffb0d8ba4d6bee517de7830f9edcf33479f5a095169eb1781237b14c4bc265cf0fc5f52f315 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038
| MD5 | d2b12b425f7dbc9208bac53bc4faa33d |
| SHA1 | fb5395c1dd948e309d4711cf3e22ae5be70be400 |
| SHA256 | 32fb0010233bbf956aec8a7e826c8246b057e7872e56b6ba694690daf0370826 |
| SHA512 | dcf927a0ecc2b89fc23ecddb146c456636ad01ac2f19d5a88f4b3b17fa4b34eda1ff9847171823bfdd3bd7263c0cc2082401f7929b0b2fe3736b9847cff58f6b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031
| MD5 | 7f0cdaf91230f9789ca4162aedff612e |
| SHA1 | 965de571aa794dab64076c3cc64dc8894b843f23 |
| SHA256 | 033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9 |
| SHA512 | 444460846fa2bfddd7990c792c6fd8389c564b5c967b5cc10fb3717117c5424fa33f23f8c4cffefad176016a79be5557920908cc82f7942700a0fac71eefde36 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018
| MD5 | 0aaa843cc75c1de6f1fd7e2383f529f2 |
| SHA1 | 05bf143b610623e1d1227d606c33fdb72248e2a2 |
| SHA256 | af7a9d0a1c78c09c3e88f25e9127d9fce4cd2279cc39c7a0a59f50f1ed723d2f |
| SHA512 | 10e5059da50646e5a046c8596e68f7a259a271317bf3b9adc1f75a41374834fe8af4ad24ece2e39c234743a9a8b1f9b970aff4239522db6d180729487d3ae0a5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
| MD5 | c09b23a10ce12c0122b6a3d52f576059 |
| SHA1 | e214c79ade2ab8e5ab7adaa200cfe982381cede5 |
| SHA256 | 335edc4bb8a28505e6fd253fb1f147f7541de511336120e7908a5b3217bca362 |
| SHA512 | 0a27a5f3a6fb52d6afc044cf568b17a737153569e914917418a800a53578ac8968031e6277b6fa3d00860469530ea5a0633f1ac0ef27476fed72094798b1e463 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a
| MD5 | 463c66bf0cce1145ffff7de835f4fc88 |
| SHA1 | 774e8b5bd5846d84d31447feb326d2956b85bef8 |
| SHA256 | 91377045fb4c13198cd8ff977f0bbf17944de098cf56e1ff918821791dd3d125 |
| SHA512 | 5053e0ef371b78d4a663961afd38a5f313a81d3de6190504976f177f83950a47b0ca8e5f0fa35ee46c213f5024bfe208872ff6359dc98816a7e10f8986d0df87 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039
| MD5 | a697f511129361a2f4b23e4f35f04152 |
| SHA1 | 976921bfb7dfba6252c23eadccf60743c0ea50bf |
| SHA256 | 541e61feebd03e9cb297efcfde030617f020bb3da0130adf1a87ee53b2f2b817 |
| SHA512 | e6efa0cb93bc4d1ab39847585f4afb740a4cbd48942620d94a7a907099c395ede995e15b0ffb03941a4ab24a309f7ea04751881270cdd7c5e883aecc783fc0f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | 847c4e34c9162acf4b6857812cd3dc2d |
| SHA1 | d4ee14a3794041fb661cb8d497684c3a30032f28 |
| SHA256 | bfd486b27ce892b5c77ca52d096a02020ebdc2b10615a53ab3dcf77079ae2b88 |
| SHA512 | 2a9da1bb2e7010abc28a055f778e62a7282a9b215793bebd56ade2cced2dfeec6ea29b5d7a2c103e33fc7251ca608ffc5087375da3dddd3421e79337fa81644e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | b3696c85ce4fe13e866b19c3ddf0e9d1 |
| SHA1 | 88b2b575ef4384cc467de6380de18c6ef4e74f5d |
| SHA256 | e31460012085e6b435189f927ccd3ec225967583de62fd1a9f3dfbd080a38f69 |
| SHA512 | 6d491b4611847d91db5fe7c54b829ba0ad98ff4aa04a213b3025125ce63bcd6f4b78ccc466bd66238d637359676085f4d6381331100ebfa5f4b34576bc1f146a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
| MD5 | fceba656f5d1bebaf438f5ba3c25b4eb |
| SHA1 | e1b97c2f9659f8cdea7e6e613e7248d4e43a7807 |
| SHA256 | 62e64bc06197e88c89a678de3c7a4f5a927ad4327d03c1cc8ccd69a9a324a8e5 |
| SHA512 | 60f75b9fd1e19e06adeea58e2fbe279dab5478361d81a4a69a1d104060eff7ad32ad78df34e7bb117d2578ce260c40ce307e150f584babcb3e0631bb6397291b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019
| MD5 | 720bd519a405ee75239ff7fda90fb5e7 |
| SHA1 | 4e3124110ef8839c319779877aff02e3cd9a6a0f |
| SHA256 | 19e0a2c8a6b9437a392ddc3e4b00dc7df56117efd0ef307f747589979ccf5fb3 |
| SHA512 | af19f96c5d27c45c7367508c0a06c7d62b17f0969e4ae44a10072f0e8cf7afaf3480203ccf4198eb62e9e253a721751931511b5c1d8eb8d22405025d934befdd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | 26a16f9a9824edd9310e9f962bd28a22 |
| SHA1 | e96541a91a7ed2d3429d9e3383fc503594f4f206 |
| SHA256 | 2caaec097618eb9a612eb5866d4a70672bc849dc75990127eb5f14f988fa200f |
| SHA512 | 2248fd3159d2becacbdde99bfb2c0e637cbbaaca2a779d6cbd8eeb6fa10345bd241bb3d86d1143e28efafebf066821aa7b304d67ef1667a6ccbd7426ad22113c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | 06d82bfe795e2dfbd3b78276c26db4e8 |
| SHA1 | 96f5452203e64fb08d2a55b733a652b19d80c7c2 |
| SHA256 | 23c7a6a2057149e2ef23dd2046a5cd59302727f6160993007db441001a3abc35 |
| SHA512 | 4c3daa5c3d8832d928239b6294b019b2aa033f739e11efe2d0899e135b2febe3c6f461d418d0fd39f95d98cc83a4e60c9598f63f36706f070d1c5348b9ffa6eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000041
| MD5 | 500627843b8b6ba09c22c9b110c89415 |
| SHA1 | 4eeac7afbfbeb20e33365cc74a555ebf91e02467 |
| SHA256 | dfbbec3b67ff95b9d7013601358fb7a9f452e0003446a0a981bc94878960f770 |
| SHA512 | 75c05a55a2ad56df13761c248e10132f8875199167a89c0eba06f89c40cf9c7001b326e373de3e6ebe7c2104f0fdc3dd34ff4de707542ffbf87b13b21ad370a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000045
| MD5 | 1891317c1eed0e80ac7905f8d795e46e |
| SHA1 | 0567c8fd0133553ee5d795fa4fdea9279df2cc18 |
| SHA256 | f209b3ae7b4b18ff2ab86911f3e885456a553b689362a4895bccb47175b352dc |
| SHA512 | 14fe6bd8388fc743cd6739410cacda034581f99d00e3720d85880380ec504906bb01f83bf1857e46d7dd4ddee6b40c0e5a0c4a34110c3f0ff2f02d985a571863 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d
| MD5 | a4ad7440aff0ddea176853cca1486e53 |
| SHA1 | 3f5c884def7f423bed5ed2142d42c672e29af5c8 |
| SHA256 | 1f826b0323360b2e481c3a4273bc4fab05d58ed7ef26396f2f8fbc93125c8c19 |
| SHA512 | a5840b967e526506f8b96e8507e0a2e0afe2cd3b8b1092393f05fec3a7446978a3d743f0a667113ae60fc9182f0e6a668b9334257d3a14e58f668e0976dc79a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000046
| MD5 | 9bd03f8c387217c428f7e6fce75be551 |
| SHA1 | 985706134208889db5a3c61b4f8a6b48eab352f2 |
| SHA256 | a82f4b4d3afc121b52cae19798b5af8f903d23a27bdb5ae09954be031a80ebcc |
| SHA512 | 52ea833022e3e27c77329a95323a5d5dcc4810b5c02ef410d04f35425059974e0d78d274179f5b4f6f202e842c74248699892b933911ff05046f619ed88939df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d9cab3584c808d21_0
| MD5 | 0a7d2c660cee32e4cdbfccb7157e88dd |
| SHA1 | b0bbe562be28fe305b4c594d4a07154e3a4d33a8 |
| SHA256 | 109102e65eb536a14f1c8aca4371e6b912540cf7e16e0636486443768c184130 |
| SHA512 | f1c140b3ac738bd2b0e500151b325f69821fb088df4bc7a9531f2d3e2d3eb05a2066a5751546db5c2c265e14a8a121559870664b3e8edc3dca894586ba7e6306 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d16c6ed5afc3a566_0
| MD5 | e3e0464a27c452b01cf2b63da264c906 |
| SHA1 | f7d669e5300655efba0b73b2e53739494db1f408 |
| SHA256 | c7692876bec47c23db661535e16b7fae84eca0c0916b279899a692eb2411e85f |
| SHA512 | 03b81bbe91f57b56603226e4589d0864081d7f3d77f52ad62521299abee920f95d8d7857caf5c6c899ec408c14eabe96d7a9ebf06e4d8d7f38499ee51f13227b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53b92fbc4d68952f_0
| MD5 | eedad7daa1407bae66e4eedc3a353546 |
| SHA1 | c5106851b59ab876d7c668e7149345adcef01600 |
| SHA256 | 0d63caac9470b02ed789a6fd00decba58e1e77ec8deabd47567e33d7b64030fe |
| SHA512 | 0355f3d5ff1d886f9d43b4410a80abc69d557554801c44760856076f0a2fd6affe58825365aa7e3ad81fcf1b230a98ec53d0465a3bd64e5331f88b94679a0750 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d2b4d1930bde2443_0
| MD5 | a0c757c480bd91b981b2373fb6cff432 |
| SHA1 | 3cdaf074a85c058dfaecffa0d30828553e816750 |
| SHA256 | 7e1da87705b448d3d8d8b399e3e3f98210df41569f0acd04e32a3035ca6bed74 |
| SHA512 | 073189a347b29cac57cda057711bd7dc0443dfe4c273bc1830e639fc940ef5189d0c7ee29691502f6f93919eaf1dc32df879c49bc0e4089b66f3a83d98661a6e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a4e9e66b8a32fd8c_0
| MD5 | 8b958c6f81a799fedd6976d4d3d77dc6 |
| SHA1 | fb1d9096bf5d922b5269fe4fa9ae8aa2ee863977 |
| SHA256 | 3e6faadbe269c934a519ba30e38284fbf7c6899160192b0356b2e13ba7a737b6 |
| SHA512 | 5c87f5af14090a8ae2fc36cb6710c93065be9b808e9dcbdc0d535d8f0124b3ecc02f9f161922d8ddf2fc19c6342d85b2b41821849ecb0ff6402abc049e5ddf30 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\635c5a48473ec11e_0
| MD5 | ebaf5d7d86fd81ba8109e5cd097e25aa |
| SHA1 | 66c8dd570fdaf709d97bc27925376db1537b14b1 |
| SHA256 | 858e9f376a5786b77fad8336d89fb2cfbefa2fda231512379e4a1f1715e8ccfa |
| SHA512 | 930962dd5f7ef0bea25136ae74c450d0ed75c6a00a0e6df41d76911111f6ce49fdc80e32199913b59f4a06b2f7c70add231db6502ad8ff630b4ad93f82ffdca3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000052
| MD5 | cfa2ab4f9278c82c01d2320d480258fe |
| SHA1 | ba1468b2006b74fe48be560d3e87f181e8d8ba77 |
| SHA256 | d64d90cc9fa9be071a5e067a068d8afda2819b6e9926560dd0f8c2aaabeca22e |
| SHA512 | 4016e27b20442a84ea9550501eded854f84c632eeced46b594bcd4fc388de8e6a3fbfe3c1c4dbd05f870a2379034893bfd6fd73ac39ef4a85cbf280ab8d44979 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005a
| MD5 | 4bd4a9871466edf53de08b21913eb00a |
| SHA1 | 8008220d48008689f617fb4a2eb11d46c51b6250 |
| SHA256 | 8db54d687f604f86d96a8b19dbbcf83d6a29623d4dc8cb9966a26406944e80fc |
| SHA512 | 6d7335e087c17672eddcf6b90108aae4ad58d830933cdab14e1366d9d055392a81dd33c481a986f594eec5df63311b021eefd99706fb6539a4c41a4672167483 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\986a89e6056b3972_0
| MD5 | e761ce838161bb3b2544df65c82ccf49 |
| SHA1 | 95d9256c61664003696ee54df2e51425e019575f |
| SHA256 | 4133e4b87e253acc1ee6799fb835258ad718cf67675200cdf4637d0092273bd0 |
| SHA512 | 429cc8de075e50704a22b901e008709ddc6d5f8e11a3fc4c43de285740cc3d62368cfda01917d76a2df287024698f4019da9d26251ff0cadf3524c88bc97960d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6c644062b95acf88_0
| MD5 | 5aef91f3a4b05967b2df0d31c51276e1 |
| SHA1 | 48930e26a8c26acd9a9352b8ac9411bf8dce7765 |
| SHA256 | 9faea28e7c078bb13f35144195c8b6da35a6a4d27fc20f3d1db279a2a69a3079 |
| SHA512 | 0daad1bc2860b6d46a4ed6b074ddd173bdfcfe47ebecb80dcfefd9fe8693e6538c9631bd8cd6b7229cbe12995bb221dff33aa2239cf4386bf41d38f86d487fcd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c04f4af717c5dd4f6092fb58a842e720 |
| SHA1 | 612f1a759448f42d04a4b196b4f1ceb7e92874ab |
| SHA256 | 453c29640242b4543cc5c857b6e511cc9b15829cb0863214eac5b86e89e88222 |
| SHA512 | 9cdbb1d5fd0998ef2c5bbdb2d582e6cb682b8872c7ebfcd00bf4f32272b08361d862244bfe45afcd031f8968d4d13fb564f97f9589105e489fa0e0d15635093f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 80c8799a2853ff777ae85c8161172ac1 |
| SHA1 | 36c694044b0b91d2b6e1295e4c6e549561b0e786 |
| SHA256 | 43bf9095a02d44fd801fc70b124aa0086f3c2586f0ec5856a6044c0e8f07f173 |
| SHA512 | 7bf210ca484594f76f1b044d889cd038290a253136da8031bae964d561ad9b84a10a438a93a6d7374a83557b386c71c6fa17c5c8980f29f25c20e03b79693b94 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7d4095366e1ac7c800cf4965653e8b6c |
| SHA1 | a294ad30994348efb9bab5903e1c97828453c29b |
| SHA256 | fbbb85c0244876e8c4714f2d4da7da3eb41096cb0d3be1882a7a7ffce1fabb0c |
| SHA512 | 5b10dcb245488e25295ba3a9dd9d9a5e7038807cabf55cdf037b9182c171a97b51539e0c874a174e8fbad1be82d46dad41be96066e6ad614bbb544896c643f9c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4f5c7f18acc477ba376f7a9f05bc3a6e |
| SHA1 | d1742a8048ab56ed7f9ee18852e63075aa402686 |
| SHA256 | 0323b059ce067d6e8319c9de4d27b6c0793cf2289e68b36a9e86a1b2e9c40c3f |
| SHA512 | 65915f8a1b73a8b595dd85092e5b14af6f5cdfc94fe4b1204b61264660109292999959ec3cd8d0b5e819345cbb695de59ec2422fec3add0d77473ade1cf19569 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5b46aa.TMP
| MD5 | bd082cd88583727df325bd276f9bcf4f |
| SHA1 | 51807fe5d06b46062fc93cda25785f488ea28008 |
| SHA256 | 0cf5a05045784c963dd6f4428db0062d1ef9079d75ef3939031e3f2f0691ac25 |
| SHA512 | 27be6aa4a4c4eb86bca5ea05885499b1978a5f89aa8865c7501234069f106c494bf1bb53efea7f3fe1850718018ea3d5162d4c5cd206848332f9e52445a6c90e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | cebbd6e812cba0510078065c8c1922bd |
| SHA1 | d958d42bac030cfc87d5805ce64a9d8d271b1431 |
| SHA256 | 962a4ace1a049673585d7730de4fb6efc7d6050070fc4c0fd2cb716fc53d9c1f |
| SHA512 | 757ce3d72931e5d5b04b948d096664956cea81f7b17ba6c70a258f5978628f187a40864422bb173d2d119efea68d26ea518831a74cf6cd0f808c511bcb84ba26 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 41a3a04f5524f829a01800bcfa4e91cf |
| SHA1 | 7482f88337912cce714a7522d36331efdeb901ca |
| SHA256 | 19f313aec0af206db5f3086169138b45394e5b68a329aecf9c9ecbd2bc9d8e9e |
| SHA512 | 08abbc782e490128552bd15676023bc3be0e868aa00d0618fe9f3df58dafbd7868a03761c0ca5a193a1dfe99471a46c81df47b9f57695776251d0807d4be19ad |